yolan

Hallo, Mijn ouders willen gaan meten hoelang ik op mijn pc zit, maar ik zou dit graag ongedaan maken omdat ik dit wel een beetje privacy vind. Maar hoe kan ik dit ongedaan maken? Hebben mijn ouders achter mijn rug een programma geinstalleerd op mijn laptop waar ik niets van af weet? Of is het een basisprogramma van Windows zelf? Of een script om te kijken hoelang ik erop zit? Om het gemakkelijker te maken, heb ik hier een HiJackThis logje: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:27:45, on 13/02/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\ISP Monitor\isp.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\LimeWire\LimeWire.exe C:\Users\Yolan\AppData\Local\Apps\2.0\75AVZ5QD.5JW\GPRORH9P.4R2\curs..tion_eee711038731a406_0004.0000_1430d97334050788\CurseClient.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\conime.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files\ISP Monitor\isp.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\SideBar.exe /autoRun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: CurseClientStartup.ccip O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: 1256042185 (.1256042185) - Unknown owner - C:\Program Files\1256042185\Yolan1256042185L.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Virtual Disk Service Manager (MSR Service) - Unknown owner - C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\Program Files\Stardock\MyColors\VistaSrv.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 8489 bytes Bedankt voor uw hulp. MVG, Yolan

Oke Hij heeft al gezocht naar andere topics op google maar hij vond niks :s

Iemand?

Hallo, Hier ben ik weer met een probleem alleen is het nu voor mijn vriend. Hij speelt een spel genaamd 'World of Warcraft', maar na 10-20 minuten slaagt het beeldscherm af en krijgt hij een foutmelding van 'ialmrnt5 werkt niet meer naar behoren ...' Weet iemand hoe hij dit kan oplossen? Als dit mogelijk is, zou ik graag terug Kape hiervoor hebben als dat kan omdat ik hem geweldig vind, hij lost al mijn problemen op Bedank

Nee bedankt!! Ik weet niet wat ik zonder jou moest beginnen!! Bedankt

Malwarebytes logje: Malwarebytes' Anti-Malware 1.44 Database versie: 3685 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18882 3/02/2010 21:51:36 mbam-log-2010-02-03 (21-51-36).txt Scan type: Snelle Scan Objecten gescand: 154033 Verstreken tijd: 27 minute(s), 54 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 6 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 5 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\BMIMZMHMFM (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\LEO0WTUNO7 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\J8RPLTROBQ (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\ROUA3O12PW (Trojan.FakeAlert) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: C:\Windows\Temp\cb64dba1-fc54-45f8-b89b-7d672bc6f073.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Yolan\AppData\Local\Temp\Zvj.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Yolan\AppData\Local\Temp\Zvk.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully. Hijackthis logje: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:09:47, on 3/02/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\ISP Monitor\isp.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Steam\Steam.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\LimeWire\LimeWire.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files\ISP Monitor\isp.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\SideBar.exe /autoRun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: 1256042185 (.1256042185) - Unknown owner - C:\Program Files\1256042185\Yolan1256042185L.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Virtual Disk Service Manager (MSR Service) - Unknown owner - C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\Program Files\Stardock\MyColors\VistaSrv.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 8230 bytes Bedankt voor je hulp Kape

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:34:41, on 3/02/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Winamp\winampa.exe C:\Windows\System32\mobsync.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\ISP Monitor\isp.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Steam\Steam.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\LimeWire\LimeWire.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [track monitor] C:\Program Files\MSN Track Monitor\msntrack.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files\ISP Monitor\isp.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\SideBar.exe /autoRun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Users\Yolan\AppData\Local\Temp\sshnas21.dll,AttachConsoleA O4 - HKCU\..\Run: [ROUA3O12PW] C:\Users\Yolan\AppData\Local\Temp\Zvk.exe O4 - HKCU\..\Run: [bMIMZMHMFM] C:\Users\Yolan\AppData\Local\Temp\Zvl.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: 1256042185 (.1256042185) - Unknown owner - C:\Program Files\1256042185\Yolan1256042185L.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Virtual Disk Service Manager (MSR Service) - Unknown owner - C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\Program Files\Stardock\MyColors\VistaSrv.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 9060 bytes Dank u voor uw hulp

Hallo, Elke keer als ik iets wil open doen dat ik niet heb geïnstalleerd met een setup, dan krijg ik deze foutmelding. BV als ik iets download in een .rar bestand, dan execute ik het, maar daarna, als ik het wil open doen, krijg ik de foutmelding. Enig idee hoe ik dit kan oplossen? Als het mag, zou ik Kape graag willen met zin Hijackthis-verstand Bedankt

Uhm, dus dit is het verhaal: Ik downloadde deze torrent, hij werkte perfect. Maar ongeveer over 4 maanden (ik had wat gerommeld met de mappen :S) vroeg ie om te herinstallere, omdat er een fout was. Dus verwijderde ik het programma (met het officiele programma van Windows). Maar nu krijg ik deze error als ik hem wil insatlleren.

ik moet het eerst installeren voor ik de code in kan typen

Hmm kheb weer een andere torrent gedownload maar die blijkt ook niet te werken Wat nu?

Oke dan zoek ik wel een andere torrent, hou dit topic open aub

Eigenlijk is het een torrent :S

Hallo iedereen, Ik zou graag Adobe Photoshop CS4 op me pc willen. Als ik hem wil installeren, krijg ik deze foutmelding: sessie heeft gevolgen waaraan niet kan worden voldaan. De installatie databank is ongeldig: installeer het product opnieuw vanop de originele media. Hier heb je een screenshot: http://img12.imageshack.us/img12/377/ssprobleem.jpg Kan iemand me helpen? Hoe moet ik dit oplossen

Oke, het probleem is al opgelost, ik moest gewoon grotere afbeeldingen nemen, mijn laptop is al superlang binnen maar ik was hdit opic totaal vergeten =) Bedankt voor de hulp

Oke Kape, maar ik heb problemen: 1) Na dat HiJackThis klaar was, was er geen logfile :S 2) De batterij van mijn laptop is kapot en moet binnen voor reparatie, dit duurt minstens twee weken, dus minstens twee weken wanneer ik dta logje van HiJackThis kan doen. Alvast bedankt voor de hulp, ik zal hier iets posten wanneer ik mijn laptop terugheb.

