Ga naar inhoud

krisvdb

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    7

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door krisvdb

  1. krisvdb
    computer is nog steeds traag, ik heb een vraagje kan ik soms niet alles van de laptop verwijderen en enkel xp terug plaatsen
  2. krisvdb
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:42:51, on 1/03/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2013\avgrsx.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\netdde.exe C:\Acer\eManager\anbmServ.exe C:\Program Files\AVG\AVG2013\avgidsagent.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\clipsrv.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\AVG\AVG2013\avgnsx.exe C:\Program Files\AVG\AVG2013\avgemcx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\Atheros\ACU.exe C:\Program Files\EmvSmartCardReader\SmartMON.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\AVG\AVG2013\avgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleCrashHandler.exe C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\vssvc.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\System32\dmadmin.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = telenet-a779d:80 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui O4 - HKLM\..\Run: [smartMon] C:\Program Files\EmvSmartCardReader\SmartMON.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [iminent.Notifier] C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [CountrySelection] pctptt.exe O4 - HKLM\..\Run: [iMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [startw3i] C:\Program Files\PC Speed Maximizer\Startw3i.exe O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\andy\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIHSA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 845" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [Facebook Update] "C:\Documents and Settings\andy\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIHSA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 845" (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [Google Update] "C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1311637432468 O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: W2k PCtel speaker phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe -- End of file - 7964 bytes
  3. krisvdb
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:20:59, on 1/03/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\netdde.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Atheros\ACU.exe C:\Program Files\EmvSmartCardReader\SmartMON.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Acer\eManager\anbmServ.exe C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleCrashHandler.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\clipsrv.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\svchost.exe c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\vssvc.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\System32\dmadmin.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = telenet-a779d:80 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\prxtbNC0.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files\Common Files\G Data\AVKProxy\BanksafeBHO.dll O2 - BHO: NCH - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\prxtbNC0.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll O3 - Toolbar: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\prxtbNC0.dll O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui O4 - HKLM\..\Run: [smartMon] C:\Program Files\EmvSmartCardReader\SmartMON.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [iminent.Notifier] C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [DataMngr] C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe O4 - HKLM\..\Run: [CountrySelection] pctptt.exe O4 - HKLM\..\Run: [iMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [startw3i] C:\Program Files\PC Speed Maximizer\Startw3i.exe O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\andy\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIHSA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 845" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [Facebook Update] "C:\Documents and Settings\andy\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIHSA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 845" (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [Google Update] "C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1311637432468 O20 - AppInit_DLLs: c:\progra~1\bearsh~1\mediabar\datamngr\datamngr.dll st O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: G Data Scheduler (AVKService) - Unknown owner - C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe (file missing) O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: W2k PCtel speaker phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe -- End of file - 8850 bytes
  4. krisvdb
    tot hiertoe heel goed. Heel erg bedankt ik ben je heel erg dankbaar. Kan ik nu mijn nieuwe antivirus al instaleren. En nogmaals mijn dank
  5. krisvdb
