cobfreak
-
Items
24 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door cobfreak
-
-
Er is geen hardeschijf in de drive list. betekent dit dat de harde schijf kapot is of niet deftig aangesoten?
-
Gaat dit ook met een USB? anders moet ik eerst nog cd'tjes gaan kopen.
-
heb een hp laptop pavillion g7 -1180eb met windows 7.
Ondertussen heeft de laptop het helemaal begeven. Laptop wil niet meer opstarten.
De laptop geeft volgende melding op het scherm: kan windows niet starten. Dit wordt mogelijk veroorzaakt door een recente hardware/softwarewijziging. En dan stel de pc voor om te herstellen met windows installatieschijf, maar heb deze niet.
Status: 0xc000000f -
Ik gebruik de laptop al zonder batterij, want deze heeft het een tijdje geleden al begeven.
-
Hallo,
Het opstarten van mijn pc duurt zeker een 15-30 minuten. Na deze periode zie ik eindelijk het bureaublad.
Als ik dan verder andere programma's wil opstarten of surfen duurt dit weer super lang.
Kunnen jullie hiermee helpen?
Ik heb een HP pavilion g series, windows 7.
Alvast bedankt
Lars
-
beste,
Mijn website doet een aantal foute dingen op de iphone. De eerste fout is dat de tekst groter wordt dan het zou moeten zijn bij 1 stukje van een pagina, zie afbeelding fout1.
De tweede fout is dat de background niet de volledige achtergrond vult zoals bij de computer en dat alleen de content scrolbaar is. zie afbeelding fout 2.
De code kan je vinden op www.bloodrocuted.com
-
hartelijk bedankt voor de snelle hulp!
-
helemaal nergens meer
hartelijk bedankt!
-
-
in bijlage mijn zoek-results bestandje
-
hallo,
Sinds daarstraks opent mijn google chrome met mystartsearch. Tussen mijn software staat er ook niks van mystartsearch. Ook als ik de instellingen van chrome terug naar google zet blijft dit niet. Kunnen jullie mij helpen?
mvg
- - - Updated - - -
Mijn RSIT logje
[ATTACH]37393[/ATTACH]
-
hallo,
mijn windwos live messenger crasht als ik mij aanmeld
en dan komt er dit:
AppName: msnmsgr.exe AppVer: 14.0.8117.416 AppStamp:4bc935af
ModName: mshtml.dll ModVer: 8.0.6001.18928 ModStamp:4be29bcb
fDebug: 0 Offset: 00209cb4
zouden jullie mij kunnen helpen?
-
valt dit op te lossen het probleem met mijn achtergrond in begin
-
ok doe ik nu direct. Is er nog iets dat ik kan doen? mijn pc blijft bij het opstarten een minuut of 2 gewoon staan op mijn achtergrond zonder pictogrammen en al de rest. en hij werkt dan ook niet, je hoort dat hij niet aan het opstarten is
-
hier mijn afbeelding van ccleaner
-
bedankt voor al je reacties trouwens kweezie ^^
Soluto wil niet installeren als die op 10% zit dan komt er plots aborting.
ik doe direct speccy
btw bij het opstarten is er 1 minuut alleen achtergrond en geen pictogrammen of balk. daarachter komen die plots te verschijn en laad die alles
---------- Post toegevoegd om 16:24 ---------- Vorige post was om 16:19 ----------
http://speccy.piriform.com/results/6WBaxK8vY2Mp5qgPZ3hTwzq
mijn speccy log
-
het is al wat beter maar het kan toch nog iets sneller volgens mij
-
ComboFix 11-11-07.03 - HP_Eigenaar 07/11/2011 16:47:54.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.958.471 [GMT 1:00]
Gestart vanuit: c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Mijn documenten\Downloads\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Mijn documenten\Downloads\CFScript.txt
AV: BullGuard Antivirus *Disabled/Outdated* {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}
FW: BullGuard Firewall *Enabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1}
.
