Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
Huib
Lijkt me wel heh;)
Huib:)
Niet te geloven: het is gelukt! Hieronde de log.
Is de computer nu schoon?
ComboFix 09-02-27.01 - Jenny 2009-02-27 22:21:10.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.1535.1008
Gestart vanuit: c:\documents and settings\Jenny\Mijn documenten\Combo-Fix.exe
AV: Norton 360 *On-access scanning enabled* (Updated)
FW: Norton 360 *enabled*
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Downloaded Program Files\Cache
c:\windows\Downloaded Program Files\tbu3
c:\windows\Downloaded Program Files\tbu3\newversion.txt
c:\windows\Downloaded Program Files\tbu3\toolbar.crc
c:\windows\Downloaded Program Files\tbu3\version.txt
c:\windows\Downloaded Program Files\tbu3\win32.inf
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-01-27 to 2009-02-27 ))))))))))))))))))))))))))))))
.
2009-02-25 18:01 . 2009-02-25 18:01 1,374 –a—— c:\windows\imsins.BAK
2009-02-25 12:25 . 2009-02-27 22:17 dr-h—– c:\documents and settings\Jenny\Onlangs geopend
2009-02-25 11:56 . 2009-02-25 11:56 d——– c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-02-25 11:55 . 2009-02-25 11:55 d——– c:\documents and settings\Jenny\Application Data\SUPERAntiSpyware.com
2009-02-25 11:54 . 2009-02-25 11:54 d——– c:\program files\Common Files\Wise Installation Wizard
2009-02-25 09:11 . 2009-01-09 20:19 1,089,883 —–c— c:\windows\system32\dllcache\ntprint.cat
2009-02-22 19:07 . 2009-02-22 19:07 d——– c:\program files\Trend Micro
2009-02-22 18:41 . 2009-02-22 18:41 d——– c:\documents and settings\Jenny\Application Data\Malwarebytes
2009-02-22 18:41 . 2009-02-22 18:41 d——– c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-22 18:41 . 2009-02-11 10:19 38,496 –a—— c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-22 18:41 . 2009-02-11 10:19 15,504 –a—— c:\windows\system32\drivers\mbam.sys
2009-02-22 18:25 . 2009-02-22 17:49 15,688 –a—— c:\windows\system32\lsdelete.exe
2009-02-22 17:50 . 2009-02-22 17:49 64,160 –a—— c:\windows\system32\drivers\Lbd.sys
2009-02-22 17:42 . 2009-02-22 17:42 d——– c:\program files\Lavasoft
2009-02-22 17:42 . 2009-02-22 17:49 d——– c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-22 17:42 . 2009-02-22 17:42 d–h-c— c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-22 17:32 . 2008-09-25 19:44 262,144 –a—— c:\program files\Uninstall Ask Toolbar.dll
2009-02-22 11:39 . 2009-02-22 13:16 d——– C:\Bdienst
2009-02-20 13:28 . 2009-02-22 12:25 d——– c:\program files\Metin2_NL
2009-01-31 15:32 . 2009-01-31 15:32 d——– c:\program files\Common Files\Logitech
2009-01-31 14:28 . 2009-01-31 14:28 d——– c:\windows\system32\XPSViewer
2009-01-31 14:28 . 2009-01-31 14:28 d——– c:\program files\Reference Assemblies
2009-01-31 14:28 . 2009-01-31 14:28 d——– c:\program files\MSBuild
2009-01-31 14:26 . 2009-01-31 14:35 d——– c:\windows\SxsCaPendDel
2009-01-31 14:26 . 2008-07-06 13:06 1,676,288 ——— c:\windows\system32\xpssvcs.dll
2009-01-31 14:26 . 2008-07-06 13:06 1,676,288 —–c— c:\windows\system32\dllcache\xpssvcs.dll
2009-01-31 14:26 . 2008-07-06 11:50 597,504 —–c— c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-01-31 14:26 . 2008-07-06 13:06 575,488 ——— c:\windows\system32\xpsshhdr.dll
2009-01-31 14:26 . 2008-07-06 13:06 575,488 —–c— c:\windows\system32\dllcache\xpsshhdr.dll
2009-01-31 14:26 . 2008-07-06 13:06 117,760 ——— c:\windows\system32\prntvpt.dll