    Zoek.exe Version 4.0.0.2 Updated 01-March-2013 Tool run by andy on vr 01/03/2013 at 17:30:36,51. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost -k DcomLaunch C:\WINDOWS\system32\svchost -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\svchost.exe -k eapsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\netdde.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\msdtc.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Atheros\ACU.exe C:\Program Files\EmvSmartCardReader\SmartMON.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe C:\WINDOWS\System32\alg.exe C:\Acer\eManager\anbmServ.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleCrashHandler.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\clipsrv.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\WINDOWS\system32\dllhost.exe c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\system32\locator.exe C:\WINDOWS\system32\scardsvr.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\System32\vssvc.exe C:\WINDOWS\system32\svchost.exe -k WINRM C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\System32\dmadmin.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Documents and Settings\andy\Local Settings\Temporary Internet Files\Content.IE5\6RJW6ZOI\zoek[1].exe C:\WINDOWS\system32\wbem\wmiprvse.exe ==== Suspicious Entries Found ====================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007" "2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008" "139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004" "445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005" "137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001" "138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002" "3389:TCP"="3389:TCP:*:Disabled:@xpsp2res.dll,-22009" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Internet Explorer\SearchScopes\{D15EF6BE-FF00-468B-818A-10D41AEB707A} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully HKEY_CLASSES_ROOT\CLSID\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully HKEY_CLASSES_ROOT\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully ==== Installed Programs ====================== Acer eManager for Notebook Adobe Flash Player 11 ActiveX Adobe Reader 8.1.2 - Nederlands Adobe Shockwave Player Beveiligingsupdate for Windows XP (KB941569) Beveiligingsupdate voor Microsoft Windows (KB2564958) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2183461) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2360131) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2416400) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2482017) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2497640) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2530548) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2559049) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2586448) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2647516) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2792100) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2797052) Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961) Beveiligingsupdate voor Windows Internet Explorer 8 (KB976325) Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332) Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381) Beveiligingsupdate voor Windows Media Player (KB2378111) Beveiligingsupdate voor Windows Media Player (KB952069) Beveiligingsupdate voor Windows Media Player (KB954155) Beveiligingsupdate voor Windows Media Player (KB968816) Beveiligingsupdate voor Windows Media Player (KB973540) Beveiligingsupdate voor Windows Media Player (KB975558) Beveiligingsupdate voor Windows Media Player (KB978695) Beveiligingsupdate voor Windows Media Player (KB979402) Beveiligingsupdate voor Windows Media Player 11 (KB954154) Beveiligingsupdate voor Windows XP (KB2079403) Beveiligingsupdate voor Windows XP (KB2115168) Beveiligingsupdate voor Windows XP (KB2121546) Beveiligingsupdate voor Windows XP (KB2160329) Beveiligingsupdate voor Windows XP (KB2229593) Beveiligingsupdate voor Windows XP (KB2259922) Beveiligingsupdate voor Windows XP (KB2279986) Beveiligingsupdate voor Windows XP (KB2286198) Beveiligingsupdate voor Windows XP (KB2296011) Beveiligingsupdate voor Windows XP (KB2296199) Beveiligingsupdate voor Windows XP (KB2347290) Beveiligingsupdate voor Windows XP (KB2360937) Beveiligingsupdate voor Windows XP (KB2387149) Beveiligingsupdate voor Windows XP (KB2393802) Beveiligingsupdate voor Windows XP (KB2412687) Beveiligingsupdate voor Windows XP (KB2419632) Beveiligingsupdate voor Windows XP (KB2423089) Beveiligingsupdate voor Windows XP (KB2436673) Beveiligingsupdate voor Windows XP (KB2440591) Beveiligingsupdate voor Windows XP (KB2443105) Beveiligingsupdate voor Windows XP (KB2476490) Beveiligingsupdate voor Windows XP (KB2476687) Beveiligingsupdate voor Windows XP (KB2478960) Beveiligingsupdate voor Windows XP (KB2478971) Beveiligingsupdate voor Windows XP (KB2479628) Beveiligingsupdate voor Windows XP (KB2479943) Beveiligingsupdate voor Windows XP (KB2481109) Beveiligingsupdate voor Windows XP (KB2483185) Beveiligingsupdate voor Windows XP (KB2485376) Beveiligingsupdate voor Windows XP (KB2485663) Beveiligingsupdate voor Windows XP (KB2503658) Beveiligingsupdate voor Windows XP (KB2503665) Beveiligingsupdate voor Windows XP (KB2506212) Beveiligingsupdate voor Windows XP (KB2506223) Beveiligingsupdate voor Windows XP (KB2507618) Beveiligingsupdate voor Windows XP (KB2507938) Beveiligingsupdate voor Windows XP (KB2508272) Beveiligingsupdate voor Windows XP (KB2508429) Beveiligingsupdate voor Windows XP (KB2509553) Beveiligingsupdate voor Windows XP (KB2511455) Beveiligingsupdate voor Windows XP (KB2524375) Beveiligingsupdate voor Windows XP (KB2535512) Beveiligingsupdate voor Windows XP (KB2536276-v2) Beveiligingsupdate voor Windows XP (KB2536276) Beveiligingsupdate voor Windows XP (KB2544893-v2) Beveiligingsupdate voor Windows XP (KB2544893) Beveiligingsupdate voor Windows XP (KB2555917) Beveiligingsupdate voor Windows XP (KB2562937) Beveiligingsupdate voor Windows XP (KB2566454) Beveiligingsupdate voor Windows XP (KB2567053) Beveiligingsupdate voor Windows XP (KB2567680) Beveiligingsupdate voor Windows XP (KB2570222) Beveiligingsupdate voor Windows XP (KB2570947) Beveiligingsupdate voor Windows XP (KB2584146) Beveiligingsupdate voor Windows XP (KB2585542) Beveiligingsupdate voor Windows XP (KB2592799) Beveiligingsupdate voor Windows XP (KB2598479) Beveiligingsupdate voor Windows XP (KB2603381) Beveiligingsupdate voor Windows XP (KB2618451) Beveiligingsupdate voor Windows XP (KB2619339) Beveiligingsupdate voor Windows XP (KB2620712) Beveiligingsupdate voor Windows XP (KB2624667) Beveiligingsupdate voor Windows XP (KB2631813) Beveiligingsupdate voor Windows XP (KB2633171) Beveiligingsupdate voor Windows XP (KB2639417) Beveiligingsupdate voor Windows XP (KB2646524) Beveiligingsupdate voor Windows XP (KB2653956) Beveiligingsupdate voor Windows XP (KB2655992) Beveiligingsupdate voor Windows XP (KB2659262) Beveiligingsupdate voor Windows XP (KB2660465) Beveiligingsupdate voor Windows XP (KB2661637) Beveiligingsupdate voor Windows XP (KB2676562) Beveiligingsupdate voor Windows XP (KB2686509) Beveiligingsupdate voor Windows XP (KB2691442) Beveiligingsupdate voor Windows XP (KB2698365) Beveiligingsupdate voor Windows XP (KB2705219-v2) Beveiligingsupdate voor Windows XP (KB2712808) Beveiligingsupdate voor Windows XP (KB2719985) Beveiligingsupdate voor Windows XP (KB2723135-v2) Beveiligingsupdate voor Windows XP (KB2727528) Beveiligingsupdate voor Windows XP (KB2753842-v2) Beveiligingsupdate voor Windows XP (KB2757638) Beveiligingsupdate voor Windows XP (KB2758857) Beveiligingsupdate voor Windows XP (KB2770660) Beveiligingsupdate voor Windows XP (KB2778344) Beveiligingsupdate voor Windows XP (KB2780091) Beveiligingsupdate voor Windows XP (KB2799494) Beveiligingsupdate voor Windows XP (KB2802968) Beveiligingsupdate voor Windows XP (KB923561) Beveiligingsupdate voor Windows XP (KB938464-v2) Beveiligingsupdate voor Windows XP (KB938464) Beveiligingsupdate voor Windows XP (KB946648) Beveiligingsupdate voor Windows XP (KB950762) Beveiligingsupdate voor Windows XP (KB950974) Beveiligingsupdate voor Windows XP (KB951066) Beveiligingsupdate voor Windows XP (KB951376-v2) Beveiligingsupdate voor Windows XP (KB951698) Beveiligingsupdate voor Windows XP (KB951748) Beveiligingsupdate voor Windows XP (KB952004) Beveiligingsupdate voor Windows XP (KB952954) Beveiligingsupdate voor Windows XP (KB954211) Beveiligingsupdate voor Windows XP (KB954459) Beveiligingsupdate voor Windows XP (KB954600) Beveiligingsupdate voor Windows XP (KB955069) Beveiligingsupdate voor Windows XP (KB956391) Beveiligingsupdate voor Windows XP (KB956572) Beveiligingsupdate voor Windows XP (KB956744) Beveiligingsupdate voor Windows XP (KB956802) Beveiligingsupdate voor Windows XP (KB956803) Beveiligingsupdate voor Windows XP (KB956841) Beveiligingsupdate voor Windows XP (KB956844) Beveiligingsupdate voor Windows XP (KB957097) Beveiligingsupdate voor Windows XP (KB958215) Beveiligingsupdate voor Windows XP (KB958644) Beveiligingsupdate voor Windows XP (KB958687) Beveiligingsupdate voor Windows XP (KB958690) Beveiligingsupdate voor Windows XP (KB958869) Beveiligingsupdate voor Windows XP (KB959426) Beveiligingsupdate voor Windows XP (KB960225) Beveiligingsupdate voor Windows XP (KB960714) Beveiligingsupdate voor Windows XP (KB960715) Beveiligingsupdate voor Windows XP (KB960803) Beveiligingsupdate voor Windows XP (KB960859) Beveiligingsupdate voor Windows XP (KB961371-v2) Beveiligingsupdate voor Windows XP (KB961501) Beveiligingsupdate voor Windows XP (KB969059) Beveiligingsupdate voor Windows XP (KB969947) Beveiligingsupdate voor Windows XP (KB970238) Beveiligingsupdate voor Windows XP (KB970430) Beveiligingsupdate voor Windows XP (KB971468) Beveiligingsupdate voor Windows XP (KB971486) Beveiligingsupdate voor Windows XP (KB971557) Beveiligingsupdate voor Windows XP (KB971633) Beveiligingsupdate voor Windows XP (KB971657) Beveiligingsupdate voor Windows XP (KB971961) Beveiligingsupdate voor Windows XP (KB972270) Beveiligingsupdate voor Windows XP (KB973354) Beveiligingsupdate voor Windows XP (KB973507) Beveiligingsupdate voor Windows XP (KB973525) Beveiligingsupdate voor Windows XP (KB973869) Beveiligingsupdate voor Windows XP (KB973904) Beveiligingsupdate voor Windows XP (KB974112) Beveiligingsupdate voor Windows XP (KB974318) Beveiligingsupdate voor Windows XP (KB974392) Beveiligingsupdate