Help virus in msn!!!

Status
Niet open voor verdere reacties.
Nipponsei

Nipponsei

Terugkerende gebruiker
Lid geworden
7 apr 2008
Berichten
1.021
Help mensen,

ik had een paar dagen geleden dat iedereen in mijn msn lijst een mailtje met spam ontving die verzonden werd vanaf mijn email adres!!?

en vandaag kom ik erachter dat mijn hele msn lijst geleegt is!??!

wa moet ik nu doen? heb ik een virus?

mvg mij.
 
bedankt voor de snelle reacties alvast.

hmm als ik het goed begrijp is het dus van dat msn virus? ik heb idd een hele tijd geleden wel op zon soort link geklikt. maar dat is al best lang geleden wel vreemd dat het nu pas is gaan werken.

maar ik ben nu dus gewoon al mijn contactpersonen kwijt?

ik heb momenteel de malawarebyte scan en de avg scan aan het draaien.

ook heb ik zelf het internet al wat afgezocht en ben combofix tegengekomen.

hier de uitslag:

Code: 
ComboFix 09-06-09.06 - Joël 10-06-2009 10:17.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.31.1043.18.3070.1985 [GMT 2:00]
Gestart vanuit: c:\users\Joël\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\JOL~1\FAVORI~1\Videos.url
D:\Desktop.ini

.
((((((((((((((((((((   Bestanden Gemaakt van 2009-05-10 to 2009-06-10  ))))))))))))))))))))))))))))))
.

2009-06-10 08:25 . 2009-06-10 08:25	--------	d-----w-	C:\temp
2009-06-10 08:25 . 2009-06-10 08:25	--------	d-----w-	\temp
2009-06-10 08:25 . 2009-06-10 08:25	--------	d-----w-	c:\users\Jean&Marian\AppData\Local\temp
2009-06-10 08:14 . 2009-06-10 08:26	--------	d-s---w-	\ComboFix
2009-06-10 08:07 . 2009-06-10 08:20	--------	d---a-w-	\Qoobox
2009-06-10 07:49 . 2009-05-26 11:20	40160	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-10 07:49 . 2009-06-10 07:49	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2009-06-10 07:49 . 2009-06-10 07:49	--------	d-----w-	c:\programdata\Malwarebytes
2009-06-10 07:49 . 2009-05-26 11:19	19096	----a-w-	c:\windows\system32\drivers\mbam.sys
2009-06-08 10:36 . 2009-06-08 10:37	--------	d--h--w-	c:\program files\thriXXX
2009-06-05 20:48 . 2009-06-05 20:48	--------	d-----w-	c:\program files\KOEI
2009-06-05 18:00 . 2009-03-08 11:34	43008	----a-w-	c:\windows\system32\licmgr10.dll
2009-06-05 10:25 . 2009-06-05 17:52	40403408	----a-w-	c:\programdata\Xfire\downloads\tom_clancys_hawx_1.02.exe
2009-06-04 10:30 . 2009-06-04 17:45	62947336	----a-w-	c:\programdata\Xfire\downloads\far_cry_2_1.03.exe
2009-06-01 15:39 . 2009-06-01 15:39	--------	d-----w-	c:\program files\Common Files\BioWare
2009-06-01 15:13 . 2009-06-01 15:39	--------	d-----w-	c:\program files\Mass Effect
2009-05-29 20:46 . 2009-05-29 20:46	--------	d-----w-	c:\program files\SnailWeb
2009-05-29 20:41 . 2009-05-29 20:41	--------	d-----w-	c:\windows\system32\Temp
2009-05-27 15:45 . 2009-05-27 15:45	--------	d-----w-	c:\program files\SyncToy 2.0
2009-05-27 15:44 . 2009-05-27 15:44	--------	d-----w-	c:\program files\Microsoft Sync Framework
2009-05-26 15:35 . 2009-05-26 15:35	--------	d-----w-	c:\program files\CAPCOM
2009-05-23 11:20 . 2009-06-10 08:13	--------	d-----w-	c:\program files\DNA
2009-05-22 10:15 . 2009-03-09 13:27	453456	----a-w-	c:\windows\system32\d3dx10_41.dll
2009-05-22 10:15 . 2009-03-09 13:27	1846632	----a-w-	c:\windows\system32\D3DCompiler_41.dll
2009-05-22 10:15 . 2009-03-09 13:27	4178264	----a-w-	c:\windows\system32\D3DX9_41.dll
2009-05-22 10:15 . 2009-03-16 12:18	69448	----a-w-	c:\windows\system32\XAPOFX1_3.dll
2009-05-22 10:15 . 2009-03-16 12:18	517448	----a-w-	c:\windows\system32\XAudio2_4.dll
2009-05-22 10:15 . 2009-03-16 12:18	235352	----a-w-	c:\windows\system32\xactengine3_4.dll
2009-05-22 10:15 . 2009-03-16 12:18	22360	----a-w-	c:\windows\system32\X3DAudio1_6.dll
2009-05-21 22:51 . 2009-05-21 22:51	41808	----a-w-	c:\windows\system32\xfcodec.dll
2009-05-20 18:46 . 2009-05-20 18:46	--------	d-----w-	c:\program files\Velvet Assassin
2009-05-20 16:48 . 2009-05-20 16:48	--------	d-----w-	c:\program files\Microsoft WSE
2009-05-16 19:29 . 2009-05-16 19:30	--------	dc-h--w-	c:\programdata\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}
2009-05-16 19:29 . 2008-08-11 11:26	2864992	-c--a-r-	c:\programdata\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}\setup.exe
2009-05-16 15:51 . 2009-05-16 15:51	--------	d-----w-	c:\program files\Unreal Tournament 3
2009-05-16 15:50 . 2009-05-16 15:50	--------	d-----w-	c:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2009-05-16 08:47 . 2009-05-16 08:47	--------	d-----w-	c:\program files\alaplaya
2009-05-16 05:53 . 2009-05-16 05:53	--------	d-----w-	c:\program files\Empire Interactive

