sofianmaster
-
Items
157 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door sofianmaster
-
Nou ja, ik ga eens een HJT-Logje maken en misschien lost dat het wel op. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:09:00, on 19/02/2010 Platform: Windows Vista SP3 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe C:\Program Files (x86)\Windows Sidebar\sidebar.exe C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe C:\Windows\ffpext\ffpsrv.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Xfire\Xfire.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell / MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [ffpsrv] c:\windows\ffpext\ffpsrv.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\RunOnce: [sTToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O4 - Startup: LogMeIn Hamachi.lnk = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O4 - Global Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12480 bytes
-
Werkt zonder enkel probleem
-
Al bedankt voor je reactie, maar als ik op de explorer.exe druk dan komt er ee nieuw scherm naar mijn documenten
-
Goeiendag allemaal Ik heb al zo'n ongeveer 2 maanden een nieuwe pc. Het enige probleem hierbij is als ik configuratiescherm open staat er dan explorer.exe werkt niet meer. Kunnen jullie mij hierbij helpen? (Deze error kwam ook al van toen ik de computer net kreeg)
-
Vroeger alleen bij sommige games(pes 2010, Crossfire). Nu altijd. Zelfs als ik een video bekijk op youtube komt er een BSOD. Maar ik wil iets anders vragen. Vandaag krijg ik een nieuwe pc en ik wil graag deze computer(met dell restore manager) terug krijgen naar de fabrieksinstellingen. Zou deze BSOD dan hersteld zijn of niet? Dank u
-
Na een paar weken testen heb ik ondervonden dat de BSOD nog steeds voorkomt.
-
Ik heb systeemherstel uitgevoerd tot 5 dagen geleden(heb toen veel drivers van Dell gedownload). De 2de BSOD is verdwenen, alleen de 1ste komt nog vaak voor
-
neen, jammer genoeg nog steeds de BSOD. Ik heb het programma ook opnieuw geïnstalleerd maar zonder succes
-
DirectX versie: 11 wat eigenlijk vreemd is. Ik had nl. DirectX 10
-
Merk: Dell Type: PP29L Serie nr: 07146 Misschien heb je deze codes ook nodig: ServiceTag: FR39M3J Express Code: 342-898-091-83 P/N: HT588 A00 Alvast bedankt
-
Ik heb een intel xD en het probleem is dat ik een laptop heb. M.a.w de videokaart is geïntegreerd op het moederbord.
-
Bij apparaatbeheer zie ik niet wat ik zou moeten verwijderen. Ik heb hier nog een afbeelding. Misschien zie je wat ik moet verwijderen
-
Mijn vriend speelt dit spel al heel lang zonder problemen. En zoals je me nu vertelt is het wel degelijk de videokaart. Het kan aan de update liggen. Weet je misschien hoe ik de update van de videokaart kan verwijderen?
-
Ik begrijp niet helemaal hoe je die memtest moet runnen. Ook heb ik sinds vandaag een andere BSOD. Microsoft ® Windows Debugger Version 6.11.0001.404 X86 Copyright © Microsoft Corporation. All rights reserved. Loading Dump File [C:\Windows\Minidump\Mini122409-02.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: SRV*DownstreamStore*Symbol information Executable search path is: Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Personal Built by: 6002.18082.x86fre.vistasp2_gdr.090803-2339 Machine Name: Kernel base = 0x8244e000 PsLoadedModuleList = 0x82565c70 Debug session time: Thu Dec 24 11:13:55.704 2009 (GMT+1) System Uptime: 0 days 0:09:29.465 Loading Kernel Symbols ............................................................... ................................................................ ................................................................ Loading User Symbols Loading unloaded module list ...... ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck D1, {8a3e2c50, ff, 0, c4845167} Unable to load image \??\C:\Windows\system32\XDva317.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for XDva317.sys *** ERROR: Module load completed but symbols could not be loaded for XDva317.sys Probably caused by : XDva317.sys ( XDva317+8167 ) Followup: MachineOwner --------- 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If kernel debugger is available get stack backtrace. Arguments: Arg1: 8a3e2c50, memory referenced Arg2: 000000ff, IRQL Arg3: 00000000, value 0 = read operation, 1 = write operation Arg4: c4845167, address which referenced memory Debugging Details: ------------------ READ_ADDRESS: GetPointerFromAddress: unable to read from 82585868 Unable to read MiSystemVaType memory at 82565420 8a3e2c50 CURRENT_IRQL: 0 FAULTING_IP: XDva317+8167 c4845167 ?? ??? ADDITIONAL_DEBUG_TEXT: The trap occurred when interrupts are disabled on the target. BUGCHECK_STR: DISABLED_INTERRUPT_FAULT CUSTOMER_CRASH_COUNT: 2 DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP PROCESS_NAME: crossfire.exe TRAP_FRAME: b5692620 -- (.trap 0xffffffffb5692620) ErrCode = 00000000 eax=85801f50 ebx=c4848790 ecx=8a3e2c50 edx=8a3e2c50 esi=00000050 edi=b5692714 eip=c4845167 esp=b5692694 ebp=b56926d0 iopl=0 nv up di pl zr na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010046 XDva317+0x8167: c4845167 ?? ??? Resetting default scope LAST_CONTROL_TRANSFER: from c4845167 to 8249bfb9 STACK_TEXT: b5692620 c4845167 badb0d00 8a3e2c50 00000060 nt!KiTrap0E+0x2e1 WARNING: Stack unwind information not available. Following frames may be wrong. b5692690 b5692714 c484a00c 9625c000 b5692cf0 XDva317+0x8167 b56926d0 c4843ed1 82585b00 82585b40 c484a00c 0xb5692714 b56926f8 c484564d b5692738 b5692714 d8492e58 XDva317+0x6ed1 b56928e4 c483e075 d8492e58 000001a8 d8492e58 XDva317+0x864d b5692bd0 c484011a d8076f68 c77e9358 00000001 XDva317+0x1075 b5692c0c 827306be d5846448 d8076f68 c77e9358 XDva317+0x311a b5692c30 8249292d d8076fd8 d8076f68 d5846448 nt!IovCallDriver+0x23f b5692c44 826946a1 c77e9358 d8076f68 d8076fd8 nt!IofCallDriver+0x1b b5692c64 82694e46 d5846448 c77e9358 0012cb00 nt!IopSynchronousServiceTail+0x1d9 b5692d00 82695f10 d5846448 d8076f68 00000000 nt!IopXxxControlFile+0x6b7 b5692d34 82498c7a 000005a0 00000000 00000000 nt!NtDeviceIoControlFile+0x2a b5692d34 773d5e74 000005a0 00000000 00000000 nt!KiFastCallEntry+0x12a 0012cb7c 00000000 00000000 00000000 00000000 0x773d5e74 STACK_COMMAND: kb FOLLOWUP_IP: XDva317+8167 c4845167 ?? ??? SYMBOL_STACK_INDEX: 1 SYMBOL_NAME: XDva317+8167 FOLLOWUP_NAME: MachineOwner MODULE_NAME: XDva317 IMAGE_NAME: XDva317.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4b18ac6d FAILURE_BUCKET_ID: DISABLED_INTERRUPT_FAULT_VRF_XDva317+8167 BUCKET_ID: DISABLED_INTERRUPT_FAULT_VRF_XDva317+8167 Followup: MachineOwner ---------- Post toegevoegd om 11:26 ---------- Vorige post was om 11:25 ---------- Wat ik nog vergeten te melden ben is dat deze 2 BSOD's maar in één spel voorkomen nl. Crossfire
-
Ik heb een Intel GM965 Express Chipset Family. En de videokaart is up-to-date.
