lolleflikker

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:44:47, on 18/05/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\oude pc\System\Program Files\Bouwsoft\Bouwsoft Upgrade\Beheer.exe C:\Windows\ehome\ehmsas.exe C:\hp\kbd\kbd.exe C:\Program Files\Trend Micro\Internet Security\UfUpdUi.exe C:\Windows\Explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3694928960-2974550801-1051636681-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgres') O4 - Startup: Bouwsoft Beheer.lnk = C:\oude pc\System\Program Files\Bouwsoft\Bouwsoft Upgrade\Beheer.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {6E984CC8-4987-40B9-B9AA-6728A957CA27} (PcVerChk Control) - http://jp.trendmicro.com/jp/support/personal/products/vistasp1/redirect/PcVerChk.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {A364AF35-0CDF-41E8-8F3B-E0E55E15EBA1} (Zenturi Active Programs Control) - http://www.programchecker.com/dll/nixon.cab O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/nl/TSEasyInstallX.CAB O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: pg82 (pgsql-8.1) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.1\bin\pg_ctl.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Trend Micro Centrale besturing (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe O23 - Service: UseSocketService - Unknown owner - C:\Program Files\Bouwsoft\UseSocketService.exe -- End of file - 8819 bytes

Ik heb hier al het logje van Combofix. Later nog de HJT log. ComboFix 08-05-15.3 - Gebruiker 2008-05-18 10:14:25.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1043.18.1075 [GMT 2:00] Gestart vanuit: C:\Users\Gebruiker\Downloads\ComboFix.exe * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Windows\system32\byXNhiHy.dll C:\Windows\system32\ddcAqomJ.dll C:\Windows\system32\jusched.exe C:\Windows\system32\mcrh.tmp C:\Windows\System32\nhbjjasg.ini C:\Windows\system32\nmbgabrj.ini C:\Windows\system32\saqmejlg.dll C:\Windows\system32\ssqOIAtU.dll C:\Windows\System32\SsvDcfii.ini C:\Windows\System32\SsvDcfii.ini2 C:\Windows\system32\yHihNXyb.ini C:\Windows\System32\yHihNXyb.ini2 . (((((((((((((((((((( Bestanden Gemaakt van 2008-04-18 to 2008-05-18 )))))))))))))))))))))))))))))) . 2008-05-17 11:15 . 2008-05-17 11:15 5,843 --a------ C:\Windows\System32\wrvjkkpg.exe 2008-05-17 08:29 . 2008-05-17 08:29 5,851 --a------ C:\Windows\System32\xpsgvbnu.dll 2008-05-17 08:29 . 2008-05-17 08:29 5,823 --a------ C:\Windows\System32\ltyjhywy.dll 2008-05-15 06:53 . 2008-05-15 06:53 <DIR> d-------- C:\VundoFix Backups 2008-05-14 19:47 . 2008-05-17 17:05 430 --a------ C:\Windows\wininit.ini 2008-05-14 17:15 . 2008-05-14 17:16 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy 2008-05-14 17:15 . 2008-05-14 17:16 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy 2008-05-14 17:15 . 2008-05-14 17:15 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-05-14 16:34 . 2008-05-14 16:34 <DIR> d-------- C:\Users\All Users\Macrovision 2008-05-14 16:34 . 2008-05-14 16:34 <DIR> d-------- C:\ProgramData\Macrovision 2008-05-14 16:34 . 2008-05-14 16:34 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared 2008-05-14 16:10 . 2008-05-14 16:10 5,807 --a------ C:\Windows\System32\bmsjcojk.dll 2008-05-14 16:07 . 2008-05-14 16:07 5,823 --a------ C:\Windows\System32\woxxmcon.dll 2008-05-14 12:06 . 2008-05-14 12:06 5,843 --a------ C:\Windows\System32\aitoftlb.exe 2008-05-13 16:08 . 2008-05-13 16:08 5,817 --a------ C:\Windows\System32\oeukhhjv.dll 2008-05-13 16:05 . 2008-05-13 16:05 5,823 --a------ C:\Windows\System32\jbpxfyhe.dll 2008-05-13 16:05 . 2008-05-13 16:05 5,807 --a------ C:\Windows\System32\woegcpcq.dll 2008-05-13 07:48 . 2008-05-18 09:40 <DIR> d-------- C:\Program Files\Trend Micro 2008-05-12 12:05 . 2008-05-12 12:05 6,745 --a------ C:\Windows\System32\oncbpjbt.exe 2008-05-12 12:00 . 2008-05-12 12:00 6,709 --a------ C:\Windows\System32\gqxxceaj.dll 2008-05-10 21:34 . 2008-05-10 21:34 6,719 --a------ C:\Windows\System32\rtaslpxu.dll 2008-05-10 08:59 . 2008-05-10 08:59 6,745 --a------ C:\Windows\System32\qqagjtbu.exe 2008-05-10 08:54 . 2008-05-10 08:54 6,709 --a------ C:\Windows\System32\yxpsbyae.dll 2008-05-05 21:18 . 