2009-01-31 14:26 . 2008-07-06 13:06 89,088 —–c— c:\windows\system32\dllcache\filterpipelineprintproc.dll
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-27 21:23 ——— d—–w c:\program files\Common Files\Symantec Shared
2009-02-27 20:29 ——— d—–w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-26 19:45 ——— d—–w c:\program files\Microsoft Silverlight
2009-02-24 11:15 ——— d—–w c:\documents and settings\Jenny\Application Data\Belastingdienst
2009-02-22 16:30 ——— d—–w c:\program files\Google
2009-02-20 14:43 ——— d—–w c:\documents and settings\Jenny\Application Data\uTorrent
2009-01-25 10:48 ——— d—–w c:\program files\StepMania
2009-01-25 10:48 ——— d—–w c:\program files\Image-Line
2009-01-25 10:41 ——— d—–w c:\program files\VstPlugins
2009-01-23 19:26 ——— d—–w c:\program files\Symantec
2009-01-23 19:25 806 —-a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-01-23 19:25 60,808 —-a-w c:\windows\system32\S32EVNT1.DLL
2009-01-23 19:25 124,464 —-a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-23 19:25 10,635 —-a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-23 19:21 ——— d—–w c:\documents and settings\All Users\Application Data\Symantec
2009-01-23 19:17 ——— d—–w c:\program files\Norton 360
2009-01-23 19:10 ——— d—–w c:\documents and settings\Jenny\Application Data\Symantec
2009-01-23 18:50 ——— d—–w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-23 18:30 ——— d—–w c:\program files\Windows Sidebar
2009-01-20 16:52 ——— d—–w c:\program files\Belastingdienst
2009-01-20 16:26 410,984 —-a-w c:\windows\system32\deploytk.dll
2009-01-20 16:26 ——— d—–w c:\program files\Java
2009-01-18 12:07 0 —-a-w c:\windows\system32\drivers\lvuvc.hs
2009-01-18 12:07 0 —-a-w c:\windows\system32\drivers\logiflt.iad
2009-01-15 15:10 ——— d—–w c:\documents and settings\All Users\Application Data\Logishrd
2009-01-12 19:12 ——— d—–w c:\program files\Common Files\LogiShrd
2009-01-12 19:06 ——— d—–w c:\program files\Logitech
2009-01-12 19:06 ——— d—–w c:\documents and settings\All Users\Application Data\Logitech
2008-12-20 23:03 826,368 —-a-w c:\windows\system32\wininet.dll
2008-10-18 08:35 30 —-a-w c:\documents and settings\Jenny\jagex_runescape_preferences.dat
2004-08-18 13:58 16,777 —-a-w c:\documents and settings\Jenny\Favorieten.zip
2003-07-31 09:53 147,456 —-a-w c:\windows\inf\EL2K_XP.sys
2003-07-31 09:50 448,768 —-a-w c:\windows\inf\EL2K_N64.sys
2003-07-31 09:43 147,456 —-a-w c:\windows\inf\EL2K_2K.sys
2008-10-01 15:49 32,768 –sha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008100120081002\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
@=“{4433A54A-1AC8-432F-90FC-85F045CF383C}”
2008-10-31 12:24 576352 –a—— c:\program files\Common Files\Symantec Shared\Backup\buShell.dll
@=“{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}”
2008-10-31 12:24 576352 –a—— c:\program files\Common Files\Symantec Shared\Backup\buShell.dll
@=“{476D0EA3-80F9-48B5-B70B-05E677C9C148}”
2008-10-31 12:24 576352 –a—— c:\program files\Common Files\Symantec Shared\Backup\buShell.dll
“ctfmon.exe”=“c:\windows\system32\ctfmon.exe”
“swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
“NeroCheck”=“c:\windows\system32\NeroCheck.exe”
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll”
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll”
