Ga naar inhoud

ELDRITCH65

Lid
  • Items

    15
  • Registratiedatum

  • Laatst bezocht

Over ELDRITCH65

  • Verjaardag 22-12-1965

ELDRITCH65's prestaties

  1. Ik heb een DVD SONY OPTIARC AD5200 A in mijn desktop. Deze speler heeft steeds goed gespeeld tot nu. De speler krijgt stroom maar het systeem vind hem niet terug. Bij apparaatbeheer staat er een geel uitroepteken bij. Ik heb reeds geprobeerd om de nieuwste versie van de driver te downloaden maar bij de installatie ervan krijg ik de melding dat hij het apparaat niet terugvind. Ook het vorige installatieprogramma terugvragen is niet mogelijk. Het systeem vind de DVD speler maar gedeeltelijk terug. Ook als men de computer verkent wordt de speler niet teruggegeven. Terzelfdertijd heb ik ook een probleem met de SM-BUS controller. Deze heeft eveneens een geel uitroepingsteken en zegt dat er problemen zijn met de driver. Ik weet niet of het een met het ander te maken heeft. Ik heb eveneens de PC al opengedaan maar alles zit juist aangesloten. In bijlage een copij van de DXDIAG van de PC Graag een oplossing Eldritch65 DxDiag.txt
  2. Hallo Er is een probleem met de laptop van een vriendin. Die heeft een laptop ACER 1692WLMI en de muis is van het type synaptics-apparaat en draait onder de versie Synaptics Touchpad V5.9. Sinds kort is ze overgestapt naar firefox en kan voorlopig niet meer scrollen. In internet explorre gaat dit wel nog. Ze heeft de laatste nieuwe versie gedonwload van de driver maar blijft hetzelfde. Is daar een oplossing voor ? Volgens mij ligt dit aan een instelling in firefox ofwel aan de driver die firefox nog niet ten volle ondersteunt. Iemand een oplossing ? Dank bij vorbaat Eldritch 65
  3. Bedankt voor de tip. Ik zal dit nakijken maar eerst zal ik het paswoord moeten kennen gezien de BIOS beveiligd is met paswoord. Ik denk dat ik daarvoor het beste kontakt opneem met de winkel waar het moederbord geïnstalleerd is. Is nog maar juist nieuw moederbord. Zal zeker reactie geven of het gelukt is. Eldritch
  4. Mijn desktop draait op windows XP. Als ik deze niet meteen gebruik dan plaats ik hem in slaapstand wat gemakkelijk is gezien systeem alert blijft en het stroomverbruik verminder. Maar daar zit hem het probleem. Als ik de pc in slaapstand zet bereidt windows alles voor en de PC gaat over op slaapstand. Maar niet voor lang. Na een paar seconden start hij weer op en komt hij in gewone modus. Ik heb alle instellingen al nagekeken maar kan niets abnormaals vinden. Ik kan de PC gewoon niet in slaapstand houden. Waar zou het probleem kunnen zitten ? Dank Eldritch65
  5. Bedankt voor jouw berichtje. Ja ik weet mijn zeven is in mijn PC blijven hangen sorry kan soms voor verwarring zorgen. Bedankt voor de uitleg. Want in de wereld van de processoren nu is het niet altijd duidelijk wat er sneller is en beter en hoe men moet vergelijken. Zoals bij bepaalde programma's staat er meestal verwijzing van minimum processor type intel, maar inzake AMD staat er soms niets vermeld en zeker nu met de i7 welke lager kloksnelheid hebben maar toch krachtiger zijn is het helemaal al in het duister tasten. Want ik mag uit de kenmerken opmaken dat de i7 reeks zoals de i7 920 gerust programma's aankan die een kloksnelheid van 3 Ghz vragen. Ik vind dat de bedrijven die de programma's / spelen uitbrengen hun informatie achteraan wat zouden mogen uitbreiden en updaten naar de nieuwe technologie die te vinden is. Bedankt voor uw reactie Eldritch65
  6. Ik heb eeen vraag inzake de i-processor van intel. deze is de beste processor voor gaming. Kan deze vergeleken worden met de Quad core of de Duo Core ? Ik wil daar mee zeggen de kloksnelheid. de kloksnelheid bij een i processor gaat ook maar tot 3,2 Ghz maar kan deze snelheid vergeleken worden met de andere processoren ? Want bepaalde games vragen een kloksnelheid van 3 ghz maar is voor een i-processor een lagere snelheid toegelaten gezien zijn prestaties of moet ook wel de 3 Ghz gerespecteerd worden ?
  7. Bedankt voor antwoord. Sorry dat ik nog niet eerder heb gereageerd. Alles stond goed maaar ik heb het kunnen oplossen door alles in tekst uit te voeren. Dan neemt hij alles zonder probleem aan. Ik denk dat het probleem zit in de conversies van de bestanden. de programma's zijn gemaakt met oude versies van access en ik denk dat bij de conversie naar de nieuwe versies problemen zijn ontstaan waardoor hij de datum's verkeerd begint te lezen. Toch bedankt voor uw reactie Eldritch
  8. Ik heb een vraag inzake samenvoegen word en access tabel. In word heb ik een dokument met velden die ingevoerd worden vanuit een query in access. Een van de velden is een datum veld. Dit veld heeft als eigenschap in access de notatie dd/mm/yyyy. Dit zowel in de tabel als in de query. Maar als men het word dokument opent en de gegevens importeert naar de velden in het dokument dan heeft de datum de amerikaanse uitlezing zijnde mm/dd/yyyy. Ik heb al gekeken naar de eigenschappen van het veld in Word en daar staat alles normaal. Het access bestand werkt met gekoppelde tabellen maar in de originele tabellen staan de eigenschappen ook dd/mm/yyyy. Dus alles in access staat normaal maar boij exporteren naar word verandert ineens die eigenschap. Ik heb alles al nagekeken en vind niets speciaals terug. Het access bestand is wel nog een bestand van access2000 en is geconverteerd naar de nieuwe versie. Maar ik denk dat daar het probleem niet ligt gezien de eigenschappen juist zijn. Kan iemand een oplossing zien in het probleem ?
  9. Ja dat weet ik dat dit kan voorkomen maar het betreft hier vooral lege CD's en DVD's. Hij zegt dat er ofwel geen schijf aanwezig is ofwel als men de eigenschappen bekijkt dat er geen ruimte vrij is terwijl ze leeg zijn. Het kan altijd dat er kapotte tussen zitten maar toch geen tien. Ik dacht ook in die richting ofwel in de richting dat er iets was met de rechten van het branden.
  10. Ik heb een probleem met het branden. Indien ik met een bepaald programma films brandt op DVD dan is er geen probleem (VSO Software). Maar de problemen beginnen bij het branden in windows. Wanneer ik een CD R of een DVD in de brander plaats leest hij deze zonder probleem. Hij vertelt mij wat er opstaat indien er reeds informatie op gebrand is. Maar indien ik de eigenschappen vraag van de schijf zegt hij dat ofwel de schijf volstaat (wat niet het geval is) of dat er niets op de schijf kan geschreven worden (bij een lege schijf). Indien ik wil branden door bestanden rechstreeks op de schijf te zetten of via Nero dan krijg ik het bericht : Geen CD aanwezig, of geen toegang tot de brander.....Het is altijd mogelijk dat er een slechte schijf inzit maar niet allemaal. te meer dat indien ik films brandt met VSO software er nooi geen probleem is. Bij apparaatbeheer staat ook de vermelding dat het apparaat correct wordt. Heeft dit te maken met bepaalde rechten in windows of ligt het probleem ergens anders ?