Hier is het logje: ComboFix 09-07-07.06 - Yolan 07/07/2009 20:54.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.32.1043.18.2046.1364 [GMT 2:00] Gestart vanuit: c:\users\Yolan\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Yolan\Desktop\CFScript.txt AV: BullGuard Antivirus *On-access scanning disabled* (Outdated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\AskBarDis c:\program files\AskBarDis\bar\bin\askPopStp.dll c:\program files\AskBarDis\bar\bin\psvince.dll c:\program files\AskBarDis\bar\Settings\config.dat c:\program files\AskBarDis\bar\Settings\config.dat.bak c:\program files\AskBarDis\unins000.dat c:\program files\AskBarDis\unins000.exe . (((((((((((((((((((( Bestanden Gemaakt van 2009-06-07 to 2009-07-07 )))))))))))))))))))))))))))))) . 2009-07-07 10:02 . 2009-07-07 10:02 -------- d-----w- c:\program files\Trend Micro 2009-07-06 21:12 . 2009-07-06 21:12 -------- d-----w- c:\programdata\HeidiSQL 2009-07-06 21:12 . 2009-07-06 21:12 -------- d-----w- c:\program files\HeidiSQL 2009-07-06 18:42 . 2009-07-06 18:42 -------- d-----w- c:\users\Yolan\AppData\Roaming\Malwarebytes 2009-07-06 18:42 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-06 18:42 . 2009-07-06 18:42 -------- d-----w- c:\programdata\Malwarebytes 2009-07-06 18:42 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-06 18:42 . 2009-07-06 18:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-07-06 09:13 . 2009-07-06 09:13 -------- d-----w- c:\program files\CCleaner 2009-06-30 20:34 . 2009-06-30 20:34 -------- d-----w- c:\program files\Audacity 2009-06-30 11:31 . 2009-06-30 11:33 -------- d-----w- c:\users\Yolan\AppData\Local\Microsoft Games 2009-06-25 15:19 . 2009-06-25 15:19 -------- d-----w- c:\users\Yolan\AppData\Roaming\HeidiSQL 2009-06-23 21:08 . 2009-06-23 21:10 -------- d-----w- c:\program files\Genesys PC Camera Device 2009-06-16 14:02 . 2009-06-16 14:02 -------- d-----w- c:\program files\Wolters Plantyn 2009-06-16 13:03 . 2009-05-09 05:34 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-06-16 13:03 . 2009-05-09 05:50 915456 ----a-w- c:\windows\system32\wininet.dll 2009-06-16 12:49 . 2009-06-16 12:49 -------- d-----w- c:\users\Yolan\AppData\Local\Microsoft Help 2009-06-14 15:35 . 2009-06-14 15:35 -------- d-----w- c:\users\Yolan\AppData\Roaming\Ahead 2009-06-14 14:06 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll 2009-06-14 14:06 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll 2009-06-14 13:53 . 2009-06-14 13:53 -------- d-----w- c:\users\Yolan\Program Files 2009-06-13 12:17 . 2009-06-30 15:26 -------- d-----w- c:\users\Yolan\AppData\Roaming\BitTorrent 2009-06-13 12:16 . 2009-06-13 12:16 -------- d-----w- c:\users\Yolan\AppData\Local\DNA 2009-06-13 12:15 . 2009-07-07 18:57 -------- d-----w- c:\users\Yolan\AppData\Roaming\DNA 2009-06-13 12:15 . 2009-06-13 12:16 -------- d-----w- c:\program files\DNA 2009-06-13 12:15 . 2009-06-13 12:16 -------- d-----w- c:\program files\BitTorrent 2009-06-13 12:00 . 2009-06-13 12:00 282624 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\websrvcs.dll 2009-06-13 12:00 . 2009-06-13 12:00 200704 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\transformiix.dll 2009-06-13 12:00 . 2009-06-13 12:00 110592 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\universalchardet.dll 2009-06-13 12:00 . 2009-06-13 12:00 225280 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\pipnss.dll 2009-06-13 12:00 . 2009-06-13 12:00 20992 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\pipboot.dll 2009-06-13 12:00 . 2009-06-13 12:00 19968 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\pippki.dll 2009-06-13 12:00 . 2009-06-13 12:00 20480 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\autoconfig.dll 2009-06-13 12:00 . 2009-06-13 12:00 18944 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\appshell_modal.dll 2009-06-13 12:00 . 2009-06-13 12:00 17408 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\auth.dll 2009-06-13 12:00 . 2009-06-13 12:00 8192 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\AccessibleMarshal.dll 2009-06-13 12:00 . 2009-06-13 12:00 20480 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\IA2Marshal.dll 2009-06-13 10:19 . 2009-06-13 10:19 -------- d-----w- c:\programdata\CenerTCPMessenger 2009-06-13 10:17 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys 2009-06-13 10:16 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll 2009-06-13 10:15 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-06-13 10:06 . 2009-06-13 10:06 456304 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbD56A.tmp.exe 2009-06-13 09:55 . 2009-06-13 09:55 -------- d-----w- c:\programdata\WindowsSearch . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-07 14:27 . 2006-11-02 16:11 667352 ----a-w- c:\windows\system32\perfh013.dat 2009-07-07 14:27 . 2006-11-02 16:11 126854 ----a-w- c:\windows\system32\perfc013.dat 2009-07-07 14:15 . 2007-10-20 03:26 12 ----a-w- c:\windows\bthservsdp.dat 2009-07-07 10:27 . 2007-10-20 11:44 -------- d-----w- c:\program files\Common Files\Adobe 2009-07-07 09:59 . 2009-04-25 16:14 -------- d-----w- c:\program files\Curse 2009-07-06 19:23 . 2009-02-20 15:07 84672 ----a-w- c:\users\Yolan\AppData\Local\GDIPFONTCACHEV1.DAT 2009-07-01 15:28 . 2009-02-20 21:25 48271 ----a-w- c:\users\Yolan\AppData\Roaming\nvModes.dat 2009-06-30 20:18 . 2009-04-15 19:14 -------- d-----w- c:\users\Yolan\AppData\Roaming\LimeWire 2009-06-16 13:44 . 2009-06-16 13:44 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2009-06-16 12:50 . 2007-10-20 12:39 -------- d-----w- c:\programdata\Microsoft Help 2009-06-13 14:26 . 2007-10-20 12:37 -------- d-----w- c:\program files\Microsoft Works 2009-06-13 11:59 . 2009-04-15 19:11 -------- d-----w- c:\program files\LimeWire 2009-06-06 13:54 . 2009-05-27 15:35 680 ----a-w- c:\users\Yolan\AppData\Local\d3d9caps.dat 2009-06-06 09:20 . 2009-04-21 18:07 -------- d-----w- c:\users\Yolan\AppData\Roaming\Download Manager 2009-05-31 09:08 . 2009-05-31 09:08 -------- d-----w- c:\users\Yolan\AppData\Roaming\Template 2009-05-31 09:07 . 