voor Windows XP (KB974455) Beveiligingsupdate voor Windows XP (KB974571) Beveiligingsupdate voor Windows XP (KB975025) Beveiligingsupdate voor Windows XP (KB975467) Beveiligingsupdate voor Windows XP (KB975560) Beveiligingsupdate voor Windows XP (KB975561) Beveiligingsupdate voor Windows XP (KB975562) Beveiligingsupdate voor Windows XP (KB975713) Beveiligingsupdate voor Windows XP (KB976325) Beveiligingsupdate voor Windows XP (KB977816) Beveiligingsupdate voor Windows XP (KB977914) Beveiligingsupdate voor Windows XP (KB978037) Beveiligingsupdate voor Windows XP (KB978338) Beveiligingsupdate voor Windows XP (KB978542) Beveiligingsupdate voor Windows XP (KB978601) Beveiligingsupdate voor Windows XP (KB978706) Beveiligingsupdate voor Windows XP (KB979309) Beveiligingsupdate voor Windows XP (KB979482) Beveiligingsupdate voor Windows XP (KB979559) Beveiligingsupdate voor Windows XP (KB979683) Beveiligingsupdate voor Windows XP (KB979687) Beveiligingsupdate voor Windows XP (KB980195) Beveiligingsupdate voor Windows XP (KB980218) Beveiligingsupdate voor Windows XP (KB980232) Beveiligingsupdate voor Windows XP (KB980436) Beveiligingsupdate voor Windows XP (KB981322) Beveiligingsupdate voor Windows XP (KB981852) Beveiligingsupdate voor Windows XP (KB981957) Beveiligingsupdate voor Windows XP (KB981997) Beveiligingsupdate voor Windows XP (KB982132) Beveiligingsupdate voor Windows XP (KB982214) Beveiligingsupdate voor Windows XP (KB982665) Beveiligingsupdate voor Windows XP (KB982802) Disketch CD Label Software ECHO is off (uit). Facebook Video Calling 1.2.0.287 File Type Assistant Google Chrome HiJackThis Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB976002-v5) Hotfix voor Windows Media Player 11 (KB939683) Hotfix voor Windows XP (KB2158563) Hotfix voor Windows XP (KB2443685) Hotfix voor Windows XP (KB2570791) Hotfix voor Windows XP (KB2633952) Hotfix voor Windows XP (KB2779562) Hotfix voor Windows XP (KB952287) Hotfix voor Windows XP (KB961118) Hotfix voor Windows XP (KB976098-v2) Hotfix voor Windows XP (KB981793) HSP56 MR Drivers Imikimi Plugin Installatieprogramma voor Atheros-client InstallIQ Updater JavaFX 2.1.0 Junk Mail filter update KB971513: Update voor Microsoft Windows MediaBar MEO Encryption Software Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Dutch Language Pack Microsoft .NET Framework 1.1 Security Update (KB2742597) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Language Pack - NLD Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Office File Validation Add-In Microsoft Office Live Add-in 1.3 Microsoft Office Outlook Connector Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MSVCRT msvcrt_installer MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NCH EN Toolbar NCH Toolbar Pakket voor de provider van Microsoft Base-smartcardcryptografieservice PIF DESIGNER PIXMA Extended Survey Program Prism Video File Converter Realtek AC'97 Audio SearchTheWeb Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Windows Search 4 - KB963093 Segoe UI Sierra Utilities SiS 651_661FX_741_760_M661FX_M661MX_M741_M760 SiS 900 PCI Fast Ethernet Adapter Driver Sitecom SIM editor 2.0 SmartCard Reader Driver Installation SPCA1528 PC Driver Synaptics Pointing Device Driver Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update voor Windows Internet Explorer 8 (KB2447568) Update voor Windows Internet Explorer 8 (KB975364) Update voor Windows Internet Explorer 8 (KB976662) Update voor Windows XP (KB2141007) Update voor Windows XP (KB2345886) Update voor Windows XP (KB2467659) Update voor Windows XP (KB2492386) Update voor Windows XP (KB2541763) Update voor Windows XP (KB2616676-v2) Update voor Windows XP (KB2641690) Update voor Windows XP (KB2661254-v2) Update voor Windows XP (KB2736233) Update voor Windows XP (KB2749655) Update voor Windows XP (KB951978) Update voor Windows XP (KB955759) Update voor Windows XP (KB955839) Update voor Windows XP (KB961503) Update voor Windows XP (KB967715) Update voor Windows XP (KB968389) Update voor Windows XP (KB971029) Update voor Windows XP (KB971737) Update voor Windows XP (KB973687) Update voor Windows XP (KB973815) Update voor Windows XP (KB976749) WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Imaging Component Windows Internet Explorer 8 Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Live Writer Windows Management Framework Core Windows Media Format 11 runtime Windows Search 4.0 Windows XP Service Pack 3 WinRAR Yontoo Layers Runtime 1.10.01 Zloeb ==== Deleting Files \ Folders ====================== "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\user.js" deleted "C:\WINDOWS\system32\roboot.exe" deleted "C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe" deleted "C:\Program Files\Iminent" deleted "C:\Program Files\NCH_EN" deleted "C:\Program Files\BearShare Applications\MediaBar" not deleted "C:\Program Files\Windows Searchqu Toolbar" deleted "C:\Program Files\Windows iLivid Toolbar" deleted "C:\Program Files\Ask.com" deleted "C:\Program Files\Conduit" deleted "C:\Documents and Settings\andy\Application Data\Toolbar4" deleted "C:\Documents and Settings\andy\Application Data\Babylon" deleted "C:\Documents and