  11. Hierbij de twee gevraagde logs. Eerst de combofix en dan de hijack ComboFix 09-01-05.05 - Eldritch 2009-01-06 21:21:55.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1022.541 [GMT 1:00] Gestart vanuit: c:\documents and settings\Eldritch\Bureaublad\ComboFix.exe . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Eldritch\Application Data\FunWebProducts c:\documents and settings\Eldritch\Favorieten\Cheap Pharmacy Online.url c:\documents and settings\Eldritch\Favorieten\Search Online.url c:\documents and settings\Eldritch\Favorieten\VIP Casino.url c:\documents and settings\Eldritch\Localdir c:\documents and settings\Eldritch\Localdir\Setup.zip c:\documents and settings\Eldritch\Localdir\winlogo.exe c:\documents and settings\Eldritch\Menu Start\Cheap Pharmacy Online.url c:\documents and settings\Eldritch\Menu Start\Search Online.url c:\documents and settings\Eldritch\Menu Start\VIP Casino.url c:\temp\1cb c:\temp\1cb\syscheck.log c:\windows\Fonts\a.zip c:\windows\nohh06760.exe c:\windows\system32\au3305adc.dll c:\windows\system32\obkvgapopjawkl.dll c:\windows\system32\qpXGOUvw.ini c:\windows\system32\qpXGOUvw.ini2 c:\windows\system32\rfklrxqb.ini c:\windows\system32\snuxmxom.ini c:\windows\system32\togdrqrx.ini c:\windows\system32\vmjndewn.ini c:\windows\system32\xfvmcmgi.ini c:\windows\system32\yqridnvx.ini . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_IPRIP -------\Service_Iprip (((((((((((((((((((( Bestanden Gemaakt van 2008-12-06 to 2009-01-06 )))))))))))))))))))))))))))))) . 2009-01-05 17:52 . 2009-01-05 17:52 <DIR> d-------- c:\documents and settings\Eldritch\Application Data\Malwarebytes 2009-01-05 17:50 . 2009-01-05 17:52 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-01-05 17:50 . 2009-01-05 17:50 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-01-05 17:50 . 2009-01-04 18:41 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-05 17:50 . 2009-01-04 18:41 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-04 16:33 . 2009-01-04 16:33 13,384,728 --a------ c:\windows\registry.zzz 2009-01-04 16:33 . 2009-01-04 16:33 13,384,728 --a------ c:\windows\registry.daz 2009-01-04 16:28 . 2009-01-04 16:28 <DIR> d-------- c:\program files\Microsoft Windows OneCare Live 2009-01-04 15:56 . 2009-01-04 16:13 <DIR> d-------- c:\program files\a-squared Anti-Malware 2009-01-04 15:32 . 2009-01-04 15:32 <DIR> d-------- c:\documents and settings\Eldritch\.housecall6.6 2009-01-04 15:32 . 2009-01-04 15:32 102,664 --a------ c:\windows\system32\drivers\tmcomm.sys 2009-01-04 13:54 . 2009-01-04 13:55 <DIR> d-------- c:\program files\Adware Away 3.0.1.cw 2009-01-04 13:39 . 2009-01-04 13:44 <DIR> d-------- c:\program files\Xoftspy_4.33_334 2009-01-04 13:10 . 2008-12-16 15:19 4,096 --a------ c:\windows\system32\drivers\Start2Driver.SYS 2009-01-04 12:28 . 2009-01-04 23:52 <DIR> dr-h----- c:\documents and settings\Eldritch\Onlangs geopend 2009-01-04 12:22 . 2009-01-04 12:23 <DIR> d-------- c:\program files\CCleaner 2009-01-04 12:22 . 2009-01-04 12:22 3,165,824 --a------ c:\documents and settings\ccsetup215.exe 2009-01-03 15:19 . 2009-01-03 15:19 <DIR> d-------- c:\documents and settings\All Users\Application Data\21F 2009-01-01 18:04 . 2009-01-01 18:04 <DIR> d-------- c:\documents and settings\Eldritch\Application Data\MyPrivacy 2009-01-01 13:46 . 2009-01-01 18:04 <DIR> d-------- C:\MyPrivacy 2008-12-31 19:54 . 2008-12-31 19:54 <DIR> d-------- c:\program files\Microsoft Silverlight 2008-12-31 17:09 . 2008-12-31 17:12 <DIR> d-------- c:\windows\NV3308236.TMP 2008-12-31 16:19 . 2008-12-31 16:19 <DIR> d-------- c:\documents and settings\All Users\Application Data\Codemasters 2008-12-31 16:12 . 2008-12-31 16:12 <DIR> d-------- c:\program files\OpenAL 2008-12-31 16:12 . 2008-04-28 15:53 805,400 -ra------ c:\windows\system32\tmpCD.tmp 2008-12-31 16:12 . 2008-04-28 15:53 805,400 -ra------ c:\windows\system32\tmpCC.tmp 2008-12-31 16:12 . 2008-12-31 16:12 444,952 --a------ c:\windows\system32\wrap_oal.dll 2008-12-31 16:12 . 2008-12-31 16:12 109,080 --a------ c:\windows\system32\OpenAL32.dll 2008-12-30 18:53 . 2009-01-02 23:46 104 --a------ c:\windows\WININIT.INI 2008-12-30 14:03 . 2009-01-04 15:45 <DIR> d-------- c:\windows\Omniquad Total Security 2008-12-30 14:03 . 2008-12-30 14:26 117 --a------ c:\windows\winomnifile.dat 2008-12-30 14:03 . 2009-01-04 15:41 0 --a------ c:\windows\test.dat 2008-12-30 12:08 . 2008-12-30 12:08 <DIR> d-------- c:\program files\Windows Defender 2008-12-30 12:03 . 2008-12-30 12:03 5,154,816 --a------ c:\documents and settings\WindowsDefender.msi 2008-12-30 11:07 . 2008-12-30 11:07 <DIR> d-------- c:\program files\Trend Micro 2008-12-29 21:21 . 2008-12-30 11:24 <DIR> d-------- c:\program files\Spybot - Search & Destroy 2008-12-29 21:21 . 2008-12-30 11:24 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-12-29 16:43 . 2009-01-04 12:36 <DIR> d-------- c:\program files\Euro Truck Simulator 2008-12-29 13:48 . 2008-12-29 14:13 <DIR> d-------- c:\windows\system32\whSLD02 2008-12-29 13:48 . 2008-12-29 13:48 <DIR> d-------- c:\windows\system32\R 2008-12-29 13:48 . 2008-12-29 13:48 <DIR> d-------- c:\temp\REX81 2008-12-29 13:47 . 2008-12-29 19:12 <DIR> d-------- C:\tijdelijktoca3 2008-12-29 13:34 . 2008-12-29 13:34 147,456 --a------ c:\windows\system32\vbzip10.dll 2008-12-29 13:24 . 2008-12-29 19:12 <DIR> d-------- C:\tijdelijkeurotruck 2008-12-29 13:24 . 2008-12-29 13:24 905,320 --a------ c:\windows\aqrd60258.exe 2008-12-29 13:24 . 2008-12-29 13:24 197,185 --a------ c:\windows\jqog00568.exe 2008-12-29 13:24 . 2008-12-29 13:24 69,686 --a------ c:\windows\folgv0017.exe 2008-12-29 13:24 . 2008-12-29 13:24 56,318 --a------ c:\windows\sinnm01381.exe 2008-12-29 13:23 . 2008-12-29 13:24 198,855 --a------ c:\windows\srox36232.exe 2008-12-29 13:20 . 2008-12-29 13:40 196,444 --a------ c:\windows\pn8.exe 2008-12-29 13:20 . 2008-12-29 16:42 47,577 --a------ c:\windows\system32\dixqtlzmgsuz.exe 2008-12-28 22:53 . 2008-12-28 22:53 <DIR> d-------- C:\tijdelijkwinrescue 2008-12-28 12:08 . 2008-12-28 19:35 <DIR> d-------- C:\Incomplete 2008-12-28 12:06 . 2008-12-28 12:06 <DIR> d-------- C:\games 2008-12-28 12:05 . 2008-12-29 14:21 <DIR> d-------- c:\documents and settings\Eldritch\Application Data\FrostWire 2008-12-27 22:57 . 2008-12-29 20:23 <DIR> d-------- c:\program files\a-squared Free 2008-12-27 22:53 . 2008-12-27 22:54 <DIR> d-------- c:\program files\speedapps 2008-12-27 22:53 . 2008-12-27 22:53 12,861,144 --a------ c:\documents and settings\a2FreeSetup.exe 2008-12-27 20:52 . 2008-12-27 20:52 <DIR> d-------- c:\documents and settings\Eldritch\Application Data\Apple Computer 2008-12-27 20:51 . 2008-12-27 20:51 <DIR> d-------- c:\program files\Bonjour 2008-12-27 20:50 . 2008-12-27 20:51 <DIR> d-------- c:\program files\QuickTime 2008-12-27 20:50 . 2008-12-27 20:51 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer 2008-12-27 20:50 . 2008-12-27 20:50 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple 2008-12-27 20:48 . 2008-12-27 20:55 <DIR> d-------- c:\program files\DVD Decrypter 2008-12-27 20:45 . 2008-12-29 16:55 <DIR> d-------- c:\program files\FrostWire 2008-12-27 20:45 . 2008-12-27 20:45 <DIR> d-------- c:\program files\Any Video Converter 2008-12-27 16:15 . 2008-12-27 16:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\4FA 2008-12-26 14:39 . 2008-12-28 22:57 <DIR> d-------- c:\program files\Global Star Software 2008-12-26 14:21 . 2008-12-26 16:48 <DIR> d-------- c:\program files\Bejeweled Twist 2008-12-26 14:07 . 2008-12-29 16:56 <DIR> d-------- c:\program files\PopCap Games 2008-12-26 14:07 . 2008-12-26 14:07 0 --a------ c:\windows\popcinfo.dat 2008-12-25 14:41 . 2008-12-25 14:41 <DIR> d-------- c:\program files\Philips 2008-12-25 14:37 . 2008-05-02 01:55 46,504 -ra------ c:\temp\RebootWMP.exe 2008-12-25 14:01 . 2008-12-25 14:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\19167 2008-12-24 15:27 . 2008-12-24 15:27 <DIR> d-------- c:\documents and settings\Eldritch\Application Data\Locktime 2008-12-24 15:22 . 2008-12-24 15:22 <DIR> d-------- c:\documents and settings\All Users\Application Data\Locktime 2008-12-24 15:18 . 2008-12-24 15:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\Hagel Technologies 2008-12-23 15:32 . 2008-12-23 15:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\102CE 2008-12-23 15:13 . 2008-12-23 15:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\Trymedia 2008-12-23 14:07 . 2008-12-29 12:27 <DIR> d-------- c:\program files\Bus Driver 2008-12-23 13:28 . 2008-12-23 13:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\1129F 2008-12-22 18:11 . 2008-12-22 18:13 <DIR> d-------- c:\program files\18 Wheels of Steel American Long Haul 2008-12-22 16:12 . 2008-12-22 16:12 <DIR> d-------- c:\documents and settings\Eldritch\LimeWire Store Purchased 2008-12-22 16:12 . 2008-12-22 16:12 <DIR> d-------- c:\documents and settings\Eldritch\LimeWire Shared 2008-12-22 16:11 . 