2009-05-31 09:07 0 ----a-w- c:\users\Yolan\AppData\Roaming\wklnhst.dat 2009-05-30 13:47 . 2009-05-30 13:47 -------- d-----w- c:\users\Yolan\AppData\Roaming\Apple Computer 2009-05-30 13:46 . 2009-05-30 13:44 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-05-30 13:46 . 2009-05-30 13:44 -------- d-----w- c:\program files\iTunes 2009-05-30 13:44 . 2009-05-30 13:44 -------- d-----w- c:\program files\iPod 2009-05-30 13:44 . 2009-05-30 13:36 -------- d-----w- c:\program files\Common Files\Apple 2009-05-30 13:44 . 2009-05-30 13:38 -------- d-----w- c:\programdata\Apple Computer 2009-05-30 13:42 . 2009-05-30 13:42 -------- d-----w- c:\program files\Bonjour 2009-05-30 13:41 . 2009-05-30 13:39 -------- d-----w- c:\program files\QuickTime 2009-05-30 13:38 . 2009-05-30 13:38 -------- d-----w- c:\program files\Apple Software Update 2009-05-30 13:36 . 2009-05-30 13:36 -------- d-----w- c:\programdata\Apple 2009-05-20 12:43 . 2007-10-20 11:52 -------- d-----w- c:\programdata\BullGuard 2009-05-17 07:14 . 2009-05-17 07:14 -------- d-----w- c:\program files\World of Warcraft 2009-05-13 19:04 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-05-09 14:33 . 2009-05-09 14:33 -------- d-----w- c:\program files\Xvid 2009-05-09 14:33 . 2009-05-09 14:33 -------- d-----w- c:\program files\FDRLab 2007-09-11 13:46 . 2007-09-10 12:03 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((( SnapShot@2009-07-07_10.20.17 ))))))))))))))))))))))))))))))))))))))))) . + 2007-10-20 04:00 . 2009-07-07 14:22 40418 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin - 2006-11-02 13:05 . 2009-07-07 09:56 55466 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2006-11-02 13:05 . 2009-07-07 14:22 55466 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2009-02-20 15:07 . 2009-07-07 18:49 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-02-20 15:07 . 2009-07-07 10:05 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-02-20 15:07 . 2009-07-07 10:05 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-02-20 15:07 . 2009-07-07 18:49 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-02-20 15:07 . 2009-07-07 18:49 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-02-20 15:07 . 2009-07-07 10:05 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-02-20 15:07 . 2009-07-07 14:22 7084 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1164384613-1717541572-3670698198-1001_UserData.bin - 2009-02-20 15:07 . 2009-07-07 09:56 7084 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1164384613-1717541572-3670698198-1001_UserData.bin - 2009-07-07 09:54 . 2009-07-07 09:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-07-07 14:20 . 2009-07-07 14:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-07-07 14:20 . 2009-07-07 14:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-07 09:54 . 2009-07-07 09:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-03-23 17:26 . 2009-07-07 18:37 231778 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2006-11-02 10:33 . 2009-07-07 14:27 587178 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-07-07 10:01 587178 c:\windows\System32\perfh009.dat + 2006-11-02 10:33 . 2009-07-07 14:27 101250 c:\windows\System32\perfc009.dat - 2006-11-02 10:33 . 2009-07-07 10:01 101250 c:\windows\System32\perfc009.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "BullGuard"="c:\program files\BullGuard Software\BullGuard\BullGuard.exe" [2009-02-20 308552] "msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-25 39408] "CurseClient"="c:\program files\Curse\CurseClient.exe" [2009-07-07 1966592] "BitTorrent DNA"="c:\users\Yolan\Program Files\DNA\btdna.exe" [2009-06-14 321344] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-09 1025320] "BullGuard"="c:\program files\BullGuard Software\BullGuard\bullguard.exe" [2009-02-20 308552] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "RemoteControl"="c:\program files\HomeCinema\PowerDVD\PDVDServ.exe" [2007-02-09 71216] "LanguageShortcut"="c:\program files\HomeCinema\PowerDVD\Language\Language.exe" [2007-01-08 52256] "UpdatePPShortCut"="c:\program files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504] "toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-10-09 102400] "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-09 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-09 8433664] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-09 81920] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312] "GenePccMon.exe"="c:\program files\Genesys PC Camera Device\GenePccMon.exe" [2007-02-13 36864] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-10-01 4702208] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-08-03 1826816] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{20F9385E-02EE-4C14-8963-AD533A21D30A}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "{DA0DB1A5-099E-42B0-90C7-DEF4A2E3F050}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{10D081D7-0D04-4491-9E5C-066557065B61}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{7EC6773B-3159-4441-B1DB-9ECB38E16B06}"= c:\program files\HomeCinema\MakeDisc\MakeDisc.exe:CyberLink MakeDisc "{F4C450EB-75D2-4982-ABE8-78B03B2F3921}"= c:\program files\HomeCinema\PowerDirector\PDR.EXE:CyberLink PowerDirector "{9553CA21-B0E0-4FDC-B756-D15D1772C44D}"= c:\program files\HomeCinema\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD "{244AF036-784A-4072-A117-F7D2E3B8B2B1}"= c:\program files\CyberLink\PowerDV\PowerDV.exe:CyberLink PowerDV "TCP Query User{958EBF75-E162-4BC9-A71F-74F925A17B99}c:\\users\\public\\games\\world of warcraft\\launcher.exe"= UDP:c:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher "UDP Query User{F5EC0BBA-1EDA-4110-ADF5-0C1F8B94FF5F}c:\\users\\public\\games\\world of warcraft\\launcher.exe"= TCP:c:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher "{5D7A3051-D7DA-42A6-B092-8D5CF2DD679A}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.8.9464-to-3.0.8.9506-enUS-downloader.exe:Blizzard