2008-05-05 21:18 <DIR> d--h----- C:\Program Files\EA GAMES 2008-05-03 20:46 . 2008-05-03 20:46 <DIR> d-------- C:\Users\Gebruiker\AppData\Roaming\Atari 2008-05-03 20:46 . 2008-05-03 20:46 98,304 --a------ C:\Windows\System32\CmdLineExt.dll 2008-05-03 20:37 . 2008-05-03 20:37 <DIR> d-------- C:\Program Files\Common Files\PocketSoft 2008-05-03 20:37 . 2002-02-27 17:50 197,120 --a------ C:\Windows\patchw32.dll 2008-05-03 20:33 . 2008-05-03 20:33 <DIR> d--h----- C:\Program Files\Atari 2008-04-30 15:47 . 2008-05-17 15:55 9 --a------ C:\Users\Gebruiker\AppData\Roaming\mdb.bin 2008-04-30 15:43 . 2008-04-30 15:43 <DIR> d-------- C:\Program Files\Fuji Fotoservice 2008-04-30 09:24 . 2008-05-17 10:37 <DIR> d--h----- C:\Program Files\Wolfenstein - Enemy Territory 2008-04-26 08:36 . 2008-04-26 08:36 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2008-04-24 16:33 . 2008-04-24 16:33 <DIR> d-------- C:\Program Files\Sun 2008-04-23 19:35 . 2008-04-23 19:35 <DIR> d-------- C:\Users\Gebruiker\AppData\Roaming\Autodesk 2008-04-23 19:33 . 2008-04-23 19:33 <DIR> d-------- C:\Users\All Users\Autodesk 2008-04-23 19:33 . 2008-04-23 19:33 <DIR> d-------- C:\ProgramData\Autodesk 2008-04-23 19:33 . 2008-04-23 19:35 <DIR> d-------- C:\Program Files\DWG TrueView 2009 2008-04-23 19:33 . 2008-04-23 19:35 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared 2008-04-23 19:33 . 2007-07-19 18:14 3,727,720 --a------ C:\Windows\System32\d3dx9_35.dll 2008-04-23 19:29 . 2008-04-23 19:29 <DIR> d-------- C:\install . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-17 15:07 --------- d-----w C:\Program Files\Bouwsoft 2008-05-17 08:43 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys 2008-05-14 14:30 --------- d-----w C:\Program Files\Common Files\Adobe 2008-05-14 14:26 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-13 05:50 --------- d-----w C:\ProgramData\Trend Micro 2008-05-12 09:53 2,108 ----a-w C:\Users\Gebruiker\AppData\Roaming\wklnhst.dat 2008-05-10 06:54 --------- d-----w C:\ProgramData\NVIDIA 2008-04-30 17:09 --------- d-----w C:\Users\Gebruiker\AppData\Roaming\Roxio 2008-04-24 14:32 --------- d-----w C:\Program Files\Java 2008-04-17 20:20 174 --sha-w C:\Program Files\desktop.ini 2008-04-17 20:11 --------- d-----w C:\Program Files\Windows Sidebar 2008-04-17 20:11 --------- d-----w C:\Program Files\Windows Photo Gallery 2008-04-17 20:11 --------- d-----w C:\Program Files\Windows Mail 2008-04-17 20:11 --------- d-----w C:\Program Files\Windows Journal 2008-04-17 20:11 --------- d-----w C:\Program Files\Windows Defender 2008-04-17 20:11 --------- d-----w C:\Program Files\Windows Collaboration 2008-04-17 20:11 --------- d-----w C:\Program Files\Windows Calendar 2008-04-13 14:09 319,456 ----a-w C:\Windows\DIFxAPI.dll 2008-04-13 14:09 --------- d-----w C:\Program Files\Realtek 2008-04-11 14:57 2,025 ---ha-w C:\Program Files\Battlefield 2142 Demo.lnk 2008-04-11 14:52 --------- d--h--w C:\Program Files\Electronic Arts 2008-04-09 15:24 --------- d-----w C:\Program Files\Microsoft Silverlight 2008-04-09 13:03 --------- d-----w C:\ProgramData\Microsoft Help 2008-04-06 17:14 --------- d-----w C:\Users\Gebruiker\AppData\Roaming\muvee Technologies 2008-04-06 17:00 --------- d---a-w C:\Program Files\Common Files\LightScribe 2008-04-06 16:46 --------- d-----w C:\ProgramData\Zenturi 2008-04-06 14:26 --------- d-----w C:\ProgramData\Roxio 2008-04-06 14:09 --------- d-----w C:\Program Files\QuickTime 2008-04-06 14:08 --------- d-----w C:\ProgramData\Apple Computer 2008-04-06 14:08 --------- d-----w C:\ProgramData\Apple 2008-04-06 14:08 --------- d-----w C:\Program Files\Apple Software Update 2008-04-06 12:56 --------- d-----w C:\Program Files\Photo Story 3 for Windows 2008-03-30 17:07 36,368 ----a-w C:\Windows\system32\drivers\tmpreflt.sys 2008-03-30 17:07 204,816 ----a-w C:\Windows\system32\drivers\tmxpflt.sys 2008-03-30 16:50 1,169,240 ----a-w C:\Windows\system32\drivers\vsapint.sys 2008-03-25 06:44 22,328 ----a-w C:\Users\Gebruiker\AppData\Roaming\PnkBstrK.sys 2008-03-22 13:07 --------- d-----w C:\Program Files\Microsoft Games 2002-08-23 11:37 20,480 ----a-w C:\Program