.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-10 08:13 . 2007-12-27 22:21	--------	d-----w-	c:\programdata\NVIDIA
2009-06-10 08:12 . 2008-12-23 20:31	3219574784	--sha-w-	\hiberfil.sys
2009-06-10 08:12 . 2007-12-27 21:49	3533455360	--sha-w-	\pagefile.sys
2009-06-10 08:10 . 2008-07-15 08:52	--------	d-----w-	c:\programdata\avg8
2009-06-10 07:50 . 2008-04-10 18:34	--------	d-----w-	c:\program files\Windows Live
2009-06-08 19:51 . 2009-03-13 08:30	--------	d-----w-	c:\program files\Steam
2009-06-08 18:49 . 2008-04-11 20:23	22328	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2009-06-08 18:48 . 2008-04-11 20:23	103736	----a-w-	c:\windows\system32\PnkBstrB.exe
2009-06-06 10:47 . 2007-12-28 06:09	722780	----a-w-	c:\windows\system32\perfh013.dat
2009-06-06 10:47 . 2007-12-28 06:09	151636	----a-w-	c:\windows\system32\perfc013.dat
2009-06-03 10:23 . 2009-04-11 10:18	--------	d-----w-	c:\programdata\Xfire
2009-06-01 20:52 . 2008-06-04 17:18	--------	d-----w-	c:\program files\Creative
2009-06-01 15:39 . 2009-01-22 14:21	--------	d-----w-	c:\programdata\Media Center Programs
2009-05-31 18:22 . 2008-07-12 14:27	--------	d-----w-	c:\program files\Electronic Arts
2009-05-31 18:22 . 2007-12-27 22:18	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-05-30 15:40 . 2008-12-01 15:56	--------	d-----w-	c:\program files\EA Games
2009-05-27 15:24 . 2009-04-11 10:18	--------	d-----w-	c:\program files\Xfire
2009-05-24 11:17 . 2009-01-14 14:24	--------	d-----w-	c:\program files\World of Warcraft
2009-05-16 19:29 . 2008-04-22 19:35	669184	----a-w-	c:\windows\system32\pbsvc.exe
2009-05-16 15:50 . 2008-10-12 18:16	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2009-05-13 10:59 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2009-05-09 20:24 . 2009-05-09 16:41	737280	----a-w-	c:\windows\iun6002.exe
2009-05-02 12:43 . 2008-06-09 11:09	--------	d-----w-	c:\program files\SEGA
2009-04-30 09:26 . 2009-04-30 09:05	--------	d-----w-	c:\programdata\Hema Album Software Advanced
2009-04-21 22:20 . 2009-04-21 22:20	14311680	----a-w-	c:\windows\system32\xlive.dll
2009-04-21 22:20 . 2009-04-21 22:20	13642496	----a-w-	c:\windows\system32\xlivefnt.dll
2009-04-17 18:02 . 2009-04-15 17:56	647707832	----a-w-	c:\programdata\Xfire\downloads\WoW-3.0.9.9551-to-3.1.0.9767-enUS-patch.exe
2009-04-16 19:55 . 2008-04-10 18:52	--------	d-----w-	c:\program files\Messenger Plus! Live
2009-04-03 11:03 . 2009-04-03 11:03	191488	----a-w-	c:\windows\SAMURAI7.scr
2009-04-03 11:03 . 2009-04-03 11:03	545280	----a-w-	c:\windows\flashax.exe
2009-04-03 11:03 . 2009-04-03 11:03	12288	----a-w-	c:\windows\impborl.dll
2009-03-17 03:38 . 2009-04-17 16:57	13824	----a-w-	c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-17 16:57	24064	----a-w-	c:\windows\system32\amxread.dll
2009-03-12 16:33 . 2009-03-12 16:33	921928	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2007-12-28 06:28 . 2007-12-28 06:11	8192	--sha-w-	c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-05-23 318272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"CTCheck"="c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-14 57344]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"K3805"="c:\program files\Alchemy Elixir\control.exe" [2008-06-13 237568]
"WheelMouse"="c:\advanc~1\wh_exec.exe" [2008-02-21 98304]
"Nokia FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2008-12-03 2372840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-15 4874240]