Downloader "{65D74342-2DE5-441C-B278-6C046FB6F1A2}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.8.9464-to-3.0.8.9506-enUS-downloader.exe:Blizzard Downloader "{1EDD2D8E-E314-4D02-8918-7DE3416087D0}"= UDP:3724:Blizzard Downloader: 3724 "{10319DC7-ABB8-4BB4-A377-2327F0179E56}"= UDP:990:LocalSubnet:LocalSubnet|IF={867E95A8-A323-490C-80F2-7D338943AC4E}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001 "{11CAB1FD-76C4-4204-9B78-6649DDF83DFC}"= UDP:990:LocalSubnet:LocalSubnet|IF={867E95A8-A323-490C-80F2-7D338943AC4E}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001 "{6B08C779-5D38-4343-8E25-8940797D98CB}"= UDP:990:LocalSubnet:LocalSubnet|IF={867E95A8-A323-490C-80F2-7D338943AC4E}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001 "{21670095-57D8-450B-A756-6355A795A46C}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe "{D06BCB77-6360-4FD9-9DB2-12ABDCDA992F}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe "{65F9CFBC-CF07-4E1F-8101-B0EAE3C80A01}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{14972B5C-544C-449C-BEEB-6509055A63F0}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{7E7BEA09-B203-4976-B0EB-A25D0F085DA1}"= UDP:c:\program files\Curse\CurseClient.exe:Curse Client "{5452AABF-EE6E-4DCD-BC52-6C0D8D50456D}"= TCP:c:\program files\Curse\CurseClient.exe:Curse Client "TCP Query User{571CEB25-8CE1-4E39-B533-15C66974702F}c:\\ac web ultimate repack\\server\\apache\\bin\\apache.exe"= UDP:c:\ac web ultimate repack\server\apache\bin\apache.exe:Apache HTTP Server "UDP Query User{F852B8D4-D989-4665-9CAA-4AE516B15AEB}c:\\ac web ultimate repack\\server\\apache\\bin\\apache.exe"= TCP:c:\ac web ultimate repack\server\apache\bin\apache.exe:Apache HTTP Server "TCP Query User{38B40B22-CD4B-4F3E-94CE-39F20ED2C9E0}c:\\ac web ultimate repack\\ascent\\logonserver.exe"= UDP:c:\ac web ultimate repack\ascent\logonserver.exe:logonserver "UDP Query User{54AFB52E-E779-4674-AED0-22958A2637B4}c:\\ac web ultimate repack\\ascent\\logonserver.exe"= TCP:c:\ac web ultimate repack\ascent\logonserver.exe:logonserver "TCP Query User{504CFFD1-36F7-4834-9918-3844360201F9}c:\\ac web ultimate repack\\server\\mysql\\bin\\mysqld.exe"= UDP:c:\ac web ultimate repack\server\mysql\bin\mysqld.exe:mysqld "UDP Query User{D2AAD1BB-F1AF-4890-AD27-2CC8A24919D3}c:\\ac web ultimate repack\\server\\mysql\\bin\\mysqld.exe"= TCP:c:\ac web ultimate repack\server\mysql\bin\mysqld.exe:mysqld "TCP Query User{74C2BCC4-A5C5-47C2-A4B3-C22A94A35C73}c:\\ac web ultimate repack\\ascent\\ascent.exe"= UDP:c:\ac web ultimate repack\ascent\ascent.exe:ascent "UDP Query User{F8868211-9DA5-4A98-A3FD-D4965B12C8A0}c:\\ac web ultimate repack\\ascent\\ascent.exe"= TCP:c:\ac web ultimate repack\ascent\ascent.exe:ascent "{E7D5819B-F225-40D1-BEEC-19477F884317}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{B472176E-0685-462A-9497-51FFB2E7A208}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{3AAC1AF9-46DF-43A3-B644-E659867F9846}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{00A95625-4B15-4E80-930B-17AB1E5E7554}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{15E189E6-7ED4-4F84-8222-E32FDC8486B0}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{8723314A-630F-404F-8C90-85D36262B640}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "TCP Query User{DCC10470-3529-4A08-8B9D-AFAFCB96D64F}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent "UDP Query User{33A76CB9-42A2-4B90-8DB7-F3BDD49C43CB}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent "TCP Query User{C11F206C-CB16-4938-92A5-5B2A439156D3}c:\\users\\yolan\\program files\\dna\\btdna.exe"= UDP:c:\users\yolan\program files\dna\btdna.exe:btdna.exe "UDP Query User{7E7D593D-4469-479B-9767-322BC0FFFFA7}c:\\users\\yolan\\program files\\dna\\btdna.exe"= TCP:c:\users\yolan\program files\dna\btdna.exe:btdna.exe "{2F2A25A5-624C-488E-BE0A-263280D318BF}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe:Blizzard Downloader "{81FCD5F5-6F50-4E07-92DA-DEB06A967EF5}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe:Blizzard Downloader "TCP Query User{10ED76F7-7A60-451B-A191-BC7AD38B4F4A}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{667D2756-6773-4A29-B2E0-58BE7CE358F3}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent R2 BdFileSpy;BullGuard File Monitor Driver;c:\windows\System32\drivers\BdFileSpy.sys [20/02/2009 18:18 50896] R2 BsFileScan;BullGuard File Scan Service;c:\windows\System32\svchost.exe -k BullGuard [22/02/2009 14:03 21504] R2 BsMailProxy;BullGuard Email Monitoring Service;c:\windows\System32\svchost.exe -k BullGuard [22/02/2009 14:03 21504] R3 DCamUSBGene;GenesysLogic USB2.0 PC Camera;c:\windows\System32\drivers\USBGENE.sys [20/10/2007 6:09 131584] R3 Reconn;BullGuard Email Monitor;c:\program files\BullGuard Software\BullGuard\Reconn.sys [16/05/2007 13:07 16984] R3 X10Hid;X10 Hid Device;c:\windows\System32\drivers\x10hid.sys [20/10/2007 13:18 13976] S3 PhilCap;NXP service;c:\windows\System32\drivers\PhilCap.sys [20/10/2007 6:08 908896] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ BullGuard REG_MULTI_SZ BgMainSvc BsFileScan BsMailProxy WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-07-04 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-07-07 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-07-07 c:\windows\Tasks\User_Feed_Synchronization-{88B5C6F3-7ADE-42B9-A704-27535A8DD925}.job - c:\windows\system32\msfeedssync.exe [2009-06-16 11:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-07-07 20:59 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run GenePccMon.exe = c:\program files\Genesys PC Camera Device\GenePccMon.exe????????????????????????????? scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ********************************* . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . Voltooingstijd: 2009-07-07 21:01 ComboFix-quarantined-files.txt 2009-07-07 19:01 ComboFix2.txt 2009-07-07 10:22 Pre-Run: 103.949.467.648 bytes beschikbaar Post-Run: 103.960.604.672 bytes beschikbaar 263 --- E O F --- 2009-07-07 10:11