2008-12-22 16:11 <DIR> d-------- c:\documents and settings\Eldritch\Incomplete 2008-12-22 16:11 . 2009-01-03 15:54 <DIR> d-------- c:\documents and settings\Eldritch\Application Data\LimeWirePlus 2008-12-22 16:09 . 2008-12-22 16:09 <DIR> d-------- c:\program files\LimewirePlus 2008-12-22 16:09 . 2008-12-22 16:11 <DIR> d-------- c:\program files\LimeWire Plus 2008-12-22 15:32 . 2008-12-22 15:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\357D 2008-12-22 14:06 . 2008-12-29 13:52 <DIR> d-------- c:\documents and settings\Eldritch\Application Data\LimeWire 2008-12-22 14:03 . 2008-12-22 14:03 4,900,376 --a------ c:\documents and settings\LimeWireWin.exe 2008-12-21 21:25 . 2009-01-04 12:45 <DIR> d-------- C:\movie 2008-12-21 15:45 . 2008-12-21 15:45 <DIR> d-------- c:\windows\WinRescue 2008-12-21 15:39 . 2008-12-29 14:21 <DIR> d-------- c:\program files\WinRescue XP 2008-12-21 15:39 . 2009-01-04 16:32 47 --a------ C:\rsqXPdir.ini 2008-12-21 11:01 . 2009-01-04 13:59 <DIR> d-------- c:\documents and settings\Eldritch\Application Data\Azureus 2008-12-21 11:01 . 2008-12-21 11:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\Azureus 2008-12-21 11:00 . 2008-12-21 11:00 <DIR> d-------- c:\program files\Vuze 2008-12-21 10:57 . 2008-12-21 10:57 <DIR> d-------- c:\documents and settings\Eldritch\Application Data\PCF-VLC 2008-12-21 10:45 . 2008-12-21 10:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\LogiShrd 2008-12-19 14:36 . 2008-12-19 14:36 <DIR> d-------- c:\documents and settings\Eldritch\Application Data\Search Settings 2008-12-19 14:33 . 2008-12-19 14:33 <DIR> d-------- c:\program files\Search Settings 2008-12-19 14:33 . 2008-12-21 15:23 <DIR> d-------- c:\program files\Dealio 2008-12-19 14:33 . 2008-12-19 14:33 0 --ah----- c:\windows\SwSys2.bmp 2008-12-19 14:33 . 2008-12-19 14:33 0 --ah----- c:\windows\SwSys1.bmp 2008-12-19 14:04 . 2008-12-19 14:04 <DIR> d-------- c:\documents and settings\All Users\Application Data\12167 2008-12-19 13:41 . 2008-12-19 13:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\383D8 2008-12-19 12:51 . 2008-05-02 02:38 301,656 --a------ c:\windows\system32\BtCoreIf.dll 2008-12-19 12:50 . 2008-12-19 12:51 <DIR> d-------- c:\program files\Common Files\Logishrd 2008-12-16 14:08 . 2008-12-24 10:43 <DIR> d-------- c:\program files\SearchIn1Step 2008-12-15 17:15 . 2008-12-15 17:15 <DIR> d-------- c:\documents and settings\Eldritch\Application Data\Participatory Culture Foundation 2008-12-15 17:15 . 2008-12-15 17:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\Participatory Culture Foundation 2008-12-15 17:14 . 2008-12-15 17:14 <DIR> d-------- c:\program files\Participatory Culture Foundation 2008-12-15 14:33 . 2008-12-15 14:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\19186 2008-12-14 21:26 . 2008-12-14 21:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\C36B 2008-12-11 15:10 . 2008-12-11 15:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\212BF 2008-12-10 14:01 . 2006-05-31 18:20 2,969,884 --a------ c:\windows\system32\Free Cartoon Screensaver.scr 2008-12-10 14:01 . 2007-02-07 17:10 2,518 --a------ c:\windows\system32\Free Cartoon Screensaver.html 2008-12-08 21:46 . 2008-12-08 21:46 <DIR> d-------- c:\program files\Common Files\Adobe AIR . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-06 20:29 371,748 ----a-w c:\windows\system32\drivers\APPFCONT.DAT.bck 2009-01-06 20:29 371,748 ----a-w c:\windows\system32\drivers\APPFCONT.DAT 2009-01-06 20:29 13,880 ----a-w c:\windows\system32\drivers\COMFiltr.sys 2009-01-06 20:29 1,132 ----a-w c:\windows\system32\drivers\APPFLTR.CFG.bck 2009-01-06 20:29 1,132 ----a-w c:\windows\system32\drivers\APPFLTR.CFG 2008-12-31 20:46 138,184 -c--a-w c:\windows\system32\drivers\PnkBstrK.sys 2008-12-31 14:52 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-31 14:52 --------- d-----w c:\program files\Codemasters 2008-12-30 19:40 --------- d-----w c:\program files\Google 2008-12-30 10:36 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2008-12-24 15:13 --------- d-----w c:\program files\Ahead 2008-12-21 14:43 --------- d-----w c:\program files\Norton Security Scan 2008-12-21 14:43 --------- d-----w c:\program files\Common Files\Symantec Shared 2008-12-19 14:45 --------- d-----w c:\program files\Seekeen 2008-12-19 11:51 --------- d-----w c:\program files\Common Files\Logitech 2008-12-10 13:01 --------- d-----w c:\program files\Free Screensavers 2008-12-10 12:50 --------- d-----w c:\program files\Skype 2008-12-10 12:50 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2008-12-10 12:32 --------- d-----w c:\program files\Cyanide 2008-12-10 12:30 --------- d-----w c:\program files\VGP2 2008-12-10 12:26 --------- d-----w c:\documents and settings\Eldritch\Application Data\My Games 2008-12-10 12:04 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-12-10 11:05 --------- d-----w c:\documents and settings\Eldritch\Application Data\skypePM 2008-12-08 20:44 --------- d-----w c:\program files\Common Files\Adobe 2008-12-06 11:16 --------- d-----w c:\program files\PC-Clean 2008-12-03 13:17 --------- d-----w c:\program files\Indo Cleaner 2008 2008-12-03 13:17 --------- d-----w c:\program files\Eusing Free Registry Cleaner 2008-12-02 23:29 --------- d-----w c:\documents and settings\Eldritch\Application Data\Smart PC Solutions 2008-12-02 22:20 --------- d-----w c:\program files\1 Click PC Fix 2008-12-02 21:20 --------- d-----w c:\documents and settings\Eldritch\Application Data\IObit 2008-12-01 12:47 --------- d-----w c:\documents and settings\Eldritch\Application Data\Windows Search 2008-12-01 12:47 --------- d-----w c:\documents and settings\Eldritch\Application Data\Windows Desktop Search 2008-12-01 12:46 --------- d-----w c:\program files\Windows Desktop Search 2008-11-29 17:40 315,392 ----a-w c:\windows\HideWin.exe 2008-11-29 17:40 --------- d-----w c:\program files\Realtek 2008-11-29 17:40 --------- d-----w c:\program files\Intel 2008-11-26 11:22 --------- d-----w c:\documents and settings\Eldritch\Application Data\ErrorFix 2008-11-26 09:57 --------- d-----w c:\program files\Clean Ram 2008-11-26 09:44 --------- d-----w c:\program files\BinarySense 2008-11-26 09:07 --------- d-----w c:\program files\Reganam 2008-11-25 12:32 --------- d-----w c:\program files\SystemRequirementsLab 2008-11-25 12:25 --------- d-----w c:\documents and settings\Eldritch\Application Data\SystemRequirementsLab 2008-11-24 19:03 --------- d-----w c:\documents and settings\Eldritch\Application Data\Image Zone Express 2008-11-24 15:39 --------- d-----w c:\program files\EA GAMES 2008-11-22 14:29 --------- d-----w c:\program files\3GP Player 2008-11-20 13:55 --------- d-----w c:\documents and settings\All Users\Application Data\2338A 2008-11-19 20:44 --------- d-----w c:\documents and settings\All Users\Application Data\3B177 2008-11-19 15:54 --------- d-----w c:\program files\www_screensavers_com 2008-11-18 17:14 --------- d-----w c:\documents and settings\All Users\Application Data\352CB 2008-11-16 20:34 --------- d-----w c:\documents and settings\All Users\Application Data\62E 2008-11-16 18:22 --------- d-----w c:\program files\Java 2008-11-16 14:12 --------- d-----w c:\documents and settings\Eldritch\Application Data\temp 2008-11-16 12:52 --------- d-----w c:\program files\Windows Live 2008-11-16 12:49 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller 2008-11-16 11:34 --------- d-----w c:\documents and settings\Eldritch\Application Data\Logitech 2008-11-16 11:33 127,034 ------r c:\windows\bwUnin-8.1.1.50-8876480SL.exe 2008-11-16 11:33 --------- d-----w c:\program files\Logitech 2008-11-16 11:32 --------- d-----w c:\documents and settings\All Users\Application Data\Logitech 2008-11-14 20:39 --------- d-----w c:\documents and settings\All Users\Application Data\252BF 2008-11-14 17:21 --------- d-----w c:\program files\Electronic Arts 2008-11-14 17:16 --------- d-----w c:\documents and settings\Eldritch\Application Data\Leadertech 2008-11-14 16:51 --------- d-----w c:\program files\EA SPORTS 2008-11-14 13:33 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller 2008-11-13 16:29 --------- d-----w c:\program files\ING 2008-11-12 23:52 --------- d-----w c:\documents and settings\All Users\Application Data\242EE 2008-11-12 23:52 --------- d-----w c:\documents and settings\All Users\Application Data\10CB 2008-11-11 23:23 --------- d-----w c:\documents and settings\All Users\Application Data\269C 2008-11-11 20:02 --------- d-----w c:\documents and settings\All Users\Application Data\15D 2008-11-11 00:17 --------- d-----w c:\documents and settings\All Users\Application Data\A3C8 2008-11-11 00:16 --------- d-----w c:\documents and settings\All Users\Application Data\D32C 2008-11-11 00:15 --------- d-----w c:\documents and settings\All Users\Application Data\55D 2008-11-10 19:51 --------- d-----w c:\program files\Conduit 