c:\users\Jo‰l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2009-5-22 3171664]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Alchemy Elixir.lnk - c:\program files\Alchemy Elixir\traicon.exe [2008-12-23 126976]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4070019783-475820525-1594790164-1000]
"EnableNotificationsRef"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4070019783-475820525-1594790164-1001]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\AuthorizedApplications\List]
"c:\\Program Files\\NCsoft\\Exteel\\System\\Exteel.exe"= c:\program files\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{977B50A0-D540-4401-A2AC-982A4DAF51A4}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{E7B850B9-8C3B-4E15-8ED2-1AF7320816EA}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{184C51D4-7112-4C30-8824-3DF1F4D1501C}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{43EBA7E6-F97C-4D23-899A-A229CA697338}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{F0225E2E-8690-4EC6-96B0-47E154BD4FB7}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{640A25DC-F40A-4FC6-8D09-3766CD291C68}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{928CA06D-908C-4DFE-BA02-A0FE83B187D0}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{74D90E6A-F2A8-44AA-BE90-D9B720A1BE07}"= UDP:c:\program files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:Tom Clancy's Rainbow Six Vegas 2
"{0E1D7DFC-3430-48A8-A811-CA897086D320}"= TCP:c:\program files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:Tom Clancy's Rainbow Six Vegas 2
"{CC282ECE-CDF4-4996-A21E-F26E276DF8DE}"= UDP:c:\program files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:Tom Clancy's Rainbow Six Vegas 2 Update
"{C9A6188A-6B0D-4245-B94D-B97E1515092C}"= TCP:c:\program files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:Tom Clancy's Rainbow Six Vegas 2 Update
"{CE57A7FF-F8C1-4C92-9AF2-9F8E6D9275BC}"= UDP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{4E4A8C38-F41A-4E61-B235-DD669EF4E95E}"= TCP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{05DB419B-35D8-4FD7-9A0A-A779CCF3B216}"= UDP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{AFA09A20-C2BB-4727-880B-DD5A6B2B07C8}"= TCP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{9CA27CF9-D190-4047-BA22-89EFEE7366A1}"= UDP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{2BC8DC91-FC6E-494F-935E-EB2110067C6E}"= TCP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{D31B5BDD-8144-4CAE-B713-B8DF55BB4B79}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{7712FCAA-53DE-4BD4-89EF-1DBF9A070949}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{0EE6B291-CBA5-418C-A2E3-FF3958C666BC}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{2AA69B6F-4E16-46EF-BE05-C08569772031}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"TCP Query User{1F99AC67-8F60-4D43-A586-7DD79E5289E4}c:\\program files\\ubisoft\\tom clancy's rainbow six vegas 2\\binaries\\r6vegas2_game.exe"= UDP:c:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe:R6Vegas2_Game
"UDP Query User{FA393624-0355-4871-AADF-B76FA7E2E7D8}c:\\program files\\ubisoft\\tom clancy's rainbow six vegas 2\\binaries\\r6vegas2_game.exe"= TCP:c:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe:R6Vegas2_Game