Er staan een paar bestandjes niet in de lijst bij HiJackThis, kan dat kwaad?

Oke, dit zijn de logjes: HijackThis Log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:04:50, on 7/07/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Windows\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Genesys PC Camera Device\GenePccMon.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Users\Yolan\Program Files\DNA\btdna.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Windows\System32\rundll32.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" -boot O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [updatePPShortCut] "C:\Program Files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\PowerProducer" update "Software\CyberLink\PowerProducer\4.0" O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [GenePccMon.exe] C:\Program Files\Genesys PC Camera Device\GenePccMon.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [bullGuard] "C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe -silent O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Yolan\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard Software - C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 9914 bytes Combofix log: ComboFix 09-07-06.02 - Yolan 07/07/2009 12:14.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.32.1043.18.2046.1040 [GMT 2:00] Gestart vanuit: c:\users\Yolan\Desktop\ComboFix.exe AV: BullGuard Antivirus *On-access scanning disabled* (Outdated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-1164384613-1717541572-3670698198-500 c:\users\Yolan\AppData\Roaming\inst.exe c:\windows\Installer\64923.msi . (((((((((((((((((((( Bestanden Gemaakt van 2009-06-07 to 2009-07-07 )))))))))))))))))))))))))))))) . 2009-07-07 10:02 . 2009-07-07 10:02 -------- d-----w- c:\program files\Trend Micro 2009-07-06 21:12 . 2009-07-06 21:12 -------- d-----w- c:\programdata\HeidiSQL 2009-07-06 21:12 . 2009-07-06 21:12 -------- d-----w- c:\program files\HeidiSQL 2009-07-06 18:42 . 2009-07-06 18:42 -------- d-----w- c:\users\Yolan\AppData\Roaming\Malwarebytes 2009-07-06 18:42 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-06 18:42 . 2009-07-06 18:42 -------- d-----w- c:\programdata\Malwarebytes 2009-07-06 18:42 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-06 18:42 . 2009-07-06 18:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-07-06 09:13 . 2009-07-06 09:13 -------- d-----w- c:\program files\CCleaner 2009-06-30 20:34 . 2009-06-30 20:34 -------- d-----w- c:\program files\Audacity 2009-06-30 11:31 . 2009-06-30 11:33 -------- d-----w- c:\users\Yolan\AppData\Local\Microsoft Games 2009-06-25 15:19 . 2009-06-25 15:19 -------- d-----w- c:\users\Yolan\AppData\Roaming\HeidiSQL 2009-06-23 21:08 . 2009-06-23 21:10 -------- d-----w- c:\program files\Genesys PC Camera Device 2009-06-16 14:02 . 2009-06-16 14:02 -------- d-----w- c:\program files\Wolters Plantyn 2009-06-16 13:03 . 2009-05-09 05:34 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-06-16 13:03 . 2009-05-09 05:50 915456 ----a-w- c:\windows\system32\wininet.dll 2009-06-16 12:49 . 2009-06-16 12:49 -------- d-----w- c:\users\Yolan\AppData\Local\Microsoft Help 2009-06-14 16:55 . 2009-06-14 16:55 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2009-06-14 15:35 . 2009-06-14 15:35 -------- d-----w- c:\users\Yolan\AppData\Roaming\Ahead 2009-06-14 14:06 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll 2009-06-14 14:06 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll 2009-06-14 13:53 . 2009-06-14 13:53 -------- d-----w- c:\users\Yolan\Program Files 2009-06-13 12:17 . 2009-06-30 15:26 -------- d-----w- c:\users\Yolan\AppData\Roaming\BitTorrent 2009-06-13 12:16 . 2009-06-13 12:16 -------- d-----w- c:\users\Yolan\AppData\Local\DNA 2009-06-13 12:15 . 2009-07-07 10:15 -------- d-----w- c:\users\Yolan\AppData\Roaming\DNA 2009-06-13 12:15 . 2009-06-13 12:16 -------- d-----w- c:\program files\DNA 2009-06-13 12:15 . 2009-06-13 12:16 -------- d-----w- c:\program files\BitTorrent 2009-06-13 12:15 . 2009-06-13 12:15 -------- d-----w- c:\program files\AskBarDis 2009-06-13 12:00 . 2009-06-13 12:00 282624 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\websrvcs.dll 2009-06-13 12:00 . 2009-06-13 12:00 200704 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\transformiix.dll 2009-06-13 12:00 . 2009-06-13 12:00 110592 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\universalchardet.dll 2009-06-13 12:00 . 2009-06-13 12:00 225280 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\pipnss.dll 2009-06-13 12:00 . 2009-06-13 12:00 20992 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\pipboot.dll 2009-06-13 12:00 . 