Files\Setup OCX.exe 2008-01-26 20:21 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 2008-01-26 20:21 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 2008-01-26 20:21 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat . ------- Sigcheck ------- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-18 23:33 1233920] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-18 23:33 125952] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 23:33 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-18 23:38 1008184] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536] "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 11:26 4874240 C:\Windows\RtHDVCpl.exe] "CCUTRAYICON"="FactoryMode" [] "HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 13:13 71176] "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 16:24 54840] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 16:16 65536] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2008-01-10 19:57 92704] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-01-10 19:57 8530464] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-01-10 19:57 88608] "UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [2008-03-07 10:21 1398024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="%WINDIR%\SMINST\launcher.exe" [ ] C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Bouwsoft Beheer.lnk - C:\oude pc\System\Program Files\Bouwsoft\Bouwsoft Upgrade\Beheer.exe [25-1-2008 16:38:21 10015392] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [14-5-2008 16:30:58 113664] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3694928960-2974550801-1051636681-1001] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{DE642749-01B6-4FC2-8B15-6A74F7173769}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM "{20AF0041-6FA3-4DE1-86BF-27F2F7FD16C4}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM "{DB36053B-F0BC-4179-91A0-8B755E4ECA4F}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel® Viiv Media Server "{4E3444E5-27E9-43E7-AC6B-93F74FE6AB9C}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel® Viiv Media Server "{13454464-D1F8-4323-9E59-314D00E502C5}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel® Remoting Service "{41B27A3A-8688-41DF-A757-561B4FC5574E}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel® Remoting Service "{15D4E102-7FDB-4F40-829B-4652E288E46A}"= TCP:9442:127.0.0.1:Intel® Viiv Media Server Discovery "{7685D255-C159-4760-8696-88B18F67B360}"= TCP:1900:LocalSubnet:LocalSubnet:Intel® Viiv Media Server UPnP Discovery "{6BD13F10-2D95-48D9-B4B2-EE76D5AB76D5}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "TCP Query User{1B60BDA7-E463-491B-A696-F9F3CFFF2188}C:\\program files\\windows sidebar\\sidebar.exe"= UDP:C:\program files\windows sidebar\sidebar.exe:Windows Sidebar "UDP Query User{12D48E57-ADF7-4A8E-92BD-ECBDAB67156C}C:\\program files\\windows sidebar\\sidebar.exe"= TCP:C:\program files\windows sidebar\sidebar.exe:Windows Sidebar "{E5A04F56-B8E9-44AB-8D55-1D0195D079D5}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{C55F5D5F-6E1C-49AF-ADE8-7B7ADE73544A}C:\\program files\\sierra\\empire earth ii\\ee2.exe"= UDP:C:\program files\sierra\empire earth ii\ee2.exe:Empire Earth II "UDP Query User{37DD5496-7E18-4BB2-B9B7-14BC61499270}C:\\program files\\sierra\\empire earth ii\\ee2.exe"= TCP:C:\program files\sierra\empire earth ii\ee2.exe:Empire Earth II "{0B630055-7416-42BA-9619-9E73BBC13736}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA "{316ABA47-91A3-465B-9904-6924E024495F}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA "{99CCD721-0DF7-4335-9E37-41B144161AD9}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB "{4324580A-28AB-4CA7-825D-574DC97513A4}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB "{1F3CB6BA-650D-455C-8E0A-523CAFA2F709}"= UDP:C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2 "{117F7807-CEAA-4B33-BF9B-EA2432BEE99C}"= TCP:C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2 "{E1E5957B-F793-4DCE-AAB4-8E94D7069A3A}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare "{43063352-C39B-47A4-ACA5-36BE5C34A3BA}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare "TCP Query User{546E87A8-E7FB-4998-B019-73085EE67288}C:\\program files\\microsoft games\\fs2002\\fs2002.exe"= UDP:C:\program files\microsoft games\fs2002\fs2002.exe:Microsoft Flight Simulator Module "UDP Query User{9B2F054B-AB04-4FE6-AFF5-63887ADA7AE8}C:\\program files\\microsoft games\\fs2002\\fs2002.exe"= TCP:C:\program files\microsoft games\fs2002\fs2002.exe:Microsoft Flight Simulator Module "TCP Query User{7920E374-C72B-46B2-915A-53F361913F03}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper "UDP Query User{10DBE611-8BBB-479E-A3BB-6A3A0173F446}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper "{20791D52-89CA-47AB-BB40-C7D30E8A5E5A}"= UDP:C:\Program Files\Microsoft Games\FS2002\fs2000.exe:fs2000 "{9A5BCD6A-3250-45BB-B8B2-ABADA3C771CB}"= TCP:C:\Program Files\Microsoft Games\FS2002\fs2000.exe:fs2000 "TCP Query User{B47AC410-09FF-4C7D-AE59-1E68C9909F87}C:\\program files\\electronic arts\\battlefield 2142\\bf2142.exe"= UDP:C:\program files\electronic arts\battlefield 2142\bf2142.exe:BF2142 "UDP Query User{9F8B0B2D-64C8-4C03-8B35-35853B5E314C}C:\\program files\\electronic arts\\battlefield 2142\\bf2142.exe"= TCP:C:\program files\electronic arts\battlefield 2142\bf2142.exe:BF2142 "{F09D86ED-70F6-468E-B338-A3AEC43003B1}"= UDP:C:\Program Files\Electronic Arts\Battlefield 2142 Demo\BF2142.exe:Battlefield 2 "{A8ECB0EC-2326-44EF-B41B-858328A71AE7}"= TCP:C:\Program Files\Electronic Arts\Battlefield 2142 Demo\BF2142.exe:Battlefield 2 "TCP Query User{AACE6516-BE4C-4D5B-8E6B-97C35FB10C15}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{671BA2AF-E5C6-4C1F-905C-9BA32E20C36A}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "{0AA75443-5A59-4256-9E56-CE3756518AB5}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent "{2E6C835B-65F8-4E2D-A559-FADD39CC1B48}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent "TCP Query User{6BA28BEC-173B-4CDA-B988-73149D585459}C:\\program files\\wolfenstein - enemy territory\\et.exe"= UDP:C:\program files\wolfenstein - enemy territory\et.exe:ET "UDP Query User{070470BD-D8F5-4D79-9042-4A52AB513F5A}C:\\program files\\wolfenstein - enemy territory\\et.exe"= TCP:C:\program files\wolfenstein - enemy territory\et.exe:ET "{969C9FCB-2849-4C58-8A32-3772835F2C3F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\system32\drivers\HCW85BDA.sys [2007-06-11 11:49] R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;C:\Windows\system32\DRIVERS\netr73.sys [2007-08-31 14:54] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-18 10:23:07 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Windows\System32\audiodg.exe C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe C:\hp\HPEZBTN\HPBtnSrv.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\PostgreSQL\8.1\bin\pg_ctl.exe C:\Windows\System32\PnkBstrA.exe C:\Windows\System32\PnkBstrB.exe C:\Program Files\PostgreSQL\8.1\bin\postmaster.exe C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe C:\Program Files\PostgreSQL\8.1\bin\postgres.exe C:\Windows\System32\rundll32.exe C:\Program Files\PostgreSQL\8.1\bin\postgres.exe C:\Windows\System32\rundll32.exe C:\Program Files\Bouwsoft\UseSocketService.exe C:\Windows\ehome\ehmsas.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Trend Micro\BM\TMBMSRV.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\Bouwsoft\UseSocketService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\ehome\ehsched.exe C:\Program Files\Trend Micro\Internet Security\TmPfw.exe C:\Windows\ehome\ehrecvr.exe C:\Program Files\Trend Micro\Internet Security\TmProxy.exe C:\hp\KBD\kbd.exe C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe C:\Program Files\Trend Micro\Internet Security\UfUpdUi.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\System32\VSSVC.exe . ************************************************************************** . Voltooingstijd: 2008-05-18 10:34:04 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-18 08:33:30 Pre-Run: 209,803,472,896 bytes beschikbaar Kan het bericht voor berichtnummer 0x2379 niet vinden in berichtenbestand voor Application. 253 --- E O F --- 2008-05-18 08:32:50