Settings\andy\Application Data\Systweak" deleted "C:\Documents and Settings\All Users\Application Data\Tarma Installer" deleted "C:\Documents and Settings\All Users\Application Data\boost_interprocess" deleted "C:\Documents and Settings\All Users\Application Data\Babylon" deleted "C:\Documents and Settings\andy\Local Settings\Application Data\Ilivid Player" deleted "C:\Documents and Settings\andy\Local Settings\Application Data\Conduit" deleted "C:\Documents and Settings\andy\Local Settings\Application Data\NCH_EN" deleted "C:\Program Files\BearShare Applications\MediaBar\DataMngr" not deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2013-02-24 08:12:21 E185BDA84E5F03F4E1D8DCA30E209277 1912 ----a-w- C:\WINDOWS\epplauncher.mif ====== C:\DOCUME~1\andy\LOCALS~1\Temp ==== 2013-02-25 05:17:20 395EAA4C3653DB378F4A20F89804603A 43661824 ----a-w- C:\DOCUME~1\andy\LOCALS~1\Temp\155b87.msi 2013-02-25 05:15:32 C90FFA4142A3E94EEC74FE8EB26BF794 44853328 ----a-w- C:\DOCUME~1\andy\LOCALS~1\Temp\SHSetup.exe ====== C:\WINDOWS\system32 ===== 2013-02-24 08:15:22 0E869D278F8F3CEBAF9BAA622ED81AA6 232336 ------w- C:\WINDOWS\System32\MpSigStub.exe 2013-02-23 20:00:03 C809FAF915CEA30EFBB46229F317858C 126 ----a-w- C:\WINDOWS\System32\mmc.exe.config.NAR01 2013-02-23 20:00:03 C809FAF915CEA30EFBB46229F317858C 126 ----a-w- C:\WINDOWS\System32\mmc.exe.config.NAR00 ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== 2013-02-22 21:15:10 CE61051557BA6C39B7F402F7BDCB37FE 470 ---ha-w- C:\WINDOWS\Tasks\User_Feed_Synchronization-{0F382021-B336-42EF-B47F-CB0C0D62E657}.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2013-03-01 15:41:28 -------- d-----w- C:\Program Files\Trend Micro 2013-02-25 05:18:48 -------- d-----w- C:\Program Files\Enigma Software Group 2013-02-25 05:17:09 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard 2013-02-24 17:22:38 -------- d-----w- C:\Program Files\Common Files\SWF Studio 2013-02-24 15:44:57 -------- d-----w- C:\Program Files\Mplayer 2013-02-24 15:43:08 -------- d-----w- C:\Program Files\NCH 2013-02-24 15:41:43 -------- d-----w- C:\Program Files\McDonaldsDragons 2013-02-24 15:41:43 -------- d-----w- C:\Program Files\LimeWire 2013-02-24 15:41:43 -------- d-----w- C:\Program Files\G Data 2013-02-24 15:41:41 -------- d-----w- C:\Program Files\SPCA1528 ======= C: ===== ====== C:\Documents and Settings\andy\Application Data ====== 2013-02-24 18:43:26 D90975D6716F104257DA43181DE5D611 155576 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2013-02-24 15:43:13 -------- d-----w- C:\Documents and Settings\andy\Local Settings\Application Data\NCH 2013-02-24 08:02:47 -------- d-----w- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe 2013-02-22 21:29:52 8947F300A5E524108D4CB255ED46A976 67216 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2013-02-22 21:29:48 EA8493C77C6E43E3C52B82D9E39BB726 136 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat 2013-02-22 21:29:48 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory 2013-02-22 21:12:20 E4FCECA19F7BC49FEE83F8300D7BA665 3272 ----a-w- C:\Documents and Settings\Administrator\Application Data\tracedll_ExpressZipExplorer.1.txt 2013-02-22 21:12:20 CBEFB6C4BE18BA7FD3E219FB22CECFB0 137 ----a-w- C:\Documents and Settings\Administrator\Application Data\tracedll_ExpressZipverclsid.1.txt 2013-02-22 21:12:20 A9E05DE1604BEC1758189EEAEC8EB777 6330 ----a-w- C:\Documents and Settings\Administrator\Application Data\tracedll_ExpressZipExplorer.txt 2013-02-22 21:12:20 46E74E4021EA9C57D444A4CDAD3F7BAF 2148 ----a-w- C:\Documents and Settings\Administrator\Application Data\tracedll_ExpressZipExplorer.2.txt 2013-02-22 21:12:20 2E54EC0EA6DECC0A8D77749E1B662D45 1410 ----a-w- C:\Documents and Settings\Administrator\Application Data\tracedll_ExpressZipverclsid.txt 2013-02-22 21:12:20 1D18AE984CDF10D8FB9FD49AF096CC0A 137 ----a-w- C:\Documents and Settings\Administrator\Application Data\tracedll_ExpressZipExplorer.3.txt ====== C:\Documents and Settings\andy ====== 2013-02-22 21:23:57 -------- d-sh--w- C:\Documents and Settings\Administrator\IECompatCache ====== C: exe-files == 2013-02-25 05:15:32 C90FFA4142A3E94EEC74FE8EB26BF794 44853328 ----a-w- C:\Documents and Settings\andy\Local Settings\Temp\SHSetup.exe 2013-02-25 05:15:15 EEA0B34B60632083F2A75352BAE365FB 726464 ----a-w- C:\Documents and Settings\andy\Local Settings\Temporary Internet Files\Content.IE5\EGLVC1E8\SpyHunter-Installer[1].exe 2013-02-24 07:50:41 C216C5A029D039A6697DA2A939537DCE 1012232 ----a-w- C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe 2013-02-23 21:11:20 BF1837697766FD66B4BEABDB980941F2 32417632 ----a-w- C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\25.0.1364.97\25.0.1364.97_chrome_installer.exe === C: other files == 2013-03-01 16:18:31 01CE484FF6D70A39479BC6D619DE7ED6 19984 ----a-w- C:\WINDOWS\LastGood\system32\DRIVERS\EsgScanner.