2009-06-13 12:00 19968 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\pippki.dll 2009-06-13 12:00 . 2009-06-13 12:00 20480 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\autoconfig.dll 2009-06-13 12:00 . 2009-06-13 12:00 18944 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\appshell_modal.dll 2009-06-13 12:00 . 2009-06-13 12:00 17408 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\components\auth.dll 2009-06-13 12:00 . 2009-06-13 12:00 8192 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\AccessibleMarshal.dll 2009-06-13 12:00 . 2009-06-13 12:00 20480 ----a-w- c:\users\Yolan\AppData\Roaming\LimeWire\browser\xulrunner\IA2Marshal.dll 2009-06-13 10:19 . 2009-06-13 10:19 -------- d-----w- c:\programdata\CenerTCPMessenger 2009-06-13 10:17 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys 2009-06-13 10:16 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll 2009-06-13 10:15 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-06-13 10:06 . 2009-06-13 10:06 456304 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbD56A.tmp.exe 2009-06-13 09:55 . 2009-06-13 09:55 -------- d-----w- c:\programdata\WindowsSearch . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-07 10:01 . 2006-11-02 16:11 667352 ----a-w- c:\windows\system32\perfh013.dat 2009-07-07 10:01 . 2006-11-02 16:11 126854 ----a-w- c:\windows\system32\perfc013.dat 2009-07-07 09:59 . 2009-04-25 16:14 -------- d-----w- c:\program files\Curse 2009-07-06 21:27 . 2007-10-20 03:26 12 ----a-w- c:\windows\bthservsdp.dat 2009-07-06 19:23 . 2009-02-20 15:07 84672 ----a-w- c:\users\Yolan\AppData\Local\GDIPFONTCACHEV1.DAT 2009-07-06 08:54 . 2007-10-20 11:44 -------- d-----w- c:\program files\Common Files\Adobe 2009-07-01 15:28 . 2009-02-20 21:25 48271 ----a-w- c:\users\Yolan\AppData\Roaming\nvModes.dat 2009-06-30 20:18 . 2009-04-15 19:14 -------- d-----w- c:\users\Yolan\AppData\Roaming\LimeWire 2009-06-16 13:44 . 2009-06-16 13:44 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2009-06-16 12:50 . 2007-10-20 12:39 -------- d-----w- c:\programdata\Microsoft Help 2009-06-13 14:26 . 2007-10-20 12:37 -------- d-----w- c:\program files\Microsoft Works 2009-06-13 11:59 . 2009-04-15 19:11 -------- d-----w- c:\program files\LimeWire 2009-06-06 13:54 . 2009-05-27 15:35 680 ----a-w- c:\users\Yolan\AppData\Local\d3d9caps.dat 2009-06-06 09:20 . 2009-04-21 18:07 -------- d-----w- c:\users\Yolan\AppData\Roaming\Download Manager 2009-05-31 09:08 . 2009-05-31 09:08 -------- d-----w- c:\users\Yolan\AppData\Roaming\Template 2009-05-31 09:07 . 2009-05-31 09:07 0 ----a-w- c:\users\Yolan\AppData\Roaming\wklnhst.dat 2009-05-30 13:47 . 2009-05-30 13:47 -------- d-----w- c:\users\Yolan\AppData\Roaming\Apple Computer 2009-05-30 13:46 . 2009-05-30 13:44 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-05-30 13:46 . 2009-05-30 13:44 -------- d-----w- c:\program files\iTunes 2009-05-30 13:44 . 2009-05-30 13:44 -------- d-----w- c:\program files\iPod 2009-05-30 13:44 . 2009-05-30 13:36 -------- d-----w- c:\program files\Common Files\Apple 2009-05-30 13:44 . 2009-05-30 13:38 -------- d-----w- c:\programdata\Apple Computer 2009-05-30 13:42 . 2009-05-30 13:42 -------- d-----w- c:\program files\Bonjour 2009-05-30 13:41 . 2009-05-30 13:39 -------- d-----w- c:\program files\QuickTime 2009-05-30 13:38 . 2009-05-30 13:38 -------- d-----w- c:\program files\Apple Software Update 2009-05-30 13:36 . 2009-05-30 13:36 -------- d-----w- c:\programdata\Apple 2009-05-20 12:43 . 2007-10-20 11:52 -------- d-----w- c:\programdata\BullGuard 2009-05-17 07:14 . 2009-05-17 07:14 -------- d-----w- c:\program files\World of Warcraft 2009-05-13 19:04 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-05-09 14:33 . 2009-05-09 14:33 -------- d-----w- c:\program files\Xvid 2009-05-09 14:33 . 2009-05-09 14:33 -------- d-----w- c:\program files\FDRLab 2007-09-11 13:46 . 2007-09-10 12:03 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-09-29 15:24 325000 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "BullGuard"="c:\program files\BullGuard Software\BullGuard\BullGuard.exe" [2009-02-20 308552] "msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-25 39408] "CurseClient"="c:\program files\Curse\CurseClient.exe" [2009-07-07 1966592] "BitTorrent DNA"="c:\users\Yolan\Program Files\DNA\btdna.exe" [2009-06-14 321344] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-09 1025320] "BullGuard"="c:\program files\BullGuard Software\BullGuard\bullguard.exe" [2009-02-20 308552] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "RemoteControl"="c:\program files\HomeCinema\PowerDVD\PDVDServ.exe" [2007-02-09 71216] "LanguageShortcut"="c:\program