Hallo, ik heb sinds een week of langer het Virtumonde virus. Ik kan hem wel verwijderen met Spybot Search And Destroy, maar hij komt telkens terug. IE gaat er trager door, de computer ook trouwens. Ook merk ik dan Explorer.exe soms uitvalt. Wie kan me van Virtumonde af helpen? Hier even een HijackThis logje: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:40:31, on 18/05/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\oude pc\System\Program Files\Bouwsoft\Bouwsoft Upgrade\Beheer.exe C:\Windows\ehome\ehmsas.exe C:\hp\kbd\kbd.exe C:\Windows\System32\mobsync.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02715E47-5A8E-495B-8F63-0D30470B8E72} - C:\Windows\system32\ddcAqomJ.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: (no name) - {D4A72FE7-A197-42E7-BD4F-B8FB396427CB} - C:\Windows\system32\byXNhiHy.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\ddcAqomJ.dll,#1 O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKLM\..\RunOnce: [spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKLM\..\RunOnce: [spybotDeletingA9639] command /c del "C:\Windows\System32\byXNhiHy.dll" O4 - HKLM\..\RunOnce: [spybotDeletingC5916] cmd /c del "C:\Windows\System32\byXNhiHy.dll" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3694928960-2974550801-1051636681-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgres') O4 - Startup: Bouwsoft Beheer.lnk = C:\oude pc\System\Program Files\Bouwsoft\Bouwsoft Upgrade\Beheer.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {6E984CC8-4987-40B9-B9AA-6728A957CA27} (PcVerChk Control) - http://jp.trendmicro.com/jp/support/personal/products/vistasp1/redirect/PcVerChk.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {A364AF35-0CDF-41E8-8F3B-E0E55E15EBA1} (Zenturi Active Programs Control) - http://www.programchecker.com/dll/nixon.cab O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/nl/TSEasyInstallX.CAB O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: pg82 (pgsql-8.1) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.1\bin\pg_ctl.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Trend Micro Centrale besturing (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe O23 - Service: UseSocketService - Unknown owner - C:\Program Files\Bouwsoft\UseSocketService.exe -- End of file - 9822 bytes