“Adobe Photo Downloader”=“c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe”
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe”
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
“LogitechCommunicationsManager”=“c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe”
“LogitechQuickCamRibbon”=“c:\program files\Logitech\QuickCam\Quickcam.exe”
“ccApp”=“c:\program files\Common Files\Symantec Shared\ccApp.exe”
“osCheck”=“c:\program files\Norton 360\osCheck.exe”
“Ad-Watch”=“c:\program files\Lavasoft\Ad-Aware\AAWTray.exe”
“CTFMON.EXE”=“c:\windows\System32\CTFMON.EXE”
“ALUAlert”=“c:\program files\Symantec\LiveUpdate\ALUNotify.exe”
“{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}”= “d:\downloads\SASSEH.DLL”
@=“Service”
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk
backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Digital Image Monitor.lnk
backup=c:\windows\pss\Digital Image Monitor.lnkCommon Startup
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup
–a—— 1998-11-30 17:04 497376 c:\windows\p_981116.exe
–a—— 2002-03-22 05:41 94208 c:\program files\Microsoft Hardware\Keyboard\type32.exe
–a—— 2003-05-30 08:42 585728 c:\program files\Analog Devices\SoundMAX\SMax4.exe
–a—— 2003-05-29 15:28 790528 c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe
–a—— 2007-03-14 02:43 83608 c:\program files\Java\jre1.6.0_01\bin\jusched.exe
–a—— 2006-11-24 12:44 1519616 c:\windows\system32\nwiz.exe
–a—— 2003-07-16 08:34 1323008 c:\windows\system32\TCAUDIAG.EXE
“WMPNetworkSvc”=3 (0x3)
“AntiVirusDisableNotify”=dword:00000001
“DisableMonitoring”=dword:00000001
“DisableMonitoring”=dword:00000001
“DisableMonitoring”=dword:00000001
“EnableFirewall”= 0 (0x0)
“%windir%\\system32\\sessmgr.exe”=
“c:\\WINDOWS\\system32\\LEXPPS.EXE”=
“c:\\Program Files\\Messenger\\msmsgs.exe”=
“%windir%\\Network Diagnostic\\xpnetdiag.exe”=
“c:\\Program Files\\LimeWire\\LimeWire.exe”=
“c:\\Program Files\\MSN Messenger\\msnmsgr.exe”=
“c:\\Program Files\\MSN Messenger\\livecall.exe”=
“c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE”=
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys
R1 SASDIFSV;SASDIFSV;d:\downloads\sasdifsv.sys
R1 SASKUTIL;SASKUTIL;d:\downloads\SASKUTIL.SYS
R2 BCMNTIO;BCMNTIO;c:\progra~1\CheckIt\DIAGNO~1\BCMNTIO.sys
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE
R2 MAPMEM;MAPMEM;c:\progra~1\CheckIt\DIAGNO~1\MAPMEM.sys
R2 tcaicchg;tcaicchg;c:\windows\system32\TCAICCHG.SYS
R2 TCAITDI;TCAITDI Protocol;c:\windows\system32\drivers\TCAITDI.SYS
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\drivers\s816mdfl.sys
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\drivers\s816mdm.sys
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s816mgmt.sys
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\drivers\s816obex.sys
S3 SASENUM;SASENUM;d:\downloads\SASENUM.SYS
S3 UsbSagCom;Mobile Device Full USB Driver;c:\windows\system32\drivers\UsbSagCom.sys
S3 XDva186;XDva186;\??\c:\windows\system32\XDva186.sys –> c:\windows\system32\XDva186.sys
S3 XDva197;XDva197;\??\c:\windows\system32\XDva197.sys –> c:\windows\system32\XDva197.sys
S3 zenx1;zenx1;\??\c:\docume~1\Jenny\LOCALS~1\Temp\Rar$EX00.516\Zenx engine 0.31\zenx.sys –> c:\docume~1\Jenny\LOCALS~1\Temp\Rar$EX00.516\Zenx engine 0.31\zenx.sys
— Andere Services/Drivers In Geheugen —
*NewlyCreated* - COMHOST
*NewlyCreated* - GTNDIS5
.
