Ga naar inhoud

Mikel

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    5

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Mikel

  1. Mikel
    Ik heb alles uitgevoerd zoals je me aangeprezen hebt en ik kan je meedelen dat m'n computer nu weer goed werkt. Ik wil je nogmaals van harte bedanken voor de snelle reactie op mijn vraag en vooral op de goede werking en opvolging van het gebeuren. Ik denk wel dat ik deze zaak als opgelost kan beschouwen tenzij je nog enkele uit te voeren bewerkingen voor mij in petto hebt. Nog een Dikke proficiat aan het bestaan en vooral aan alle medewerkers van deze Site. Mikel
  2. Mikel
    Ik kan je melden dat m'n PC merkelijk vlugger opstart (in ongev. 2.30 min. en ook vlugger alslaat bij het stoppen). Hier de log van Combofix ComboFix 09-04-22.A0 - Eigenaar 22/04/2009 10:45.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1023.309 [GMT 2:00] Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Eigenaar\Bureaublad\cfscript.txt AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) * Nieuw herstelpunt werd aangemaakt FILE :: c:\windows\system32\tmp4D68D.FOT c:\windows\system32\tmp5148D.FOT c:\windows\system32\tmp9F58D.FOT c:\windows\system32\tmpAD58D.FOT c:\windows\system32\tmpBA58D.FOT c:\windows\system32\tmpD558D.FOT c:\windows\system32\tmpFF48D.FOT . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Hitman Pro c:\program files\Hitman Pro\blank.ini c:\program files\Hitman Pro\Controls.ini c:\program files\Hitman Pro\epcompilersigs.dat c:\program files\Hitman Pro\eppackersigs.dat c:\program files\Hitman Pro\hitmanpro2.sys c:\program files\Hitman Pro\Language.ini c:\program files\Hitman Pro\logs\buynow.gif c:\program files\Hitman Pro\logs\Hitman_Pro_2005-05-29_16-58-26.htm c:\program files\Hitman Pro\logs\Hitman_Pro_2005-05-29_17-00-40.htm c:\program files\Hitman Pro\logs\Hitman_Pro_2008-04-14_00-31-27.htm c:\program files\Hitman Pro\logs\Hitman_Pro_2008-04-14_00-36-19.htm c:\program files\Hitman Pro\logs\Hitman_Pro_2008-04-14_09-57-40.htm c:\program files\Hitman Pro\logs\hitmanpro.jpg c:\program files\Hitman Pro\MRCAgent.exe c:\program files\Hitman Pro\roamingsigs c:\program files\Hitman Pro\sigcheck.exe c:\program files\Hitman Pro\StriderCache.ini c:\windows\system32\tmp4D68D.FOT c:\windows\system32\tmp5148D.FOT c:\windows\system32\tmp9F58D.FOT c:\windows\system32\tmpAD58D.FOT c:\windows\system32\tmpBA58D.FOT c:\windows\system32\tmpD558D.FOT c:\windows\system32\tmpFF48D.FOT . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_CTREDRV.SYS -------\Service_ctredrv.sys (((((((((((((((((((( Bestanden Gemaakt van 2009-03-22 to 2009-04-22 )))))))))))))))))))))))))))))) . 2009-04-19 16:05 . 2009-04-19 16:05 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Malwarebytes 2009-04-19 16:05 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-04-19 16:05 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-04-19 16:05 . 2009-04-21 13:37 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-04-19 16:05 . 2009-04-19 16:05 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2009-04-18 22:08 . 2009-04-18 22:08 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Audio Editor Deluxe 2009-04-18 22:07 . 2006-03-23 10:56 113486 ----a-w c:\windows\system32\NCTWMAProfiles.prx 2009-04-18 22:07 . 2005-05-18 09:52 1212416 ----a-w c:\windows\system32\NCTAudioInformation2.dll 2009-04-18 22:07 . 2005-05-17 10:37 1986560 ----a-w c:\windows\system32\NCTAudioFile2.dll 2009-04-18 22:07 . 2005-04-25 11:01 458752 ----a-w c:\windows\system32\NCTAudioRecord2.dll 2009-04-18 22:07 . 2005-04-25 11:01 458752 ----a-w c:\windows\system32\NCTAudioPlayer2.dll 2009-04-18 22:07 . 