2008-11-10 09:38 --------- d-----w c:\documents and settings\All Users\Application Data\13128 2008-11-09 20:56 --------- d-----w c:\program files\Common Files\AVSMedia 2008-11-09 20:56 --------- d-----w c:\program files\AVS4YOU 2008-11-09 20:56 --------- d-----w c:\documents and settings\Eldritch\Application Data\AVS4YOU 2008-11-09 20:56 --------- d-----w c:\documents and settings\All Users\Application Data\AVS4YOU 2008-11-09 19:24 --------- d-----w c:\documents and settings\All Users\Application Data\13D8 2008-11-08 17:18 --------- d-----w c:\documents and settings\All Users\Application Data\1A399 2008-11-08 14:49 --------- d-----w c:\program files\ICQ6Toolbar 2008-11-08 14:49 --------- d-----w c:\documents and settings\All Users\Application Data\ICQ 2008-11-07 20:49 --------- d-----w c:\documents and settings\All Users\Application Data\C3C8 2008-11-07 20:41 --------- d-----w c:\program files\BearShare Applications 2008-11-06 15:57 774,144 ----a-w c:\program files\RngInterstitial.dll 2008-11-06 15:57 --------- d-----w c:\program files\Real 2008-11-06 15:57 --------- d-----w c:\program files\Common Files\Real 2008-11-06 15:54 --------- d-----w c:\documents and settings\All Users\Application Data\Winferno 2008-11-06 15:49 --------- d-----w c:\program files\Winferno 2008-11-05 15:12 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat 2007-03-08 04:53 11,590,010 -c--a-w c:\documents and settings\Eldritch\Mad_Truckers.exe 2007-02-14 05:59 1,201,041 -c--a-w c:\documents and settings\Eldritch\wrar37b3.exe 2007-01-21 13:43 65 -c--a-w c:\program files\Common Files\appop.log 2005-11-01 04:20 7,253,204 -c--a-w c:\documents and settings\Eldritch\speed.exe 2004-10-01 14:00 40,960 -c--a-w c:\program files\Uninstall_CDS.exe 2008-11-14 20:50 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Start WingMan Profiler"="c:\program files\Logitech\Profiler\lwemon.exe" [2004-05-19 77824] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-09-16 94208] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144] "APVXDWIN"="c:\program files\Panda Security\Panda Global Protection 2009\APVXDWIN.EXE" [2008-12-03 869632] "SCANINICIO"="c:\program files\Panda Security\Panda Global Protection 2009\Inicio.exe" [2008-07-07 50432] "MSConfig"="c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-04-14 172032] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016] "a-squared"="c:\program files\a-squared Anti-Malware\a2guard.exe" [2008-12-14 2782352] "nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472] InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-01-21 270336] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2008-05-02 02:42 72208 c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] 2008-03-18 16:58 58672 c:\windows\system32\avldr.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.iv41"= ir41_32.dll "vidc.asv2"= asusasv2.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\startupfolder\C:^Documents and Settings^Eldritch^Menu Start^Programma's^Opstarten^Registratie van Need for Speed™ Undercover.lnk] backup=c:\windows\pss\Registratie van Need for Speed™ Undercover.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhilipsDM [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-06-12 02:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2008-04-14 18:02 15360 c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core] --a------ 2008-07-22 12:34 2772992 c:\program files\Electronic Arts\EADM\Core.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] --a------ 2008-11-14 21:50 29744 c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] --a------ 2007-08-24 07:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhilipsDM\SA1916] --a------ 2008-05-30 18:04 1503744 c:\program files\Philips\SA19xx\Philips Device Manager\bin\DeviceManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-01-10 15:27 385024 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings] --a------ 2008-06-12 16:57 991584 c:\program files\Search Settings\SearchSettings.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-11-16 19:22 136600 c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] -r------- 2008-03-03 04:40 69632 c:\windows\Alcmtr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] -r------- 2008-03-03 04:40 16859648 c:\windows\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WZCSVC"=2 (0x2) "sdCoreService"=3 (0x3) "sdAuxService"=3 (0x3) "iPod Service"=3 (0x3) "a2free"=2 (0x2) "WSearch"=2 (0x2) "MyWebSearchService"=2 (0x2) "SearchIn1Step Service"=2 (0x2) "Microsoft Office Groove Audit Service"=3 (0x3) "MDM"=2 (0x2) "LightScribeService"=2 (0x2) "JavaQuickStarterService"=2 (0x2) "IDriverT"=3 (0x3) "EZ-Backup Manager"=2 (0x2) "Bonjour Service"=2 (0x2) "Apple Mobile Device"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\2K Games\\Firaxis Games\\Sid Meier's Railroads!\\RailRoads.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"= "c:\\Program Files\\Sitecom\\IVT BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\LimeWire Plus\\LimeWire.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Codemasters\\GRID\\GRID.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3587:TCP"= 3587:TCP:Windows Peer-to-Peer-groepering "3540:UDP"= 3540:UDP:PNRP (Peer Name Resolution Protocol) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 ivicd;Ivi CDVD Filter Driver;c:\windows\system32\drivers\ivicd.sys [2007-01-21 38784] R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2008-11-04 28544] R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [2005-12-06 35328] R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [2008-11-04 73728] R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [2008-11-04 52992] R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [2008-11-04 22072] R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [2008-11-04 193792] R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [2008-11-04 16:10:00 158848] R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2008-11-04 41144] R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [2008-11-04 46720] R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;c:\windows\system32\drivers\neti1634.sys [2008-11-04 197888] R3 Video3D;ASUS Video3D Service;c:\windows\system32\drivers\Video3D.sys [2004-07-06 44544] R4 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda --> c:\windows\system32\svchost -k Panda [?] R4 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2008-11-04 179640] R4 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Global Protection 2009\psksvc.exe [2008-11-04 28928] R4 Start2Driver;Start2Driver;c:\windows\system32\drivers\Start2Driver.SYS [2009-01-04 4096] R4 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592] S1 Start1Driver;Start1Driver; [x] S3 AEXPAM;Philips SmartManage Service;c:\windows\system32\drivers\aexpamdrv.sys [2005-12-20 27008] S3 Amps2prt;Compatible PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [2007-01-22 9600] S3 AvFlt;Antivirus Filter Driver; [x] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2008-02-25 1527900] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2007-01-21 29744] S3 iviudf;iviudf; [x] S3 PavSRK.sys;PavSRK.sys; [x] S3 PavTPK.sys;PavTPK.sys; [x] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2007-01-20 176128] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2008-02-25 544768] S4 EZ-Backup Manager;EZ-Backup Manager;c:\program files\EzBackup\EZ-Backup Manager\EzBackup.exe [2007-01-21 1123840] S4 SearchIn1Step Service;SearchIn1Step Service;c:\program files\SearchIn1Step\searchin1.exe [2008-12-16 4608] S4 Seekeen Service;Seekeen Service; [x] --- Other Services/Drivers In Memory --- *Deregistered* - ComFiltr *Deregistered* - udffsrec [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] panda REG_MULTI_SZ Gwmsrv p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] \Shell\AutoRun\command - D:\EIVCD.exe . Inhoud van de 'Gedeelde Taken' map 2008-12-28 c:\windows\Tasks\Basis-opruiming.job - c:\program files\Panda Security\Panda Global Protection 2009\PlaTasks.exe [2008-07-03 17:55] 2009-01-06 c:\windows\Tasks\ErrorFix Scan.job - c:\program files\ErrorFix\ErrorFix.exe [] 2009-01-06 c:\windows\Tasks\ErrorFix Scan.job - c:\program files\ErrorFix [] 2009-01-06 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20] 2009-01-06 c:\windows\Tasks\PCConfidential.job - c:\program files\Winferno\PC Confidential\PCConfidential.exe [] 2009-01-06 c:\windows\Tasks\zbfbgvru.job - c:\windows\system32\rundll32.exe [2008-04-14 18:03] . - - - - ORPHANS VERWIJDERD - - - - WebBrowser-{DB9D7A78-A76C-4BF2-97C6-258925EE1542} - (no file) WebBrowser-{7EFBC57C-CD57-481F-B794-648FCE9C9116} - (no file) WebBrowser-{47E161A0-F4BA-41DD-A17B-D2EB26AD6A02} - (no file) WebBrowser-{D9C9A8C9-460D-4343-888E-AE02BCC3CE57} - (no file) WebBrowser-{10000000-1000-1000-1000-100000000000} - (no file) MSConfigStartUp-IEPR - c:\docume~1\Eldritch\LOCALS~1\TempImages\IEPR.exe MSConfigStartUp-iOmem - c:\docume~1\Eldritch\LOCALS~1\TempImages\iOmem.exe MSConfigStartUp-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\2.bin\M3PLUGIN.DLL MSConfigStartUp-Microsoft Update Machine - mdm.exe . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.mysystemexpert.com/search.htm uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mWindow Title = Telenet Internet uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.mysystemexpert.com/search.htm IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll FF - ProfilePath - c:\documents and settings\Eldritch\Application Data\Mozilla\Firefox\Profiles\v919966\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Yoog Search FF - prefs.js: browser.startup.homepage - hxxp://www.humo.be FF - prefs.js: keyword.URL - hxxp://www9.yoog.com/search.php?q= FF - prefs.js: network.proxy.type - 2 FF - component: c:\documents and settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll FF - component: c:\documents and settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metricsloader.dll FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npgcplug.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll FF - plugin: c:\program files\Picasa2\npPicasa2.dll FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll FF - plugin: c:\program files\Yahoo!\Common\npyaxmpb.dll ATTENTION: FIREFOX POLICES IS IN FORCE FF - user.js: browser.search.selectedEngine - Yoog Search FF - user.js: keyword.URL - hxxp://www9.yoog.com/search.php?q= FF - user.js: keyword.enabled - true . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-06 21:30:20 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1214440339-1500820517-839522115-1004\Software\SecuROM\License information*NULL*] "datasecu"=hex:36,4c,53,86,ea,d9,6b,bf,87,47,a2,3c,c9,7e,bf,0e,11,a6,58,d3,b8,\ 14,e0,66,eb,a1,9b,df,c8,7c,0b,ba,49,0c,ce,36,0e,7e,05,2c,b7,83,ad,7f,f5,97,\ 88,7d,2b,ad,21,a9,ec,c1,42,91,6f,d3,e6,4a,f1,a5,9b,65,60,91,72,c9,06,14,00,\ da,c9,1e,aa,d6,fa,76,4d,37,5f,dc,24,d8,cc,60,35,d9,58,7c,00,8a,19,f3,fb,bd,\ c6,36,54,39,4f,d7,50,f7,50,29,e8,5f,46,5a,05,ca,24,3d,2f,94,c7,f4,21,df,78,\ 6a,86,b4,5c,f0,d0,76,8b,5b,c6,af,09,08,1f,8d,05,9e,04,db,27,0f,3c,57,f1,14,\ ab,86,d2,2e,71,33,7c,cc,cc,e0,b1,ff,20,dc,b0,14,79,cd,92,c2,e3,48,b5,7f,71,\ 8d,2a,40,f6,65,bc,20,d8,3d,59,7c,df,23,90,ac,7d,34,9b,57,01,11,c2,2f,8c,23,\ 5b,1b,7d,31,01,a1,51,bc,65,6b,05,62,3c,12,51,a6,fb,b3,5d,74,63,29,94,c1,2f,\ 35,a1,f8,d1,02,bf,d8,79,4f,30,a2,4d,18,32,18,1a,09,f9,7a,08,46,2b,9f,6a,11,\ 5c,a5,70,7b,c7,11,44,5a,db,11,e0,3e,32,43,41,f9,fe,06,23,07,d2,6b,ba,91,5f,\ a6,75,ef,0f,54,14,16,9f,c0,f7,3a,c5,17,9e,d0,a9,d1,2a,9e,b5,f6,6b,4d,4f,6f,\ 8a,43,7d,11,e5,de,4e,b7,4e,2d,2e,fc,14,10,79,3f,b4,01,b4,7e,92,46,bd,90,57,\ c8,a2,76,e5,cf,69,41,92,1d,d7,7a,a8,06,03,78,a3,31,de,42,be,6b,8d,b4,60,96,\ e7,d3,f9,06,83,73,fb,ce,5e,3a,77,47,7b,0e,ef,80,12,5e,3b,44,bb,6c,7b,55,53,\ c8,35,ed,99,75,17,f2,6a,50,1c,1c,29,ba,54,6b,3b,7f,3a,75,bc,86,0c,50,41,1d,\ 99,ea,13,7d,ec,54,1e,6e,40,4b,37,39,cf,23,28,51,12,4e,5d,d3,14,42,78,a0,14,\ 14,1a,73,ad,0d,4b,46,13,10,95,6f,e3,85,6b,2f,f6,3d,38,aa,75,70,4d,af,d6,0f,\ 04,f0,cf,d7,f8,12,89,ba,1d,7c,4b,39,0e,1e,fe,e4,a5,ae,53,c8,37,eb,50,52,63,\ 5d,6e,fa,d3,d5,cf,6a,58,56,06,82,9f,e7,ae,27,4f,00,9a,e3,3a,70,c4,6d,72,27,\ 04,27,b7,0f,a7,80,86,af,2c,16,88,9b,e8,5a,39,d4,e9,cc,4f,b4,3b,c9,dd,90,32,\ 8e,f9,f9,cf,43,65,96,8a,c9,b5,ed,37,c2,d6,18,1b,bf,20,35,49,30,6a,69,3f,ea,\ d9,72,c8,84,b0,d0,7e,3f,68,d2,6c,67,f0,06,43,33,ec,8f,2f,fe,c3,f3,de,c3,e6,\ 20,de,48,b0,17,23,cb,f3,71,4d,18,55,51,3c,8d,c8,23,8d,2f,0f,5d,29,68,2c,f8,\ b3,fc,36,87,89,5b,65,8a,5d,84,ac,c4,6a,d0,be,30,b3,67,03,18,b7,51,d3,3b,61,\ 02,3f,9d,29,cb,5f,9f,14,c8,f9,7d,5d,f5,b0,34,dd,83,cc,4c,a4,d8,15,3f,7f,dc,\ 29,73,c0,03,db,a7,1b,da,f0,22,1a,04,4e,75,dd,82,82,17,1c,0b,3b,90,c3,a5,42,\ 99,46,4d,d7,76,3f,7b,cd,e1,4a,86,37,d8,40,08,1b,30,ab,97,07,69,38,21,78,64,\ 3b,1d,b9,b8,d1,7c,32,bc,56,fb,ca,03,a7,15,7b,c2,da,e5,9b,d1,c6,b2,4c,78,23,\ 63,3d,58,9d,e4,a8,ee,be,48,b2,36,d4,81,37,2b,17,a0,88,00,91,5c,c2,1b,86,d8,\ 7b,a8,9f,8d,4c,24,58,93,61,e5,8a,05,5d,51,56,a7,90,56,51,f5,13,50,a6,3a,5e,\ 8c,06,83,9c,06,20,6a,02,22,f7,84,5b,4c,13,67,ea,e5,75,7e,28,1b,38,3a,5a,a6,\ 25,91,1e,72,df,62,3c,2c,86,95,5e,56,38,1c,1a,3e,0b,26,8e,c2,c1,df,88,94,6f,\ cc,0c,9b,63,d9,34,fe,47,b5,06,0d,24,af,95,c6,a4,29,73,b5,49,c6,96,01,0d,89,\ 37,01,74,8b,f6,b2,59,8b,30,5c,61,a8,5a,81,14,00,0d,c9,a3,de,19,a0,59,43,a8,\ 52,31,cd,fd,6d,fa,4c,b1,b3,e7,a7,d7,fc,16,7c,a1,d7,7e,9e,9f,79,88,ab,7d,81,\ bf,6a,0f,0e,d6,2a,31,39,06,70,61,f8,a2,4d,26,8b,f5,4a,f0,bf,ac,be,1e,5a,38,\ ad,aa,86,88,6f,8a,72,f8,c6,3c,67,2d,f6,46,6c,21,36,b7,a5,c0,6a,12,3d,51,00,\ b2,c6,dd,e4,36,38,b1,84,35,04,e5,cd,1e,5a,fe,f0,90,1a,37,0a,d3,6b,6c,a9,74,\ 8f,62,ac,e8,cd,00,77,90,b1,56,98,f1,72,43,49,c5,1e,b4,e6,9e,ea,0d,51,99,1a,\ b8,53,e8,88,13,94,fa,3d,3f,95,09,4a,5a,81,4e,c7,b6,5a,2c,2d,cd,85,e6,b8,76,\ 1f,d5,f8,b5,cf,0a,7f,56,58,68,aa,ac,8a,55,2c,8b,37,2c,16,87,27,05,bd,5a,7c,\ 11,72,bd,a4,f2,88,97,24,4d,22,c7,5a,19,72,9f,22,ce,ff,18,33,2f,f6,1e,a2,fb,\ f7,ff,bd,7c,7b,64,c2,0f,4a,db,9e,4f,0b,4c,f6,af,98,c2,ca,71,ef,ac,39,12,cc,\ fc,7a,4c,e8,b1,c5,b8,5c,ff,e9,f5,10,6b,63,1d,d7,3b,73,a1,32,63,b3,4a,8f,f4,\ 20,18,46,9e,da,69,c5,bb,e7,a1,5c,63,3a,a0,b0,09,af,f2,30,c4,c4,58,80,8d,ba,\ 72,ac,c8,ac,74,d5,0d,e1,85,1a,95,08,b1,22,ce,c0,68,1f,67,84,59,2c,7b,2f,d5,\ 98,e3,8b,96,7e,35,39,84,49,86,89,a2,c6,a7,36,b0,0b,2d,c1,2d,27,4f,a4,de,08,\ 71,59,d8,ce,3e,46,12,b8,31,bb,2e,7e,a6,8e,15,1c,91,53,dc,ed,2e,c6,ec,a7,b3,\ f1,f0,fd,ea,9e,df,71,22,ca,2f,42,b4,4f,01,c9,64,bf,63,d6,29,a6,df,9b,92,fe,\ db,e2,f7,73,2e,9a,a4,04,81,d2,55,5d,53,30,ee,82,f5,9b,2a,b0,85,fc,f5,31,eb,\ f2,d6,61,ad,04,80,c2,5a,5f,29,43,9b,8d,43,50,be,18,1d,7b,ba,b9,4b,ba,9a,07,\ 98,58,29,aa,a5,e9,39,c5,fa,38,f5,c3,bb,d0,38,88,1c,24,b8,06,68,88,81,0c,8b,\ e2,ba,28,d2,38,ed,9c,bf,c8,e5,d6,34,e8,9f,8f,6d,da,db,61,04,30,4c,97,a2,cf,\ 5b,fd,2e,8f,bd,62,5d,ba,29,d6,7a,04,0d,06,a4,8d,0d,96,ea,3c,ba,bd,ff,1b,b3,\ 39,c9,5f,bf,f9,86,48,55,8b,22,8c,46,c8,c7,16,55,14,77,da,ea,14,51,b4,c1,f1,\ ca,ec,d4,d2,b8,9c,f3,81,af,dc,76,ba,d7,a8,86,73,46,51,90,b0,e4,2e,59,f7,f7,\ 02,9f,2e,39,a5,3f,27,7c,2e,a4,c6,87,c3,a8,8c,a3,58,50,8d,93,3f,93,95,4a,25,\ 56,eb,71,4e,0b,1d,42,69,e2,58,6b,c8,53,12,3a,e7,89,f8,0d,89,c3,73,de,d0,32,\ bb,e7,45,88,4b,ed,34,38,bc,f3,eb,dc,59,3f,61,24,91,00,6a,4b,d2,af,ac,e5,0e,\ 14,b6,ed,d0,2e,8c,89,13,65,d4,e4,f9,5c,29,e7,54,66,09,07,4a,5f,b0,59,45,4e,\ ae,38,fa,e0,d9,c1,c0,4d,54,e4,17,b4,ff,86,0c,9d,07,59,c1,98,4f,18,10,98,ad,\ 3a,d5,ff,db,ba,b3,0a,95,c3,57,73,dd,c3,89,68,66,e3,4a,ef,f1,e2,cc,6e,a2,7b,\ 6a,22,5c,4c,ef,09,9c,2b,6c,8a,b3,e4,11,58,2e,1e,48,22,73,0f,19,f3,d7,0c,76,\ cd,a8,ac,d7,7d,05,81,32,e0,e9,ae,e9,85,29,21,2f,b3,b0,f2,62,e4,b2,d0,b9,71,\ 7b,86,30,d1,38,0f,8e,08,16,fe,a6,b5,7c,ba,1d,21,9c,d5,0c,4d,0e,b8,06,a6,95,\ 5a,68,1c,2a,a9,d9,6f,25,d9,2b,3b,e2,4f,22,07,d4,62,19,c6,70,1a,12,46,9a,66,\ fb,58,eb,ed,39,c2,cb,7b,ac,39,71,43,3c,ec,78,63,c3,a6,44,1a,3d,d3,f0,59,c7,\ 40,a2,59,8f,aa,46,69,40,38,09,e7,72,54,ae,c4,02,88,cc,a9,77,84,17,b1,72,51,\ d0,b0,cf,90,5b,71,cf,75,43,2e,e6,eb,cc,07,67,ee,05,0b,a3,0f,1c,24,ac,aa,6a,\ a3,49,f2,87,fd,08,5d,7e,48,31,12,47,24,92,90,e6,6a,f2,ee,97,27,c9,a9,ee,9c,\ d6,17,a2,2e,e1,2f,84,2e,d4,6a,2f,2f,2f,16,83,46,34,c6,59,c8,ca,dc,d6,ba,21,\ 3a,57,88,4d,2c,ca,a1,ce,c4,86,89,35,d3,fc,9b,e9,a2,dd,8b,b5,cb,2c,2d,ca,d5,\ 63,1c,67,fc,ce,8c,50,8d,9a,95,27,0a,a7,e8,b2,60,fb,e5,61,41,96,0f,14,cd,1e,\ e1,09,73,d8,fa,a2,c4,72,17,6e,eb,ed,d4,09,bf,4f,15,64,28,d9,2b,a7,b0,e6,3c,\ f5,dd,9e,af,c9,3f,43,b9,ab,40,b8,b2,ca,2a,db,d4,04,e1,c6,b3,99,b9,d8,5b,13,\ 81,97,35,67,32,5d,8f,55,9a,5f,6a,91,de,78,6b,66,dd,b7,dd,bf,b0,8c,a3,44,27,\ 4a,54,c9,f4,2f,12,7f,88,7f,c6,ad,28,91,7e,48,6c,73,84,00,21,5a,7f,7b,5f,03,\ b1,5e,df,bd,9d,31,df,ae,89,c6,f9,70,ae,10,c9,5b,d0,13,b4,63,9e,14,c8,a7,de,\ 2a,5b,e1,09,58,63,d3,12,da,8b,bd,29,a7,4b,22,c7,1e,16,4e,53,3e,cb,f5,64,26,\ ab,fc,2e,b7,e2,88,73,c8,ef,87,e7,0f,82,59,f4,0b,80,46,cd,62,04,ed,f3,f9,c6,\ d0,04,2a,28,63,be,ea,b1,e3,8a,b3,27,ba,07,84,45,3c,dd,69,a4,ec,f7,ac,3e,37,\ 06,ad,8f,62,da,52,2f,cc,39,e0,8a,ee,e5,68,68,1e,d0,44,4c,a2,e9,66,03,c0,ba,\ 44,4c,e3,dc,aa,c0,2f,f5,c2,89,05,cc,a0,e7,f2,b3,8d,ae,0d,ef,e6,ea,4c,a6,f7,\ d5,65,f2,12,47,ec,66,77,b5,0e,3f,dc,03,81,09,f9,94,3a,52,95,f5,db,cd,95,c5,\ a8,28,18,ff,fe,2e,e4,fe,6e,f7,bc,91,11,97,38,94,67,e8,49,a4,89,be,5d,cc,fe,\ dd,64,a6,47,dd,b8,67,80,d0,c9,8b,b8,48,b6,91,3e,24,0d,f2,58,14,17,ec,bd,06,\ e8,c2,c3,7d,0a,67,d6,ef,86,6d,01,70,77,c8,d9,f4,56,42,46,9d,dc,6d,51,68,a8,\ a5,5b,db,84,d0,94,4b,3b,ef,ed,14,3f,7e,85,07,3a,1a,a0,0d,93,0a,7f,cb,d4,6b,\ ef,84,8e,28,44,42,7e,58,c2,1e,5d,aa,6d,e1,93,e9,11,85,1a,ee,05,ee,6a,57,b2,\ 84,df,94,3e,6f,4a,6c,47,8d,89,38,1d,b1,30,fe,eb,31,ea,b0,1b,9d,fb,22,90,63,\ 62,e7,0b,76,cf,d9,c0,4b,96,cb,89,d2,fb,b1,0e,12,25,9c,0a,8e,20,11,43,1a,38,\ d8,b4,99,a5,6c,f3,01,c4,f7,69,84,46,ef,e8,18,98,74,6a,c2,97,64,ef,7f,06,83,\ 9d,a7,48,dd,59,91,19,b9,28,f0,46,49,fa,75,2f,a0,97,9e,ca,6a,21,31,69,3b,e7,\ 47,e4,16,6f,de,b1,24,0a,da,6f,45,1c,d5,89,24,ee,40,73,4c,04,46,e9,f7,bb,aa,\ 0d,80,cc,7e,73,cd,6d,35,80,66,dd,0c,0a,a1,ca,a7,22,40,29,08,1e,27,60,f8,0c,\ e0,f0,1a,be,82,1c,1a,39,a3,44,70,4e,79,59,09,99,77,c0,3b,46,24,f4,d5,28,6f,\ 12,2f,40,48,5d,6b,30,13,62,3d,1e,a9,b4,fc,d6,35,b8,3a,ed,49,9d,69,a6,13,14,\ 2e,e4,c3,e6,02,5c,09,48,5b,0a,ef,73,c4,e2,e3,cf,c4,dc,d7,0e,b9,b2,cf,97,f2,\ 9d,81,85,22,92,5e,35,66,c4,29,a1,00,21,66,51,42,da,f2,0c,38,c7,b2,f0,5d,3b,\ da,0a,11,56,cb,29,9f,1b,7a,74,58,8a,66,22,d6,27,a9,0a,34,f5,61,bb,12,74,a6,\ f4,fe,7e,b1,ea,76,87,e9,ca,83,b6,e8,a7,a0,d7,2a,25,e8,57,95,c6,b8,c1,14,84,\ ff,50,c5,29,a1,e4,37,d2,72,d6,73,7b,a9,c6,27,da,c5,60,03,f5,b3,54,ef,dd,46,\ 69,57,22,aa,0d,ce,87,fc,89,35,15,bd,88,75,02,1d,ae,17,4a,de,f8,90,2e,09,5e,\ 72,a1,ed,63,92,14,cc,61,20,d9,56,f4,38,31,74,b6,c5,05,f3,a6,b6,79,4d,03,09,\ 6a,0e,b8,78,fd,57,b4,f2,4f,66,50,03,cd,63,69,92,c9,aa,88,ee,d2,c7,5e,43,9d,\ ff,d3,0e,71,b4,4c,21,78,4e,4e,de,3b,46,53,3e,f3,02,35,bc,2e,fc,43,63,3a,86,\ ee,91,e5,51,17,0b,1c,c6,c9,60,a8,91,fc,67,1b,33,54,b2,a0,eb,33,56,b8,31,b3,\ bd,5d,af,3e,cb,2c,c3,e1,c1,05,20,07,b5,95,74,67,ae,35,07,d6,09,1c,71,44,e1,\ 3f,15,63,b9,99,ad,56,90,63,0c,54,0e,c9,22,c5,07,4c,b5,63,ad,e5,70,e0,44,44,\ 8c,3e,1e,00,9c,ff,c4,c1,11,73,92,cc,50,65,bc,5f,5b,b0,6d,dc,9d,00,af,6a,5d,\ d9,bd,43,b9,1b,3c,e5,ce,7f,2c,bb,1d,17,ab,3d,32,32,19,72,3e,16,d7,d0,53,6d,\ 39,20,8a,b7,f9,69,e5,19,f1,ff,b1,a9,8d,2b,67,91,63,6d,93,99,76,de,4d,56,a0,\ 42,a0,b3,89,eb,df,46,87,55,36,67,37,e4,70,ac,5d,aa,e9,0d,37,a9,fe,43,42,bf,\ b4,4a,7a,2e,2c,4e,7e,b3,80,b3,5b,4d,24,ef,d1,28,4e,93,10,9c,f7,00,06,04,29,\ 89,81,b5,c9,b3,14,2c,08,f9,1a,f6,b2,82,5b,8e,a1,eb,b3,83,96,3f,a3,f2,2a,14,\ f9,b8,40,a5,86,ff,2b,78,e6,a1,0e,27,6b,38,73,9a,a3,ef,15,e9,b0,d4,2e,a7,34,\ d0,91,6d,cc,be,c0,49,69,36,0a,11,1d,04,43,d3,98,b9,32,5f,59,cc,99,67,94,3c,\ db,36,7b,a7,f1,43,5b,f3,f0,de,8a,ee,8b,c3,c7,32,9c,09,d1,f8,05,98,70,d1,2b,\ b3,59,f4,0f,17,34,64,7e,71,d5,fe,30,02,8d,0e,51,87,ff,c5,32,8b,68,34,ed,89,\ c0,24,af,8d,a2,ae,5b,eb,b0,75,2b,4e,53,ea,02,90,ce,5c,39,71,c6,ce,11,ea,85,\ 52,91,87,ef,99,26,06,a2,a9,af,a4,9c,96,6c,de,f0,44,18,25,86,25,ec,02,ff,5e,\ 95,fc,a7,9c,62,1e,94,67,b3,23,19,f9,0f,82,02,b1,be,49,89,04,2f,f4,5b,53,e7,\ 1f,f5,d9,b5,49,d9,79,03,ce,2c,3d,3f,b5,d0,6f,ef,89,48,c3,48,db,45,30,49,30,\ 61,b4,71,59,23,d5,28,87,5a,a4,e3,1f,ef,3c,37,22,f6,20,ab,84,b3,f4,47,40,32,\ c6,d8,eb,fe,f8,94,e3,b6,d8,fd,60,82,a0,07,9d,70,b8,5e,ad,f1,15,cf,2c,79,c7,\ 76,c2,0a,dc,76,c7,7b,45,b1,a6,94,39,7d,b9,fd,8e,d9,e8,03,f8,93,9b,fb,3a,a9,\ 60,e8,a8,3f,16,3d,12,37,d3,31,29,b1,05,40,03,5f,b9,ab,58,4b,13,be,56,7a,03,\ 9b,30,cf,7d,8a,fb,20,ae,b1,6c,47,5a,16,9e,12,c7,d8,17,59,10,03,f9,99,91,17,\ f9,76,54,98,e4,3f,b3,c0,90,4f,3b,0a,ad,d8,3f,f3,fe,88,b4,36,78,c1,3d,53,29,\ d3,f0,89,b6,c9,33,31,71,87,51,39,d4,04,c3,ea,98,67,96,89,20,e4,8b,f7,a5,53,\ c7,d4,e9,9b,fc,9c,a5,02,f1,ef,7b,54,03,13,fa,82,0a,15,24,17,ab,99,dd,d4,3d,\ 78,80,54,c1,d1,2a,c5,87,cf,eb,56,91,9b,ad,74,96,1e,ac,4a,57,a5,7d,e8,3a,e4,\ 03,12,30,14,78,29,0e,15,4b,f5,ad,15,5f,04,9d,df,11,0e,70,2b,14,fa,36,46,11,\ 78,17,e1,1b,c8,ed,e0,c2,67,db,05,dd,cf,08,c1,12,53,c0,64,7d,6c,6e,50,0a,a5,\ 13,74,4f,d2,3d,35,57,41,45,e5,df,a6,b9,d8,36,d1,88,c7,e9,b5,e4,b5,10,af,41,\ 99,79,46,1d,63,d2,cb,e5,ab,17,5b,af,4b,5e,83,56,3e,14,9e,3d,b5,cd,51,fe,59,\ 42,f0,d6,ed,27,98,7f,93,99,a2,7c,14,df,a5,8b,90,1a,3e,d5,3c,46,8d,49,57,5e,\ e8,9c,09,46,fd,84,f2,4f,b0,28,a6,75,48,8f,ba,50,40,eb,95,a1,e2,07,9a,74,5d,\ e2,67,f4,ab,bd,cc,26,d7,ad,98,2f,48,77,69,6d,49,bc,7b,2e,01,b4,07,7f,9c,8e,\ ff,43,f6,e1,7a,ef,24,a3,b3,d3,3d,3a,8a,14,5c,17,f0,3a,e9,f6,73,44,96,3f,c1,\ 91,bd,4b,d4,42,c4,3c,6b,5f,b1,d4,d6,72,42,25,b8,1c,b9,11,d2,96,ec,73,34,a9,\ 6c,93,f6,a9,f8,fb,99,78,16,58,68,47,09,86,87,e5,5a,da,62,0b,c4,a4,ea,b8,46,\ 23,d9,50,bb,d4,26,34,81,b4,2d,89,c5,fa,8f,5d,fe,02,1b,18,af,02,b0,5f,92,fb,\ 99,b6,50,a0,d5,94,37,58,fd,30,ac,d8,e7,c6,3d,02,b9,85,2a,46,3c,d7,e6,22,42,\ 78,1a,df,c1,b6,73,44,40,e6,00,bf,a0,db,04,e3,25,68,6a,85,bf,e1,ab,cf,f9,87,\ 9d,1e,f0,c1,ef,ab,e0,c3,d6,97,d7,bf,b4,cb,17,3b,86,ad,94,cc,19,e9,0c,08,c5,\ b4,cb,b7,a6,de,8a,26,7a,24,7f,ad,e4,20,11,dd,09,48,08,0d,f1,45,7a,0f,0c,e1,\ db,5e,6a,e2,84,0c,33,5a,51,9c,b3,44,52,0a,54,0e,96,7a,79,81,ad,50,64,43,fc,\ 41,17,01,98,0d,3f,06,c3,e6,72,d9,7b,79,28,e1,d6,39,76,07,b4,4b,eb,f1,c5,e3,\ 21,46,16,8e,68,e1,c2,f8,23,4c,0b,43,51,fd,9c,65,c1,af,d4,0e,f7,ef,ae,3d,9f,\ af,0c,c2,ee,53,7f,80,80,4a,b9,03,14,a9,07,42,c1,0b,63,ad,33,ef,c1,6a,16,3e,\ 97,e8,8f,17,d2,68,d9,f5,cd,86,d3,fd,52,7f,db,65,c7,64,5b,43,df,1d,97,87,b9,\ 08,cd,f2,77,1e,c0,40,98,b2,1d,e8,ce,2d,06,a4,24,96,46,af,40,6d,b5,49,80,8d,\ 92,c5,38,55,ad,8a,57,fa,4d,f7,27,63,e4,5e,41,5f,c4,de,fe,2a,04,04,4a,b2,13,\ 26,f5,87,72,cd,57,ce,70,cf,94,73,49,ba,0e,7f,84,a3,b9,86,07,a5,c5,2f,8f,c3,\ c3,f2,bd,df,a9,0e,d8,d8,b8,0b,36,e7,38,c6,05,36,cb,df,43,ee,c7,a4,04,09,13,\ ed,32,b3,08,dc,a1,14,aa,00,57,d7,a4,86,2f,61,ef,67,43,0c,a1,89,e8,b2,33,bb,\ 30,c3,af,2e,56,21,b5,ff,65,f3,f1,72,72,fa,7e,1e,c2,0e,a1,03,03,e5,c4,90,f3,\ 66,ed,1b,fe,9d,b2,85,73,13,f2,7a,74,58,c6,1a,45,77,3b,c0,73,79,52,5c,23,71,\ e7,c2,10,be,f2,3f,13,96,f5,4b,56,65,06,64,2e,0c,e6,7b,a7,07,67,ed,85,84,ea,\ 49,09,8a,bc,64,f6,25,ee,7e,5a,76,d6,21,4f,6a,8e,fc,97,0e,68,f4,8c,0e,03,d5,\ 7d,ba,9f,7a,d1,46,ff,6c,c4,6c,44,06,96,d9,84,5e,d2,4e,ab,dd,5d,19,91,30,81,\ 39,f9,0e,fb,f2,3e,68,72,7e,66,82,4a,fe,04,b4,65,c6,c0,af,f3,be,20,8c,60,b3,\ a1,51,59,e0,dc,a3,7c,b9,32,39,f8,ef,9e,ea,8c,6f,c0,db,ad,62,25,86,9e,d1,81,\ 80,23,77,e0,07,70,fc,a0,b4,2e,c1,6f,fb,b8,e8,22,c7,12,76,b4,c3,06,f8,4e,e5,\ b9,e8,45,f7,ba,a7,2b,9f,06,a4,de,55,1a,5e,a1,2a,46,17,20,83,a2,a3,fa,54,95,\ 04,51,f3,da,a2,2b,bf,e1,c1,9e,e2,c8,87,e5,3c,67,fb,11,f6,aa,da,7b,d7,6c,fb,\ 62,4d,ae,32,b0,ac,c7,5d,57,82,55,f3,90,43,db,19,a4,e3,32,ef,aa,92,f8,86,ee,\ 70,ef,32,f6,bf,17,1e,ee,55,a9,e9,8c,c3,dc,c9,65,55,56,46,dd,bb,ad,2c,47,6d,\ 2f,0a,35,e9,b1,70,5f,bd,4f,fc,a2,00,67,c2,f7,f0,bc,cb,01,7a,fa,17,c2,46,d1,\ d6,40,93,18,d9,0f,9f,ff,9a,e9,54,e1,64,6b,18,3d,fe,d6,20,53,fe,d4,72,b6,94,\ ac,29,a5,aa,50,ac,cf,96,4e,15,3f,4b,d1,94,10,9e,de,a3,bf,ca,e9,bb,ba,99,13,\ 14,83,b9,e3,c8,33,ff,79,e6,0b,b7,3f,c6,1c,b2,dc,1d,54,f9,89,7e,2c,b8,14,2b,\ 73,d2,f1,5a,84,73,16,46,52,f7,40,18,b8,cf,fc,ca,5e,f8,2e,7a,7c,ce,3e,df,26,\ f7,b6,74,a1,6b,b0,c6,d5,36,22,64,5c,cb,90,f1,d0,5f,56,bc,9a,26,59,eb,5a,ad,\ 72,f1,52,3a,b9,42,07,5d,a6,9c,de,73,6e,d7,c4,40,2d,be,31,49,6e,8a,04,8a,17,\ 84,ba,f3,d9,06,54,cc,ec,09,5a,97,2a,60,9a,06,8e,5c,0d,8d,a9,39,7c,1a,3c,41,\ dc,47,1d,1a,d8,4d,f3,70,5d,da,78,63,81,0d,9a,14,a8,00,58,e3,ec,c3,44,07,57,\ c0,aa,b9,c9,33,40,4a,1b,14,ef,b5,7b,a5,2c,41,f9,e2,a1,02,4e,be,4b,39,b5,6b,\ c1,0a,49,eb,1a,9e,99,6b,0d,31,8f,8c,00,19,03,27,90,b3,d7,df,e3,a7,70,dd,66,\ bf,e8,e7,3e,a5,6f,9b,df,d6,1d,ee,b1,c8,30,50,9e,fb,25,c4,d4,7b,c5,75,28,7e,\ 21,35,12,6f,2b,7c,82,fd,18,32,9d,40,5b,ed,f6,9e,89,3d,04,26,e0,7f,76,f5,db,\ 54,76,66,59,5c,0a,65,e8,12,fb,d3,57,5e,83,cf,cb,c3,be,92,63,8a,a5,45,1b,8a,\ 59,94,c1,27,ba,e3,f9,6e,9c,e9,43,59,5d,67,05,55,19,0e,97,fe,ad,19,4c,b0,45,\ b2,a3,32,bd,d2,5b,c2,5a,37,37,ae,a3,e7,69,87,da,14,9d,66,6f,83,9e,35,fe,98,\ c5,9e,0d,ae,11,24,b1,72,7a,fe,9c,1c,30,26,6f,35,1a,46,9e,f8,d1,50,91,b2,3f,\ ed,08,80,70,83,80,9a,04,aa,3a,7e,fd,5c,8b,2a,3a,54,0e,f2,be,4f,4f,8e,19,2b,\ 8f,8f,a7,82,49,1c,de,6a,03,8e,10,fe,25,30,00,b4,3c,14,e4,9b,88,66,7b,66,02,\ 96,ac,29,58,71,be,76,42,e4,86,01,36,05,4d,0f,aa,1f,60,a9,69,b4,83,ad,33,e5,\ 7f,10,d3,32,4d,f1,08,71,2a,ba,e0,10,78,08,69,45,f8,64,4b,92,81,95,44,39,ac,\ 24,f7,17,35,de,bb,4f,23,92,6c,fb,78,a9,54,22,da,30,9a,a7,9c,cf,0b,e3,bc,2d,\ e2,33,00,73,d2,cd,d8,7a,d2,c5,d8,6a,d2,fd,e8 "rkeysecu"=hex:23,20,fc,61,f3,eb,2b,67,6e,14,1a,94,39,03,a7,1e . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(1676) c:\windows\system32\avldr.dll c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Panda Security\Panda Global Protection 2009\TPSrv.exe c:\program files\a-squared Anti-Malware\a2service.exe c:\program files\Sitecom\IVT BlueSoleil\BTNtService.exe c:\windows\system32\nvsvc32.exe c:\program files\Panda Security\Panda Global Protection 2009\PsCtrlS.exe c:\program files\Panda Security\Panda Global Protection 2009\PavFnSvr.exe c:\program files\Common Files\Panda Security\PavShld\PavPrSrv.exe c:\windows\system32\HPZipm12.exe c:\windows\system32\PnkBstrA.exe c:\program files\Panda Security\Panda Global Protection 2009\PsImSvc.exe c:\windows\system32\tcpsvcs.exe c:\windows\system32\snmp.