FILE ::
"c:\windows\005832_.tmp"
"c:\windows\system32\SET165.tmp"
"c:\windows\system32\SET1B5.tmp"
"c:\windows\system32\SET1B6.tmp"
"c:\windows\system32\SET6.tmp"
"c:\windows\system32\SETE1.tmp"
"c:\windows\system32\SETE2.tmp"
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\2f196c9f89e9ce98cf70a0bf66233c47
c:\2f196c9f89e9ce98cf70a0bf66233c47\baseline.dat
c:\2f196c9f89e9ce98cf70a0bf66233c47\deffactory.dat
c:\2f196c9f89e9ce98cf70a0bf66233c47\DeleteTemp.exe
c:\2f196c9f89e9ce98cf70a0bf66233c47\dlmgr.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\DW20.EXE
c:\2f196c9f89e9ce98cf70a0bf66233c47\DWINTL20.DLL
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1025.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1028.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1029.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1030.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1031.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1032.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1033.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1035.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1036.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1037.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1038.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1040.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1041.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1042.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1043.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1044.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1045.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1046.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1049.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1053.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.1055.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.2052.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.2070.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\eula.3082.rtf
c:\2f196c9f89e9ce98cf70a0bf66233c47\gencomp.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\HtmlLite.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1025.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1028.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1029.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1030.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1031.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1032.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1035.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1036.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1037.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1038.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1040.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1041.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1042.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1043.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1044.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1045.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1046.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1049.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1053.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.1055.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.2052.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.2070.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.3082.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\locdata.ini
c:\2f196c9f89e9ce98cf70a0bf66233c47\logo.bmp
c:\2f196c9f89e9ce98cf70a0bf66233c47\setup.exe
c:\2f196c9f89e9ce98cf70a0bf66233c47\setup.sdb
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1025.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1028.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1029.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1030.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1031.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1032.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1035.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1036.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1037.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1038.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1040.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1041.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1042.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1043.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1044.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1045.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1046.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1049.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1053.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.1055.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.2052.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.2070.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.3082.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\setupres.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\SITSetup.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\vs_setup.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\vs_setup.MS_
c:\2f196c9f89e9ce98cf70a0bf66233c47\vs_setup.pdi
c:\2f196c9f89e9ce98cf70a0bf66233c47\vs70uimgr.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\vsbasereqs.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\vsscenario.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1025.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1028.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1029.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1030.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1031.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1032.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1035.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1036.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1037.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1038.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1040.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1041.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1042.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1043.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1044.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1045.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1046.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1049.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1053.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.1055.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.2052.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.2070.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.3082.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapRes.dll