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "Startw3i"="C:\Program Files\PC Speed Maximizer\Startw3i.exe" "BitComet"="C:\Program Files\BitComet\BitComet.exe /tray" "Facebook Update"="C:\Documents and Settings\andy\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "EPLTarget\P0000000000000000"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIHSA.EXE /EPT EPLTarget\P0000000000000000 /M WorkForce 845" "Google Update"="C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "ACU"="C:\Program Files\Atheros\ACU.exe -nogui" "SmartMon"="C:\Program Files\EmvSmartCardReader\SmartMON.exe" "SoundMan"="SOUNDMAN.EXE" "G Data AntiVirus Tray Application"="C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe" "Synchronization Manager"="%SystemRoot%\system32\mobsync.exe /logon" "Iminent.Notifier"="C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe" "DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "DataMngr"="C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe" "CountrySelection"="pctptt.exe" "IMBooster"="C:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "Startw3i"="C:\Program Files\PC Speed Maximizer\Startw3i.exe" "BitComet"="C:\Program Files\BitComet\BitComet.exe /tray" "Facebook Update"="C:\Documents and Settings\andy\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "EPLTarget\P0000000000000000"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIHSA.EXE /EPT EPLTarget\P0000000000000000 /M WorkForce 845" "Google Update"="C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\expresszipShakeIcon.job --a------ C:\Program Files\NCH Software\ExpressZip\expresszip.exe [] C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-776561741-583907252-839522115-1011Core.job --a------ C:\Documents and Settings\andy\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [13/07/2012 16:28] C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-776561741-583907252-839522115-1011UA.job --a------ C:\Documents and Settings\andy\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [13/07/2012 16:28] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-776561741-583907252-839522115-1011Core.job --a------ C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [10/06/2012 06:44] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-776561741-583907252-839522115-1011UA.job --a------ C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [10/06/2012 06:44] C:\WINDOWS\tasks\meoShakeIcon.job --a------ C:\Program Files\NCH Software\Meo\meo.exe [19/08/2011 15:58] C:\WINDOWS\tasks\pixillionSevenDays.job --a------ C:\Program Files\NCH Software\Pixillion\pixillion.exe [] C:\WINDOWS\tasks\pixillionShakeIcon.job --a------ C:\Program Files\NCH Software\Pixillion\pixillion.exe [] C:\WINDOWS\tasks\prismDowngrade.job --a------ C:\Program Files\NCH Software\Prism\prism.exe [19/08/2011 05:31] C:\WINDOWS\tasks\prismShakeIcon.job --a------ C:\Program Files\NCH Software\Prism\prism.exe [19/08/2011 05:31] C:\WINDOWS\tasks\User_Feed_Synchronization-{0F382021-B336-42EF-B47F-CB0C0D62E657}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08/03/2009 04:31] C:\WINDOWS\tasks\User_Feed_Synchronization-{1A1DCF7D-D869-43A7-BB25-AEE749CA91A3}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08/03/2009 04:31] C:\WINDOWS\tasks\User_Feed_Synchronization-{ED6566DD-3AD1-41B0-80BA-DC09AAB82A04}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08/03/2009 04:31] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\DOCUME~1\VIVIAN~1\LOCALS~1\Temp\crx2B.tmp[] niapdbllcanepiiimjjndipklodoedlc - C:\DOCUME~1\andy\LOCALS~1\Temp\YontooLayers.crx[] Beyonce 1.0 - andy - Default\Extensions\nkcpfekoblmmnnekdkmhghhodegpdlje ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.conduit.com?SearchSource=10&ctid=CT2801948/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search/?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://search.babylon.com/?affID=110819&babsrc=NT_ss&mntrId=08d1401000000000000000c09fa2f31a" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully HKEY_CLASSES_ROOT\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully HKEY_CLASSES_ROOT\CLSID\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_CLASSES_ROOT\CLSID\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} deleted successfully HKEY_CLASSES_ROOT\CLSID\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_USERS\S-1-5-21-776561741-583907252-839522115-1011\Software\Microsoft\Internet Explorer\URLSearchHooks\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully ==== shortcuts on Users Desktops ====================== C:\Documents and Settings\andy\Bureaublad\HiJackThis.lnk - C:\Documents and Settings\andy\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Documents and Settings\andy\Bureaublad\Snelkoppeling naar chrome.lnk - C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe ==== shortcuts in Users Start Menu ====================== C:\Documents and Settings\andy\Menu Start\Programma's\Hulp op afstand.lnk - C:\WINDOWS\system32\rcimlby.exe -LaunchRA C:\Documents and Settings\andy\Menu Start\Programma's\Bureau-accessoires\Opdrachtprompt.lnk - C:\WINDOWS\system32\cmd.exe C:\Documents and Settings\andy\Menu Start\Programma's\Bureau-accessoires\Rondleiding door Windows XP.lnk - C:\WINDOWS\system32\tourstart.exe C:\Documents and Settings\andy\Menu Start\Programma's\Bureau-accessoires\Synchroniseren.lnk - C:\WINDOWS\system32\mobsync.exe C:\Documents and Settings\andy\Menu Start\Programma's\Bureau-accessoires\Windows Verkenner.lnk - C:\WINDOWS\explorer.exe C:\Documents and