2005-04-15 10:08 880640 ----a-w c:\windows\system32\NCTAudioEditor2.dll 2009-04-18 22:07 . 2005-04-04 15:21 602112 ----a-w c:\windows\system32\NCTAudioTransform2.dll 2009-04-18 22:07 . 2005-03-29 05:57 2084864 ----a-w c:\windows\system32\NCTAudioDesign2.dll 2009-04-18 22:07 . 2005-03-28 13:56 417792 ----a-w c:\windows\system32\NCTAudioDisplay2.dll 2009-04-18 22:07 . 2005-03-28 13:54 479232 ----a-w c:\windows\system32\NCTAudioVisualization2.dll 2009-04-18 22:07 . 2005-02-24 09:51 348160 ----a-w c:\windows\system32\NCTWMAFile2.dll 2009-04-18 22:07 . 2004-11-04 11:31 835584 ----a-w c:\windows\system32\NCTAudioCDGrabber2.dll 2009-04-18 20:07 . 2009-04-18 20:07 -------- d-----w c:\program files\Trend Micro 2009-04-18 16:23 . 2009-04-18 16:23 67 ----a-w c:\windows\wininit.ini 2009-04-16 20:47 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe 2009-04-16 20:47 . 2009-03-06 14:23 285696 -c----w c:\windows\system32\dllcache\pdh.dll 2009-04-16 20:47 . 2009-02-09 11:27 111104 -c----w c:\windows\system32\dllcache\services.exe 2009-04-16 20:47 . 2009-02-09 10:56 401408 -c----w c:\windows\system32\dllcache\rpcss.dll 2009-04-16 20:47 . 2009-02-09 10:56 473600 -c----w c:\windows\system32\dllcache\fastprox.dll 2009-04-16 20:47 . 2009-02-09 10:56 684544 -c----w c:\windows\system32\dllcache\advapi32.dll 2009-04-16 20:47 . 2009-02-09 10:56 734208 -c----w c:\windows\system32\dllcache\lsasrv.dll 2009-04-16 20:47 . 2009-02-09 10:56 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll 2009-04-16 20:47 . 2009-02-09 10:56 735744 -c----w c:\windows\system32\dllcache\ntdll.dll 2009-04-16 20:46 . 2009-03-27 06:59 1203922 -c----w c:\windows\system32\dllcache\sysmain.sdb 2009-04-16 20:46 . 2008-04-21 21:16 218624 -c----w c:\windows\system32\dllcache\wordpad.exe 2009-04-14 21:09 . 2009-02-23 15:15 85281 ------w c:\windows\hpgins01.dat.temp 2009-04-14 21:09 . 2004-05-13 20:33 145 ------w c:\windows\hpgmdl01.dat.temp 2009-04-12 12:37 . 2009-04-12 12:37 -------- d-----w c:\documents and settings\All Users\Application Data\TERMINAL Studio 2009-04-08 17:00 . 2008-12-13 12:47 40496 ----a-w c:\windows\system32\drivers\hotcore3.sys 2009-04-08 16:57 . 2009-04-08 16:57 -------- d-----w c:\program files\Paragon Software 2009-04-07 22:08 . 2009-04-07 22:08 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Talkback 2009-04-05 16:45 . 2009-04-05 16:45 -------- d-----w c:\documents and settings\Eigenaar\Application Data\TERMINAL Studio 2009-04-05 16:43 . 2007-11-06 15:46 106496 ----a-w c:\windows\system32\Astro Gemini Screensaver Manager.scr 2009-04-05 16:43 . 2009-04-05 16:43 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Astro Gemini Software 2009-04-05 16:43 . 2009-04-05 16:43 -------- d-----w c:\program files\Astro Gemini Software 2009-04-05 16:43 . 2008-08-21 10:30 12636160 ----a-w c:\windows\system32\Dinosaurs 3D Screensaver.scr 2009-04-04 12:48 . 2009-04-04 12:56 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Jetbricks 2009-04-01 14:58 . 2009-04-01 14:58 -------- d-----w c:\documents and settings\Eigenaar\Local Settings\Application Data\FileMaker 2009-03-31 16:40 . 2009-03-31 16:40 -------- d-----w c:\documents and settings\All Users\Application Data\PCPitstop 2009-03-28 11:20 . 2009-03-28 11:20 -------- d-----w c:\documents and settings\All Users\Application Data\Gameeel 2009-03-23 15:15 . 2009-03-23 15:15 23 ----a-w c:\windows\SWFDecompiler.INI 2009-03-23 15:13 . 2009-03-27 22:53 -------- d-----w c:\program files\Common Files\SourceTec . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-22 08:54 . 2008-07-28 10:30 -------- d-----w c:\program files\SPAMfighter 2009-04-22 08:53 . 