-
Goeiedag allemaal, Ik heb regelmatig last van BSOD's en dankzij Dell's hulp heb ik iets met Windows Debugger kunnen maken. Na het probleem gezien te hebben(dxgkrnl) zat ik opeens vast. Wat zou ik nu moeten doen? Hier is nog het dump filetje. Loading Dump File [C:\Windows\Minidump\Mini122209-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: SRV*DownstreamStore*Symbol information Executable search path is: Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Personal Built by: 6002.18082.x86fre.vistasp2_gdr.090803-2339 Machine Name: Kernel base = 0x82444000 PsLoadedModuleList = 0x8255bc70 Debug session time: Tue Dec 22 19:14:16.658 2009 (GMT+1) System Uptime: 0 days 9:59:19.617 Loading Kernel Symbols ............................................................... ................................................................ ................................................................ . Loading User Symbols Loading unloaded module list ...... ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck D1, {4, 2, 1, 8e66f8ce} Unable to load image \SystemRoot\System32\drivers\dxgkrnl.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for dxgkrnl.sys *** ERROR: Module load completed but symbols could not be loaded for dxgkrnl.sys Probably caused by : dxgkrnl.sys ( dxgkrnl+198ce ) Followup: MachineOwner --------- 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If kernel debugger is available get stack backtrace. Arguments: Arg1: 00000004, memory referenced Arg2: 00000002, IRQL Arg3: 00000001, value 0 = read operation, 1 = write operation Arg4: 8e66f8ce, address which referenced memory Debugging Details: ------------------ WRITE_ADDRESS: GetPointerFromAddress: unable to read from 8257b868 Unable to read MiSystemVaType memory at 8255b420 00000004 CURRENT_IRQL: 2 FAULTING_IP: dxgkrnl+198ce 8e66f8ce ?? ??? CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0xD1 PROCESS_NAME: dwm.exe TRAP_FRAME: 9766a6ec -- (.trap 0xffffffff9766a6ec) ErrCode = 00000002 eax=00000000 ebx=919c18b8 ecx=b3121850 edx=8553f334 esi=00000000 edi=84d42008 eip=8e66f8ce esp=9766a760 ebp=9766a770 iopl=0 nv up ei ng nz na pe cy cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010287 dxgkrnl+0x198ce: 8e66f8ce ?? ??? Resetting default scope LAST_CONTROL_TRANSFER: from 8e66f8ce to 82491fb9 STACK_TEXT: 9766a6ec 8e66f8ce badb0d00 8553f334 919c1800 nt!KiTrap0E+0x2e1 WARNING: Stack unwind information not available. Following frames may be wrong. 9766a75c b31216d0 00000000 919c1c66 919c1b00 dxgkrnl+0x198ce 9766a770 8e6e8a9f 919c1c64 b3121850 b3121858 0xb31216d0 9766a7f0 8e6e629a 919c1c64 00000001 c4725210 dxgkrnl+0x92a9f 9766a818 8e699059 b31216d0 9766aa30 c4725210 dxgkrnl+0x9029a 9766a9b0 8e69b088 00000000 c000ff40 00000000 dxgkrnl+0x43059 9766aba4 8e69bbf9 ac06ec58 00000000 1901efcb dxgkrnl+0x45088 9766ad58 8248ec7a 004d0027 01b3f5d0 775e5e74 dxgkrnl+0x45bf9 9766ad58 775e5e74 004d0027 01b3f5d0 775e5e74 nt!KiFastCallEntry+0x12a 01b3f5d0 00000000 00000000 00000000 00000000 0x775e5e74 STACK_COMMAND: kb FOLLOWUP_IP: dxgkrnl+198ce 8e66f8ce ?? ??? SYMBOL_STACK_INDEX: 1 SYMBOL_NAME: dxgkrnl+198ce FOLLOWUP_NAME: MachineOwner MODULE_NAME: dxgkrnl IMAGE_NAME: dxgkrnl.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4abc1c72 FAILURE_BUCKET_ID: 0xD1_dxgkrnl+198ce BUCKET_ID: 0xD1_dxgkrnl+198ce Followup: MachineOwner ---------
-
Logje nakijken aub
sofianmaster reageerde op sofianmaster's topic in Archief Bestrijding malware & virussen
Dit is het logje Results of screen317's Security Check version 0.99.1 Windows Vista Service Pack 2 (UAC is enabled) `````````````````````````````` Antivirus/Firewall Check: avast! Antivirus Antivirus up to date! (On Access scanning disabled!) `````````````````````````````` Anti-malware/Other Utilities Check: Ad-Aware Spybot - Search & Destroy HijackThis 2.0.2 CCleaner Eusing Free Registry Cleaner Java 6 Update 17 Adobe Flash Player 10 Adobe Reader 9.2 Adobe Reader 9.2 - Nederlands `````````````````````````````` Process Check: objlist.exe by Laurent Ad-Aware AAWService.exe Ad-Aware AAWTray.exe is disabled! `````````````````````````````` DNS Vulnerability Check: Unknown. This method cannot test your vulnerability to DNS cache poisoning. `````````End of Log``````````` -
Logje nakijken aub
sofianmaster reageerde op sofianmaster's topic in Archief Bestrijding malware & virussen
Combofix ComboFix 09-11-28.04 - Sofian 29/11/2009 14:39.10.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2037.899 [GMT 1:00] Gestart vanuit: c:\users\Sofian\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Sofian\Desktop\CFScript.txt AV: avast! antivirus 4.8.1351 [VPS 091121-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Lavasoft Ad-Watch Live! Anti-virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} SP: avast! antivirus 4.8.1351 [VPS 091121-1] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} SP: Lavasoft Ad-Watch Live! *enabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22} SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FILE :: "c:\windows\SDE9B2FEC(285).tmp" "c:\windows\SDE9B2FEC(559).tmp" "c:\windows\SDE9B2FEC.tmp" "c:\windows\svcadmin.exe" "c:\windows\System32\658BC72326.sys" "c:\windows\system32\GameMon.des" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\LOG.TXT c:\windows\SDE9B2FEC(285).tmp c:\windows\SDE9B2FEC(559).tmp c:\windows\SDE9B2FEC.tmp c:\windows\svcadmin.exe c:\windows\System32\658BC72326.sys c:\windows\system32\GameMon.des . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_npggsvc -------\Service_Anyplace Control Security (((((((((((((((((((( Bestanden Gemaakt van 2009-10-28 to 2009-11-29 )))))))))))))))))))))))))))))) . 2009-11-29 14:01 . 2009-11-29 14:01 -------- d-----w- c:\users\Public\AppData\Local\temp 2009-11-29 14:01 . 2009-11-29 14:01 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-11-28 16:52 . 2009-11-29 14:08 4096 d-----w- c:\users\Sofian\AppData\Local\temp 2009-11-28 12:49 . 2009-11-26 16:41 52224 ----a-w- c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll 2009-11-28 12:49 . 2009-11-26 16:41 114688 ----a-w- c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\npmozax.dll 2009-11-27 19:21 . 2009-11-27 19:21 -------- d-----w- c:\users\Sofian\AppData\Roaming\Paquet Builder 2009-11-27 19:21 . 2009-11-27 19:21 4096 d-----w- c:\program files\Paquet Builder 2009-11-27 19:15 . 2009-11-27 19:15 4096 d-----w- c:\program files\7-Zip 2009-11-26 20:56 . 2009-11-26 20:56 4096 d-----w- c:\program files\gBurner 2009-11-25 17:51 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll 2009-11-25 17:50 . 2009-11-25 17:50 -------- d-----w- c:\program files\MSXML 4.0 2009-11-25 12:31 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll 2009-11-25 12:31 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll 2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_d_ind.dll 2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_c_ind.dll 2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_b_ind.dll 2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_a_ind.dll 2009-11-23 17:45 . 2001-10-28 16:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll 2009-11-23 17:45 . 2009-11-23 17:46 4096 d-----w- c:\program files\PDFCreator 2009-11-23 17:45 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL 2009-11-23 15:13 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-11-22 20:40 . 2009-11-22 20:40 -------- d-----w- c:\program files\Windows Portable Devices 2009-11-22 20:35 . 2009-11-22 20:35 -------- d-----w- c:\windows\'Full Speed' Internet Booster + Performance Tests 2009-11-22 19:49 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll 2009-11-22 19:49 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll 2009-11-22 19:49 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2009-11-22 19:47 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2009-11-22 19:47 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll 2009-11-22 19:47 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2009-11-22 19:19 . 2009-11-22 19:20 -------- d-----w- c:\windows\system32\ca-ES 2009-11-22 19:19 . 2009-11-22 19:20 -------- d-----w- c:\windows\system32\eu-ES 2009-11-22 19:19 . 2009-11-22 19:20 -------- d-----w- c:\windows\system32\vi-VN 2009-11-22 17:54 . 2009-11-22 17:54 -------- d-----w- c:\windows\system32\EventProviders 2009-11-22 12:56 . 2009-04-11 06:28 289792 ----a-w- c:\windows\system32\spinstall.exe 2009-11-22 12:55 . 2009-04-11 06:28 1143296 ----a-w- c:\windows\system32\wercon.exe 2009-11-22 12:54 . 2009-04-11 06:28 177664 ----a-w- c:\windows\system32\WSDMon.dll 2009-11-22 12:53 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll 2009-11-22 12:53 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe 2009-11-22 12:52 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll 2009-11-22 11:26 . 2009-11-22 21:30 20480 d-----w- c:\program files\Eusing Free Registry Cleaner 2009-11-21 19:05 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin 2009-11-21 18:25 . 2009-11-21 18:25 -------- dc----w- C:\PerfLogs 2009-11-21 17:36 . 2008-01-18 22:36 6656 ----a-w- c:\windows\system32\sdspres.dll 2009-11-21 17:36 . 2008-01-18 22:33 193024 ----a-w- c:\windows\system32\recdisc.exe 2009-11-21 17:35 . 2008-01-18 22:36 28160 ----a-w- c:\windows\system32\sxproxy.dll 2009-11-21 17:25 . 2008-01-18 22:42 94776 ----a-w- c:\windows\system32\MigAutoPlay.exe 2009-11-21 17:24 . 2008-01-18 22:38 155704 ----a-w- c:\windows\system32\dssenh.dll 2009-11-21 17:23 . 2008-01-18 22:33 96768 ----a-w- c:\windows\system32\wininit.exe 2009-11-21 16:59 . 2009-11-21 16:59 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2009-11-21 15:05 . 2009-11-21 15:05 61440 ----a-w- c:\windows\system32\winipsec.dll 2009-11-21 15:05 . 2009-11-21 15:05 272896 ----a-w- c:\windows\system32\polstore.dll 2009-11-21 15:01 . 2009-11-21 15:01 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2009-11-21 15:01 . 