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\program files\Panda Security\Panda Global Protection 2009\PAVSRV51.EXE c:\program files\Panda Security\Panda Global Protection 2009\AVENGINE.EXE c:\program files\Panda Security\Panda Global Protection 2009\FIREWALL\PSHost.exe c:\program files\Panda Security\Panda Global Protection 2009\PavBckPT.exe c:\windows\system32\wscntfy.exe c:\program files\HP\Digital Imaging\bin\hpqste08.exe . ************************************************************************** . Voltooingstijd: 2009-01-06 21:34:35 - machine werd herstart [Eldritch] ComboFix-quarantined-files.txt 2009-01-06 20:34:33 Pre-Run: 80,811,257,856 bytes beschikbaar Post-Run: 80,741,666,816 bytes beschikbaar 714 --- E O F --- 2008-12-18 19:01:16 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:45:34, on 6/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Global Protection 2009\TPSrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PsCtrls.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PavFnSvr.exe C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PsImSvc.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PskSvc.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Panda Security\Panda Global Protection 2009\pavsrv51.exe C:\Program Files\Panda Security\Panda Global Protection 2009\AVENGINE.EXE c:\program files\panda security\panda global protection 2009\firewall\PSHOST.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Logitech\Profiler\lwemon.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PavBckPT.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysystemexpert.com/search.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.mysystemexpert.com/search.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2009\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2009\Inicio.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1225874385406 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\pavsrv51.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda global protection 2009\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PskSvc.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\TPSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 9094 bytes Dank reeds Eldritch
  12. Hierbij de logs welke u gevraagd heeft. In eerste instantie de log van mbam en in tweede instantie de log van hijack Malwarebytes' Anti-Malware 1.32 Database versie: 1618 Windows 5.1.2600 Service Pack 3 5/01/2009 18:02:02 mbam-log-2009-01-05 (18-02-02).txt Scan type: Snelle Scan Objecten gescand: 61944 Verstreken tijd: 6 minute(s), 55 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 4 Registersleutels geïnfecteerd: 35 Registerwaarden geïnfecteerd: 1 Registerdata bestanden geïnfecteerd: 2 Mappen geïnfecteerd: 4 Bestanden geïnfecteerd: 33 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: C:\WINDOWS\system32\csuxpcrg.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\jkkjIxvU.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\fsinor.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\iifcAqoO.dll (Trojan.Vundo) -> Delete on reboot. Registersleutels geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0bbbcf35-e2e0-4d5b-968a-1acb65b8eb16} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{0bbbcf35-e2e0-4d5b-968a-1acb65b8eb16} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{195e17c3-b80f-4519-8d1d-1fceac251f47} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{195e17c3-b80f-4519-8d1d-1fceac251f47} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dd3ec823-d3a1-48b3-a18a-a1958795a18a} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iifcaqoo (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{dd3ec823-d3a1-48b3-a18a-a1958795a18a} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{dd3ec823-d3a1-48b3-a18a-a1958795a18a} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{8cbb349a-6b7b-445b-8296-1586b859e942} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{a85ca9ae-00b0-49c3-ba80-bac3084e433e} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{b3bb269a-eb7b-4e5b-82d7-1518b8bae930} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{bb5c43ae-5ab0-49c3-ba5e-babd0842437f} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e67d5bc7-7129-493e-9281-f47bdaface4f} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{2ee92bca-74c4-4d4b-88da-db9f9e3c9f93} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\tbsb05288.ietoolbar (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\tbsb05288.ietoolbar.1 (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\tbsb05288.tbsb05288 (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\tbsb05288.tbsb05288.3 (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{dd3ec823-d3a1-48b3-a18a-a1958795a18a} (Trojan.Vundo) -> Delete on reboot. Registerdata bestanden geïnfecteerd: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\jkkjixvu -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\jkkjixvu -> Delete on reboot. Mappen geïnfecteerd: C:\Program Files\RelevantKnowledge (Spyware.Marketscore) -> Quarantined and deleted successfully. C:\WINDOWS\Fonts\' (Trojan.Agent) -> Files: 26987 -> Quarantined and deleted successfully. C:\Program Files\runit (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Eldritch\Application Data\gadcom (Trojan.Agent) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\WINDOWS\system32\jkkjIxvU.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\UvxIjkkj.ini (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\UvxIjkkj.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\fsinor.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\iifcAqoO.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\csuxpcrg.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\grcpxusc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\ykgee3362.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\c20232.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\uscbl32136.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\gncyq5.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\hw5305.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\prkndfhx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tkxure.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\slbstf.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jbyulruc.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Documents and Settings\Eldritch\Local Settings\Temporary Internet Files\Content.IE5\454DCPW5\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Eldritch\Local Settings\Temporary Internet Files\Content.IE5\APNN7LZP\index[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Eldritch\Local Settings\Temporary Internet Files\Content.IE5\S8AZJM4L\upd105320[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\Program Files\RelevantKnowledge\rlservice.exe (Spyware.Marketscore) -> Quarantined and deleted successfully. C:\Program Files\runit\config.txt (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\runit\runitu_32.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\runit\runit_32.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\c.ico (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\m.ico (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\p.ico (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\s.ico (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\adaway.lic (Rogue.AdwareAway) -> Quarantined and deleted successfully. C:\Documents and Settings\Eldritch\Favorieten\SMS TRAP.url (Rogue.Link) -> Quarantined and deleted successfully. C:\Documents and Settings\Eldritch\Menu Start\SMS TRAP.url (Rogue.Link) -> Quarantined and deleted successfully. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:10:35, on 5/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Global Protection 2009\TPSrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PsCtrls.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PavFnSvr.exe C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PsImSvc.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PskSvc.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Panda Security\Panda Global Protection 2009\pavsrv51.exe C:\Program Files\Panda Security\Panda Global Protection 2009\AVENGINE.EXE c:\program files\panda security\panda global protection 2009\firewall\PSHOST.EXE C:\WINDOWS\Explorer.EXE C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2009\WebProxy.exe C:\Program Files\Panda Security\Panda Global Protection 2009\APVXDWIN.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Logitech\Profiler\lwemon.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Panda Security\Panda Global Protection 2009\SRVLOAD.EXE C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PavBckPT.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\msiexec.exe C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\knlwrap.exe C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\iKernel.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita portaal | Nieuws | Entertainment | Lifestyle | Fun | Business R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysystemexpert.com/search.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.mysystemexpert.com/search.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {4D754021-AF14-4A24-891E-3538EFADEE1A} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {D6874E2A-1F6D-48C8-B733-8A3388C93C71} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: ECO Bar - {10000000-1000-1000-1000-100000000000} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2009\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2009\Inicio.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1225874385406 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: fsinor.dll O20 - Winlogon Notify: opnOigfF - opnOigfF.dll (file missing) O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\pavsrv51.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda global protection 2009\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PskSvc.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\TPSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 10217 bytes Bedant reeds voor de reaktie en de hulp Eldritch
