Ga naar inhoud

cobfreak

Lid
  • Items

    24
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door cobfreak

  1. heb net een primary hard disk self test gedaan en krijg de boodschap hard disk 1 quick (303). betekent dit dat de hard disk kapot is?
  2. Er is geen hardeschijf in de drive list. betekent dit dat de harde schijf kapot is of niet deftig aangesoten?
  3. Gaat dit ook met een USB? anders moet ik eerst nog cd'tjes gaan kopen.
  4. heb een hp laptop pavillion g7 -1180eb met windows 7. Ondertussen heeft de laptop het helemaal begeven. Laptop wil niet meer opstarten. De laptop geeft volgende melding op het scherm: kan windows niet starten. Dit wordt mogelijk veroorzaakt door een recente hardware/softwarewijziging. En dan stel de pc voor om te herstellen met windows installatieschijf, maar heb deze niet. Status: 0xc000000f
  5. Ik gebruik de laptop al zonder batterij, want deze heeft het een tijdje geleden al begeven.
  6. Hallo, Het opstarten van mijn pc duurt zeker een 15-30 minuten. Na deze periode zie ik eindelijk het bureaublad. Als ik dan verder andere programma's wil opstarten of surfen duurt dit weer super lang. Kunnen jullie hiermee helpen? Ik heb een HP pavilion g series, windows 7. Alvast bedankt Lars
  7. beste, Mijn website doet een aantal foute dingen op de iphone. De eerste fout is dat de tekst groter wordt dan het zou moeten zijn bij 1 stukje van een pagina, zie afbeelding fout1. De tweede fout is dat de background niet de volledige achtergrond vult zoals bij de computer en dat alleen de content scrolbaar is. zie afbeelding fout 2. De code kan je vinden op www.bloodrocuted.com
  8. in bijlage mijn zoek-results bestandje zoek-results.txt
  9. hallo, Sinds daarstraks opent mijn google chrome met mystartsearch. Tussen mijn software staat er ook niks van mystartsearch. Ook als ik de instellingen van chrome terug naar google zet blijft dit niet. Kunnen jullie mij helpen? mvg - - - Updated - - - Mijn RSIT logje [ATTACH]37393[/ATTACH] log.txt
  10. hallo, mijn windwos live messenger crasht als ik mij aanmeld en dan komt er dit: AppName: msnmsgr.exe AppVer: 14.0.8117.416 AppStamp:4bc935af ModName: mshtml.dll ModVer: 8.0.6001.18928 ModStamp:4be29bcb fDebug: 0 Offset: 00209cb4 zouden jullie mij kunnen helpen?
  11. valt dit op te lossen het probleem met mijn achtergrond in begin
  12. ok doe ik nu direct. Is er nog iets dat ik kan doen? mijn pc blijft bij het opstarten een minuut of 2 gewoon staan op mijn achtergrond zonder pictogrammen en al de rest. en hij werkt dan ook niet, je hoort dat hij niet aan het opstarten is
  13. hier mijn afbeelding van ccleaner ImageShack® - Online Photo and Video Hosting
  14. bedankt voor al je reacties trouwens kweezie ^^ Soluto wil niet installeren als die op 10% zit dan komt er plots aborting. ik doe direct speccy btw bij het opstarten is er 1 minuut alleen achtergrond en geen pictogrammen of balk. daarachter komen die plots te verschijn en laad die alles ---------- Post toegevoegd om 16:24 ---------- Vorige post was om 16:19 ---------- http://speccy.piriform.com/results/6WBaxK8vY2Mp5qgPZ3hTwzq mijn speccy log
  15. het is al wat beter maar het kan toch nog iets sneller volgens mij
  16. ComboFix 11-11-07.03 - HP_Eigenaar 07/11/2011 16:47:54.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.958.471 [GMT 1:00] Gestart vanuit: c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Mijn documenten\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Mijn documenten\Downloads\CFScript.txt AV: BullGuard Antivirus *Disabled/Outdated* {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913} FW: BullGuard Firewall *Enabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1} . FILE :: "c:\windows\005832_.tmp" "c:\windows\system32\SET165.tmp" "c:\windows\system32\SET1B5.tmp" "c:\windows\system32\SET1B6.tmp" "c:\windows\system32\SET6.tmp" "c:\windows\system32\SETE1.tmp" "c:\windows\system32\SETE2.tmp" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\2f196c9f89e9ce98cf70a0bf66233c47 c:\2f196c9f89e9ce98cf70a0bf66233c47\baseline.dat c:\2f196c9f89e9ce98cf70a0bf66233c47\deffactory.dat c:\2f196c9f89e9ce98cf70a0bf66233c47\DeleteTemp.exe c:\2f196c9f89e9ce98cf70a0bf66233c47\dlmgr.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\DW20.EXE c:\2f196c9f89e9ce98cf70a0bf66233c47\DWINTL20.DLL c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1025.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1028.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1029.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1030.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1031.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1032.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1033.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1035.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1036.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1037.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1038.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1040.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1041.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1042.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1043.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1044.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1045.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1046.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1049.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1053.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1055.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.2052.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.2070.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.3082.rtf c:\2f196c9f89e9ce98cf70a0bf66233c47\gencomp.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\HtmlLite.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1025.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1028.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1029.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1030.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1031.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1032.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1035.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1036.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1037.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1038.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1040.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1041.