2009-11-21 15:01 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2009-11-21 15:01 . 2009-11-21 15:01 17920 ----a-w- c:\windows\system32\netevent.dll 2009-11-21 15:01 . 2009-11-21 15:01 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2009-11-21 15:01 . 2009-11-21 15:01 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-11-21 15:01 . 2009-11-21 15:01 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2009-11-21 15:01 . 2009-11-21 15:01 19968 ----a-w- c:\windows\system32\ARP.EXE 2009-11-21 15:01 . 2009-11-21 15:01 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2009-11-21 15:01 . 2009-11-21 15:01 105984 ----a-w- c:\windows\system32\netiohlp.dll 2009-11-21 15:01 . 2009-11-21 15:01 10240 ----a-w- c:\windows\system32\finger.exe 2009-11-21 15:01 . 2009-11-21 15:01 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2009-11-21 14:58 . 2009-11-21 14:58 127488 ----a-w- c:\windows\system32\L2SecHC.dll 2009-11-21 14:58 . 2009-11-21 14:58 68096 ----a-w- c:\windows\system32\wlanhlp.dll 2009-11-21 14:58 . 2009-11-21 14:58 65024 ----a-w- c:\windows\system32\wlanapi.dll 2009-11-21 14:58 . 2009-11-21 14:58 513536 ----a-w- c:\windows\system32\wlansvc.dll 2009-11-21 14:58 . 2009-11-21 14:58 302592 ----a-w- c:\windows\system32\wlansec.dll 2009-11-21 14:58 . 2009-11-21 14:58 293376 ----a-w- c:\windows\system32\wlanmsm.dll 2009-11-21 14:54 . 2009-11-21 14:54 34304 ----a-w- c:\windows\system32\atmlib.dll 2009-11-21 14:54 . 2009-11-21 14:54 289792 ----a-w- c:\windows\system32\atmfd.dll 2009-11-21 14:54 . 2009-11-21 14:54 156672 ----a-w- c:\windows\system32\t2embed.dll 2009-11-21 14:54 . 2009-11-21 14:54 23552 ----a-w- c:\windows\system32\lpk.dll 2009-11-21 14:54 . 2009-11-21 14:54 72704 ----a-w- c:\windows\system32\fontsub.dll 2009-11-21 14:54 . 2009-11-21 14:54 10240 ----a-w- c:\windows\system32\dciman32.dll 2009-11-21 14:52 . 2009-11-21 14:52 218624 ----a-w- c:\windows\system32\msv1_0.dll 2009-11-21 14:51 . 2009-11-21 14:51 9728 ----a-w- c:\windows\system32\infoctrs.dll 2009-11-21 14:51 . 2009-11-21 14:51 16384 ----a-w- c:\windows\system32\infoadmn.dll 2009-11-21 14:45 . 2009-11-21 14:45 98816 ----a-w- c:\windows\system32\mfps.dll 2009-11-21 14:45 . 2009-11-21 14:45 53248 ----a-w- c:\windows\system32\rrinstaller.exe 2009-11-21 14:45 . 2009-11-21 14:45 2868224 ----a-w- c:\windows\system32\mf.dll 2009-11-21 14:45 . 2009-11-21 14:45 24576 ----a-w- c:\windows\system32\mfpmp.exe 2009-11-21 14:45 . 2009-11-21 14:45 2048 ----a-w- c:\windows\system32\mferror.dll 2009-11-21 14:38 . 2009-11-21 14:38 71680 ----a-w- c:\windows\system32\atl.dll 2009-11-21 14:34 . 2009-11-21 14:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-11-21 14:34 . 2009-11-21 14:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-11-21 14:33 . 2009-11-21 14:33 36864 ----a-w- c:\windows\system32\mqise.dll 2009-11-21 14:33 . 2009-11-21 14:33 126464 ----a-w- c:\windows\system32\drivers\mqac.sys 2009-11-21 14:32 . 2009-11-21 14:32 917504 ----a-w- c:\windows\system32\mqqm.dll 2009-11-21 14:32 . 2009-11-21 14:32 89600 ----a-w- c:\windows\system32\mqlogmgr.dll 2009-11-21 14:32 . 2009-11-21 14:32 8704 ----a-w- c:\windows\system32\mqsvc.exe 2009-11-21 14:32 . 2009-11-21 14:32 37888 ----a-w- c:\windows\system32\mqbkup.exe 2009-11-21 14:32 . 2009-11-21 14:32 154112 ----a-w- c:\windows\system32\mqtrig.dll 2009-11-21 14:32 . 2009-11-21 14:32 125440 ----a-w- c:\windows\system32\mqtgsvc.exe 2009-11-21 14:29 . 2009-11-21 14:29 160256 ----a-w- c:\windows\system32\wkssvc.dll 2009-11-21 14:28 . 2009-11-21 14:28 53248 ----a-w- c:\windows\system32\tsgqec.dll 2009-11-21 14:28 . 2009-11-21 14:28 136192 ----a-w- c:\windows\system32\aaclient.dll 2009-11-21 14:28 . 2009-11-21 14:28 2066432 ----a-w- c:\windows\system32\mstscax.dll 2009-11-21 14:27 . 2009-11-21 14:27 2048 ----a-w- c:\windows\system32\msxml3r.dll 2009-11-21 14:15 . 2009-11-21 14:15 623616 ----a-w- c:\windows\system32\localspl.dll 2009-11-21 14:14 . 2009-11-21 14:14 91136 ----a-w- c:\windows\system32\avifil32.dll 2009-11-21 14:14 . 2009-11-21 14:14 82944 ----a-w- c:\windows\system32\mciavi32.dll 2009-11-21 14:14 . 2009-11-21 14:14 65024 ----a-w- c:\windows\system32\avicap32.dll 2009-11-21 14:14 . 2009-11-21 14:14 123904 ----a-w- c:\windows\system32\msvfw32.dll 2009-11-21 14:14 . 2009-11-21 14:14 31232 ----a-w- c:\windows\system32\msvidc32.dll 2009-11-21 14:14 . 2009-11-21 14:14 12800 ----a-w- c:\windows\system32\msrle32.dll 2009-11-21 14:09 . 2009-11-21 14:09 499712 ----a-w- c:\windows\system32\kerberos.dll 2009-11-21 14:09 . 2009-11-21 14:09 175104 ----a-w- c:\windows\system32\wdigest.dll 2009-11-21 14:09 . 2009-11-21 14:09 9728 ----a-w- c:\windows\system32\lsass.exe 2009-11-21 14:09 . 2009-11-21 14:09 72704 ----a-w- c:\windows\system32\secur32.dll 2009-11-21 14:09 . 2009-11-21 14:09 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2009-11-21 14:09 . 2009-11-21 14:09 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2009-11-21 14:09 . 2009-11-21 14:09 270848 ----a-w- c:\windows\system32\schannel.dll 2009-11-21 14:05 . 2009-11-21 14:05 9847296 ----a-w- c:\windows\system32\NlsData000a.dll 2009-11-21 14:05 . 2009-11-21 14:05 2643456 ----a-w- c:\windows\system32\NlsData000c.dll 2009-11-21 14:05 . 2009-11-21 14:05 2342912 ----a-w- c:\windows\system32\NlsData000d.dll 2009-11-21 14:05 . 2009-11-21 14:05 1965056 ----a-w- c:\windows\system32\NlsData000f.dll 2009-11-21 14:05 . 2009-11-21 14:05 4495360 ----a-w- c:\windows\system32\NlsData0416.dll 2009-11-21 14:05 . 2009-11-21 14:05 4495360 ----a-w- c:\windows\system32\NlsData0414.dll 2009-11-21 14:05 . 2009-11-21 14:05 4495360 ----a-w- c:\windows\system32\NlsData0816.dll 2009-11-21 14:05 . 2009-11-21 14:05 1965056 ----a-w- c:\windows\system32\NlsData081a.dll 2009-11-21 14:05 . 2009-11-21 14:05 6917120 ----a-w- c:\windows\system32\NlsLexicons0c1a.dll 2009-11-21 14:05 . 2009-11-21 14:05 1965056 ----a-w- c:\windows\system32\NlsData0c1a.dll 2009-11-21 14:03 . 2009-11-21 14:03 6656 ----a-w- c:\windows\system32\kbd106n.dll 2009-11-21 13:59 . 2009-11-21 13:59 88576 ----a-w- c:\windows\system32\tlntsess.exe 2009-11-21 13:59 . 2009-11-21 13:59 206848 ----a-w- c:\windows\system32\telnet.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-29 14:02 . 2008-11-30 00:16 8011 ----a-w- c:\windows\bthservsdp.dat 2009-11-28 21:13 . 2008-05-22 20:34 118784 d-----w- c:\users\Sofian\AppData\Roaming\uTorrent 2009-11-27 17:54 . 2009-09-12 16:16 4096 d-----w- c:\users\Sofian\AppData\Roaming\Skype 2009-11-27 17:03 . 2009-02-06 20:48 -------- d-----w- c:\users\Sofian\AppData\Roaming\skypePM 2009-11-25 15:56 . 2006-11-02 16:11 755280 ----a-w- c:\windows\system32\perfh013.dat 2009-11-25 15:56 . 2006-11-02 16:11 162068 ----a-w- c:\windows\system32\perfc013.dat 2009-11-24 18:42 . 2008-12-10 11:32 8192 d-----w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab 2009-11-22 20:40 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-22 20:40 . 2009-11-22 20:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2009-11-22 19:40 . 2009-11-22 19:40 56 ---ha-w- c:\programdata\ezsidmv.dat 2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar 2009-11-22 19:20 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-11-22 19:20 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail 2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery 2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal 2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration 2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender 2009-11-21 19:33 . 2009-01-17 23:25 16384 d-----w- c:\program files\Paint.NET 2009-11-21 19:00 . 2009-02-11 12:20 4096 d-----w- c:\users\Sofian\AppData\Roaming\FileZilla 2009-11-21 18:12 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2009-11-21 18:12 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2009-11-21 17:13 . 2008-11-30 08:40 124064 ----a-w- c:\users\Sofian\AppData\Local\GDIPFONTCACHEV1.DAT 2009-11-21 16:59 . 2009-01-23 23:01 24576 d-----w- c:\programdata\Microsoft Help 2009-11-21 14:49 . 2008-04-15 23:40 24576 d-----w- c:\program files\Microsoft Works 2009-11-14 11:47 . 2008-12-14 17:59 -------- d-----w- c:\users\Sofian\AppData\Roaming\Yahoo! 2009-11-13 18:35 . 2008-12-09 21:35 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-11-11 17:36 . 2008-05-04 09:42 4096 d-----w- c:\users\Sofian\AppData\Roaming\VoipBuster 2009-11-11 14:48 . 2008-04-19 19:38 4096 d-----w- c:\program files\dvdSanta 2009-11-07 17:17 . 2009-03-18 19:12 4096 d-----w- c:\users\Sofian\AppData\Roaming\MessengerDiscovery 2 2009-11-07 17:17 . 2008-06-11 10:58 4096 d-----w- c:\program files\MessengerDiscovery 2 2009-11-07 15:57 . 2008-06-11 11:26 4096 d-----w- c:\program files\Messenger Plus! Live 2009-11-07 15:42 . 2008-04-23 18:53 -------- d-----w- c:\program files\Windows Live 2009-11-06 21:46 . 2009-05-15 18:31 4096 d-----w- c:\program files\Recuva 2009-11-06 21:46 . 2008-07-09 22:13 4096 d-----w- c:\program files\DAEMON Tools Lite 2009-11-06 19:20 . 2008-04-15 23:17 12288 d--h--w- c:\program files\InstallShield Installation Information 2009-11-02 08:48 . 2009-08-21 07:48 314712 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\threatwork.exe 2009-11-02 08:48 . 2009-08-21 07:48 25440 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\savapibridge.dll 2009-11-02 08:48 . 2009-08-21 07:48 168800 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lavamessage.dll 2009-11-02 08:48 . 2009-08-21 07:48 15688 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lsdelete.exe 2009-11-02 08:48 . 2009-08-21 07:48 349008 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lavalicense.dll 2009-11-02 08:48 . 2009-08-21 07:48 298336 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\UpdateManager.dll 2009-11-02 08:48 . 2009-08-21 07:48 84320 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\ShellExt.dll 2009-11-02 08:48 . 2009-08-21 07:48 1630560 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Resources.dll 2009-11-02 08:48 . 