  13. Ik heb een groot probleem met de popup url.adtrgt.com/. Deze start constant automatisch op en om de 5 sec wordt de site opnieuw opgestart. ik heb al honderden scanners geprobeerd doch zonder resultaat. Ook de scanner adware away (voorgesteld op een forum voor iemand die dit probleem ook heeft) doch zonder resultaat. deze scanner zegt zelf dat ze deze adware kunnen verwijderen doch dit blijkt niet het geval. Ik weet dat ik niet alleen ben die last heeft van deze pest maar hebben jullie een oplossing ? Dit is om de muren op te lopen zeker als je op je pc moet zitten gedurende uren voor te scannen en dit geen enkel nut heeft. Hieronder logfile van de Hijack. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:34:30, on 4/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Global Protection 2009\TPSrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PsCtrls.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PavFnSvr.exe C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Panda Security\Panda Global Protection 2009\ApvxdWin.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PsImSvc.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PskSvc.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Panda Security\Panda Global Protection 2009\pavsrv51.exe C:\Program Files\Panda Security\Panda Global Protection 2009\AVENGINE.EXE c:\program files\panda security\panda global protection 2009\firewall\PSHOST.EXE C:\Program Files\Panda Security\Panda Global Protection 2009\WebProxy.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Panda Security\Panda Global Protection 2009\SRVLOAD.EXE C:\Program Files\Panda Security\Panda Global Protection 2009\PavBckPT.exe C:\Program Files\Logitech\Profiler\lwemon.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita portaal | Nieuws | Entertainment | Lifestyle | Fun | Business R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysystemexpert.com/search.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.mysystemexpert.com/search.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O3 - Toolbar: (no name) - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - (no file) O3 - Toolbar: (no name) - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - (no file) O3 - Toolbar: (no name) - {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - (no file) O3 - Toolbar: ECO Bar - {10000000-1000-1000-1000-100000000000} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2009\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2009\Inicio.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [d4f5a1df] rundll32.exe "C:\WINDOWS\system32\xrqrdgot.dll",b O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file) O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1225874385406 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: slbstf.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\pavsrv51.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda global protection 2009\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PskSvc.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\TPSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 10059 bytes Hopelijk kan u mij helpen Dank bij voorbaat Eldritch
  14. Ik heb gedaan zoals "carp" gevraagd had. Ik had reeds een spyware programma (spydoctor) maar heb voor het zekerste nog een ander gedownload (spyware search and destroy). Deze hebben een 27000 fouten gevonden vooral bij win32.agent.cmn meer bepaald op de locatie c:\windows\fonts\'\ alwaar duizenden zip bestanden staan. Deze directorie zie ik zelfs niet staan als ik manueel op die plaats ga kijken (verborgen bestanden staan aangeklikt). Maar het probleem is zowel bij spydoctor als bij spyware search and destroy als men vraagt om de problemen op te lossen dat beide programma's blokkeren. Ik heb vroeger al veel spyware verwijderd met de spywaredoctor maar nu blokkeert die ook en ik denk dat het vooral door die duizenden zip bestanden komt. Want nu is het zo dat als men op internet een pagina opendoet automatisch een andere pagina mee wordt geopend. ik krijg er grijs haar van en serieus op de heupen. Ik hoop dat u mij kunt verderhelpen desnoods als ik de boel moet herformateren is geen probleem. Hieronder ook het logfile van hijack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:07:46, on 30/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Global Protection 2009\TPSrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PsCtrls.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PavFnSvr.exe C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PsImSvc.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PskSvc.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Panda Security\Panda Global Protection 2009\pavsrv51.exe C:\Program Files\Panda Security\Panda Global Protection 2009\AVENGINE.EXE c:\program files\panda security\panda global protection 2009\firewall\PSHOST.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Panda Security\Panda Global Protection 2009\PavBckPT.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\regsvr32.exe C:\Program Files\Logitech\Profiler\lwemon.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita portaal | Nieuws | Entertainment | Lifestyle | Fun | Business R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysystemexpert.com/search.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.mysystemexpert.com/search.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL R3 - URLSearchHook: (no name) - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - (no file) R3 - URLSearchHook: (no name) - {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - (no file) O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL O3 - Toolbar: (no name) - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - (no file) O3 - Toolbar: (no name) - {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - (no file) O3 - Toolbar: ECO Bar - {10000000-1000-1000-1000-100000000000} - C:\Program Files\IEToolbar\ECO Bar\tbu02705\ecobar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2009\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2009\Inicio.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [d4f5a1df] rundll32.exe "C:\WINDOWS\system32\nwednjmv.dll",b O4 - HKLM\..\Run: [etmfubkvfoldpqb] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\obkvgapopjawkl.dll" O4 - HKLM\..\RunOnce: [spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKLM\..\RunOnce: [AskSBar Uninstall] rundll32 C:\PROGRA~1\UNINST~1.DLL,O -3 O4 - HKCU\..\Run: [start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKfox000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Gelijkwaardige pagina's - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Koppelingspagina's - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file) O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1225874385406 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL rnmqwa.dll O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\pavsrv51.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda global protection 2009\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PskSvc.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\TPSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 11980 bytes Dank reeds voor het antwoord en de hulp eldritch65
  15. Ik heb een probleem met internet. Het is te zeggen dat om de zoveel tijd een internetpagina wordt gestart met reklame op. Ik werk met firfox maar de reclame wordt steeds opgestart via microsoft explorer. Dit gebeurt om de zoveel minuten en dit is zeer storend. Kan iemand mij zeggen welk programma dit is ? Waarschijnlijk is dat ergens een aanhangsel geweest bij een andere download maar ik heb al alles nagekeken en vind het niet. Welk programma zou dit probleem kunnen veroorzaken ? Dank Eldritch
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.