files\HomeCinema\PowerDVD\Language\Language.exe" [2007-01-08 52256] "UpdatePPShortCut"="c:\program files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504] "toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-10-09 102400] "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-09 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-09 8433664] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-09 81920] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "GenePccMon.exe"="c:\program files\Genesys PC Camera Device\GenePccMon.exe" [2007-02-13 36864] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-10-01 4702208] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-08-03 1826816] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{20F9385E-02EE-4C14-8963-AD533A21D30A}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "{DA0DB1A5-099E-42B0-90C7-DEF4A2E3F050}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{10D081D7-0D04-4491-9E5C-066557065B61}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{7EC6773B-3159-4441-B1DB-9ECB38E16B06}"= c:\program files\HomeCinema\MakeDisc\MakeDisc.exe:CyberLink MakeDisc "{F4C450EB-75D2-4982-ABE8-78B03B2F3921}"= c:\program files\HomeCinema\PowerDirector\PDR.EXE:CyberLink PowerDirector "{9553CA21-B0E0-4FDC-B756-D15D1772C44D}"= c:\program files\HomeCinema\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD "{244AF036-784A-4072-A117-F7D2E3B8B2B1}"= c:\program files\CyberLink\PowerDV\PowerDV.exe:CyberLink PowerDV "TCP Query User{958EBF75-E162-4BC9-A71F-74F925A17B99}c:\\users\\public\\games\\world of warcraft\\launcher.exe"= UDP:c:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher "UDP Query User{F5EC0BBA-1EDA-4110-ADF5-0C1F8B94FF5F}c:\\users\\public\\games\\world of warcraft\\launcher.exe"= TCP:c:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher "{5D7A3051-D7DA-42A6-B092-8D5CF2DD679A}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.8.9464-to-3.0.8.9506-enUS-downloader.exe:Blizzard Downloader "{65D74342-2DE5-441C-B278-6C046FB6F1A2}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.8.9464-to-3.0.8.9506-enUS-downloader.exe:Blizzard Downloader "{1EDD2D8E-E314-4D02-8918-7DE3416087D0}"= UDP:3724:Blizzard Downloader: 3724 "{10319DC7-ABB8-4BB4-A377-2327F0179E56}"= UDP:990:LocalSubnet:LocalSubnet|IF={867E95A8-A323-490C-80F2-7D338943AC4E}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001 "{11CAB1FD-76C4-4204-9B78-6649DDF83DFC}"= UDP:990:LocalSubnet:LocalSubnet|IF={867E95A8-A323-490C-80F2-7D338943AC4E}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001 "{6B08C779-5D38-4343-8E25-8940797D98CB}"= UDP:990:LocalSubnet:LocalSubnet|IF={867E95A8-A323-490C-80F2-7D338943AC4E}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001 "{21670095-57D8-450B-A756-6355A795A46C}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe "{D06BCB77-6360-4FD9-9DB2-12ABDCDA992F}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe "{65F9CFBC-CF07-4E1F-8101-B0EAE3C80A01}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{14972B5C-544C-449C-BEEB-6509055A63F0}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{7E7BEA09-B203-4976-B0EB-A25D0F085DA1}"= UDP:c:\program files\Curse\CurseClient.exe:Curse Client "{5452AABF-EE6E-4DCD-BC52-6C0D8D50456D}"= TCP:c:\program files\Curse\CurseClient.exe:Curse Client "TCP Query User{571CEB25-8CE1-4E39-B533-15C66974702F}c:\\ac web ultimate repack\\server\\apache\\bin\\apache.exe"= UDP:c:\ac web ultimate repack\server\apache\bin\apache.exe:Apache HTTP Server "UDP Query User{F852B8D4-D989-4665-9CAA-4AE516B15AEB}c:\\ac web ultimate repack\\server\\apache\\bin\\apache.exe"= TCP:c:\ac web ultimate repack\server\apache\bin\apache.exe:Apache HTTP Server "TCP Query User{38B40B22-CD4B-4F3E-94CE-39F20ED2C9E0}c:\\ac web ultimate repack\\ascent\\logonserver.exe"= UDP:c:\ac web ultimate repack\ascent\logonserver.exe:logonserver "UDP Query User{54AFB52E-E779-4674-AED0-22958A2637B4}c:\\ac web ultimate repack\\ascent\\logonserver.exe"= TCP:c:\ac web ultimate repack\ascent\logonserver.exe:logonserver "TCP Query User{504CFFD1-36F7-4834-9918-3844360201F9}c:\\ac web ultimate repack\\server\\mysql\\bin\\mysqld.exe"= UDP:c:\ac web ultimate repack\server\mysql\bin\mysqld.exe:mysqld "UDP Query User{D2AAD1BB-F1AF-4890-AD27-2CC8A24919D3}c:\\ac web ultimate repack\\server\\mysql\\bin\\mysqld.exe"= TCP:c:\ac web ultimate repack\server\mysql\bin\mysqld.exe:mysqld "TCP Query User{74C2BCC4-A5C5-47C2-A4B3-C22A94A35C73}c:\\ac web ultimate repack\\ascent\\ascent.exe"= UDP:c:\ac web ultimate repack\ascent\ascent.exe:ascent "UDP Query User{F8868211-9DA5-4A98-A3FD-D4965B12C8A0}c:\\ac web ultimate repack\\ascent\\ascent.exe"= TCP:c:\ac