2009-08-21 07:48 246640 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\RPAPI.dll 2009-11-02 08:48 . 2009-08-21 07:48 40288 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\PrivacyClean.dll 2009-11-02 08:48 . 2009-08-21 07:48 664936 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\CEAPI.dll 2009-11-02 08:47 . 2009-08-21 07:48 566632 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe 2009-11-02 08:47 . 2009-08-21 07:48 562552 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe 2009-11-02 08:47 . 2009-08-21 07:48 2353992 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-Aware.exe 2009-11-02 08:47 . 2009-08-21 07:48 640760 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWWSC.exe 2009-11-02 08:47 . 2009-08-21 07:48 520024 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWTray.exe 2009-11-02 08:47 . 2009-08-21 07:48 1028432 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWService.exe 2009-11-02 08:46 . 2008-06-24 14:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-11-02 08:44 . 2009-02-25 16:35 -------- d-----w- c:\programdata\DAEMON Tools Lite 2009-11-01 09:37 . 2009-07-04 17:11 4096 d-----w- c:\program files\Unlocker 2009-10-30 16:07 . 2009-05-24 12:54 4096 d-----w- c:\programdata\TrackMania 2009-10-28 22:17 . 2008-12-27 19:07 1 ----a-w- c:\users\Sofian\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2009-10-24 17:43 . 2008-04-15 23:36 4096 d-----w- c:\program files\Common Files\Adobe 2009-10-24 13:58 . 2009-10-24 12:26 -------- d-----w- c:\program files\Assassin's Creed 2009-10-24 13:47 . 2009-10-24 13:47 -------- d-----w- c:\users\Sofian\AppData\Roaming\Ubisoft 2009-10-24 13:47 . 2008-11-30 17:10 4096 d-----w- c:\programdata\Ubisoft 2009-10-21 10:43 . 2009-09-28 14:27 -------- d-----w- c:\program files\KONAMI 2009-10-21 09:17 . 2009-10-21 09:17 -------- d-----w- c:\programdata\KONAMI 2009-10-20 17:29 . 2009-05-30 09:59 -------- d-----w- c:\program files\Hamachi 2009-10-20 17:21 . 2008-06-18 14:05 4096 d-----w- c:\users\Sofian\AppData\Roaming\Hamachi 2009-10-20 16:26 . 2008-10-28 20:10 8192 d-----w- c:\program files\PES 2009 2009-10-18 13:08 . 2008-11-22 17:43 4096 d-----w- c:\program files\SystemRequirementsLab 2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll 2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll 2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll 2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll 2009-10-11 11:50 . 2009-10-11 11:50 -------- d-----w- c:\program files\Loquendo 2009-10-10 11:22 . 2009-10-10 11:20 -------- d-----w- c:\users\Sofian\AppData\Roaming\ISP Monitor 2009-10-10 11:20 . 2009-10-10 11:20 4096 d-----w- c:\program files\ISP Monitor 2009-10-10 11:20 . 2009-10-10 11:20 737280 ----a-w- c:\windows\iun6002.exe 2009-10-06 19:56 . 2008-04-15 23:36 4096 d-----w- c:\program files\Google 2009-10-05 14:32 . 2009-10-05 14:30 -------- d-----w- c:\programdata\DriverScanner 2009-10-05 14:30 . 2009-10-05 14:29 4096 dc-h--w- c:\programdata\{D5ABFFAD-D592-4F98-B02B-587125B4801F} 2009-10-05 14:30 . 2008-11-29 09:39 -------- d-----w- c:\program files\Uniblue 2009-10-05 14:30 . 2008-10-25 07:43 -------- d-----w- c:\users\Sofian\AppData\Roaming\Uniblue 2009-10-04 20:25 . 2008-04-30 13:05 8192 d-----w- c:\users\Sofian\AppData\Roaming\LimeWire 2009-10-04 18:07 . 2009-10-04 18:07 4096 d-----w- c:\program files\Auto Clicker 2009-10-03 21:19 . 2009-10-03 21:11 -------- d-----w- c:\program files\Foxit Software 2009-10-03 11:19 . 2009-03-27 18:44 4096 d-----w- c:\program files\LimeWire 2009-10-01 01:02 . 2009-11-22 19:48 2537472 ----a-w- c:\windows\system32\wpdshext.dll 2009-10-01 01:02 . 2009-11-22 19:48 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe 2009-10-01 01:02 . 2009-11-22 19:48 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll 2009-10-01 01:02 . 2009-11-22 19:48 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll 2009-10-01 01:02 . 2009-11-22 19:48 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll 2009-10-01 01:01 . 2009-11-22 19:48 546816 ----a-w- c:\windows\system32\wpd_ci.dll 2009-10-01 01:01 . 2009-11-22 19:48 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll 2009-10-01 01:01 . 2009-11-22 19:48 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll 2009-10-01 01:01 . 2009-11-22 19:48 350208 ----a-w- c:\windows\system32\WPDSp.dll 2009-10-01 01:01 . 2009-11-22 19:48 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll 2009-10-01 01:01 . 2009-11-22 19:48 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll 2009-10-01 01:01 . 2009-11-22 19:48 81920 ----a-w- c:\windows\system32\wpdbusenum.dll 2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_d_ind.dll 2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_c_ind.dll 2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_b_ind.dll 2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_a_ind.dll 2008-04-15 23:28 . 2008-04-15 23:28 76 --sha-w- c:\windows\CT4CET.bin 2008-04-19 11:13 . 2008-04-19 11:13 76 --sha-w- c:\windows\CT5PRET.BIN 2008-12-11 21:38 . 2008-12-11 11:43 2048 --sha-w- c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat 2008-12-11 21:38 . 2008-12-11 11:43 2048 --sha-w- c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat 2009-01-20 20:04 . 2008-11-28 16:46 3036 --sha-w- c:\windows\System32\KGyGaAvL.sys 2007-02-26 18:59 . 2007-02-26 18:59 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960] "VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\voipbuster.exe" [2009-11-12 9094448] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-22 39408] "Google Update"="c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-11-21 135664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DeStatusMon"="c:\program files\Dell\MFP_DELL\deDvcStatus.exe dvcStatusMinimize" [X] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe " [X] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-07 159744] "OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-09 36864] "DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-13 16384] "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872] "Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-01-11 101136] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-03-12 79400] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656] "FG_Monitor"="c:\program files\Folder Guard Pro\FGKey.exe" [2007-02-24 132680] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-13 149280] "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-01-11 101136] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280] Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-4-16 50688] QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-9-7 1180952] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys] @="FSFilter System Recovery" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:7e,c7,31,9a,a9,6b,ca,01 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-991331777-2378318461-4560006-1000] "EnableNotificationsRef"=dword:00000001 R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [21/08/2009 8:49 64160] R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [5/07/2006 13:46 63352] R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [28/03/2009 9:53 114768] R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [16/04/2008 0:08 73728] R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [28/03/2009 9:53 20560] R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [28/03/2009 9:52 53328] R2 CAMTHWDM;WebcamMax, WDM Video Capture;c:\windows\System32\drivers\CamthWDM.sys [30/11/2008 0:59 941784] R2 deMntrService;Dell AIO Center Service;c:\program files\Dell\MFP_DELL\deMntrService.exe [28/06/2007 14:05 131072] R2 FGUARD32;FGUARD32;c:\program files\Folder Guard Pro\FGUARD32.SYS [5/09/2009 15:53 48896] R2 FsUsbExService;FsUsbExService;c:\windows\System32\FsUsbExService.Exe [22/06/2009 18:56 233472] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29/10/2009 12:27 1074568] R2 ISPMonitorSrv;ISP Monitor;c:\program files\ISP Monitor\ISPMonitorSrv.exe [22/08/2007 23:55 36864] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 22:34 1028432] R2 litsgt;litsgt;c:\windows\System32\drivers\litsgt.sys [14/02/2009 17:48 137344] R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [29/05/2008 10:18 202016] R2 tansgt;tansgt;c:\windows\System32\drivers\tansgt.sys [14/02/2009 17:48 12032] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\System32\FsUsbExDisk.Sys [22/06/2009 18:56 36608] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [30/11/2008 0:59 111616] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\drivers\ASPI32.SYS [15/04/2009 13:13 84832] S3 DESVUSB;Dell service driver;c:\windows\System32\drivers\desrvusb.sys [30/11/2008 0:59 17536] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21/11/2009 18:23 21504] S3 WMSvc;Web Management-service;c:\windows\System32\inetsrv\WMSvc.exe [2/11/2006 13:36 10752] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LPDService REG_MULTI_SZ LPDSVC rsmsvcs REG_MULTI_SZ ntmssvc ipripsvc REG_MULTI_SZ iprip bthsvcs REG_MULTI_SZ BthServ getPlusHelper REG_MULTI_SZ getPlusHelper LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map 2009-11-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 08:47] 2009-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-991331777-2378318461-4560006-1000Core.job - c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-21 11:41] 2009-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-991331777-2378318461-4560006-1000UA.job - c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-21 11:41] 2009-11-29 c:\windows\Tasks\RegCure Program Check.job - c:\program files\RegCure\RegCure.exe [2007-10-16 09:20] 2008-12-12 c:\windows\Tasks\RegCure.job - c:\program files\RegCure\RegCure.exe [2007-10-16 09:20] 2009-11-29 c:\windows\Tasks\User_Feed_Synchronization-{D130A10C-2448-4567-A8B2-044877608ACE}.job - c:\windows\system32\msfeedssync.exe [2009-11-21 03:41] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://www.games-fusion.net/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Formulieren opslaan - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: Invul Formulieren - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html IE: Menu aanpassen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html IE: RoboForm Werkbalk - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} - hxxp://www.fiaa.eu/OPLauncher.cab FF - ProfilePath - c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl) FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - FF - component: c:\program files\Siber Systems\AI RoboForm\Firefox\components\rfproxy_31.dll FF - component: c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll FF - plugin: c:\progra~1\SONYON~1\npsoe.