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1042.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1043.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1044.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1045.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1046.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1049.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1053.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1055.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.2052.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.2070.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.3082.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.ini c:\2f196c9f89e9ce98cf70a0bf66233c47\logo.bmp c:\2f196c9f89e9ce98cf70a0bf66233c47\setup.exe c:\2f196c9f89e9ce98cf70a0bf66233c47\setup.sdb c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1025.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1028.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1029.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1030.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1031.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1032.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1035.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1036.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1037.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1038.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1040.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1041.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1042.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1043.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1044.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1045.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1046.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1049.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1053.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1055.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.2052.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.2070.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.3082.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\SITSetup.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\vs_setup.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\vs_setup.MS_ c:\2f196c9f89e9ce98cf70a0bf66233c47\vs_setup.pdi c:\2f196c9f89e9ce98cf70a0bf66233c47\vs70uimgr.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\vsbasereqs.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\vsscenario.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1025.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1028.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1029.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1030.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1031.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1032.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1035.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1036.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1037.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1038.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1040.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1041.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1042.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1043.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1044.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1045.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1046.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1049.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1053.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1055.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.2052.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.2070.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.3082.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.dll c:\2f196c9f89e9ce98cf70a0bf66233c47\WapUI.dll C:\5a15bd1d3d01013c33d64b c:\5a15bd1d3d01013c33d64b\baseline.dat c:\5a15bd1d3d01013c33d64b\deffactory.dat c:\5a15bd1d3d01013c33d64b\DeleteTemp.exe c:\5a15bd1d3d01013c33d64b\dlmgr.dll c:\5a15bd1d3d01013c33d64b\DW20.EXE c:\5a15bd1d3d01013c33d64b\DWINTL20.DLL c:\5a15bd1d3d01013c33d64b\eula.1025.rtf c:\5a15bd1d3d01013c33d64b\eula.1028.rtf c:\5a15bd1d3d01013c33d64b\eula.1029.rtf c:\5a15bd1d3d01013c33d64b\eula.1030.rtf c:\5a15bd1d3d01013c33d64b\eula.1031.rtf c:\5a15bd1d3d01013c33d64b\eula.1032.rtf c:\5a15bd1d3d01013c33d64b\eula.1033.rtf c:\5a15bd1d3d01013c33d64b\eula.1035.rtf c:\5a15bd1d3d01013c33d64b\eula.1036.rtf c:\5a15bd1d3d01013c33d64b\eula.1037.rtf c:\5a15bd1d3d01013c33d64b\eula.1038.rtf c:\5a15bd1d3d01013c33d64b\eula.1040.rtf c:\5a15bd1d3d01013c33d64b\eula.1041.rtf c:\5a15bd1d3d01013c33d64b\eula.1042.rtf c:\5a15bd1d3d01013c33d64b\eula.1043.rtf c:\5a15bd1d3d01013c33d64b\eula.1044.rtf c:\5a15bd1d3d01013c33d64b\eula.1045.rtf c:\5a15bd1d3d01013c33d64b\eula.1046.rtf c:\5a15bd1d3d01013c33d64b\eula.1049.rtf c:\5a15bd1d3d01013c33d64b\eula.1053.rtf c:\5a15bd1d3d01013c33d64b\eula.1055.rtf c:\5a15bd1d3d01013c33d64b\eula.2052.rtf c:\5a15bd1d3d01013c33d64b\eula.2070.rtf c:\5a15bd1d3d01013c33d64b\eula.3082.rtf c:\5a15bd1d3d01013c33d64b\gencomp.dll c:\5a15bd1d3d01013c33d64b\HtmlLite.dll c:\5a15bd1d3d01013c33d64b\locdata.1025.ini c:\5a15bd1d3d01013c33d64b\locdata.1028.ini c:\5a15bd1d3d01013c33d64b\locdata.1029.ini c:\5a15bd1d3d01013c33d64b\locdata.1030.ini c:\5a15bd1d3d01013c33d64b\locdata.1031.ini c:\5a15bd1d3d01013c33d64b\locdata.1032.ini c:\5a15bd1d3d01013c33d64b\locdata.1035.ini c:\5a15bd1d3d01013c33d64b\locdata.1036.ini c:\5a15bd1d3d01013c33d64b\locdata.1037.ini c:\5a15bd1d3d01013c33d64b\locdata.1038.ini c:\5a15bd1d3d01013c33d64b\locdata.1040.ini c:\5a15bd1d3d01013c33d64b\locdata.1041.ini c:\5a15bd1d3d01013c33d64b\locdata.1042.ini c:\5a15bd1d3d01013c33d64b\locdata.1043.ini c:\5a15bd1d3d01013c33d64b\locdata.1044.ini c:\5a15bd1d3d01013c33d64b\locdata.1045.ini c:\5a15bd1d3d01013c33d64b\locdata.1046.ini c:\5a15bd1d3d01013c33d64b\locdata.1049.ini c:\5a15bd1d3d01013c33d64b\locdata.1053.ini c:\5a15bd1d3d01013c33d64b\locdata.1055.ini c:\5a15bd1d3d01013c33d64b\locdata.2052.ini c:\5a15bd1d3d01013c33d64b\locdata.2070.ini c:\5a15bd1d3d01013c33d64b\locdata.3082.ini c:\5a15bd1d3d01013c33d64b\locdata.ini c:\5a15bd1d3d01013c33d64b\logo.bmp c:\5a15bd1d3d01013c33d64b\setup.exe c:\5a15bd1d3d01013c33d64b\setup.sdb c:\5a15bd1d3d01013c33d64b\setupres.1025.dll c:\5a15bd1d3d01013c33d64b\setupres.1028.dll