c:\2f196c9f89e9ce98cf70a0bf66233c47\WapUI.dll
C:\5a15bd1d3d01013c33d64b
c:\5a15bd1d3d01013c33d64b\baseline.dat
c:\5a15bd1d3d01013c33d64b\deffactory.dat
c:\5a15bd1d3d01013c33d64b\DeleteTemp.exe
c:\5a15bd1d3d01013c33d64b\dlmgr.dll
c:\5a15bd1d3d01013c33d64b\DW20.EXE
c:\5a15bd1d3d01013c33d64b\DWINTL20.DLL
c:\5a15bd1d3d01013c33d64b\eula.1025.rtf
c:\5a15bd1d3d01013c33d64b\eula.1028.rtf
c:\5a15bd1d3d01013c33d64b\eula.1029.rtf
c:\5a15bd1d3d01013c33d64b\eula.1030.rtf
c:\5a15bd1d3d01013c33d64b\eula.1031.rtf
c:\5a15bd1d3d01013c33d64b\eula.1032.rtf
c:\5a15bd1d3d01013c33d64b\eula.1033.rtf
c:\5a15bd1d3d01013c33d64b\eula.1035.rtf
c:\5a15bd1d3d01013c33d64b\eula.1036.rtf
c:\5a15bd1d3d01013c33d64b\eula.1037.rtf
c:\5a15bd1d3d01013c33d64b\eula.1038.rtf
c:\5a15bd1d3d01013c33d64b\eula.1040.rtf
c:\5a15bd1d3d01013c33d64b\eula.1041.rtf
c:\5a15bd1d3d01013c33d64b\eula.1042.rtf
c:\5a15bd1d3d01013c33d64b\eula.1043.rtf
c:\5a15bd1d3d01013c33d64b\eula.1044.rtf
c:\5a15bd1d3d01013c33d64b\eula.1045.rtf
c:\5a15bd1d3d01013c33d64b\eula.1046.rtf
c:\5a15bd1d3d01013c33d64b\eula.1049.rtf
c:\5a15bd1d3d01013c33d64b\eula.1053.rtf
c:\5a15bd1d3d01013c33d64b\eula.1055.rtf
c:\5a15bd1d3d01013c33d64b\eula.2052.rtf
c:\5a15bd1d3d01013c33d64b\eula.2070.rtf
c:\5a15bd1d3d01013c33d64b\eula.3082.rtf
c:\5a15bd1d3d01013c33d64b\gencomp.dll
c:\5a15bd1d3d01013c33d64b\HtmlLite.dll
c:\5a15bd1d3d01013c33d64b\locdata.1025.ini
c:\5a15bd1d3d01013c33d64b\locdata.1028.ini
c:\5a15bd1d3d01013c33d64b\locdata.1029.ini
c:\5a15bd1d3d01013c33d64b\locdata.1030.ini
c:\5a15bd1d3d01013c33d64b\locdata.1031.ini
c:\5a15bd1d3d01013c33d64b\locdata.1032.ini
c:\5a15bd1d3d01013c33d64b\locdata.1035.ini
c:\5a15bd1d3d01013c33d64b\locdata.1036.ini
c:\5a15bd1d3d01013c33d64b\locdata.1037.ini
c:\5a15bd1d3d01013c33d64b\locdata.1038.ini
c:\5a15bd1d3d01013c33d64b\locdata.1040.ini
c:\5a15bd1d3d01013c33d64b\locdata.1041.ini
c:\5a15bd1d3d01013c33d64b\locdata.1042.ini
c:\5a15bd1d3d01013c33d64b\locdata.1043.ini
c:\5a15bd1d3d01013c33d64b\locdata.1044.ini
c:\5a15bd1d3d01013c33d64b\locdata.1045.ini
c:\5a15bd1d3d01013c33d64b\locdata.1046.ini
c:\5a15bd1d3d01013c33d64b\locdata.1049.ini
c:\5a15bd1d3d01013c33d64b\locdata.1053.ini
c:\5a15bd1d3d01013c33d64b\locdata.1055.ini
c:\5a15bd1d3d01013c33d64b\locdata.2052.ini
c:\5a15bd1d3d01013c33d64b\locdata.2070.ini
c:\5a15bd1d3d01013c33d64b\locdata.3082.ini
c:\5a15bd1d3d01013c33d64b\locdata.ini
c:\5a15bd1d3d01013c33d64b\logo.bmp
c:\5a15bd1d3d01013c33d64b\setup.exe
c:\5a15bd1d3d01013c33d64b\setup.sdb
c:\5a15bd1d3d01013c33d64b\setupres.1025.dll
c:\5a15bd1d3d01013c33d64b\setupres.1028.dll
c:\5a15bd1d3d01013c33d64b\setupres.1029.dll
c:\5a15bd1d3d01013c33d64b\setupres.1030.dll
c:\5a15bd1d3d01013c33d64b\setupres.1031.dll
c:\5a15bd1d3d01013c33d64b\setupres.1032.dll
c:\5a15bd1d3d01013c33d64b\setupres.1035.dll
c:\5a15bd1d3d01013c33d64b\setupres.1036.dll
c:\5a15bd1d3d01013c33d64b\setupres.1037.dll
c:\5a15bd1d3d01013c33d64b\setupres.1038.dll
c:\5a15bd1d3d01013c33d64b\setupres.1040.dll
c:\5a15bd1d3d01013c33d64b\setupres.1041.dll
c:\5a15bd1d3d01013c33d64b\setupres.1042.dll
c:\5a15bd1d3d01013c33d64b\setupres.1043.dll
c:\5a15bd1d3d01013c33d64b\setupres.1044.dll
c:\5a15bd1d3d01013c33d64b\setupres.1045.dll
c:\5a15bd1d3d01013c33d64b\setupres.1046.dll
c:\5a15bd1d3d01013c33d64b\setupres.1049.dll
c:\5a15bd1d3d01013c33d64b\setupres.1053.dll
c:\5a15bd1d3d01013c33d64b\setupres.1055.dll
c:\5a15bd1d3d01013c33d64b\setupres.2052.dll
c:\5a15bd1d3d01013c33d64b\setupres.2070.dll
c:\5a15bd1d3d01013c33d64b\setupres.3082.dll
c:\5a15bd1d3d01013c33d64b\setupres.dll
c:\5a15bd1d3d01013c33d64b\SITSetup.dll
c:\5a15bd1d3d01013c33d64b\vs_setup.dll
c:\5a15bd1d3d01013c33d64b\vs_setup.MS_
c:\5a15bd1d3d01013c33d64b\vs_setup.pdi
c:\5a15bd1d3d01013c33d64b\vs70uimgr.dll
c:\5a15bd1d3d01013c33d64b\vsbasereqs.dll
c:\5a15bd1d3d01013c33d64b\vsscenario.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1025.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1028.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1029.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1030.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1031.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1032.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1035.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1036.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1037.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1038.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1040.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1041.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1042.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1043.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1044.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1045.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1046.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1049.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1053.dll
c:\5a15bd1d3d01013c33d64b\WapRes.1055.dll
c:\5a15bd1d3d01013c33d64b\WapRes.2052.dll
c:\5a15bd1d3d01013c33d64b\WapRes.2070.dll
c:\5a15bd1d3d01013c33d64b\WapRes.3082.dll
c:\5a15bd1d3d01013c33d64b\WapRes.dll
c:\5a15bd1d3d01013c33d64b\WapUI.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-10-07 to 2011-11-07 ))))))))))))))))))))))))))))))
.
.
2011-11-05 12:30 . 2011-11-07 15:36 -------- d--h--r- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Onlangs geopend
2011-11-05 11:51 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2011-11-05 11:50 . 2010-08-23 16:13 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2011-11-05 11:47 . 2011-06-24 14:10 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys
2011-11-05 11:47 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2011-11-05 11:46 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys
2011-11-05 11:42 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2011-11-05 11:41 . 2009-08-13 15:24 512000 ------w- c:\windows\system32\dllcache\jscript.dll
2011-11-05 11:40 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe
2011-11-04 13:08 . 2008-10-15 16:37 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2011-11-04 13:08 . 2008-06-14 17:36 272640 ------w- c:\windows\system32\dllcache\bthport.sys