web ultimate repack\ascent\ascent.exe:ascent "{E7D5819B-F225-40D1-BEEC-19477F884317}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{B472176E-0685-462A-9497-51FFB2E7A208}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{3AAC1AF9-46DF-43A3-B644-E659867F9846}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{00A95625-4B15-4E80-930B-17AB1E5E7554}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{15E189E6-7ED4-4F84-8222-E32FDC8486B0}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{8723314A-630F-404F-8C90-85D36262B640}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "TCP Query User{DCC10470-3529-4A08-8B9D-AFAFCB96D64F}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent "UDP Query User{33A76CB9-42A2-4B90-8DB7-F3BDD49C43CB}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent "TCP Query User{C11F206C-CB16-4938-92A5-5B2A439156D3}c:\\users\\yolan\\program files\\dna\\btdna.exe"= UDP:c:\users\yolan\program files\dna\btdna.exe:btdna.exe "UDP Query User{7E7D593D-4469-479B-9767-322BC0FFFFA7}c:\\users\\yolan\\program files\\dna\\btdna.exe"= TCP:c:\users\yolan\program files\dna\btdna.exe:btdna.exe "{42FCE072-31A3-47B5-9B33-2729D6215956}"= UDP:5353:Adobe CSI CS4 "{2F2A25A5-624C-488E-BE0A-263280D318BF}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe:Blizzard Downloader "{81FCD5F5-6F50-4E07-92DA-DEB06A967EF5}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe:Blizzard Downloader "TCP Query User{10ED76F7-7A60-451B-A191-BC7AD38B4F4A}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{667D2756-6773-4A29-B2E0-58BE7CE358F3}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "{D96E3454-0EF0-4AF3-ABFA-D0A3ACF4B327}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "{5893FF2D-3A41-453D-B0F8-FEF4F4A2FB6F}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent R2 BdFileSpy;BullGuard File Monitor Driver;c:\windows\System32\drivers\BdFileSpy.sys [20/02/2009 18:18 50896] R2 BsFileScan;BullGuard File Scan Service;c:\windows\System32\svchost.exe -k BullGuard [22/02/2009 14:03 21504] R2 BsMailProxy;BullGuard Email Monitoring Service;c:\windows\System32\svchost.exe -k BullGuard [22/02/2009 14:03 21504] R3 DCamUSBGene;GenesysLogic USB2.0 PC Camera;c:\windows\System32\drivers\USBGENE.sys [20/10/2007 6:09 131584] R3 Reconn;BullGuard Email Monitor;c:\program files\BullGuard Software\BullGuard\Reconn.sys [16/05/2007 13:07 16984] R3 X10Hid;X10 Hid Device;c:\windows\System32\drivers\x10hid.sys [20/10/2007 13:18 13976] S3 PhilCap;NXP service;c:\windows\System32\drivers\PhilCap.sys [20/10/2007 6:08 908896] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ BullGuard REG_MULTI_SZ BgMainSvc BsFileScan BsMailProxy WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-07-04 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-07-07 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-07-07 c:\windows\Tasks\User_Feed_Synchronization-{88B5C6F3-7ADE-42B9-A704-27535A8DD925}.job - c:\windows\system32\msfeedssync.exe [2009-06-16 11:31] . - - - - ORPHANS VERWIJDERD - - - - HKCU-Run-AdobeBridge - (no file) . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-07-07 12:20 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run GenePccMon.exe = c:\program files\Genesys PC Camera Device\GenePccMon.exe??????????????? scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ******************************* . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . Voltooingstijd: 2009-07-07 12:22 ComboFix-quarantined-files.txt 2009-07-07 10:22 Pre-Run: 96.772.411.392 bytes beschikbaar Post-Run: 96.267.653.120 bytes beschikbaar 246 --- E O F --- 2009-07-07 10:11

Oke, bedankt voor het advies, ik begin nu met het uitvoeren van uw stappen

Mag ik eens iets vragen? Is HijackThis wel veilig? want ik begin te twijfelen met dit hier, kijk maar eens even. http://forums.zita.be/hijackthis-forum/110131-online-hijackthis-analyzer.html

Hallo, Dit is het logje: Malwarebytes' Anti-Malware 1.38 Database versie: 2382 Windows 6.0.6001 Service Pack 1 6/07/2009 21:18:10 mbam-log-2009-07-06 (21-18-10).txt Scan type: Snelle Scan Objecten gescand: 78096 Verstreken tijd: 9 minute(s), 47 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 2 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 1 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: C:\install.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Oke bedankt, ik begin nu aan het verwijderen van CS4

Kan je dar ook signatures mee maken?

Sorry, maar ik ga niet ervoor betalen, dat vind ik zonde van het geld maar ik heb een vriend die dit ook heeft gedaan (maar enkel andere torrent), hij heeft dezelfde photoshop, en bij hem werkt het :S