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOP7PlugIn.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll FF - plugin: c:\programdata\NexonEU\NGM\npNxGameeu.dll FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll FF - plugin: c:\users\Sofian\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: network.proxy.type - 0 FF - user.js: network.proxy.http - FF - user.js: network.proxy.http_port - 0 FF - user.js: network.proxy.ssl - FF - user.js: network.proxy.ssl_port - 0 FF - user.js: network.proxy.ftp - FF - user.js: network.proxy.ftp_port - 0 FF - user.js: network.proxy.gopher - FF - user.js: network.proxy.gopher_port - 0 FF - user.js: network.proxy.socks_version - 5 FF - user.js: network.proxy.socks - FF - user.js: network.proxy.socks_port - 0 FF - user.js: nglayout.initialpaint.delay - 100 FF - user.js: content.notify.ontimer - true FF - user.js: content.notify.interval - 100000 FF - user.js: content.notify.backoffcount - 5 FF - user.js: network.http.pipelining - true FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.max-connections - 32 FF - user.js: network.http.max-connections-per-server - 8 FF - user.js: network.http.max-persistent-connections-per-proxy - 4 FF - user.js: network.http.max-persistent-connections-per-server - 2 c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-11-29 15:08 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... c:\windows\TEMP\TMP000000550DE33B0EDFD09582 524288 bytes executable Scan succesvol afgerond verborgen bestanden: 1 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys spwi.sys hal.dll >>UNKNOWN [0x853E7938]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0x887d1d24 \Driver\ACPI -> acpi.sys @ 0x87fc1d68 \Driver\atapi -> 0x854311f8 \Driver\iaStor -> iastor.sys @ 0x880ce6d0 IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection ! user & kernel MBR OK ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'Explorer.exe'(5484) c:\windows\system32\btncopy.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\windows\system32\WLANExt.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\windows\system32\CISVC.EXE c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PSIService.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\windows\System32\tcpsvcs.exe c:\windows\System32\snmp.exe c:\program files\Dell Support Center\bin\sprtsvc.exe c:\windows\system32\STacSV.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\DRIVERS\xaudio.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\program files\Alwil Software\Avast4\ashDisp.exe c:\windows\system32\igfxsrvc.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\DellTPad\ApMsgFwd.exe c:\program files\Lavasoft\Ad-Aware\AAWTray.exe c:\windows\ehome\ehmsas.exe c:\program files\DellTPad\HidFind.exe c:\program files\DellTPad\Apntex.exe c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe . ************************************************************************** . Voltooingstijd: 2009-11-29 15:23 - machine werd herstart ComboFix-quarantined-files.txt 2009-11-29 14:23 ComboFix2.txt 2009-11-28 17:16 Pre-Run: 6.983.782.400 bytes beschikbaar Post-Run: 6.133.956.608 bytes beschikbaar - - End Of File - - 0880057D05E679314D3B07482D11E6AC Hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:27:19, on 29/11/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18828) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Folder Guard Pro\FGKey.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Windows\Explorer.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Games Fusion - PC Cheats, Saved Games, Trailers, Demos and Patches O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [DeStatusMon] "C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe" dvcStatusMinimize O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE" O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [FG_Monitor] C:\Program Files\Folder Guard Pro\FGKey.exe /Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O15 - Trusted IP range: http://192.168.0.1 O15 - ESC Trusted IP range: http://192.168.0.1 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258806103935 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258907798795 O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12709 bytes Ik denk dat het heeft geholpen, mijn computer is nu trug even snel als vroeger -
Logje nakijken aub
sofianmaster reageerde op sofianmaster's topic in Archief Bestrijding malware & virussen
ComboFix 09-11-27.07 - Sofian 28/11/2009 17:29.9.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2037.1026 [GMT 1:00] Gestart vanuit: c:\users\Sofian\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1351 [VPS 091121-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Lavasoft Ad-Watch Live! Anti-virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} SP: avast! antivirus 4.8.1351 [VPS 091121-1] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} SP: Lavasoft Ad-Watch Live! *enabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22} SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500 c:\$recycle.bin\S-1-5-21-2815755638-1480285660-2120787009-500 c:\$recycle.bin\S-1-5-21-991331777-2378318461-4560006-500 C:\LOG.TXT c:\users\Sofian\AppData\Roaming\.# c:\users\Sofian\AppData\Roaming\Desktopicon c:\users\Sofian\AppData\Roaming\Desktopicon\eBay.ico c:\users\Sofian\AppData\Roaming\Desktopicon\eBayShortcuts.exe c:\users\Sofian\AppData\Roaming\Desktopicon\uninst.exe c:\users\Sofian\AppData\Roaming\inst.exe c:\windows\slog.dll c:\windows\system32\gatherWirelessInfo.vbs c:\windows\system32\NTSVc.ocx . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_Boonty Games (((((((((((((((((((( Bestanden Gemaakt van 2009-10-28 to 2009-11-28 )))))))))))))))))))))))))))))) . 2009-11-28 16:52 . 2009-11-28 16:59 4096 d-----w- c:\users\Sofian\AppData\Local\temp 2009-11-28 16:52 . 2009-11-28 16:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-11-28 12:49 . 2009-11-26 16:41 52224 ----a-w- c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll 2009-11-28 12:49 . 2009-11-26 16:41 114688 ----a-w- c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\npmozax.dll 2009-11-27 19:21 . 2009-11-27 19:21 -------- d-----w- c:\users\Sofian\AppData\Roaming\Paquet Builder 2009-11-27 19:21 . 2009-11-27 19:21 4096 d-----w- c:\program files\Paquet Builder 2009-11-27 19:15 . 2009-11-27 19:15 4096 d-----w- c:\program files\7-Zip 2009-11-26 20:56 . 2009-11-26 20:56 4096 d-----w- c:\program files\gBurner 2009-11-25 17:51 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll 2009-11-25 17:50 . 2009-11-25 17:50 -------- d-----w- c:\program files\MSXML 4.0 2009-11-25 12:31 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll 2009-11-25 12:31 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll 2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_d_ind.dll 2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_c_ind.dll 2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_b_ind.dll 2009-11-24 18:42 . 2009-11-24 18:42 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_a_ind.dll 2009-11-23 17:45 . 2001-10-28 16:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll 2009-11-23 17:45 . 2009-11-23 17:46 4096 d-----w- c:\program files\PDFCreator 2009-11-23 17:45 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL 2009-11-23 15:13 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-11-22 20:40 . 2009-11-22 20:40 -------- d-----w- c:\program files\Windows Portable Devices 2009-11-22 20:35 . 2009-11-22 20:35 -------- d-----w- c:\windows\'Full Speed' Internet Booster + Performance Tests 2009-11-22 19:49 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll 2009-11-22 19:49 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll 2009-11-22 19:49 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2009-11-22 19:47 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2009-11-22 19:47 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll 2009-11-22 19:47 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2009-11-22 19:19 . 2009-11-22 19:20 -------- d-----w- c:\windows\system32\ca-ES 2009-11-22 19:19 . 2009-11-22 19:20 -------- d-----w- c:\windows\system32\eu-ES 2009-11-22 19:19 . 2009-11-22 19:20 -------- d-----w- c:\windows\system32\vi-VN 2009-11-22 17:54 . 2009-11-22 17:54 -------- d-----w- c:\windows\system32\EventProviders 2009-11-22 12:56 . 2009-04-11 06:28 289792 ----a-w- c:\windows\system32\spinstall.exe 2009-11-22 12:55 . 2009-04-11 06:28 1143296 ----a-w- c:\windows\system32\wercon.exe 2009-11-22 12:54 . 2009-04-11 06:28 177664 ----a-w- c:\windows\system32\WSDMon.dll 2009-11-22 12:53 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll 2009-11-22 12:53 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe 2009-11-22 12:52 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll 2009-11-22 11:26 . 2009-11-22 21:30 20480 d-----w- c:\program files\Eusing Free Registry Cleaner 2009-11-21 19:05 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin 2009-11-21 18:25 . 2009-11-21 18:25 -------- dc----w- C:\PerfLogs 2009-11-21 17:36 . 