2011-11-04 13:05 . 2011-02-17 13:18 357888 ------w- c:\windows\system32\dllcache\srv.sys
2011-11-04 13:04 . 2011-07-15 13:29 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2011-11-04 13:04 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2011-11-04 13:03 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2011-11-04 13:02 . 2010-08-27 08:03 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2011-11-04 13:02 . 2009-10-15 16:38 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2011-11-04 13:02 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2011-11-04 13:02 . 2010-12-09 15:14 2197120 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-11-04 13:02 . 2009-03-06 14:23 285696 ------w- c:\windows\system32\dllcache\pdh.dll
2011-11-04 13:02 . 2009-02-09 11:27 111104 ------w- c:\windows\system32\dllcache\services.exe
2011-11-04 13:02 . 2009-02-09 10:56 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2011-11-04 13:02 . 2009-02-09 10:56 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2011-11-04 13:02 . 2009-02-09 10:56 684544 ------w- c:\windows\system32\dllcache\advapi32.dll
2011-11-04 13:02 . 2010-12-20 17:25 735232 ------w- c:\windows\system32\dllcache\lsasrv.dll
2011-11-04 13:02 . 2009-02-09 10:56 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-11-04 13:02 . 2010-12-09 15:15 739328 ------w- c:\windows\system32\dllcache\ntdll.dll
2011-11-04 13:01 . 2010-12-09 15:14 2153472 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-11-04 13:01 . 2010-12-09 15:14 2031616 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-11-04 13:00 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2011-11-04 12:49 . 2010-07-16 11:58 221184 ------w- c:\windows\system32\dllcache\wordpad.exe
2011-11-04 12:16 . 2008-04-14 21:09 88064 ------w- c:\windows\system32\dllcache\msxml6r.dll
2011-11-04 12:16 . 2009-07-31 09:05 1372672 ------w- c:\windows\system32\dllcache\msxml6.dll
2011-11-04 12:10 . 2008-04-14 21:32 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll
2011-11-04 12:07 . 2006-12-28 23:31 19569 ----a-w- c:\windows\005832_.tmp
2011-11-04 11:56 . 2011-11-04 11:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Soluto
2011-11-04 08:49 . 2011-11-04 08:49 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Malwarebytes
2011-11-04 08:49 . 2011-11-04 08:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-11-04 08:48 . 2011-11-04 08:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-04 08:48 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-03 23:35 . 2011-11-03 23:35 388096 ----a-r- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-02 16:36 . 2011-11-02 16:37 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Facebook
2011-11-02 09:52 . 2011-11-02 09:53 -------- d-----w- c:\program files\CCleaner
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-19 11:21 . 2011-05-16 14:38 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 10:41 . 2011-09-26 10:41 614912 ------w- c:\windows\system32\uiautomationcore.dll
2011-09-26 10:41 . 2006-05-19 19:56 23040 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 10:41 . 2006-05-19 19:56 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2006-05-19 19:55 602624 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 14:09 . 2006-05-19 19:56 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-09-05 13:55 . 2006-05-19 19:55 371712 ------w- c:\windows\system32\html.iec
2011-08-22 19:18 . 2011-04-19 13:43 155992 ----a-w- c:\windows\system32\BGLsp.dll
2011-08-17 13:49 . 2006-05-19 19:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-10-05 14:50 . 2011-09-04 09:33 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2005-09-08 07:50 1172472 --sha-r- c:\windows\Cursors\arrow_xm.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-06_11.00.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-07 15:09 . 2011-11-07 15:09 16384 c:\windows\Temp\Perflib_Perfdata_7fc.dat
+ 2011-11-07 15:09 . 2011-11-07 15:09 16384 c:\windows\Temp\Perflib_Perfdata_52c.dat
+ 2006-05-19 19:56 . 2009-06-25 08:27 54272 c:\windows\system32\wdigest.dll
+ 2006-05-19 19:56 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
- 2006-05-19 19:56 . 2009-02-03 19:59 56832 c:\windows\system32\secur32.dll
+ 2006-05-19 19:56 . 2009-06-25 08:27 56832 c:\windows\system32\secur32.dll
- 2006-05-19 19:55 . 2008-04-14 21:32 45568 c:\windows\system32\dnsrslvr.dll
+ 2006-05-19 19:55 . 2009-04-20 17:22 45568 c:\windows\system32\dnsrslvr.dll
+ 2006-05-19 19:56 . 2011-09-26 10:41 23040 c:\windows\system32\dllcache\oleaccrc.dll
+ 2008-05-05 06:25 . 2011-02-17 12:54 5632 c:\windows\system32\xpsp4res.dll
+ 2006-05-19 19:56 . 2011-06-20 17:44 293888 c:\windows\system32\winsrv.dll
- 2006-05-19 19:56 . 2008-04-14 21:32 293888 c:\windows\system32\winsrv.dll
+ 2006-05-19 19:56 . 2010-04-16 15:38 406016 c:\windows\system32\usp10.dll
- 2006-05-19 19:56 . 2008-04-14 21:32 406016 c:\windows\system32\usp10.dll
+ 2006-05-19 19:56 . 2010-08-27 08:03 119808 c:\windows\system32\t2embed.dll
- 2006-05-19 19:56 . 2009-10-15 16:38 119808 c:\windows\system32\t2embed.dll
- 2006-05-19 19:56 . 2008-04-14 21:32 135680 c:\windows\system32\shsvcs.dll
+ 2006-05-19 19:56 . 2009-07-27 23:19 135680 c:\windows\system32\shsvcs.dll
+ 2006-05-19 19:56 . 2011-04-29 17:25 151552 c:\windows\system32\schannel.dll
+ 2006-05-19 19:56 . 2010-08-16 08:45 590848 c:\windows\system32\rpcrt4.dll
- 2006-05-19 19:56 . 2008-04-14 21:32 249856 c:\windows\system32\odbc32.dll
+ 2006-05-19 19:56 . 2010-11-09 14:52 249856 c:\windows\system32\odbc32.dll
- 2006-05-19 19:56 . 2008-06-20 17:49 247296 c:\windows\system32\mswsock.dll
+ 2006-05-19 19:56 . 2008-06-20 16:04 247296 c:\windows\system32\mswsock.dll
+ 2006-05-19 19:56 . 2011-02-08 13:33 978944 c:\windows\system32\mfc42.dll
+ 2006-05-19 19:55 . 2010-12-22 12:34 301568 c:\windows\system32\kerberos.dll
+ 2006-05-19 19:55 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
+ 2006-05-19 19:56 . 2011-09-26 10:41 220160 c:\windows\system32\dllcache\oleacc.dll
+ 2006-05-19 19:55 . 2011-02-15 12:56 290432 c:\windows\system32\atmfd.dll
+ 2008-07-29 16:37 . 2008-07-29 16:37 911360 c:\windows\Installer\dd9734.msp
+ 2008-07-29 16:33 . 2008-07-29 16:33 506368 c:\windows\Installer\dd9733.msp
+ 2008-07-29 16:35 . 2008-07-29 16:35 553472 c:\windows\Installer\dd9731.msp
+ 2006-05-19 19:56 . 2011-01-21 14:44 8509440 c:\windows\system32\shell32.dll
+ 2004-08-04 11:00 . 2011-09-05 13:56 1510400 c:\windows\system32\shdocvw.dll