2005-04-29 17:48 -------- d-----w c:\program files\Mozilla Sunbird 2009-04-22 08:52 . 2009-01-23 19:48 132269 ----a-w C:\aaw7boot.log 2009-04-21 16:53 . 2009-04-21 16:53 26476 ----a-w C:\log21-04-09.txt 2009-04-21 16:36 . 2009-04-21 16:36 26476 ----a-w C:\log.txt 2009-04-21 15:18 . 2007-05-29 10:52 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-04-19 13:44 . 2009-03-16 11:58 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-04-17 22:31 . 2008-04-13 21:59 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-04-17 06:28 . 2004-08-04 12:00 580636 ----a-w c:\windows\system32\perfh013.dat 2009-04-17 06:28 . 2004-08-04 12:00 117582 ----a-w c:\windows\system32\perfc013.dat 2009-04-10 18:43 . 2008-05-26 17:40 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys 2009-04-05 20:36 . 2009-03-15 11:34 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Gold Casual Games 2009-04-05 20:36 . 2009-03-15 11:34 -------- d-----w c:\documents and settings\All Users\Application Data\Gold Casual Games 2009-04-01 16:48 . 2009-01-28 20:36 -------- d-----w c:\program files\DivX 2009-04-01 16:48 . 2009-01-03 13:56 -------- d-----w c:\program files\TweakRAM 2009-04-01 16:48 . 2008-11-25 21:56 -------- d-----w c:\program files\QuickTime 2009-04-01 16:48 . 2008-06-17 12:32 -------- d-----w c:\program files\FotoXpert 2009-04-01 16:48 . 2008-03-03 18:22 -------- d-----w c:\program files\Windows Live Toolbar 2009-04-01 16:48 . 2008-10-05 09:38 -------- d-----w c:\documents and settings\Eigenaar\Application Data\SpinTop 2009-03-31 14:00 . 2008-12-28 17:31 -------- d-----w c:\program files\WinUtilities 2009-03-31 13:15 . 2009-03-20 20:36 -------- d-----w c:\program files\Flexbyte Software 2009-03-31 09:55 . 2009-03-14 15:49 -------- d-----w c:\program files\JLC's Software 2009-03-28 07:12 . 2008-11-25 21:58 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Apple Computer 2009-03-24 14:16 . 2009-03-20 20:37 -------- d-----w c:\documents and settings\Eigenaar\Application Data\NetStat Agent 2009-03-24 14:15 . 2008-11-25 21:57 -------- d-----w c:\program files\Bonjour 2009-03-24 08:23 . 2005-04-02 07:13 -------- d-----w c:\program files\Google 2009-03-24 07:45 . 2009-01-15 21:12 -------- d-----w c:\documents and settings\All Users\Application Data\History Explorer 2009-03-20 14:28 . 2005-03-29 13:23 282440 ----a-w c:\documents and settings\Eigenaar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-03-20 14:15 . 2009-03-20 14:15 -------- d-----w c:\program files\JRE 2009-03-20 14:15 . 2009-03-20 14:15 -------- d-----w c:\program files\OpenOffice.org 3 2009-03-19 09:06 . 2005-03-31 11:06 -------- d-----w c:\program files\Topcom 2009-03-18 23:48 . 2009-03-18 23:48 -------- d-----w c:\program files\Common Files\Bcgsoft 2009-03-18 00:17 . 2007-04-22 06:06 -------- d-----w c:\program files\Microsoft SQL Server 2009-03-17 22:41 . 2009-03-17 22:41 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Windows Search 2009-03-17 22:41 . 2009-03-17 22:41 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Windows Desktop Search 2009-03-17 22:40 . 2009-03-17 22:40 -------- d-----w c:\program files\Windows Desktop Search 2009-03-17 22:20 . 2009-03-17 22:20 -------- d-----w c:\program files\Microsoft Works 2009-03-17 22:19 . 2007-02-05 10:01 -------- d-----w c:\program files\Microsoft.NET 2009-03-17 21:53 . 2009-02-05 16:56 -------- d-----w c:\program files\MSBuild 2009-03-17 16:26 . 2008-12-26 14:00 -------- d-----w c:\program files\Premium Booster 2009-03-16 11:27 . 2007-04-22 06:13 -------- d-----w c:\program files\Microsoft Small Business 2009-03-14 15:49 . 2009-03-14 15:49 -------- d-----w c:\documents and settings\Eigenaar\Application Data\JLC's Software 2009-03-14 08:31 . 