Settings\andy\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Hulpprogrammabeheer.lnk - C:\WINDOWS\system32\utilman.exe /start C:\Documents and Settings\andy\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Schermtoetsenbord.lnk - C:\WINDOWS\system32\osk.exe C:\Documents and Settings\andy\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Vergrootglas.lnk - C:\WINDOWS\system32\magnify.exe C:\Documents and Settings\andy\Menu Start\Programma's\Google Chrome\Google Chrome.lnk - C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\andy\Menu Start\Programma's\HiJackThis\HiJackThis.lnk - C:\Documents and Settings\andy\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Documents and Settings\Default User\Menu Start\Programma's\Hulp op afstand.lnk - C:\WINDOWS\system32\rcimlby.exe -LaunchRA C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Kladblok.lnk - C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Opdrachtprompt.lnk - C:\WINDOWS\system32\cmd.exe C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Rondleiding door Windows XP.lnk - C:\WINDOWS\system32\tourstart.exe C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Synchroniseren.lnk - C:\WINDOWS\system32\mobsync.exe C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Windows Verkenner.lnk - C:\WINDOWS\explorer.exe C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Hulpprogrammabeheer.lnk - C:\WINDOWS\system32\utilman.exe /start C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Schermtoetsenbord.lnk - C:\WINDOWS\system32\osk.exe C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Vergrootglas.lnk - C:\WINDOWS\system32\magnify.exe C:\Documents and Settings\Gast\Menu Start\Programma's\Hulp op afstand.lnk - C:\WINDOWS\system32\rcimlby.exe -LaunchRA C:\Documents and Settings\Gast\Menu Start\Programma's\Bureau-accessoires\Kladblok.lnk - C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\Gast\Menu Start\Programma's\Bureau-accessoires\Opdrachtprompt.lnk - C:\WINDOWS\system32\cmd.exe C:\Documents and Settings\Gast\Menu Start\Programma's\Bureau-accessoires\Rondleiding door Windows XP.lnk - C:\WINDOWS\system32\tourstart.exe C:\Documents and Settings\Gast\Menu Start\Programma's\Bureau-accessoires\Synchroniseren.lnk - C:\WINDOWS\system32\mobsync.exe C:\Documents and Settings\Gast\Menu Start\Programma's\Bureau-accessoires\Windows Verkenner.lnk - C:\WINDOWS\explorer.exe C:\Documents and Settings\Gast\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Hulpprogrammabeheer.lnk - C:\WINDOWS\system32\utilman.exe /start C:\Documents and Settings\Gast\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Schermtoetsenbord.lnk - C:\WINDOWS\system32\osk.exe C:\Documents and Settings\Gast\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Vergrootglas.lnk - C:\WINDOWS\system32\magnify.exe ==== shortcuts in All Users Start Menu ====================== C:\Documents and Settings\All Users\Menu Start\Programmatoegang en -instellingen.lnk - C:\WINDOWS\system32\control.exe appwiz.cpl,,3 C:\Documents and Settings\All Users\Menu Start\Windows Update.lnk - C:\WINDOWS\system32\wupdmgr.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Accessoires\Windows PowerShell\Windows PowerShell ISE.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell_ise.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Accessoires\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Adobe Reader\Adobe Reader 8.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Paint.lnk - C:\WINDOWS\system32\mspaint.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Rekenmachine.lnk - C:\WINDOWS\system32\calc.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Verbinding met extern bureaublad.lnk - C:\WINDOWS\system32\mstsc.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Netwerkverbindingen.lnk - C:\WINDOWS\explorer.exe ::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{21EC2020-3AEA-1069-A2DD-08002B30309D}\::{7007acc7-3202-11d1-aad2-00805fc1270e} C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Wizard Draadloos netwerk instellen.lnk - C:\WINDOWS\system32\rundll32.exe shell32.dll,Control_RunDLL NetSetup.cpl,@0,WNSW C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Wizard Netwerk instellen.lnk - C:\WINDOWS\system32\rundll32.exe hnetwiz.dll,HomeNetWizardRunDll C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Wizard Nieuwe verbinding.lnk - C:\WINDOWS\system32\rundll32.exe netshell.dll,StartNCW C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Entertainment\Geluidsrecorder.lnk - C:\WINDOWS\system32\sndrec32.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Geplande taken.lnk - C:\WINDOWS\explorer.exe ::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{21EC2020-3AEA-1069-A2DD-08002B30309D}\::{D6277990-4C6A-11CF-8D87-00AA0060F5BF} C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Speciale tekens.lnk - C:\WINDOWS\system32\charmap.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Systeemherstel.lnk - C:\WINDOWS\system32\restore\rstrui.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Windows activeren.lnk - C:\WINDOWS\system32\oobe\msoobe.exe /A C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Wizard Bestanden en instellingen overzetten.lnk - C:\WINDOWS\system32\usmt\migwiz.