"TCP Query User{564ED9EE-EF8E-4042-8E4E-71507CD6E593}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{14358555-FB3F-4A66-B3F0-E61FA2671DB8}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{40CBE387-8E6D-483B-AB39-79DCB768E32E}c:\\program files\\sega\\medieval ii total war\\kingdoms.exe"= UDP:c:\program files\sega\medieval ii total war\kingdoms.exe:Medieval 2 Total War: Kingdoms
"UDP Query User{95074A54-1CB2-40BC-98AE-822B9707BB63}c:\\program files\\sega\\medieval ii total war\\kingdoms.exe"= TCP:c:\program files\sega\medieval ii total war\kingdoms.exe:Medieval 2 Total War: Kingdoms
"{4A64F476-4CCC-4E65-819C-4076E9AA8954}"= Disabled:c:\program files\Electronic Arts\Command & Conquer 3 Kane's Wrath\RetailExe\1.0\cnc3ep1.dat:Command & Conquer™ 3: Kane's Wrath
"{38CB0234-04C8-4044-9F35-2D292476DF7B}"= UDP:c:\program files\Electronic Arts\Command & Conquer 3 Kane's Wrath\cnc3ep1.exe:cnc3ep1
"{A62B50AF-0A0B-4223-83EE-05F16A0303B1}"= TCP:c:\program files\Electronic Arts\Command & Conquer 3 Kane's Wrath\cnc3ep1.exe:cnc3ep1
"{D22D0303-D586-4D28-87C6-FAFA76168F6A}"= UDP:c:\program files\Electronic Arts\Command & Conquer 3 Kane's Wrath\RetailExe\1.0\cnc3ep1.dat:cnc3ep1
"{A81CDF94-BDF0-4885-BA76-5369DD6ECB8B}"= TCP:c:\program files\Electronic Arts\Command & Conquer 3 Kane's Wrath\RetailExe\1.0\cnc3ep1.dat:cnc3ep1
"{077D07F3-1181-462D-AAD4-D390AC2D6331}"= UDP:c:\program files\Electronic Arts\Command & Conquer 3\CNC3.exe:CNC3
"{0D80309C-A150-4D3F-965B-B8AD4BAA6DF5}"= TCP:c:\program files\Electronic Arts\Command & Conquer 3\CNC3.exe:CNC3
"{C2D63FB2-9EC3-45A9-8B29-D197C8AF0EDB}"= UDP:c:\program files\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat:cnc3game
"{01C3319F-569E-4F50-A97B-D280F1FFC94F}"= TCP:c:\program files\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat:cnc3game
"{A9C31D27-A82B-43D9-9461-FB5F83DAB9E8}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{480A7A5F-0601-4F21-B199-493275664447}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{99259A9B-813C-44C1-9594-E040DEA41510}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{2E011145-8379-4AA2-9C3F-36FA4DF7F145}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{A85B74EE-DD95-4055-A4BE-E6025562385F}"= TCP:c:\program files\DNA\btdna.exe:DNA
"{66D57028-34C9-4A56-8A6D-26CB4D34FE8F}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{066696B4-9B61-49EB-AA9D-A32DE4E055F9}"= TCP:c:\program files\DNA\btdna.exe:DNA
"{20CAC5E5-5EA9-4F98-87C7-744E2E9CC8DB}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{0BF11601-6B4E-4664-A1C7-EF5959CE010B}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{5580A820-BDEF-478E-B097-E1E28C139D62}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{AA492823-4A5C-4ED3-8650-739423EFB3B4}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{923B55F2-B9B3-496F-BEF8-330E53BF417F}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{77DC4EA1-E203-4FA5-9932-31981282A72E}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{B48BA386-FD11-4FFB-B711-21FD6C141C56}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editor
"{C971CB17-0155-4F11-AAEA-B24DC17D33BA}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editor
"{81C28F21-048E-4BA1-8D5B-C79DEF56F2AA}"= UDP:c:\program files\Ubisoft\Prince of Persia\Prince of Persia.exe:Prince of Persia Dx
"{2A173D81-4FB9-4036-9CB0-57CC91B980A4}"= TCP:c:\program files\Ubisoft\Prince of Persia\Prince of Persia.exe:Prince of Persia Dx