2008-01-18 22:36 6656 ----a-w- c:\windows\system32\sdspres.dll 2009-11-21 17:36 . 2008-01-18 22:33 193024 ----a-w- c:\windows\system32\recdisc.exe 2009-11-21 17:35 . 2008-01-18 22:36 28160 ----a-w- c:\windows\system32\sxproxy.dll 2009-11-21 17:25 . 2008-01-18 22:42 94776 ----a-w- c:\windows\system32\MigAutoPlay.exe 2009-11-21 17:24 . 2008-01-18 22:38 155704 ----a-w- c:\windows\system32\dssenh.dll 2009-11-21 17:23 . 2008-01-18 22:33 96768 ----a-w- c:\windows\system32\wininit.exe 2009-11-21 16:59 . 2009-11-21 16:59 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2009-11-21 15:05 . 2009-11-21 15:05 61440 ----a-w- c:\windows\system32\winipsec.dll 2009-11-21 15:05 . 2009-11-21 15:05 272896 ----a-w- c:\windows\system32\polstore.dll 2009-11-21 15:01 . 2009-11-21 15:01 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2009-11-21 15:01 . 2009-11-21 15:01 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2009-11-21 15:01 . 2009-11-21 15:01 17920 ----a-w- c:\windows\system32\netevent.dll 2009-11-21 15:01 . 2009-11-21 15:01 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2009-11-21 15:01 . 2009-11-21 15:01 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-11-21 15:01 . 2009-11-21 15:01 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2009-11-21 15:01 . 2009-11-21 15:01 19968 ----a-w- c:\windows\system32\ARP.EXE 2009-11-21 15:01 . 2009-11-21 15:01 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2009-11-21 15:01 . 2009-11-21 15:01 105984 ----a-w- c:\windows\system32\netiohlp.dll 2009-11-21 15:01 . 2009-11-21 15:01 10240 ----a-w- c:\windows\system32\finger.exe 2009-11-21 15:01 . 2009-11-21 15:01 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2009-11-21 14:58 . 2009-11-21 14:58 127488 ----a-w- c:\windows\system32\L2SecHC.dll 2009-11-21 14:58 . 2009-11-21 14:58 68096 ----a-w- c:\windows\system32\wlanhlp.dll 2009-11-21 14:58 . 2009-11-21 14:58 65024 ----a-w- c:\windows\system32\wlanapi.dll 2009-11-21 14:58 . 2009-11-21 14:58 513536 ----a-w- c:\windows\system32\wlansvc.dll 2009-11-21 14:58 . 2009-11-21 14:58 302592 ----a-w- c:\windows\system32\wlansec.dll 2009-11-21 14:58 . 2009-11-21 14:58 293376 ----a-w- c:\windows\system32\wlanmsm.dll 2009-11-21 14:54 . 2009-11-21 14:54 34304 ----a-w- c:\windows\system32\atmlib.dll 2009-11-21 14:54 . 2009-11-21 14:54 289792 ----a-w- c:\windows\system32\atmfd.dll 2009-11-21 14:54 . 2009-11-21 14:54 156672 ----a-w- c:\windows\system32\t2embed.dll 2009-11-21 14:54 . 2009-11-21 14:54 23552 ----a-w- c:\windows\system32\lpk.dll 2009-11-21 14:54 . 2009-11-21 14:54 72704 ----a-w- c:\windows\system32\fontsub.dll 2009-11-21 14:54 . 2009-11-21 14:54 10240 ----a-w- c:\windows\system32\dciman32.dll 2009-11-21 14:52 . 2009-11-21 14:52 218624 ----a-w- c:\windows\system32\msv1_0.dll 2009-11-21 14:51 . 2009-11-21 14:51 9728 ----a-w- c:\windows\system32\infoctrs.dll 2009-11-21 14:51 . 2009-11-21 14:51 16384 ----a-w- c:\windows\system32\infoadmn.dll 2009-11-21 14:45 . 2009-11-21 14:45 98816 ----a-w- c:\windows\system32\mfps.dll 2009-11-21 14:45 . 2009-11-21 14:45 53248 ----a-w- c:\windows\system32\rrinstaller.exe 2009-11-21 14:45 . 2009-11-21 14:45 2868224 ----a-w- c:\windows\system32\mf.dll 2009-11-21 14:45 . 2009-11-21 14:45 24576 ----a-w- c:\windows\system32\mfpmp.exe 2009-11-21 14:45 . 2009-11-21 14:45 2048 ----a-w- c:\windows\system32\mferror.dll 2009-11-21 14:38 . 2009-11-21 14:38 71680 ----a-w- c:\windows\system32\atl.dll 2009-11-21 14:34 . 2009-11-21 14:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-11-21 14:34 . 2009-11-21 14:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-11-21 14:33 . 2009-11-21 14:33 36864 ----a-w- c:\windows\system32\mqise.dll 2009-11-21 14:33 . 2009-11-21 14:33 126464 ----a-w- c:\windows\system32\drivers\mqac.sys 2009-11-21 14:32 . 2009-11-21 14:32 917504 ----a-w- c:\windows\system32\mqqm.dll 2009-11-21 14:32 . 2009-11-21 14:32 89600 ----a-w- c:\windows\system32\mqlogmgr.dll 2009-11-21 14:32 . 2009-11-21 14:32 8704 ----a-w- c:\windows\system32\mqsvc.exe 2009-11-21 14:32 . 2009-11-21 14:32 37888 ----a-w- c:\windows\system32\mqbkup.exe 2009-11-21 14:32 . 2009-11-21 14:32 154112 ----a-w- c:\windows\system32\mqtrig.dll 2009-11-21 14:32 . 2009-11-21 14:32 125440 ----a-w- c:\windows\system32\mqtgsvc.exe 2009-11-21 14:29 . 2009-11-21 14:29 160256 ----a-w- c:\windows\system32\wkssvc.dll 2009-11-21 14:28 . 2009-11-21 14:28 53248 ----a-w- c:\windows\system32\tsgqec.dll 2009-11-21 14:28 . 2009-11-21 14:28 136192 ----a-w- c:\windows\system32\aaclient.dll 2009-11-21 14:28 . 2009-11-21 14:28 2066432 ----a-w- c:\windows\system32\mstscax.dll 2009-11-21 14:27 . 2009-11-21 14:27 2048 ----a-w- c:\windows\system32\msxml3r.dll 2009-11-21 14:15 . 2009-11-21 14:15 623616 ----a-w- c:\windows\system32\localspl.dll 2009-11-21 14:14 . 2009-11-21 14:14 91136 ----a-w- c:\windows\system32\avifil32.dll 2009-11-21 14:14 . 2009-11-21 14:14 82944 ----a-w- c:\windows\system32\mciavi32.dll 2009-11-21 14:14 . 2009-11-21 14:14 65024 ----a-w- c:\windows\system32\avicap32.dll 2009-11-21 14:14 . 2009-11-21 14:14 123904 ----a-w- c:\windows\system32\msvfw32.dll 2009-11-21 14:14 . 2009-11-21 14:14 31232 ----a-w- c:\windows\system32\msvidc32.dll 2009-11-21 14:14 . 2009-11-21 14:14 12800 ----a-w- c:\windows\system32\msrle32.dll 2009-11-21 14:09 . 2009-11-21 14:09 499712 ----a-w- c:\windows\system32\kerberos.dll 2009-11-21 14:09 . 2009-11-21 14:09 175104 ----a-w- c:\windows\system32\wdigest.dll 2009-11-21 14:09 . 2009-11-21 14:09 9728 ----a-w- c:\windows\system32\lsass.exe 2009-11-21 14:09 . 2009-11-21 14:09 72704 ----a-w- c:\windows\system32\secur32.dll 2009-11-21 14:09 . 2009-11-21 14:09 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2009-11-21 14:09 . 2009-11-21 14:09 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2009-11-21 14:09 . 2009-11-21 14:09 270848 ----a-w- c:\windows\system32\schannel.dll 2009-11-21 14:05 . 2009-11-21 14:05 9847296 ----a-w- c:\windows\system32\NlsData000a.dll 2009-11-21 14:05 . 2009-11-21 14:05 2643456 ----a-w- c:\windows\system32\NlsData000c.dll 2009-11-21 14:05 . 2009-11-21 14:05 2342912 ----a-w- c:\windows\system32\NlsData000d.dll 2009-11-21 14:05 . 2009-11-21 14:05 1965056 ----a-w- c:\windows\system32\NlsData000f.dll 2009-11-21 14:05 . 2009-11-21 14:05 4495360 ----a-w- c:\windows\system32\NlsData0416.dll 2009-11-21 14:05 . 2009-11-21 14:05 4495360 ----a-w- c:\windows\system32\NlsData0414.dll 2009-11-21 14:05 . 2009-11-21 14:05 4495360 ----a-w- c:\windows\system32\NlsData0816.dll 2009-11-21 14:05 . 2009-11-21 14:05 1965056 ----a-w- c:\windows\system32\NlsData081a.dll 2009-11-21 14:05 . 2009-11-21 14:05 6917120 ----a-w- c:\windows\system32\NlsLexicons0c1a.dll 2009-11-21 14:05 . 2009-11-21 14:05 1965056 ----a-w- c:\windows\system32\NlsData0c1a.dll 2009-11-21 14:03 . 2009-11-21 14:03 6656 ----a-w- c:\windows\system32\kbd106n.dll 2009-11-21 13:59 . 2009-11-21 13:59 88576 ----a-w- c:\windows\system32\tlntsess.exe 2009-11-21 13:59 . 2009-11-21 13:59 206848 ----a-w- c:\windows\system32\telnet.exe 2009-11-21 13:48 . 2009-11-21 13:48 37888 ----a-w- c:\windows\system32\printcom.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-28 16:53 . 2008-11-30 00:16 8011 ----a-w- c:\windows\bthservsdp.dat 2009-11-28 12:18 . 2008-05-22 20:34 118784 d-----w- c:\users\Sofian\AppData\Roaming\uTorrent 2009-11-27 17:54 . 2009-09-12 16:16 4096 d-----w- c:\users\Sofian\AppData\Roaming\Skype 2009-11-27 17:03 . 2009-02-06 20:48 -------- d-----w- c:\users\Sofian\AppData\Roaming\skypePM 2009-11-25 15:56 . 2006-11-02 16:11 755280 ----a-w- c:\windows\system32\perfh013.dat 2009-11-25 15:56 . 2006-11-02 16:11 162068 ----a-w- c:\windows\system32\perfc013.dat 2009-11-24 18:42 . 2008-12-10 11:32 8192 d-----w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab 2009-11-22 20:40 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-22 20:40 . 2009-11-22 20:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2009-11-22 19:40 . 2009-11-22 19:40 56 ---ha-w- c:\programdata\ezsidmv.dat 2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar 2009-11-22 19:20 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-11-22 19:20 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail 2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery 2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal 2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration 2009-11-22 19:20 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender 2009-11-21 19:33 . 2009-01-17 23:25 16384 d-----w- c:\program files\Paint.NET 2009-11-21 19:00 . 2009-02-11 12:20 4096 d-----w- c:\users\Sofian\AppData\Roaming\FileZilla 2009-11-21 18:12 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2009-11-21 18:12 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2009-11-21 17:13 . 2008-11-30 08:40 124064 ----a-w- c:\users\Sofian\AppData\Local\GDIPFONTCACHEV1.DAT 2009-11-21 16:59 . 2009-01-23 23:01 24576 d-----w- c:\programdata\Microsoft Help 2009-11-21 14:49 . 2008-04-15 23:40 24576 d-----w- c:\program files\Microsoft Works 2009-11-14 11:47 . 2008-12-14 17:59 -------- d-----w- c:\users\Sofian\AppData\Roaming\Yahoo! 2009-11-13 18:35 . 2008-12-09 21:35 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-11-11 17:36 . 2008-05-04 09:42 4096 d-----w- c:\users\Sofian\AppData\Roaming\VoipBuster 2009-11-11 14:48 . 2008-04-19 19:38 4096 d-----w- c:\program files\dvdSanta 2009-11-07 17:17 . 2009-03-18 19:12 4096 d-----w- c:\users\Sofian\AppData\Roaming\MessengerDiscovery 2 2009-11-07 17:17 . 2008-06-11 10:58 4096 d-----w- c:\program files\MessengerDiscovery 2 2009-11-07 15:57 . 2008-06-11 11:26 4096 d-----w- c:\program files\Messenger Plus! Live 2009-11-07 15:42 . 2008-04-23 18:53 -------- d-----w- c:\program files\Windows Live 2009-11-06 21:46 . 2009-05-15 18:31 4096 d-----w- c:\program files\Recuva 2009-11-06 21:46 . 2008-07-09 22:13 4096 d-----w- c:\program files\DAEMON Tools Lite 2009-11-06 19:20 . 