+ 2004-08-04 11:00 . 2010-07-16 12:01 1287680 c:\windows\system32\ole32.dll
- 2006-05-19 19:56 . 2009-07-31 04:35 1172480 c:\windows\system32\msxml3.dll
+ 2006-05-19 19:56 . 2010-06-14 07:43 1172480 c:\windows\system32\msxml3.dll
+ 2004-12-03 17:12 . 2011-11-06 11:30 3591144 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-04 11:00 . 2011-09-05 13:56 1025024 c:\windows\system32\browseui.dll
- 2004-08-04 11:00 . 2010-04-16 16:09 1025024 c:\windows\system32\browseui.dll
+ 2008-07-29 16:31 . 2008-07-29 16:31 6083072 c:\windows\Installer\dd9735.msp
+ 2008-07-29 16:43 . 2008-07-29 16:43 1013248 c:\windows\Installer\dd9732.msp
+ 2008-07-29 16:39 . 2008-07-29 16:39 3403264 c:\windows\Installer\dd9730.msp
+ 2008-07-29 16:41 . 2008-07-29 16:41 6487040 c:\windows\Installer\dd972f.msp
+ 2008-07-29 16:29 . 2008-07-29 16:29 2926080 c:\windows\Installer\dd972e.msp
+ 2008-07-29 16:45 . 2008-07-29 16:45 2543616 c:\windows\Installer\dd972d.msp
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\ASUS\ASUS Remote\RemoteControlAppl.exe" [2005-06-10 61440]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184]
.
c:\documents and settings\Administrator.UW-4B58D8528225\Menu Start\Programma's\Opstarten\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-1-4 27136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\BgGamingMonitor.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^BTTray.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk]
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech Desktop Messenger.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 02:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-11-04 10:51 136176 ----atw- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp]
2005-09-21 17:41 1605740 ----a-w- c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD08]
2005-06-02 06:35 49152 ----a-w- c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2007-08-22 14:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2011-09-28 21:05 20480 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
2004-10-08 10:06 196608 ----a-w- c:\program files\Logitech\Video\ManifestEngine.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
2004-10-08 10:31 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2004-10-08 10:24 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2006-01-04 21:47 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Documents and Settings\\HP_Eigenaar.UW-4B58D8528225.000\\Mijn documenten\\Downloads\\solutoinstaller.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2538:TCP"= 2538:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [15/06/2011 11:32 64608]
R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [15/06/2011 11:32 789448]
R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [15/06/2011 11:32 19272]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [19/05/2006 20:56 14336]
R2 BsBhvScan;BullGuard behavioural detection service;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [30/06/2011 15:30 338264]
R2 BsBrowser;BullGuard antiphishing service;c:\windows\System32\SvcHost.exe -k BullGuard_LowPriv [19/05/2006 20:56 14336]
R2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe -k BullGuard [19/05/2006 20:56 14336]
R2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe -k BullGuard [19/05/2006 20:56 14336]
R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe -k BullGuard [19/05/2006 20:56 14336]
R2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe -k BullGuard_Main [19/05/2006 20:56 14336]
R2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [18/05/2011 10:34 320344]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [4/01/2006 22:35 2808704]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [15/06/2011 11:32 34280]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [15/06/2011 11:32 267624]
R3 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [29/06/2011 12:08 288600]
R3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [4/01/2006 22:35 468768]
S3 BgRaSvc;BgRaSvc;c:\program files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe [18/05/2011 10:34 125784]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;c:\windows\system32\drivers\wn5401.sys [4/01/2006 22:35 449920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
Akamai REG_MULTI_SZ Akamai
BullGuard_Main REG_MULTI_SZ BsMain
BullGuard REG_MULTI_SZ BsFileScan BsMailProxy BsFire
BullGuard_LowPriv REG_MULTI_SZ BsBrowser
.
Inhoud van de 'Gedeelde Taken' map
.
2011-10-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-10 10:36]
.
2011-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-10 10:36]
.
2011-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1926163156-312049928-3774402212-1008Core.job
- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-04 10:51]
.
2011-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1926163156-312049928-3774402212-1008UA.job
- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-04 10:51]
.
2011-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2868996466-2378887863-459018987-1008Core.job
- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-02 16:42]
.
2011-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2868996466-2378887863-459018987-1008UA.job
- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-02 16:42]
.
2011-11-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2868996466-2378887863-459018987-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-10-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2868996466-2378887863-459018987-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-11-07 c:\windows\Tasks\User_Feed_Synchronization-{86691127-2526-48A2-BC21-770488CEED6B}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Bijkomende Scan -------
.
uInternet Settings,ProxyOverride = localhost
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Verzenden naar Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\windows\system32\BGLsp.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Mozilla\Firefox\Profiles\965ks0js.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/firefox
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-11-07 17:01
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(1028)
c:\windows\system32\BgGamingMonitor.dll
.
- - - - - - - > 'lsass.exe'(1108)
c:\windows\system32\BgGamingMonitor.dll
c:\windows\system32\BGLsp.dll
.
Voltooingstijd: 2011-11-07 17:05:02
ComboFix-quarantined-files.txt 2011-11-07 16:05
ComboFix2.txt 2011-11-06 11:03
.