"{E423362C-82E1-410F-BC6D-4850446CF271}"= UDP:c:\program files\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe:Prince of Persia Update
"{1F5AE6BB-C7EF-4216-AF95-502F443B379C}"= TCP:c:\program files\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe:Prince of Persia Update
"{4A8F91A8-5825-4D01-9C7A-4B19590BE2C8}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"{9E481735-4D7B-46A5-8CC3-0CD276420081}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"{DEB8FE64-E4CC-471C-B367-12E39B5779D9}"= UDP:c:\program files\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe:Mirror's Edge™
"{33BCDFCA-7FAE-4B37-8859-D5F245DCE847}"= TCP:c:\program files\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe:Mirror's Edge™
"{3218FD09-75FA-4845-BCE7-5BA63D664942}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{0881B7E9-6E63-4091-9F55-E9966B47AC5A}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{7FDAF3B4-EB62-422C-8D0A-D829E83FB9FE}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{6A16ADF5-559F-4538-891E-109CC0E160D1}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{338B487C-4A2F-4119-9883-B96B416CBB9A}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player 
"{B01D7833-1944-4409-BBCB-0CCDCCF6B2F9}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player 
"{A604ED3D-17D9-434F-8C11-9412AFA54CF7}"= UDP:50005:Utorrent1
"{DA124555-5DFA-406F-986C-D08287A718C6}"= TCP:50005:Utorrent1
"{020E2B6C-C7AD-46A0-B8F3-49B587F40EDF}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM) 
"{5949C0E1-1C9B-4F44-B6E5-B93C9DEE9F2A}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM) 
"{FED3B674-F4BC-42F4-AE82-619BC40307AE}"= UDP:c:\program files\GrabIt\GrabIt.exe:GrabIt
"{E8489268-42FB-4A3E-A1D1-75488572526E}"= TCP:c:\program files\GrabIt\GrabIt.exe:GrabIt
"{0A252A0B-106B-43F7-95F7-4F221CDE2B5F}"= UDP:119:nieuwsgroep
"{6D8B099A-3C14-41F8-B063-6E44CAA436A3}"= TCP:119:nieuwsgroep 2
"{C14F0F0B-7C57-4209-ABA4-D39B67409526}"= UDP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:Tom Clancy's H.A.W.X
"{F32D35F1-F50F-4934-9661-CACE18F68A38}"= TCP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:Tom Clancy's H.A.W.X
"{C8702C8B-DFB8-46A8-AAC2-9FE3AB8B7D4E}"= UDP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:Tom Clancy's H.A.W.X
"{72DB7BF7-2B5A-4F3A-95A9-B21E104B6D06}"= TCP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:Tom Clancy's H.A.W.X
"{79C7199C-CD58-4600-A57D-B27F1412A9C9}"= UDP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"{665695B8-8C38-4B0D-B816-47826B7A5F8E}"= TCP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"{EEC4F4DE-DD7C-482D-ABBE-ABD8B7C7602E}"= UDP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV
"{928927FF-F582-4911-AB15-2855C6159322}"= TCP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV
"TCP Query User{8D65FB3C-5E81-4E76-92D9-4189080101E8}c:\\program files\\left4dead\\left4dead.exe"= UDP:c:\program files\left4dead\left4dead.exe:left4dead
"UDP Query User{577C99E8-F057-4FAD-AF2A-DB3BE7676FB0}c:\\program files\\left4dead\\left4dead.exe"= TCP:c:\program files\left4dead\left4dead.exe:left4dead
"TCP Query User{A57DD2ED-E0BF-4418-B062-22C1054B36B0}c:\\program files\\hamachi\\hamachi.exe"= UDP:c:\program files\hamachi\hamachi.exe:Hamachi Client
"UDP Query User{91E1A655-2BD9-4CFB-A2A1-453FD112CADD}c:\\program files\\hamachi\\hamachi.exe"= TCP:c:\program files\hamachi\hamachi.exe:Hamachi Client