2008-04-15 23:17 12288 d--h--w- c:\program files\InstallShield Installation Information 2009-11-02 08:48 . 2009-08-21 07:48 314712 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\threatwork.exe 2009-11-02 08:48 . 2009-08-21 07:48 25440 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\savapibridge.dll 2009-11-02 08:48 . 2009-08-21 07:48 168800 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lavamessage.dll 2009-11-02 08:48 . 2009-08-21 07:48 15688 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lsdelete.exe 2009-11-02 08:48 . 2009-08-21 07:48 349008 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lavalicense.dll 2009-11-02 08:48 . 2009-08-21 07:48 298336 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\UpdateManager.dll 2009-11-02 08:48 . 2009-08-21 07:48 84320 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\ShellExt.dll 2009-11-02 08:48 . 2009-08-21 07:48 1630560 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Resources.dll 2009-11-02 08:48 . 2009-08-21 07:48 246640 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\RPAPI.dll 2009-11-02 08:48 . 2009-08-21 07:48 40288 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\PrivacyClean.dll 2009-11-02 08:48 . 2009-08-21 07:48 664936 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\CEAPI.dll 2009-11-02 08:47 . 2009-08-21 07:48 566632 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe 2009-11-02 08:47 . 2009-08-21 07:48 562552 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe 2009-11-02 08:47 . 2009-08-21 07:48 2353992 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-Aware.exe 2009-11-02 08:47 . 2009-08-21 07:48 640760 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWWSC.exe 2009-11-02 08:47 . 2009-08-21 07:48 520024 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWTray.exe 2009-11-02 08:47 . 2009-08-21 07:48 1028432 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWService.exe 2009-11-02 08:46 . 2008-06-24 14:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-11-02 08:44 . 2009-02-25 16:35 -------- d-----w- c:\programdata\DAEMON Tools Lite 2009-11-01 09:37 . 2009-07-04 17:11 4096 d-----w- c:\program files\Unlocker 2009-10-30 16:07 . 2009-05-24 12:54 4096 d-----w- c:\programdata\TrackMania 2009-10-28 22:17 . 2008-12-27 19:07 1 ----a-w- c:\users\Sofian\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2009-10-24 17:43 . 2008-04-15 23:36 4096 d-----w- c:\program files\Common Files\Adobe 2009-10-24 13:58 . 2009-10-24 12:26 -------- d-----w- c:\program files\Assassin's Creed 2009-10-24 13:47 . 2009-10-24 13:47 -------- d-----w- c:\users\Sofian\AppData\Roaming\Ubisoft 2009-10-24 13:47 . 2008-11-30 17:10 4096 d-----w- c:\programdata\Ubisoft 2009-10-21 10:43 . 2009-09-28 14:27 -------- d-----w- c:\program files\KONAMI 2009-10-21 09:17 . 2009-10-21 09:17 -------- d-----w- c:\programdata\KONAMI 2009-10-20 17:29 . 2009-05-30 09:59 -------- d-----w- c:\program files\Hamachi 2009-10-20 17:21 . 2008-06-18 14:05 4096 d-----w- c:\users\Sofian\AppData\Roaming\Hamachi 2009-10-20 16:26 . 2008-10-28 20:10 8192 d-----w- c:\program files\PES 2009 2009-10-18 13:08 . 2008-11-22 17:43 4096 d-----w- c:\program files\SystemRequirementsLab 2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll 2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll 2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll 2009-10-18 13:07 . 2009-10-18 13:07 138240 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll 2009-10-11 11:50 . 2009-10-11 11:50 -------- d-----w- c:\program files\Loquendo 2009-10-10 11:22 . 2009-10-10 11:20 -------- d-----w- c:\users\Sofian\AppData\Roaming\ISP Monitor 2009-10-10 11:20 . 2009-10-10 11:20 4096 d-----w- c:\program files\ISP Monitor 2009-10-10 11:20 . 2009-10-10 11:20 737280 ----a-w- c:\windows\iun6002.exe 2009-10-06 19:56 . 2008-04-15 23:36 4096 d-----w- c:\program files\Google 2009-10-05 14:32 . 2009-10-05 14:30 -------- d-----w- c:\programdata\DriverScanner 2009-10-05 14:30 . 2009-10-05 14:29 4096 dc-h--w- c:\programdata\{D5ABFFAD-D592-4F98-B02B-587125B4801F} 2009-10-05 14:30 . 2008-11-29 09:39 -------- d-----w- c:\program files\Uniblue 2009-10-05 14:30 . 2008-10-25 07:43 -------- d-----w- c:\users\Sofian\AppData\Roaming\Uniblue 2009-10-04 20:25 . 2008-04-30 13:05 8192 d-----w- c:\users\Sofian\AppData\Roaming\LimeWire 2009-10-04 18:07 . 2009-10-04 18:07 4096 d-----w- c:\program files\Auto Clicker 2009-10-03 21:19 . 2009-10-03 21:11 -------- d-----w- c:\program files\Foxit Software 2009-10-03 11:19 . 2009-03-27 18:44 4096 d-----w- c:\program files\LimeWire 2009-10-01 01:02 . 2009-11-22 19:48 2537472 ----a-w- c:\windows\system32\wpdshext.dll 2009-10-01 01:02 . 2009-11-22 19:48 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe 2009-10-01 01:02 . 2009-11-22 19:48 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll 2009-10-01 01:02 . 2009-11-22 19:48 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll 2009-10-01 01:02 . 2009-11-22 19:48 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll 2009-10-01 01:01 . 2009-11-22 19:48 546816 ----a-w- c:\windows\system32\wpd_ci.dll 2009-10-01 01:01 . 2009-11-22 19:48 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll 2009-10-01 01:01 . 2009-11-22 19:48 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll 2009-10-01 01:01 . 2009-11-22 19:48 350208 ----a-w- c:\windows\system32\WPDSp.dll 2009-10-01 01:01 . 2009-11-22 19:48 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll 2009-10-01 01:01 . 2009-11-22 19:48 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll 2009-10-01 01:01 . 2009-11-22 19:48 81920 ----a-w- c:\windows\system32\wpdbusenum.dll 2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_d_ind.dll 2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_c_ind.dll 2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_b_ind.dll 2009-09-25 18:37 . 2009-09-25 18:37 247296 ----a-w- c:\users\Sofian\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_6_0_a_ind.dll 2008-04-15 23:28 . 2008-04-15 23:28 76 --sha-w- c:\windows\CT4CET.bin 2008-04-19 11:13 . 2008-04-19 11:13 76 --sha-w- c:\windows\CT5PRET.BIN 2008-06-18 20:37 . 2008-06-18 20:37 0 --sha-w- c:\windows\SDE9B2FEC(285).tmp 2008-06-18 20:37 . 2008-06-18 20:37 0 --sha-w- c:\windows\SDE9B2FEC(559).tmp 2008-06-18 20:37 . 2008-06-18 20:37 0 --sh--w- c:\windows\SDE9B2FEC.tmp 2008-12-11 21:38 . 2008-12-11 11:43 2048 --sha-w- c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat 2008-12-11 21:38 . 2008-12-11 11:43 2048 --sha-w- c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat 2009-01-20 20:04 . 2008-11-28 16:46 88 --sha-r- c:\windows\System32\658BC72326.sys 2009-01-20 20:04 . 2008-11-28 16:46 3036 --sha-w- c:\windows\System32\KGyGaAvL.sys 2007-02-26 18:59 . 2007-02-26 18:59 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960] "VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\voipbuster.exe" [2009-11-12 9094448] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-22 39408] "Google Update"="c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-11-21 135664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DeStatusMon"="c:\program files\Dell\MFP_DELL\deDvcStatus.exe dvcStatusMinimize" [X] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe " [X] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-07 159744] "OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-09 36864] "DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-13 16384] "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872] "Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-01-11 101136] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-03-12 79400] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656] "FG_Monitor"="c:\program files\Folder Guard Pro\FGKey.exe" [2007-02-24 132680] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-13 149280] "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-01-11 101136] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280] Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-4-16 50688] QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-9-7 1180952] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys] @="FSFilter System Recovery" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:7e,c7,31,9a,a9,6b,ca,01 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-991331777-2378318461-4560006-1000] "EnableNotificationsRef"=dword:00000001 R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [21/08/2009 8:49 64160] R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [5/07/2006 13:46 63352] R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [28/03/2009 9:53 114768] R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [16/04/2008 0:08 73728] R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [28/03/2009 9:53 20560] R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [28/03/2009 9:52 53328] R2 CAMTHWDM;WebcamMax, WDM Video Capture;c:\windows\System32\drivers\CamthWDM.sys [30/11/2008 0:59 941784] R2 deMntrService;Dell AIO Center Service;c:\program files\Dell\MFP_DELL\deMntrService.exe [28/06/2007 14:05 131072] R2 FGUARD32;FGUARD32;c:\program files\Folder Guard Pro\FGUARD32.SYS [5/09/2009 15:53 48896] R2 FsUsbExService;FsUsbExService;c:\windows\System32\FsUsbExService.Exe [22/06/2009 18:56 233472] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29/10/2009 12:27 1074568] R2 ISPMonitorSrv;ISP Monitor;c:\program files\ISP Monitor\ISPMonitorSrv.exe [22/08/2007 23:55 36864] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 22:34 1028432] R2 litsgt;litsgt;c:\windows\System32\drivers\litsgt.sys [14/02/2009 17:48 137344] R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [29/05/2008 10:18 202016] R2 tansgt;tansgt;c:\windows\System32\drivers\tansgt.sys [14/02/2009 17:48 12032] R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30/03/2009 16:28 1533808] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\System32\FsUsbExDisk.Sys [22/06/2009 18:56 