Pre-Run: 129.468.018.688 bytes beschikbaar
Post-Run: 129.428.815.872 bytes beschikbaar
.
- - End Of File - - 981BA3FA9284AC70C1F0E41C15932EE7
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:12:13, on 7/11/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\SvcHost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
C:\WINDOWS\System32\SvcHost.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BullGuard Safe Browsing - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\BgGamingMonitor.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 9692 bytes
-
ComboFix 11-11-06.01 - HP_Eigenaar 06/11/2011 11:45:46.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.958.114 [GMT 1:00]
Gestart vanuit: c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Mijn documenten\Downloads\ComboFix.exe
AV: BullGuard Antivirus *Enabled/Updated* {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}
FW: BullGuard Firewall *Enabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator.UW-4B58D8528225\WINDOWS
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\0a4f35b626016d8cd6d5731fa5e2aad7
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\0b64ffa009d9e3d1236fb2b575bd953d
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\0d53f0a9a42a5167b78657f1fc9488f1
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\1df1df47b49e8b3090bc211048795c5a
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\27c746d432b7a753a0af8d7c033b46fe
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2b4ad282984708f7b89800e17a257476
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2cc60d08b36af576b11419505050cc6e
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2f51f062108c7f20a67770bbdf546004
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\31dca3ca44f44956ffde9959067d1093
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\521788680d3595d05d274f3713057765
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\593abe4ad021a7ca3002ccb2dca1969d
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\757a20d7a75ae93435ac64a6095eab39
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\7afabe4e3af1a66103f629a38d90558a
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9d810aab3f7bcbacb07c241f8d726714
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9fc2051aee76f9ef060973477300788d
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\c48c9e27c16419ab995d48b077a802ff
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\d1a2c0b23b2d4e91acf26940533c64f0
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\dcd16c0f4842bc19d648b261e3cf263d
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\1e6d0a92883b25f29523edfaccfcde3b
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\WINDOWS
c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\WINDOWS
c:\documents and settings\HP_Eigenaar\WINDOWS
c:\program files\BitDownload
c:\program files\BitDownload\BitDownload Setup Components
c:\program files\BOTS_6-13-2008.exe
c:\program files\WinPCap
c:\program files\WinPCap\daemon_mgm.exe
c:\program files\WinPCap\INSTALL.LOG
c:\program files\WinPCap\npf_mgm.exe
c:\program files\WinPCap\rpcapd.exe
c:\program files\WinPCap\Uninstall.exe
c:\windows\bwUnin-6.1.4.68-8876480L.exe
c:\windows\bwUnin-7.2.0.157-8876480SL.exe
c:\windows\bwUnin-8.1.1.50-8876480SL.exe
c:\windows\Downloaded Program Files\f3initialsetup1.0.0.15.inf
c:\windows\IsUn0413.exe
c:\windows\system32\_000003_.tmp.dll
c:\windows\system32\_000005_.tmp.dll
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000015_.tmp.dll
c:\windows\system32\_000019_.tmp.dll
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\ps2.bat
c:\windows\unin0407.exe
c:\windows\unin0413.exe
D:\Autorun.inf
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-10-06 to 2011-11-06 ))))))))))))))))))))))))))))))
.
.
2011-11-06 09:46 . 2011-11-06 09:46 -------- d-----w- c:\windows\LastGood
2011-11-05 12:30 . 2011-11-06 09:55 -------- d--h--r- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Onlangs geopend
2011-11-05 11:51 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2011-11-05 11:50 . 2010-08-23 16:13 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2011-11-05 11:47 . 2011-06-24 14:10 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys
2011-11-05 11:47 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2011-11-05 11:46 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys
2011-11-05 11:42 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2011-11-05 11:41 . 2009-08-13 15:24 512000 ------w- c:\windows\system32\dllcache\jscript.dll
2011-11-05 11:40 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe
2011-11-05 11:39 . 2010-08-16 08:45 590848 ----a-w- c:\windows\system32\SET6.tmp
2011-11-04 13:38 . 2011-11-04 13:42 -------- d-----w- C:\2f196c9f89e9ce98cf70a0bf66233c47
2011-11-04 13:10 . 2011-11-04 13:15 -------- d-----w- C:\5a15bd1d3d01013c33d64b
2011-11-04 13:08 . 2008-10-15 16:37 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2011-11-04 13:08 . 2008-06-14 17:36 272640 ------w- c:\windows\system32\dllcache\bthport.sys
2011-11-04 13:05 . 2011-02-17 13:18 357888 ------w- c:\windows\system32\dllcache\srv.sys
2011-11-04 13:04 . 2011-07-15 13:29 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2011-11-04 13:04 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2011-11-04 13:03 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2011-11-04 13:02 . 2010-08-27 08:03 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2011-11-04 13:02 . 2009-10-15 16:38 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2011-11-04 13:02 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2011-11-04 13:02 . 2010-12-09 15:14 2197120 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-11-04 13:02 . 2009-03-06 14:23 285696 ------w- c:\windows\system32\dllcache\pdh.dll
2011-11-04 13:02 . 2009-02-09 11:27 111104 ------w- c:\windows\system32\dllcache\services.exe
2011-11-04 13:02 . 2009-02-09 10:56 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2011-11-04 13:02 . 2009-02-09 10:56 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2011-11-04 13:02 . 2009-02-09 10:56 684544 ------w- c:\windows\system32\dllcache\advapi32.dll
2011-11-04 13:02 . 2010-12-20 17:25 735232 ------w- c:\windows\system32\dllcache\lsasrv.dll