c:\5a15bd1d3d01013c33d64b\setupres.1029.dll c:\5a15bd1d3d01013c33d64b\setupres.1030.dll c:\5a15bd1d3d01013c33d64b\setupres.1031.dll c:\5a15bd1d3d01013c33d64b\setupres.1032.dll c:\5a15bd1d3d01013c33d64b\setupres.1035.dll c:\5a15bd1d3d01013c33d64b\setupres.1036.dll c:\5a15bd1d3d01013c33d64b\setupres.1037.dll c:\5a15bd1d3d01013c33d64b\setupres.1038.dll c:\5a15bd1d3d01013c33d64b\setupres.1040.dll c:\5a15bd1d3d01013c33d64b\setupres.1041.dll c:\5a15bd1d3d01013c33d64b\setupres.1042.dll c:\5a15bd1d3d01013c33d64b\setupres.1043.dll c:\5a15bd1d3d01013c33d64b\setupres.1044.dll c:\5a15bd1d3d01013c33d64b\setupres.1045.dll c:\5a15bd1d3d01013c33d64b\setupres.1046.dll c:\5a15bd1d3d01013c33d64b\setupres.1049.dll c:\5a15bd1d3d01013c33d64b\setupres.1053.dll c:\5a15bd1d3d01013c33d64b\setupres.1055.dll c:\5a15bd1d3d01013c33d64b\setupres.2052.dll c:\5a15bd1d3d01013c33d64b\setupres.2070.dll c:\5a15bd1d3d01013c33d64b\setupres.3082.dll c:\5a15bd1d3d01013c33d64b\setupres.dll c:\5a15bd1d3d01013c33d64b\SITSetup.dll c:\5a15bd1d3d01013c33d64b\vs_setup.dll c:\5a15bd1d3d01013c33d64b\vs_setup.MS_ c:\5a15bd1d3d01013c33d64b\vs_setup.pdi c:\5a15bd1d3d01013c33d64b\vs70uimgr.dll c:\5a15bd1d3d01013c33d64b\vsbasereqs.dll c:\5a15bd1d3d01013c33d64b\vsscenario.dll c:\5a15bd1d3d01013c33d64b\WapRes.1025.dll c:\5a15bd1d3d01013c33d64b\WapRes.1028.dll c:\5a15bd1d3d01013c33d64b\WapRes.1029.dll c:\5a15bd1d3d01013c33d64b\WapRes.1030.dll c:\5a15bd1d3d01013c33d64b\WapRes.1031.dll c:\5a15bd1d3d01013c33d64b\WapRes.1032.dll c:\5a15bd1d3d01013c33d64b\WapRes.1035.dll c:\5a15bd1d3d01013c33d64b\WapRes.1036.dll c:\5a15bd1d3d01013c33d64b\WapRes.1037.dll c:\5a15bd1d3d01013c33d64b\WapRes.1038.dll c:\5a15bd1d3d01013c33d64b\WapRes.1040.dll c:\5a15bd1d3d01013c33d64b\WapRes.1041.dll c:\5a15bd1d3d01013c33d64b\WapRes.1042.dll c:\5a15bd1d3d01013c33d64b\WapRes.1043.dll c:\5a15bd1d3d01013c33d64b\WapRes.1044.dll c:\5a15bd1d3d01013c33d64b\WapRes.1045.dll c:\5a15bd1d3d01013c33d64b\WapRes.1046.dll c:\5a15bd1d3d01013c33d64b\WapRes.1049.dll c:\5a15bd1d3d01013c33d64b\WapRes.1053.dll c:\5a15bd1d3d01013c33d64b\WapRes.1055.dll c:\5a15bd1d3d01013c33d64b\WapRes.2052.dll c:\5a15bd1d3d01013c33d64b\WapRes.2070.dll c:\5a15bd1d3d01013c33d64b\WapRes.3082.dll c:\5a15bd1d3d01013c33d64b\WapRes.dll c:\5a15bd1d3d01013c33d64b\WapUI.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-07 to 2011-11-07 )))))))))))))))))))))))))))))) . . 2011-11-05 12:30 . 2011-11-07 15:36 -------- d--h--r- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Onlangs geopend 2011-11-05 11:51 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll 2011-11-05 11:50 . 2010-08-23 16:13 617472 ------w- c:\windows\system32\dllcache\comctl32.dll 2011-11-05 11:47 . 2011-06-24 14:10 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys 2011-11-05 11:47 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys 2011-11-05 11:46 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys 2011-11-05 11:42 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys 2011-11-05 11:41 . 2009-08-13 15:24 512000 ------w- c:\windows\system32\dllcache\jscript.dll 2011-11-05 11:40 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe 2011-11-04 13:08 . 2008-10-15 16:37 337408 ------w- c:\windows\system32\dllcache\netapi32.dll 2011-11-04 13:08 . 2008-06-14 17:36 272640 ------w- c:\windows\system32\dllcache\bthport.sys 2011-11-04 13:05 . 2011-02-17 13:18 357888 ------w- c:\windows\system32\dllcache\srv.sys 2011-11-04 13:04 . 2011-07-15 13:29 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys 2011-11-04 13:04 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll 2011-11-04 13:03 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe 2011-11-04 13:02 . 2010-08-27 08:03 119808 ------w- c:\windows\system32\dllcache\t2embed.dll 2011-11-04 13:02 . 2009-10-15 16:38 81920 ------w- c:\windows\system32\dllcache\fontsub.dll 2011-11-04 13:02 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe 2011-11-04 13:02 . 2010-12-09 15:14 2197120 ------w- c:\windows\system32\dllcache\ntoskrnl.exe 2011-11-04 13:02 . 2009-03-06 14:23 285696 ------w- c:\windows\system32\dllcache\pdh.dll 2011-11-04 13:02 . 2009-02-09 11:27 111104 ------w- c:\windows\system32\dllcache\services.exe 2011-11-04 13:02 . 2009-02-09 10:56 401408 ------w- c:\windows\system32\dllcache\rpcss.dll 2011-11-04 13:02 . 2009-02-09 10:56 473600 ------w- c:\windows\system32\dllcache\fastprox.dll 2011-11-04 13:02 . 2009-02-09 10:56 684544 ------w- c:\windows\system32\dllcache\advapi32.dll 2011-11-04 13:02 . 2010-12-20 17:25 735232 ------w- c:\windows\system32\dllcache\lsasrv.dll 2011-11-04 13:02 . 2009-02-09 10:56 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll 2011-11-04 13:02 . 2010-12-09 15:15 739328 ------w- c:\windows\system32\dllcache\ntdll.dll 2011-11-04 13:01 . 2010-12-09 15:14 2153472 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe 2011-11-04 13:01 . 2010-12-09 15:14 2031616 ------w- c:\windows\system32\dllcache\ntkrpamp.exe 2011-11-04 13:00 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys 2011-11-04 12:49 . 2010-07-16 11:58 221184 ------w- c:\windows\system32\dllcache\wordpad.exe 2011-11-04 12:16 . 2008-04-14 21:09 88064 ------w- c:\windows\system32\dllcache\msxml6r.dll 2011-11-04 12:16 . 2009-07-31 09:05 1372672 ------w- c:\windows\system32\dllcache\msxml6.dll 2011-11-04 12:10 . 2008-04-14 21:32 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll 2011-11-04 12:07 . 2006-12-28 23:31 19569 ----a-w- c:\windows\005832_.tmp 2011-11-04 11:56 . 2011-11-04 11:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Soluto 2011-11-04 08:49 . 2011-11-04 08:49 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Malwarebytes 2011-11-04 08:49 . 2011-11-04 08:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-11-04 08:48 . 2011-11-04 08:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-11-04 08:48 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-03 23:35 . 2011-11-03 23:35 388096 ----a-r- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-02 16:36 . 2011-11-02 16:37 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Facebook 2011-11-02 09:52 . 2011-11-02 09:53 -------- d-----w- c:\program files\CCleaner . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-19 11:21 . 2011-05-16 14:38 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-26 10:41 . 2011-09-26 10:41 614912 ------w- c:\windows\system32\uiautomationcore.dll 2011-09-26 10:41 . 2006-05-19 19:56 23040 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-26 10:41 . 2006-05-19 19:56 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-09 09:12 . 