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Wizard Toegankelijkheid.lnk - C:\WINDOWS\system32\accwiz.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Office2007 Configureren.lnk - C:\Program Files\Microsoft Office\Configuratie Office2007\Office2007 Configureren.cmd C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Serial Office2007.lnk - C:\Program Files\Microsoft Office\Configuratie Office2007\Keygenerator.cmd C:\Documents and Settings\All Users\Menu Start\Programma's\Total Commander\Uninstall or Repair Total Commander.lnk - C:\Program Files\totalcmd\TCUNINST.EXE ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\andy\Local Settings\Temporary Internet Files\Content.IE5\6RJW6ZOI will be deleted at reboot C:\Documents and Settings\andy\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Documents and Settings\andy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully C:\Documents and Settings\Gast\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\andy\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\andy\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Program Files\BearShare Applications\MediaBar" not found "C:\Documents and Settings\andy\Local Settings\Temporary Internet Files\Content.IE5\6RJW6ZOI" not found
  6. krisvdb
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:43:50, on 1/03/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\netdde.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Atheros\ACU.exe C:\Program Files\EmvSmartCardReader\SmartMON.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe C:\Acer\eManager\anbmServ.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleCrashHandler.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\clipsrv.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\svchost.exe c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\vssvc.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\System32\dmadmin.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2801948/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = telenet-a779d:80 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files\NCH_EN\prxtbNCH0.dll R3 - URLSearchHook: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\prxtbNC0.dll O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AVKWebIE.dll (file missing) O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: NCH EN - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files\NCH_EN\prxtbNCH0.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll O2 - BHO: CHelperBHO - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - C:\Program Files\Iminent\SearchTheWeb\Iminent.BHO.NavigationError.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files\Common Files\G Data\AVKProxy\BanksafeBHO.dll O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll O2 - BHO: NCH - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\prxtbNC0.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll O3 - Toolbar: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files\NCH_EN\prxtbNCH0.dll O3 - Toolbar: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\prxtbNC0.dll O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AVKWebIE.dll (file missing) O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui O4 - HKLM\..\Run: [smartMon] C:\Program Files\EmvSmartCardReader\SmartMON.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [iminent.Notifier] C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [DataMngr] C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe O4 - HKLM\..\Run: [CountrySelection] pctptt.exe O4 - HKLM\..\Run: [iMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [spyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [startw3i] C:\Program Files\PC Speed Maximizer\Startw3i.exe O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\andy\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIHSA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 845" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [Facebook Update] "C:\Documents and Settings\andy\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIHSA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 845" (User '?') O4 - HKUS\S-1-5-21-776561741-583907252-839522115-1011\..\Run: [Google Update] "C:\Documents and Settings\andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1311637432468 O20 - AppInit_DLLs: c:\progra~1\bearsh~1\mediabar\datamngr\datamngr.dll st O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: G Data Scheduler (AVKService) - Unknown owner - C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe (file missing) O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: W2k PCtel speaker phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE -- End of file - 10353 bytes
  7. krisvdb
    Ik heb onlangs een tweede hands Laptop gekocht omdat de kinderen steeds ruzie maakten wie er natuurlijk op de laptop kon. éénmaal thuis gekomenwil ik de antivirus instaleren, en deze wil niet instaleren omdat er een virus op de computer aanwezig is. De laptop is van het merk acer aspire 3500. Zou er mij iemand kunnen helpen aub. Dank bij voorbaat
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.