2011-11-04 13:02 . 2009-02-09 10:56 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-11-04 13:02 . 2010-12-09 15:15 739328 ------w- c:\windows\system32\dllcache\ntdll.dll
2011-11-04 13:01 . 2010-12-09 15:14 2153472 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-11-04 13:01 . 2010-12-09 15:14 2031616 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-11-04 13:00 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2011-11-04 12:49 . 2010-07-16 11:58 221184 ------w- c:\windows\system32\dllcache\wordpad.exe
2011-11-04 12:16 . 2008-04-14 21:09 88064 ------w- c:\windows\system32\dllcache\msxml6r.dll
2011-11-04 12:16 . 2009-07-31 09:05 1372672 ------w- c:\windows\system32\dllcache\msxml6.dll
2011-11-04 12:10 . 2008-04-14 21:32 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll
2011-11-04 12:07 . 2006-12-28 23:31 19569 ----a-w- c:\windows\005832_.tmp
2011-11-04 11:56 . 2011-11-04 11:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Soluto
2011-11-04 08:49 . 2011-11-04 08:49 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Malwarebytes
2011-11-04 08:49 . 2011-11-04 08:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-11-04 08:48 . 2011-11-04 08:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-04 08:48 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-03 23:35 . 2011-11-03 23:35 388096 ----a-r- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-02 16:36 . 2011-11-02 16:37 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Facebook
2011-11-02 09:52 . 2011-11-02 09:53 -------- d-----w- c:\program files\CCleaner
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-19 11:21 . 2011-05-16 14:38 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 10:41 . 2011-09-26 10:41 614912 ------w- c:\windows\system32\uiautomationcore.dll
2011-09-26 10:41 . 2011-09-26 10:41 23040 ----a-w- c:\windows\system32\SET1B6.tmp
2011-09-26 10:41 . 2011-09-26 10:41 220160 ----a-w- c:\windows\system32\SET1B5.tmp
2011-09-09 09:12 . 2011-09-09 09:12 602624 ----a-w- c:\windows\system32\SET165.tmp
2011-09-06 14:09 . 2006-05-19 19:56 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-09-05 13:56 . 2011-09-05 13:56 1510400 ----a-w- c:\windows\system32\SETE1.tmp
2011-09-05 13:56 . 2011-09-05 13:56 1025024 ----a-w- c:\windows\system32\SETE2.tmp
2011-09-05 13:55 . 2006-05-19 19:55 371712 ------w- c:\windows\system32\html.iec
2011-08-22 19:18 . 2011-04-19 13:43 155992 ----a-w- c:\windows\system32\BGLsp.dll
2011-08-17 13:49 . 2006-05-19 19:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-10-05 14:50 . 2011-09-04 09:33 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2005-09-08 07:50 1172472 --sha-r- c:\windows\Cursors\arrow_xm.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\ASUS\ASUS Remote\RemoteControlAppl.exe" [2005-06-10 61440]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184]
.
c:\documents and settings\Administrator.UW-4B58D8528225\Menu Start\Programma's\Opstarten\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-1-4 27136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\BgGamingMonitor.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^BTTray.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk]
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech Desktop Messenger.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 02:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-11-04 10:51 136176 ----atw- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp]
2005-09-21 17:41 1605740 ----a-w- c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD08]
2005-06-02 06:35 49152 ----a-w- c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2007-08-22 14:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2011-09-28 21:05 20480 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
2004-10-08 10:06 196608 ----a-w- c:\program files\Logitech\Video\ManifestEngine.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
2004-10-08 10:31 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2004-10-08 10:24 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2006-01-04 21:47 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Documents and Settings\\HP_Eigenaar.UW-4B58D8528225.000\\Mijn documenten\\Downloads\\solutoinstaller.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1682:TCP"= 1682:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [15/06/2011 11:32 64608]
R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [15/06/2011 11:32 789448]
R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [15/06/2011 11:32 19272]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [19/05/2006 20:56 14336]
R2 BsBhvScan;BullGuard behavioural detection service;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [30/06/2011 15:30 338264]
R2 BsBrowser;BullGuard antiphishing service;c:\windows\System32\SvcHost.exe -k BullGuard_LowPriv [19/05/2006 20:56 14336]
R2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe -k BullGuard [19/05/2006 20:56 14336]
R2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe -k BullGuard [19/05/2006 20:56 14336]
R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe -k BullGuard [19/05/2006 20:56 14336]
R2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe -k BullGuard_Main [19/05/2006 20:56 14336]
R2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [18/05/2011 10:34 320344]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [4/01/2006 22:35 2808704]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [15/06/2011 11:32 34280]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [15/06/2011 11:32 267624]
R3 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [29/06/2011 12:08 288600]
R3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [4/01/2006 22:35 468768]
S3 BgRaSvc;BgRaSvc;c:\program files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe [18/05/2011 10:34 125784]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;c:\windows\system32\drivers\wn5401.sys [4/01/2006 22:35 449920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
Akamai REG_MULTI_SZ Akamai
BullGuard_Main REG_MULTI_SZ BsMain
BullGuard REG_MULTI_SZ BsFileScan BsMailProxy BsFire
BullGuard_LowPriv REG_MULTI_SZ BsBrowser
.
Inhoud van de 'Gedeelde Taken' map
.