2009-03-14 08:31 -------- d-----w c:\program files\SystemRequirementsLab 2009-03-14 08:31 . 2009-03-14 08:31 -------- d-----w c:\documents and settings\Eigenaar\Application Data\SystemRequirementsLab 2009-03-12 16:46 . 2008-04-14 10:56 -------- d-----w c:\program files\Spybot - Search & Destroy 2009-03-11 16:28 . 2005-03-29 13:11 -------- d--h--w c:\program files\InstallShield Installation Information 2009-03-11 16:22 . 2005-04-06 12:19 -------- d-----w c:\program files\Pinnacle 2009-03-11 16:07 . 2009-03-08 17:16 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Vso 2009-03-09 16:12 . 2009-03-09 10:37 -------- d-----w c:\documents and settings\Eigenaar\Application Data\AVGTOOLBAR 2009-03-09 10:38 . 2008-05-26 17:40 325640 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-03-09 10:37 . 2008-05-26 17:40 10520 ----a-w c:\windows\system32\avgrsstx.dll 2009-03-09 10:37 . 2008-05-26 17:39 -------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-03-08 17:16 . 2009-03-08 17:16 81920 ----a-w c:\documents and settings\Eigenaar\Application Data\ezpinst.exe 2009-03-08 17:16 . 2009-03-08 17:16 47360 ----a-w c:\windows\system32\drivers\pcouffin.sys 2009-03-08 17:16 . 2009-03-08 17:16 47360 ----a-w c:\documents and settings\Eigenaar\Application Data\pcouffin.sys 2009-03-07 23:20 . 2009-03-07 23:20 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Gamelab 2009-03-06 17:27 . 2009-01-23 17:48 15688 ----a-w c:\windows\system32\lsdelete.exe 2009-03-06 17:27 . 2009-01-23 17:27 64160 ----a-w c:\windows\system32\drivers\Lbd.sys 2009-03-06 14:23 . 2004-08-04 12:00 285696 ----a-w c:\windows\system32\pdh.dll 2009-03-04 17:35 . 2008-11-25 20:51 -------- d-----w c:\program files\MultiStage Recovery 2009-03-03 00:16 . 2004-08-04 12:00 826368 ----a-w c:\windows\system32\wininet.dll 2009-03-02 22:44 . 2009-03-02 22:44 -------- d-----w c:\program files\Quicksys 2009-03-01 10:05 . 2009-03-01 10:01 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Archibald's Adventures 2009-03-01 07:19 . 2008-11-19 00:01 -------- d-----w c:\program files\Common Files\Adobe AIR 2009-02-27 22:37 . 2009-02-27 22:37 -------- d-----w c:\documents and settings\All Users\Application Data\Quicksys 2009-02-27 21:21 . 2009-02-27 21:21 -------- d-----w c:\documents and settings\Eigenaar\Application Data\OpenOffice.org 2009-02-27 21:17 . 2009-02-26 12:11 -------- d-----w c:\program files\OpenOffice.org 2.4 2009-02-27 21:04 . 2008-08-07 19:39 -------- d-----w c:\documents and settings\Eigenaar\Application Data\OpenOffice.org2 2009-02-27 20:24 . 2009-02-27 17:29 -------- d-----w c:\documents and settings\Eigenaar\Application Data\RegTool 2009-02-26 12:03 . 2009-02-26 12:03 410984 ----a-w c:\windows\system32\deploytk.dll 2009-02-26 12:03 . 2006-10-29 03:14 -------- d-----w c:\program files\Java 2009-02-23 15:15 . 2005-04-04 12:27 85281 ------w c:\windows\hpgins01.dat 2009-02-23 15:14 . 2009-02-23 15:14 -------- d-----w c:\documents and settings\All Users\Application Data\Hewlett-Packard 2009-02-23 15:14 . 2005-04-04 12:28 -------- d-----w c:\program files\HP 2009-02-23 15:06 . 2005-03-31 20:50 -------- d-----w c:\program files\Hewlett-Packard 2009-02-23 14:25 . 2005-04-04 12:32 -------- d-----w c:\program files\Readiris Pro 9 2009-02-21 14:14 . 2009-02-21 14:14 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Sytexis Software 2009-02-20 17:18 . 2004-08-04 12:00 78336 ----a-w c:\windows\system32\ieencode.dll 2009-02-09 14:08 . 2004-08-04 12:00 1846912 ----a-w c:\windows\system32\win32k.sys 2009-02-09 11:27 . 2004-08-04 00:58 2028544 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-02-09 11:27 . 