2006-05-19 19:55 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-09-06 14:09 . 2006-05-19 19:56 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-09-05 13:55 . 2006-05-19 19:55 371712 ------w- c:\windows\system32\html.iec 2011-08-22 19:18 . 2011-04-19 13:43 155992 ----a-w- c:\windows\system32\BGLsp.dll 2011-08-17 13:49 . 2006-05-19 19:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys 2011-10-05 14:50 . 2011-09-04 09:33 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2005-09-08 07:50 1172472 --sha-r- c:\windows\Cursors\arrow_xm.exe . . ((((((((((((((((((((((((((((( SnapShot@2011-11-06_11.00.01 ))))))))))))))))))))))))))))))))))))))))) . + 2011-11-07 15:09 . 2011-11-07 15:09 16384 c:\windows\Temp\Perflib_Perfdata_7fc.dat + 2011-11-07 15:09 . 2011-11-07 15:09 16384 c:\windows\Temp\Perflib_Perfdata_52c.dat + 2006-05-19 19:56 . 2009-06-25 08:27 54272 c:\windows\system32\wdigest.dll + 2006-05-19 19:56 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe - 2006-05-19 19:56 . 2009-02-03 19:59 56832 c:\windows\system32\secur32.dll + 2006-05-19 19:56 . 2009-06-25 08:27 56832 c:\windows\system32\secur32.dll - 2006-05-19 19:55 . 2008-04-14 21:32 45568 c:\windows\system32\dnsrslvr.dll + 2006-05-19 19:55 . 2009-04-20 17:22 45568 c:\windows\system32\dnsrslvr.dll + 2006-05-19 19:56 . 2011-09-26 10:41 23040 c:\windows\system32\dllcache\oleaccrc.dll + 2008-05-05 06:25 . 2011-02-17 12:54 5632 c:\windows\system32\xpsp4res.dll + 2006-05-19 19:56 . 2011-06-20 17:44 293888 c:\windows\system32\winsrv.dll - 2006-05-19 19:56 . 2008-04-14 21:32 293888 c:\windows\system32\winsrv.dll + 2006-05-19 19:56 . 2010-04-16 15:38 406016 c:\windows\system32\usp10.dll - 2006-05-19 19:56 . 2008-04-14 21:32 406016 c:\windows\system32\usp10.dll + 2006-05-19 19:56 . 2010-08-27 08:03 119808 c:\windows\system32\t2embed.dll - 2006-05-19 19:56 . 2009-10-15 16:38 119808 c:\windows\system32\t2embed.dll - 2006-05-19 19:56 . 2008-04-14 21:32 135680 c:\windows\system32\shsvcs.dll + 2006-05-19 19:56 . 2009-07-27 23:19 135680 c:\windows\system32\shsvcs.dll + 2006-05-19 19:56 . 2011-04-29 17:25 151552 c:\windows\system32\schannel.dll + 2006-05-19 19:56 . 2010-08-16 08:45 590848 c:\windows\system32\rpcrt4.dll - 2006-05-19 19:56 . 2008-04-14 21:32 249856 c:\windows\system32\odbc32.dll + 2006-05-19 19:56 . 2010-11-09 14:52 249856 c:\windows\system32\odbc32.dll - 2006-05-19 19:56 . 2008-06-20 17:49 247296 c:\windows\system32\mswsock.dll + 2006-05-19 19:56 . 2008-06-20 16:04 247296 c:\windows\system32\mswsock.dll + 2006-05-19 19:56 . 2011-02-08 13:33 978944 c:\windows\system32\mfc42.dll + 2006-05-19 19:55 . 2010-12-22 12:34 301568 c:\windows\system32\kerberos.dll + 2006-05-19 19:55 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll + 2006-05-19 19:56 . 2011-09-26 10:41 220160 c:\windows\system32\dllcache\oleacc.dll + 2006-05-19 19:55 . 2011-02-15 12:56 290432 c:\windows\system32\atmfd.dll + 2008-07-29 16:37 . 2008-07-29 16:37 911360 c:\windows\Installer\dd9734.msp + 2008-07-29 16:33 . 2008-07-29 16:33 506368 c:\windows\Installer\dd9733.msp + 2008-07-29 16:35 . 2008-07-29 16:35 553472 c:\windows\Installer\dd9731.msp + 2006-05-19 19:56 . 2011-01-21 14:44 8509440 c:\windows\system32\shell32.dll + 2004-08-04 11:00 . 2011-09-05 13:56 1510400 c:\windows\system32\shdocvw.dll + 2004-08-04 11:00 . 2010-07-16 12:01 1287680 c:\windows\system32\ole32.dll - 2006-05-19 19:56 . 2009-07-31 04:35 1172480 c:\windows\system32\msxml3.dll + 2006-05-19 19:56 . 2010-06-14 07:43 1172480 c:\windows\system32\msxml3.dll + 2004-12-03 17:12 . 2011-11-06 11:30 3591144 c:\windows\system32\FNTCACHE.DAT + 2004-08-04 11:00 . 2011-09-05 13:56 1025024 c:\windows\system32\browseui.dll - 2004-08-04 11:00 . 2010-04-16 16:09 1025024 c:\windows\system32\browseui.dll + 2008-07-29 16:31 . 2008-07-29 16:31 6083072 c:\windows\Installer\dd9735.msp + 2008-07-29 16:43 . 2008-07-29 16:43 1013248 c:\windows\Installer\dd9732.msp + 2008-07-29 16:39 . 2008-07-29 16:39 3403264 c:\windows\Installer\dd9730.msp + 2008-07-29 16:41 . 2008-07-29 16:41 6487040 c:\windows\Installer\dd972f.msp + 2008-07-29 16:29 . 2008-07-29 16:29 2926080 c:\windows\Installer\dd972e.msp + 2008-07-29 16:45 . 2008-07-29 16:45 2543616 c:\windows\Installer\dd972d.msp . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl"="c:\program files\ASUS\ASUS Remote\RemoteControlAppl.exe" [2005-06-10 61440] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184] . c:\documents and settings\Administrator.UW-4B58D8528225\Menu Start\Programma's\Opstarten\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-1-4 27136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\BgGamingMonitor.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^BTTray.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\BTTray.lnk backup=c:\windows\pss\BTTray.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk] backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech Desktop Messenger.lnk . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] 2010-03-06 02:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2011-11-04 10:51 136176 ----atw- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp] 2005-09-21 17:41 1605740 ----a-w- c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD08] 2005-06-02 06:35 49152 ----a-w- c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon] 2007-08-22 14:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] 2011-09-28 21:05 20480 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate] 2004-10-08 10:06 196608 ----a-w- c:\program files\Logitech\Video\ManifestEngine.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] 2004-10-08 10:31 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] 2004-10-08 10:24 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2006-01-04 21:47 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\BitTorrent\\BitTorrent.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"= "c:\\Documents and Settings\\HP_Eigenaar.UW-4B58D8528225.000\\Mijn documenten\\Downloads\\solutoinstaller.