Inhoud van de ‘Gedeelde Taken’ map
2009-02-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
2009-02-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe
2009-02-25 c:\windows\Tasks\Norton Security Scan for Jenny.job
- d:\downloads\Nss.exe
.
- - - - ORPHANS VERWIJDERD - - - -
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\qttask.exe
MSConfigStartUp-Spamihilator - c:\program files\Spamihilator\spamihilator.exe
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.nl/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
mSearch Bar =
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: rabobank.nl
DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} - hxxp://www.1-click.com/common/files/installer2.cab
.
.
——- Bestandsassociaties ——-
.
inffile=c:\windows\$NtServicePackUninstall$\notepad.exe %1
inifile=c:\windows\$NtServicePackUninstall$\notepad.exe %1
txtfile=c:\windows\$NtServicePackUninstall$\notepad.exe %1
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-27 22:23:04
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen …
scannen van verborgen autostart items …
scannen van verborgen bestanden …
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
“3140110900063D11C8EF10054038389C”=“C?\\WINDOWS\\System32\\FM20ENU.DLL”
.
Voltooingstijd: 2009-02-27 22:25:44
ComboFix-quarantined-files.txt 2009-02-27 21:25:41
Pre-Run: 29.584.310.272 bytes beschikbaar
Post-Run: 29,588,090,880 bytes beschikbaar
WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Home Edition” /fastdetect /NoExecute=OptIn
253 — E O F — 2009-02-26 17:00:38
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:45:47, on 27-2-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe”
O4 - HKLM\..\Run: “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe”
O4 - HKLM\..\Run: “C:\Program Files\Logitech\QuickCam\Quickcam.exe” /hide
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
O4 - HKLM\..\Run: “C:\Program Files\Norton 360\osCheck.exe”
O4 - HKLM\..\Run: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18\..\Run: C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} - http://www.1-click.com/common/files/installer2.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by128fd.bay128.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O24 - Desktop Component 0: (no name) - http://www.fusie-energie.nl/gallerij/hires/zon.jpg
–
End of file - 10263 bytes
Vóórdat ik de combifix downloadde sprong mijn muis nog regelmatig alle kanten op.
Nu heb ik er nog geen last van gehad en ik hoop dat het zo blijft.
Ik hoop dan ook dat het probleem opgelost is.
Mocht ik er nog last van hebben dan zal ik mij zeker melden.
Tot die tijd Teaser wil ik jou en Huib heel hartelijk danken voor jullie geduld, moeite en begeleiding.
Ik weet het: ullie zullen het vaak genoeg gehoord hebben, maar nogmaal heel, heel hartelijk dank.
tis dat ik geen taart of biertje/wijntje jullie kant kan opsturen; ik hoop dat een digitale dikke smok voldoet 
Jenny
Gooi dan nu even systeemherstel leeg en je prullenbak.
Anders komt het geheid weer terug.
1 klik “deze computer” op je bureaublad
2 Klik met de verkeerde muisknop op “deze computer” en ga vervolgens naar eigenschappen.
3 Klik op het tabblad system restore of systeem herstellen.
4 Zet een vinkje bij systeem herstellen uitschakelen op alle hardeschijven!!!!
5 Klik op toepassen en ok en start de pc opnieuw op .
6 ga terug naar stap een en zet het vinkje weer uit,
uw pc maakt weer nieuwe systeem herstelpunten aan.