"TCP Query User{DBCF3ED4-91ED-4437-8AC5-BCC391DC7B72}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{8F7D63A2-49FE-4169-84FD-223D6BFFBED6}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"TCP Query User{37A91086-8EF7-4AEC-935E-30BF370BAA7E}c:\\sierra\\emperorrotmk\\emperor.exe"= UDP:c:\sierra\emperorrotmk\emperor.exe:Emperor
"UDP Query User{5A95D0F1-FD10-4C6A-B44E-7573E5D45B51}c:\\sierra\\emperorrotmk\\emperor.exe"= TCP:c:\sierra\emperorrotmk\emperor.exe:Emperor
"TCP Query User{6D4B9CBE-15BA-4FB9-AC3C-8EB488CC3684}c:\\program files\\ubisoft\\tom clancy's h.a.w.x\\hawx.exe"= UDP:c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe:HAWX
"UDP Query User{720183FF-F457-4D01-9D8B-AE6753E1A773}c:\\program files\\ubisoft\\tom clancy's h.a.w.x\\hawx.exe"= TCP:c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe:HAWX
"TCP Query User{07605381-76F0-4452-AF68-16E8351BC327}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{2E0F0B4B-74C1-40F1-BAF8-E14804D72FBC}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"TCP Query User{CBBEF3E4-38AD-4F72-AB11-B9379B5A9912}c:\\program files\\empire interactive\\flatout 2\\flatout2.exe"= UDP:c:\program files\empire interactive\flatout 2\flatout2.exe:flatout2
"UDP Query User{109A3629-9199-44B7-A962-48485730FFF3}c:\\program files\\empire interactive\\flatout 2\\flatout2.exe"= TCP:c:\program files\empire interactive\flatout 2\flatout2.exe:flatout2
"{AE43C07D-60E4-4AFB-8F4A-FD11B26853B2}"= UDP:c:\program files\Unreal Tournament 3\Binaries\UT3.exe:Unreal Tournament 3
"{6B5FEE2A-A288-4C19-A6FB-2FE1906E7DFD}"= TCP:c:\program files\Unreal Tournament 3\Binaries\UT3.exe:Unreal Tournament 3
"{072635B2-7398-49BD-8794-623BBA5C7764}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{7CE83EF4-F194-4CF8-B3B5-D3A527156C08}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{7FB503C6-9C3E-414F-8584-B286984EE9EE}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{BEDA5682-A291-4993-8A09-BDE2605CDA55}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{9E149FE4-6CBB-4265-9D5F-175E7B62E1EB}c:\\program files\\unreal tournament 3\\binaries\\ut3.exe"= UDP:c:\program files\unreal tournament 3\binaries\ut3.exe:UT3
"UDP Query User{E50A2D8E-C8BC-4E09-9978-E3339D51AC51}c:\\program files\\unreal tournament 3\\binaries\\ut3.exe"= TCP:c:\program files\unreal tournament 3\binaries\ut3.exe:UT3
"{31164978-8937-4940-8E56-12EE88F234C1}"= UDP:c:\program files\EA Games\Battlefield 2\BF2.exe:Battlefield 2
"{15CFA573-DF36-440B-8479-686C795AD633}"= TCP:c:\program files\EA Games\Battlefield 2\BF2.exe:Battlefield 2
"{2F005F36-6510-43C9-A024-22403C498CCF}"= UDP:c:\program files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2
"{C127E761-419F-4DDA-BB97-6D752A1D4277}"= TCP:c:\program files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2
"{BF1D52F4-F8B2-46E9-8BD0-B71E86D811D8}"= UDP:c:\program files\Mass Effect\Binaries\MassEffect.exe:Mass Effect Game
"{552C0803-2C0C-4CF7-9952-321D555E542E}"= TCP:c:\program files\Mass Effect\Binaries\MassEffect.exe:Mass Effect Game
"{3A9BC631-9379-43C6-9E0F-2C3224275A0A}"= UDP:c:\program files\Mass Effect\MassEffectLauncher.exe:Mass Effect Launcher
"{5DF1553A-894E-4585-AE98-110EC43588F3}"= TCP:c:\program files\Mass Effect\MassEffectLauncher.exe:Mass Effect Launcher