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "2538:TCP"= 2538:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [15/06/2011 11:32 64608] R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [15/06/2011 11:32 789448] R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [15/06/2011 11:32 19272] R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [19/05/2006 20:56 14336] R2 BsBhvScan;BullGuard behavioural detection service;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [30/06/2011 15:30 338264] R2 BsBrowser;BullGuard antiphishing service;c:\windows\System32\SvcHost.exe -k BullGuard_LowPriv [19/05/2006 20:56 14336] R2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe -k BullGuard [19/05/2006 20:56 14336] R2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe -k BullGuard [19/05/2006 20:56 14336] R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe -k BullGuard [19/05/2006 20:56 14336] R2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe -k BullGuard_Main [19/05/2006 20:56 14336] R2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [18/05/2011 10:34 320344] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [4/01/2006 22:35 2808704] R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [15/06/2011 11:32 34280] R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [15/06/2011 11:32 267624] R3 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [29/06/2011 12:08 288600] R3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [4/01/2006 22:35 468768] S3 BgRaSvc;BgRaSvc;c:\program files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe [18/05/2011 10:34 125784] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] S3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;c:\windows\system32\drivers\wn5401.sys [4/01/2006 22:35 449920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc Akamai REG_MULTI_SZ Akamai BullGuard_Main REG_MULTI_SZ BsMain BullGuard REG_MULTI_SZ BsFileScan BsMailProxy BsFire BullGuard_LowPriv REG_MULTI_SZ BsBrowser . Inhoud van de 'Gedeelde Taken' map . 2011-10-27 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . 2011-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-10 10:36] . 2011-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-10 10:36] . 2011-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1926163156-312049928-3774402212-1008Core.job - c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-04 10:51] . 2011-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1926163156-312049928-3774402212-1008UA.job - c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-04 10:51] . 2011-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2868996466-2378887863-459018987-1008Core.job - c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-02 16:42] . 2011-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2868996466-2378887863-459018987-1008UA.job - c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-02 16:42] . 2011-11-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2868996466-2378887863-459018987-1008.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02] . 2011-10-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2868996466-2378887863-459018987-1008.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02] . 2011-11-07 c:\windows\Tasks\User_Feed_Synchronization-{86691127-2526-48A2-BC21-770488CEED6B}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31] . . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = localhost IE: E&xporteren naar Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000 IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Verzenden naar Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm LSP: c:\windows\system32\BGLsp.dll TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Mozilla\Firefox\Profiles\965ks0js.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/firefox . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-11-07 17:01 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1028) c:\windows\system32\BgGamingMonitor.dll . - - - - - - - > 'lsass.exe'(1108) c:\windows\system32\BgGamingMonitor.dll c:\windows\system32\BGLsp.dll . Voltooingstijd: 2011-11-07 17:05:02 ComboFix-quarantined-files.txt 2011-11-07 16:05 ComboFix2.txt 2011-11-06 11:03 . Pre-Run: 129.468.018.688 bytes beschikbaar Post-Run: 129.428.815.872 bytes beschikbaar . - - End Of File - - 981BA3FA9284AC70C1F0E41C15932EE7 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:12:13, on 7/11/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\SvcHost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe C:\WINDOWS\System32\SvcHost.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: BullGuard Safe Browsing - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: C:\WINDOWS\system32\BgGamingMonitor.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 9692 bytes
  17. ComboFix 11-11-06.01 - HP_Eigenaar 06/11/2011 11:45:46.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.958.114 [GMT 1:00] Gestart vanuit: c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Mijn documenten\Downloads\ComboFix.exe AV: BullGuard Antivirus *Enabled/Updated* {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913} FW: BullGuard Firewall *Enabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrator.UW-4B58D8528225\WINDOWS c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\Default User\WINDOWS c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4 c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\0a4f35b626016d8cd6d5731fa5e2aad7 c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\0b64ffa009d9e3d1236fb2b575bd953d c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\0d53f0a9a42a5167b78657f1fc9488f1 c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\1df1df47b49e8b3090bc211048795c5a c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\27c746d432b7a753a0af8d7c033b46fe c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2b4ad282984708f7b89800e17a257476 c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2cc60d08b36af576b11419505050cc6e c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2f51f062108c7f20a67770bbdf546004 c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\31dca3ca44f44956ffde9959067d1093 c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\521788680d3595d05d274f3713057765 c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\593abe4ad021a7ca3002ccb2dca1969d c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\757a20d7a75ae93435ac64a6095eab39 c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\7afabe4e3af1a66103f629a38d90558a c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9d810aab3f7bcbacb07c241f8d726714 c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9fc2051aee76f9ef060973477300788d c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\c48c9e27c16419ab995d48b077a802ff c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\d1a2c0b23b2d4e91acf26940533c64f0 c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\dcd16c0f4842bc19d648b261e3cf263d