Wel, klik met rechtermuisknop op een muziekbestand. Klik dan op Eigenschappen en zet het standaart programma op Windows Media Player. Die app staat voor application, dus ik denk dat het gaat om het standaart muziek programma. Meschien verwijderd ofzo. CCleaner zou dit idd. ook kunnen verhelpen.

Als je jouw harde schijf wil formateren en je beschikt over een legale CD van Windows kan je net voor de installatie kiezen om de harde schijf te formateren.

Een faxprogramma opzich zal het faxen niet verranderen. Dus ja, het zou werken. Maar dan moet je wel over een faxapparaat beschikken of de nieuwe pc heeft een ingebouwde fax. En het is idd. zo dat er in Windows Vista Home Premium geen faxprogramma aanwezig is.

Sorry, maar ik kan alleen op je laatste vraag antwoorden. Tijdens het opstarten komt er op je scherm dat je uit een besturingssysteem moet kiezen. Dann kies je bv. Windows Vista.

Heb je het over toetsen op je toetsenbord? Zoja, welk merk en model is die?

Download Tweak UI. http://download.microsoft.com/download/f/c/a/fca6767b-9ed9-45a6-b352-839afb2a2679/TweakUiPowertoySetup.exe Installeer het programma. Klik dan op Start, Powertoys for Windows XP, Tweak UI. Nu opent het programma Tweak UI. Klik op Logon, Autologon en vink het vinkje aan waarbij staat 'Log on automatically at system startup'. En typ in het tekstvak de gebruiker die automatisch moet worden aangemeld tijdens het opstarten. Klik dan op 'Apply' en op 'OK'. Start nu je computer opnieuw, zeg dan even of dit geholpen heeft.

Klik op Start, Programmatoegang en -instellingen. Klik op Aangepast. Kijk dan bij 'Kies een standaardwebbrowser'. Kies dan FireFox.

Maar, ik vind DELL enz echt sucken hoor! Ik kies liever een HP Pavilion en ik zal hem zeker nog vadaag of morgen niet kopen! Ik zal hem waarschijnlijk nooit meer kopen. Maar ik vind het echt jammer dat ik NFS enzo niet meer kan spelen.

Wel, ik zou de laptop gaan gebruiken voor website te maken, en ook vooral voor games. Mijn budget is wel maar € 1000.00! Want ik heb als 2 jaar geleden € 1500.00 aan deze laptop verspilt. Deze laptop is een HP Pavilion dv8000

Ik heb heel veel problemen met mijn laptop. Ik zou graag een nieuwe kopen en heb zonet wat gezocht op internet. Dit is wat ik gevonden heb. HP Pavilion dv9000 CTO Notebook PC Product information HP Pavilion dv9000 CTO Notebook PC Hij beschikt over de tot nu toe beste grafische kaart van NVIDIA. En is bovendien ook zeer snel. Maar ik vraag me af hoeveel hij kost. Hij zou echt niet veel mogen kosten hoor! Maar ik denk niet dat ik hem zal kunnen kopen, maarjah... . Graag zou ik wat meer informatie over die laptop willen. Ik kan het namelijk nergens vinden. Bv.: Procesor en snelheid enz.

Hoe komt het dat ik een half jaar geleden wel nog kon spelen op NFSMW en Battlefield 2142? Het kan tog niet waar zijn dat ik het hier nooit meer zal kunnen spelen?

Ik kon het een half jaar geleden wel nog spelen.

Pfff... echt?

En? Er zullen volgens mij geen virussen enzo opzitten hoor.

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:44:02, on 13/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ISP Monitor\isp.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\ISP Monitor\ISPMonitorSrv.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe C:\Program Files\Trend Micro\BM\TMBMSRV.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe C:\Program Files\Trend Micro\Internet Security\TmProxy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DU Meter] C:\WINDOWS\system32\DUMeter.exe O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files\ISP Monitor\isp.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/nl/TSEasyInstallX.CAB O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Trend Micro Centrale besturing (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- End of file - 7272 bytes

Wel, ik snap niet. Ik open het programma. En dan? Wat moet ik dan doen?

Ik snap niet echt hoe je het moet doen.

Met Windows MovieMaker kan je titels toevoegen hoor. Links in het taken menu moet je de selectie 'Film bewerken' naar beneden schuiven en dan kies je voor 'Titels of verandwoording maken'.

Hmm... Ik wil me niet bemoeien hoor maar ik zie dat je Norton Antivirus gebruikt. Het is meschien even handig om te kijken of internet nog werkt als je hem afsluit. Moest dit het geval zijn moet je in Norton ergens instellen dat hij het programma Internet Explorer toelaat of zoiets.

Iemand?

Iemand nog een idee van hoe ik het probleem zou kunnen oplossen? Ik weet bijna zeker dat het iets is met de resolutie of met het beeld ofzo.

Het heeft allemaal niets uitgehaald. Temp van PC is 46C Temp1 is 55C Core 0 is 53C Core 1 is 53C