2011-10-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-10 10:36]
.
2011-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-10 10:36]
.
2011-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1926163156-312049928-3774402212-1008Core.job
- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-04 10:51]
.
2011-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1926163156-312049928-3774402212-1008UA.job
- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-04 10:51]
.
2011-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2868996466-2378887863-459018987-1008Core.job
- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-02 16:42]
.
2011-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2868996466-2378887863-459018987-1008UA.job
- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-02 16:42]
.
2011-11-06 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2868996466-2378887863-459018987-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-10-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2868996466-2378887863-459018987-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-11-06 c:\windows\Tasks\User_Feed_Synchronization-{86691127-2526-48A2-BC21-770488CEED6B}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZNfox000&ptb=R7dVuLFG3v1b_bGPV9OUWQ
uInternet Settings,ProxyOverride = localhost
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Verzenden naar Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\windows\system32\BGLsp.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.000\Application Data\Mozilla\Firefox\Profiles\965ks0js.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/firefox
.
- - - - ORPHANS VERWIJDERD - - - -
.
MSConfigStartUp-AdobeCS5ServiceManager - c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
MSConfigStartUp-SwitchBoard - c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-11-06 11:59
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(1092)
c:\windows\system32\BgGamingMonitor.dll
.
- - - - - - - > 'lsass.exe'(1160)
c:\windows\system32\BgGamingMonitor.dll
c:\windows\system32\BGLsp.dll
.
Voltooingstijd: 2011-11-06 12:03:04
ComboFix-quarantined-files.txt 2011-11-06 11:03
.
Pre-Run: 129.073.602.560 bytes beschikbaar
Post-Run: 129.466.494.976 bytes beschikbaar
.
- - End Of File - - D6F6C14355B6173C2F2E770C29DE8A8B
-
service pack 3 is geinstalleerd, soluto wou ik proberen maar dat wou niet installeren.
De opstartsnelheid is nog steeds even traag
-
na 10% installing komt er plots aborting, het wil niet installeren
-
zoals gevraagd nog een Hijack log en de malware log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:26:23, on 4/11/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\SvcHost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
C:\WINDOWS\System32\SvcHost.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyWebSearch Home Page
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BullGuard Safe Browsing - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: BgGamingMonitor.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
--
End of file - 10019 bytes
en de malware
Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Databaseversie: 8081
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
4/11/2011 11:20:08
mbam-log-2011-11-04 (11-20-08).txt
Scantype: Snelle scan
Objecten gescand: 235772
Verstreken tijd: 45 minuut/minuten, 9 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 2
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 13
Bestanden geïnfecteerd: 33
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
c:\documents and settings\hp_eigenaar\application data\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\hp_eigenaar\application data\funwebproducts\Data (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\hp_eigenaar\application data\funwebproducts\Data\hp_eigenaar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\fbrowseradvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\flv direct player (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\Skin (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\Skin\directflv (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
c:\program files\smartenhancer (Trojan.BHO) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu start\programma's\flv direct player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
c:\documents and settings\hp_eigenaar\menu start\programma's\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu start\programma's\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.
Bestanden geïnfecteerd:
c:\documents and settings\hp_eigenaar.uw-4b58d8528225\mijn documenten\downloads\Keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\documents and settings\hp_eigenaar.uw-4b58d8528225\mijn documenten\downloads\installer_µtorrent_1_8_5_nederlands_dutch.exe (PUP.SmsPay.pns) -> Not selected for removal.
c:\program files\smartenhancer\pcre3.dll (Trojan.BHO) -> Quarantined and deleted successfully.
c:\documents and settings\hp_eigenaar.uw-4b58d8528225\local settings\Temp\xxxyyyzzz.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\hp_eigenaar.uw-4b58d8528225\local settings\Temp\teste.vbs (Trojan.VBS) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor\ixpcomevents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor\main.db-journal (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor\Thumbs.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\flv direct player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\flvplayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\player.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\uninstall.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\Skin\directflv\Button.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\Skin\directflv\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\Skin\directflv\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\Skin\directflv\sysclosebutton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\Skin\directflv\sysmaxbutton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\Skin\directflv\sysminbutton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\Skin\directflv\Window.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\PlayMP3z\uninstall.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully.
c:\program files\smartenhancer\smartenhancer.dat (Trojan.BHO) -> Quarantined and deleted successfully.
c:\program files\smartenhancer\uninstall.exe (Trojan.BHO) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu start\programma's\flv direct player\flv direct player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu start\programma's\flv direct player\uninstall flv direct player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
c:\documents and settings\hp_eigenaar\menu start\programma's\PlayMP3z\run playmp3z.lnk (Adware.PLayMP3z) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu start\programma's\relevantknowledge\about relevantknowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu start\programma's\relevantknowledge\privacy policy and user license agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu start\programma's\relevantknowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
-
Hallo,
mijn pc start zeer traag op en ik wil hier vanaf hopelijk kunnen jullie mij helpen
heb ook een Hijack log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:36:20, on 4/11/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\SvcHost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
C:\WINDOWS\System32\SvcHost.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyWebSearch Home Page
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (file missing)
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BullGuard Safe Browsing - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll (file missing)
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: BgGamingMonitor.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
--
End of file - 10519 bytes
Opstarten duurt een eeuwigheid
in Archief Windows 7
Geplaatst:
heb net een primary hard disk self test gedaan en krijg de boodschap hard disk 1 quick (303).
betekent dit dat de hard disk kapot is?