c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\1e6d0a92883b25f29523edfaccfcde3b c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\WINDOWS c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\WINDOWS c:\documents and settings\HP_Eigenaar\WINDOWS c:\program files\BitDownload c:\program files\BitDownload\BitDownload Setup Components c:\program files\BOTS_6-13-2008.exe c:\program files\WinPCap c:\program files\WinPCap\daemon_mgm.exe c:\program files\WinPCap\INSTALL.LOG c:\program files\WinPCap\npf_mgm.exe c:\program files\WinPCap\rpcapd.exe c:\program files\WinPCap\Uninstall.exe c:\windows\bwUnin-6.1.4.68-8876480L.exe c:\windows\bwUnin-7.2.0.157-8876480SL.exe c:\windows\bwUnin-8.1.1.50-8876480SL.exe c:\windows\Downloaded Program Files\f3initialsetup1.0.0.15.inf c:\windows\IsUn0413.exe c:\windows\system32\_000003_.tmp.dll c:\windows\system32\_000005_.tmp.dll c:\windows\system32\_000006_.tmp.dll c:\windows\system32\_000007_.tmp.dll c:\windows\system32\_000008_.tmp.dll c:\windows\system32\_000009_.tmp.dll c:\windows\system32\_000015_.tmp.dll c:\windows\system32\_000019_.tmp.dll c:\windows\system32\config\systemprofile\WINDOWS c:\windows\system32\ps2.bat c:\windows\unin0407.exe c:\windows\unin0413.exe D:\Autorun.inf . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-06 to 2011-11-06 )))))))))))))))))))))))))))))) . . 2011-11-06 09:46 . 2011-11-06 09:46 -------- d-----w- c:\windows\LastGood 2011-11-05 12:30 . 2011-11-06 09:55 -------- d--h--r- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Onlangs geopend 2011-11-05 11:51 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll 2011-11-05 11:50 . 2010-08-23 16:13 617472 ------w- c:\windows\system32\dllcache\comctl32.dll 2011-11-05 11:47 . 2011-06-24 14:10 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys 2011-11-05 11:47 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys 2011-11-05 11:46 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys 2011-11-05 11:42 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys 2011-11-05 11:41 . 2009-08-13 15:24 512000 ------w- c:\windows\system32\dllcache\jscript.dll 2011-11-05 11:40 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe 2011-11-05 11:39 . 2010-08-16 08:45 590848 ----a-w- c:\windows\system32\SET6.tmp 2011-11-04 13:38 . 2011-11-04 13:42 -------- d-----w- C:\2f196c9f89e9ce98cf70a0bf66233c47 2011-11-04 13:10 . 2011-11-04 13:15 -------- d-----w- C:\5a15bd1d3d01013c33d64b 2011-11-04 13:08 . 2008-10-15 16:37 337408 ------w- c:\windows\system32\dllcache\netapi32.dll 2011-11-04 13:08 . 2008-06-14 17:36 272640 ------w- c:\windows\system32\dllcache\bthport.sys 2011-11-04 13:05 . 2011-02-17 13:18 357888 ------w- c:\windows\system32\dllcache\srv.sys 2011-11-04 13:04 . 2011-07-15 13:29 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys 2011-11-04 13:04 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll 2011-11-04 13:03 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe 2011-11-04 13:02 . 2010-08-27 08:03 119808 ------w- c:\windows\system32\dllcache\t2embed.dll 2011-11-04 13:02 . 2009-10-15 16:38 81920 ------w- c:\windows\system32\dllcache\fontsub.dll 2011-11-04 13:02 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe 2011-11-04 13:02 . 2010-12-09 15:14 2197120 ------w- c:\windows\system32\dllcache\ntoskrnl.exe 2011-11-04 13:02 . 2009-03-06 14:23 285696 ------w- c:\windows\system32\dllcache\pdh.dll 2011-11-04 13:02 . 2009-02-09 11:27 111104 ------w- c:\windows\system32\dllcache\services.exe 2011-11-04 13:02 . 2009-02-09 10:56 401408 ------w- c:\windows\system32\dllcache\rpcss.dll 2011-11-04 13:02 . 2009-02-09 10:56 473600 ------w- c:\windows\system32\dllcache\fastprox.dll 2011-11-04 13:02 . 2009-02-09 10:56 684544 ------w- c:\windows\system32\dllcache\advapi32.dll 2011-11-04 13:02 . 2010-12-20 17:25 735232 ------w- c:\windows\system32\dllcache\lsasrv.dll 2011-11-04 13:02 . 2009-02-09 10:56 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll 2011-11-04 13:02 . 2010-12-09 15:15 739328 ------w- c:\windows\system32\dllcache\ntdll.dll 2011-11-04 13:01 . 2010-12-09 15:14 2153472 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe 2011-11-04 13:01 . 2010-12-09 15:14 2031616 ------w- c:\windows\system32\dllcache\ntkrpamp.exe 2011-11-04 13:00 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys 2011-11-04 12:49 . 2010-07-16 11:58 221184 ------w- c:\windows\system32\dllcache\wordpad.exe 2011-11-04 12:16 . 2008-04-14 21:09 88064 ------w- c:\windows\system32\dllcache\msxml6r.dll 2011-11-04 12:16 . 2009-07-31 09:05 1372672 ------w- c:\windows\system32\dllcache\msxml6.dll 2011-11-04 12:10 . 2008-04-14 21:32 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll 2011-11-04 12:07 . 2006-12-28 23:31 19569 ----a-w- c:\windows\005832_.tmp 2011-11-04 11:56 . 2011-11-04 11:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Soluto 2011-11-04 08:49 . 2011-11-04 08:49 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Malwarebytes 2011-11-04 08:49 . 2011-11-04 08:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-11-04 08:48 . 2011-11-04 08:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-11-04 08:48 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-03 23:35 . 2011-11-03 23:35 388096 ----a-r- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-02 16:36 . 2011-11-02 16:37 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Facebook 2011-11-02 09:52 . 2011-11-02 09:53 -------- d-----w- c:\program files\CCleaner . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-19 11:21 . 2011-05-16 14:38 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-26 10:41 . 2011-09-26 10:41 614912 ------w- c:\windows\system32\uiautomationcore.dll 2011-09-26 10:41 . 2011-09-26 10:41 23040 ----a-w- c:\windows\system32\SET1B6.tmp 2011-09-26 10:41 . 2011-09-26 10:41 220160 ----a-w- c:\windows\system32\SET1B5.tmp 2011-09-09 09:12 . 2011-09-09 09:12 602624 ----a-w- c:\windows\system32\SET165.tmp 2011-09-06 14:09 . 2006-05-19 19:56 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-09-05 13:56 . 2011-09-05 13:56 1510400 ----a-w- c:\windows\system32\SETE1.tmp 2011-09-05 13:56 . 2011-09-05 13:56 1025024 ----a-w- c:\windows\system32\SETE2.tmp 2011-09-05 13:55 . 2006-05-19 19:55 371712 ------w- c:\windows\system32\html.iec 2011-08-22 19:18 . 2011-04-19 13:43 155992 ----a-w- c:\windows\system32\BGLsp.dll 2011-08-17 13:49 . 2006-05-19 19:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys 2011-10-05 14:50 . 2011-09-04 09:33 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2005-09-08 07:50 1172472 --sha-r- c:\windows\Cursors\arrow_xm.