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\NCsoft\\Exteel\\System\\Exteel.exe"= c:\program files\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel

R3 ElanFltr;Pro Gaming Keyboard;c:\windows\System32\drivers\ElanFltr.sys [23-12-2008 21:21 48128]
R3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\System32\drivers\whfltr2k.sys [25-1-2007 17:45 6784]
S3 PAC207;SoC PC-Camera;c:\windows\System32\drivers\PFC027.SYS [5-12-2006 12:34 507136]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
- - - - ORPHANS VERWIJDERD - - - -

HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe


.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=81&bd=Pavilion&pf=desktop
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\iwkx1061.default\
FF - prefs.js: browser.startup.homepage - hxxp://nl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npWebLaunch.dll
FF - plugin: c:\program files\thriXXX\WebLaunch\Binaries\npWebLaunch.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll

---- FIREFOX POLICIES ----
 .

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url]http://www.gmer.net[/url]
Rootkit scan 2009-06-10 10:25
Windows 6.0.6001 Service Pack 1 NTFS

scannen van verborgen processen ... 

scannen van verborgen autostart items ... 

scannen van verborgen bestanden ... 

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-4070019783-475820525-1594790164-1000\Software\SecuROM\License information*]
"datasecu"=hex:86,56,3e,ad,d5,b2,77,79,27,fa,4f,f7,67,6e,07,e1,6a,7d,47,dd,21,
   c9,1b,59,f0,1a,c7,f1,72,f6,92,83,91,eb,05,61,65,cf,03,cf,c2,3f,85,8f,c1,e9,\
"rkeysecu"=hex:42,7a,b8,01,09,78,09,6b,f1,8e,9a,7c,b5,9e,99,38
.
Voltooingstijd: 2009-06-10 10:27
ComboFix-quarantined-files.txt  2009-06-10 08:27

Pre-Run: 345.318.023.168 bytes beschikbaar
Post-Run: 345.792.454.656 bytes beschikbaar

319	--- E O F ---	2009-06-10 08:01

____________________________________________________________________________________________________________________________

en een hijack this logje:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:48:49, on 10-6-2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\schtasks.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\jusched.exe
C:\Program Files\Alchemy Elixir\Control.exe
C:\Advanced Wheel Mouse\wh_exec.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe
C:\Windows\System32\wpcumi.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Alchemy Elixir\traicon.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Xfire\Xfire.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\AVG\AVG8\avgui.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.google.nl/[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=81&bd=Pavilion&pf=desktop[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [K3805] "C:\Program Files\Alchemy Elixir\control.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\ADVANC~1\wh_exec.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Alchemy Elixir.lnk = C:\Program Files\Alchemy Elixir\traicon.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix: 
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - [url]http://cdn.scan.onecare.live.com/resource/download/scanner/nl-nl/wlscctrl2.cab[/url]
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - [url]http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab[/url]
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - [url]http://www.instantaction.com/download/iaplayer.cab[/url]
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - [url]http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15108/CTPID.cab[/url]
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 8118 bytes
 
Laatst bewerkt door een moderator:
als ik jouw was zou ik windows opnieuw installeren,ben je van alles af
 
jah dat was ik toch al een keer van plan..

maar dan nog dan krijg ik mijn contactpersonen niet meer terug.

en als ik het goed begrijp kan ik die ook niet meer terug krijgen ook...

Edit:

Nice ik heb een oplossing gevonden :P

in msn ga je naar extra>opties>privacy daar staat een lijstje waar je contactpersonen nog wel in staan, als je dan met rechtermuisknop op een contact klikt kies je voor toevoegen als contactpersoon.

nu heb ik tenminste ook weer alle mensen eruit die ik er eigelijk niet in wil hebben :P

ik neem aan dat het virus na een volledige scan van avg en die malawarebyte wel weg is.
 
Laatst bewerkt:
ik heb een probleem...

ik weet het niet zeker maar volgens mij heb ik het virus nog steeds..

ondanks dat ik met avg 8.5 free en malawarebytes heb gescanned...

ik heb een anti msn virus tooltje van symantec gedownload maar die heeft ook niks gevonden...
 
Status
Niet open voor verdere reacties.
                    Steun ons                    

Nieuwste berichten

Terug
Bovenaan Onderaan