36608] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [30/11/2008 0:59 111616] R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\System32\drivers\OEM02Dev.sys [30/11/2008 0:59 235648] R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\System32\drivers\OEM02Vfx.sys [30/11/2008 0:59 7424] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\drivers\ASPI32.SYS [15/04/2009 13:13 84832] S3 DESVUSB;Dell service driver;c:\windows\System32\drivers\desrvusb.sys [30/11/2008 0:59 17536] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21/11/2009 18:23 21504] S3 getPlusHelper;getPlus® Helper;c:\windows\System32\svchost.exe -k getPlusHelper [21/11/2009 18:23 21504] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 WMSvc;Web Management-service;c:\windows\System32\inetsrv\WMSvc.exe [2/11/2006 13:36 10752] S4 Anyplace Control Security;Anyplace Control Security;c:\windows\svcadmin.exe [24/04/2008 17:44 104960] --- Andere Services/Drivers In Geheugen --- *NewlyCreated* - FSUSBEXDISK [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LPDService REG_MULTI_SZ LPDSVC rsmsvcs REG_MULTI_SZ ntmssvc ipripsvc REG_MULTI_SZ iprip bthsvcs REG_MULTI_SZ BthServ getPlusHelper REG_MULTI_SZ getPlusHelper LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map 2009-11-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 08:47] 2009-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-991331777-2378318461-4560006-1000Core.job - c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-21 11:41] 2009-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-991331777-2378318461-4560006-1000UA.job - c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-21 11:41] 2009-11-28 c:\windows\Tasks\RegCure Program Check.job - c:\program files\RegCure\RegCure.exe [2007-10-16 09:20] 2008-12-12 c:\windows\Tasks\RegCure.job - c:\program files\RegCure\RegCure.exe [2007-10-16 09:20] 2009-11-27 c:\windows\Tasks\User_Feed_Synchronization-{D130A10C-2448-4567-A8B2-044877608ACE}.job - c:\windows\system32\msfeedssync.exe [2009-11-21 03:41] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://www.games-fusion.net/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Formulieren opslaan - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: Invul Formulieren - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html IE: Menu aanpassen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html IE: RoboForm Werkbalk - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} - hxxp://www.fiaa.eu/OPLauncher.cab FF - ProfilePath - c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl) FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - FF - component: c:\program files\Siber Systems\AI RoboForm\Firefox\components\rfproxy_31.dll FF - component: c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll FF - plugin: c:\progra~1\SONYON~1\npsoe.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOP7PlugIn.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll FF - plugin: c:\programdata\NexonEU\NGM\npNxGameeu.dll FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll FF - plugin: c:\users\Sofian\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\yo9qwklf.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: network.proxy.type - 0 FF - user.js: network.proxy.http - FF - user.js: network.proxy.http_port - 0 FF - user.js: network.proxy.ssl - FF - user.js: network.proxy.ssl_port - 0 FF - user.js: network.proxy.ftp - FF - user.js: network.proxy.ftp_port - 0 FF - user.js: network.proxy.gopher - FF - user.js: network.proxy.gopher_port - 0 FF - user.js: network.proxy.socks_version - 5 FF - user.js: network.proxy.socks - FF - user.js: network.proxy.socks_port - 0 FF - user.js: nglayout.initialpaint.delay - 100 FF - user.js: content.notify.ontimer - true FF - user.js: content.notify.interval - 100000 FF - user.js: content.notify.backoffcount - 5 FF - user.js: network.http.pipelining - true FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.max-connections - 32 FF - user.js: network.http.max-connections-per-server - 8 FF - user.js: network.http.max-persistent-connections-per-proxy - 4 FF - user.js: network.http.max-persistent-connections-per-server - 2 c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); . - - - - ORPHANS VERWIJDERD - - - - SafeBoot-dmboot.sys SafeBoot-dmio.sys SafeBoot-dmload.sys SafeBoot-dmadmin SafeBoot-dmserver SafeBoot-SRService AddRemove-Ad-Aware - c:\programdata\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe REMOVE=TRUE MODIFY=FALSE AddRemove-eBay Icon - c:\users\Sofian\AppData\Roaming\Desktopicon\uninst.exe AddRemove-Uniblue RegistryBooster 2009 - c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Uniblue RegistryBooster.exe REMOVE=TRUE MODIFY=FALSE AddRemove-{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} - c:\program files\DellTPad\Uninstap.exe ADDREMOVE ************************************************************************** scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'Explorer.exe'(5280) c:\windows\system32\btncopy.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\windows\system32\WLANExt.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\windows\system32\CISVC.EXE c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PSIService.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\windows\System32\tcpsvcs.exe c:\windows\System32\snmp.exe c:\program files\Dell Support Center\bin\sprtsvc.exe c:\windows\system32\STacSV.exe c:\windows\system32\DRIVERS\xaudio.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\program files\Dell\MFP_DELL\deDvcStatus.exe c:\program files\Alwil Software\Avast4\ashDisp.exe c:\windows\system32\igfxsrvc.exe c:\program files\Lavasoft\Ad-Aware\AAWTray.exe c:\program files\DellTPad\ApMsgFwd.exe c:\program files\DellTPad\Apntex.exe c:\program files\DellTPad\HidFind.exe c:\windows\ehome\ehmsas.exe c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Voltooingstijd: 2009-11-28 18:16 - machine werd herstart ComboFix-quarantined-files.txt 2009-11-28 17:15 Pre-Run: 6.521.765.888 bytes beschikbaar Post-Run: 6.281.785.344 bytes beschikbaar - - End Of File - - E029799205AD1276FDBD79F3C4645D23 Mijn computer is wel een tikkeltje sneller nu, maar het blijft nog altijd een beetje traag -
Logje nakijken aub
sofianmaster reageerde op sofianmaster's topic in Archief Bestrijding malware & virussen
Ja het is wel wat sneller, maar niet zo snel als vroeger jammer genoeg. -
Test je antivirus
sofianmaster reageerde op vaccin's topic in Archief Bestrijding malware & virussen
Cool, Avast heeft hierop gereageerd. -
Logje nakijken aub
sofianmaster reageerde op sofianmaster's topic in Archief Bestrijding malware & virussen
Het MBAM-logje Malwarebytes' Anti-Malware 1.41 Database versie: 3250 Windows 6.0.6002 Service Pack 2 28/11/2009 14:11:21 mbam-log-2009-11-28 (14-11-21).txt Scan type: Snelle Scan Objecten gescand: 98974 Verstreken tijd: 5 minute(s), 24 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) En nu van Hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:16:53, on 28/11/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18828) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Folder Guard Pro\FGKey.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\DellTPad\HidFind.exe C:\Windows\system32\conime.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Users\Sofian\AppData\Local\Temp\newtmp\scvhoq.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Games Fusion - PC Cheats, Saved Games, Trailers, Demos and Patches O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [DeStatusMon] "C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe" dvcStatusMinimize O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE" O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [FG_Monitor] C:\Program Files\Folder Guard Pro\FGKey.exe /Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O15 - Trusted IP range: http://192.168.0.1 O15 - ESC Trusted IP range: http://192.168.0.1 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258806103935 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258907798795 O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 13043 bytes -
Goeiendag, Mijn computer reageert sinds gisteren wel een beetje traag. Ik heb alvast een HJT-logje gemaakt Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:55:00, on 28/11/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18828) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Folder Guard Pro\FGKey.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\DellTPad\HidFind.exe C:\Windows\system32\conime.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Users\Sofian\AppData\Local\Temp\newtmp\scvhoq.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Games Fusion - PC Cheats, Saved Games, Trailers, Demos and Patches R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [DeStatusMon] "C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe" dvcStatusMinimize O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE" O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [FG_Monitor] C:\Program Files\Folder Guard Pro\FGKey.exe /Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - Startup: scvhoq.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O15 - Trusted IP range: http://192.168.0.1 O15 - ESC Trusted IP range: http://192.168.0.1 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258806103935 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258907798795 O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 13277 bytes
-
[OPGELOST] Java probleem
sofianmaster reageerde op sofianmaster's topic in Archief Internet & Netwerk
Opgelost. Gewoon Java op een andere computer installeren en de map in Program Files kopieren op een USB-Stick en daarna terug op deze computer in Program Files geplaatst -
[OPGELOST] Java probleem
sofianmaster reageerde op sofianmaster's topic in Archief Internet & Netwerk
Geen virussen