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl"="c:\program files\ASUS\ASUS Remote\RemoteControlAppl.exe" [2005-06-10 61440] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184] . c:\documents and settings\Administrator.UW-4B58D8528225\Menu Start\Programma's\Opstarten\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-1-4 27136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\BgGamingMonitor.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^BTTray.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\BTTray.lnk backup=c:\windows\pss\BTTray.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk] backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech Desktop Messenger.lnk . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] 2010-03-06 02:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2011-11-04 10:51 136176 ----atw- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp] 2005-09-21 17:41 1605740 ----a-w- c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD08] 2005-06-02 06:35 49152 ----a-w- c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon] 2007-08-22 14:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] 2011-09-28 21:05 20480 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate] 2004-10-08 10:06 196608 ----a-w- c:\program files\Logitech\Video\ManifestEngine.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] 2004-10-08 10:31 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] 2004-10-08 10:24 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2006-01-04 21:47 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\BitTorrent\\BitTorrent.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"= "c:\\Documents and Settings\\HP_Eigenaar.UW-4B58D8528225.000\\Mijn documenten\\Downloads\\solutoinstaller.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1682:TCP"= 1682:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [15/06/2011 11:32 64608] R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [15/06/2011 11:32 789448] R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [15/06/2011 11:32 19272] R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [19/05/2006 20:56 14336] R2 BsBhvScan;BullGuard behavioural detection service;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [30/06/2011 15:30 338264] R2 BsBrowser;BullGuard antiphishing service;c:\windows\System32\SvcHost.exe -k BullGuard_LowPriv [19/05/2006 20:56 14336] R2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe -k BullGuard [19/05/2006 20:56 14336] R2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe -k BullGuard [19/05/2006 20:56 14336] R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe -k BullGuard [19/05/2006 20:56 14336] R2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe -k BullGuard_Main [19/05/2006 20:56 14336] R2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [18/05/2011 10:34 320344] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [4/01/2006 22:35 2808704] R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [15/06/2011 11:32 34280] R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [15/06/2011 11:32 267624] R3 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [29/06/2011 12:08 288600] R3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [4/01/2006 22:35 468768] S3 BgRaSvc;BgRaSvc;c:\program files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe [18/05/2011 10:34 125784] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] S3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;c:\windows\system32\drivers\wn5401.sys [4/01/2006 22:35 449920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc Akamai REG_MULTI_SZ Akamai BullGuard_Main REG_MULTI_SZ BsMain BullGuard REG_MULTI_SZ BsFileScan BsMailProxy BsFire BullGuard_LowPriv REG_MULTI_SZ BsBrowser . Inhoud van de 'Gedeelde Taken' map . 2011-10-27 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . 2011-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-10 10:36] . 2011-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-10 10:36] . 2011-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1926163156-312049928-3774402212-1008Core.job - c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-04 10:51] . 2011-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1926163156-312049928-3774402212-1008UA.job - c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-04 10:51] . 2011-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2868996466-2378887863-459018987-1008Core.job - c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-02 16:42] . 2011-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2868996466-2378887863-459018987-1008UA.job - c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-02 16:42] . 2011-11-06 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2868996466-2378887863-459018987-1008.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02] . 2011-10-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2868996466-2378887863-459018987-1008.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02] . 2011-11-06 c:\windows\Tasks\User_Feed_Synchronization-{86691127-2526-48A2-BC21-770488CEED6B}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZNfox000&ptb=R7dVuLFG3v1b_bGPV9OUWQ uInternet Settings,ProxyOverride = localhost IE: E&xporteren naar Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000 IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Verzenden naar Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm LSP: c:\windows\system32\BGLsp.dll TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Mozilla\Firefox\Profiles\965ks0js.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/firefox . - - - - ORPHANS VERWIJDERD - - - - . MSConfigStartUp-AdobeCS5ServiceManager - c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe MSConfigStartUp-SwitchBoard - c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-11-06 11:59 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1092) c:\windows\system32\BgGamingMonitor.dll . - - - - - - - > 'lsass.exe'(1160) c:\windows\system32\BgGamingMonitor.dll c:\windows\system32\BGLsp.dll . Voltooingstijd: 2011-11-06 12:03:04 ComboFix-quarantined-files.txt 2011-11-06 11:03 . Pre-Run: 129.073.602.560 bytes beschikbaar Post-Run: 129.466.494.976 bytes beschikbaar . - - End Of File - - D6F6C14355B6173C2F2E770C29DE8A8B
  18. service pack 3 is geinstalleerd, soluto wou ik proberen maar dat wou niet installeren. De opstartsnelheid is nog steeds even traag
  19. na 10% installing komt er plots aborting, het wil niet installeren
  20. zoals gevraagd nog een Hijack log en de malware log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:26:23, on 4/11/2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\SvcHost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe C:\WINDOWS\System32\SvcHost.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyWebSearch Home Page R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: BullGuard Safe Browsing - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: BgGamingMonitor.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) -- End of file - 10019 bytes en de malware Malwarebytes' Anti-Malware 1.51.2.1300 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 8081 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 4/11/2011 11:20:08 mbam-log-2011-11-04 (11-20-08).txt Scantype: Snelle scan Objecten gescand: 235772 Verstreken tijd: 45 minuut/minuten, 9 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 2 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 13 Bestanden geïnfecteerd: 33 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: c:\documents and settings\hp_eigenaar\application data\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\documents and settings\hp_eigenaar\application data\funwebproducts\Data (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\documents and settings\hp_eigenaar\application data\funwebproducts\Data\hp_eigenaar (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\fbrowseradvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully. c:\program files\fbrowsingadvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully. c:\program files\flv direct player (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\Skin (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\Skin\directflv (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully. c:\program files\smartenhancer (Trojan.BHO) -> Quarantined and deleted successfully. c:\documents and settings\all users\menu start\programma's\flv direct player (Adware.FLVPlayer) -> Quarantined and deleted successfully. c:\documents and settings\hp_eigenaar\menu start\programma's\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully. c:\documents and settings\all users\menu start\programma's\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: c:\documents and settings\hp_eigenaar.uw-4b58d8528225\mijn documenten\downloads\Keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully. c:\documents and settings\hp_eigenaar.uw-4b58d8528225\mijn documenten\downloads\installer_µtorrent_1_8_5_nederlands_dutch.exe (PUP.SmsPay.pns) -> Not selected for removal. c:\program files\smartenhancer\pcre3.dll (Trojan.BHO) -> Quarantined and deleted successfully. c:\documents and settings\hp_eigenaar.uw-4b58d8528225\local settings\Temp\xxxyyyzzz.dat (Malware.Trace) -> Quarantined and deleted successfully. c:\documents and settings\hp_eigenaar.uw-4b58d8528225\local settings\Temp\teste.vbs (Trojan.VBS) -> Quarantined and deleted successfully. c:\program files\fbrowsingadvisor\ixpcomevents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully. c:\program files\fbrowsingadvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully. c:\program files\fbrowsingadvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully. c:\program files\fbrowsingadvisor\main.db-journal (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully. c:\program files\fbrowsingadvisor\Thumbs.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully. c:\program files\fbrowsingadvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully. c:\program files\fbrowsingadvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully. c:\program files\flv direct player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\flvplayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\player.swf (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\uninstall.exe (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\Skin\directflv\Button.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\Skin\directflv\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\Skin\directflv\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\Skin\directflv\sysclosebutton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\Skin\directflv\sysmaxbutton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\Skin\directflv\sysminbutton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\Skin\directflv\Window.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\PlayMP3z\uninstall.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully. c:\program files\smartenhancer\smartenhancer.dat (Trojan.BHO) -> Quarantined and deleted successfully. c:\program files\smartenhancer\uninstall.exe (Trojan.BHO) -> Quarantined and deleted successfully. c:\documents and settings\all users\menu start\programma's\flv direct player\flv direct player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully. c:\documents and settings\all users\menu start\programma's\flv direct player\uninstall flv direct player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully. c:\documents and settings\hp_eigenaar\menu start\programma's\PlayMP3z\run playmp3z.lnk (Adware.PLayMP3z) -> Quarantined and deleted successfully. c:\documents and settings\all users\menu start\programma's\relevantknowledge\about relevantknowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully. c:\documents and settings\all users\menu start\programma's\relevantknowledge\privacy policy and user license agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully. c:\documents and settings\all users\menu start\programma's\relevantknowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
  21. Hallo, mijn pc start zeer traag op en ik wil hier vanaf hopelijk kunnen jullie mij helpen heb ook een Hijack log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 0:36:20, on 4/11/2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\SvcHost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe C:\WINDOWS\System32\SvcHost.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyWebSearch Home Page R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: BullGuard Safe Browsing - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll (file missing) O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll (file missing) O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: BgGamingMonitor.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) -- End of file - 10519 bytes
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.