2004-08-04 12:00 2149888 ----a-w c:\windows\system32\ntoskrnl.exe 2009-02-09 11:27 . 2004-08-04 12:00 111104 ----a-w c:\windows\system32\services.exe 2009-02-09 10:56 . 2004-08-04 12:00 734208 ----a-w c:\windows\system32\lsasrv.dll 2009-02-09 10:56 . 2004-08-04 12:00 684544 ----a-w c:\windows\system32\advapi32.dll 2009-02-09 10:56 . 2004-08-04 12:00 401408 ----a-w c:\windows\system32\rpcss.dll 2009-02-09 10:56 . 2004-08-04 12:00 735744 ----a-w c:\windows\system32\ntdll.dll 2009-02-06 10:39 . 2004-08-04 12:00 35328 ----a-w c:\windows\system32\sc.exe 2009-02-05 16:57 . 2009-02-05 16:57 432008 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-02-03 19:59 . 2004-08-04 12:00 56832 ----a-w c:\windows\system32\secur32.dll 2008-05-04 20:29 . 2008-05-04 20:29 9 ----a-w c:\documents and settings\Eigenaar\Application Data\mdb.bin 2008-04-03 18:09 . 2008-03-14 08:21 105272 ----a-w c:\documents and settings\Gast\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2007-11-03 16:51 . 2007-10-29 21:54 1452 ----a-w c:\documents and settings\Eigenaar\Emails.dat 2007-10-29 21:54 . 2007-10-29 21:54 10 ----a-w c:\documents and settings\Eigenaar\user.dat 2007-02-01 18:28 . 2005-04-23 16:08 56824 ----a-w c:\documents and settings\Eigenaar\Application Data\GDIPFONTCACHEV1.DAT 2005-03-31 18:05 . 2005-03-31 18:05 131 ----a-w c:\documents and settings\Eigenaar\Local Settings\Application Data\fusioncache.dat 2008-08-30 08:56 . 2008-08-30 08:56 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008083020080831\index.dat . ((((((((((((((((((((((((((((( SnapShot@2009-04-21_15.28.14 ))))))))))))))))))))))))))))))))))))))))) . + 2009-04-22 08:53 . 2009-04-22 08:53 16384 c:\windows\Temp\usgthrsvc\Perflib_Perfdata_bf4.dat + 2009-04-22 08:29 . 2009-04-22 08:29 16384 c:\windows\Temp\Perflib_Perfdata_64c.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "TweakRAM"="c:\program files\TweakRAM\TweakRAM.exe" [2008-12-20 1189888] "Wireless LAN Card Utilities"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2006-09-18 1696768] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-29 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2008-09-18 333120] "QuickTime Task"="c:\program files\QUICKTIME\QTTask.exe" [2008-11-04 413696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-09 1932568] "InCD"="c:\program files\Ahead\InCD\InCD.exe" [2005-01-03 1385472] c:\documents and settings\Eigenaar\Menu Start\Programma's\Opstarten\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440] sunbird.exe.lnk - c:\program files\Mozilla Sunbird\sunbird.exe [2005-4-29 6354540] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-03-09 10:37 10520 ----a-w c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Acrobat Assistant.lnk] backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar^Menu Start^Programma's^Opstarten^Adobe Media Player.lnk] backup=c:\windows\pss\Adobe Media Player.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "CloneCDTray"="c:\program files\Elaborate Bytes\CloneCD\CloneCDTray.exe" "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" -hide "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe "snpstd3"=c:\windows\vsnpstd3.exe "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" "QuickTime Task"="c:\program files\QUICKTIME\QTTASK.EXE" -atboottime [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= R3 DCamUSBSTK017;STK017 Camera;c:\windows\system32\DRIVERS\STK017W2.sys [2003-11-17 99476] R3 hitmanpro2;Hitman Pro 2 Driver; [x] R3 USRPCI;USRobotics Wireless PCI Adapter Service; [x] R3 wlanndi5;wlanndi5 NDIS Protocol Driver;c:\windows\system32\wlanndi5.SYS [2004-04-21 16384] S0 hotcore3;Hotcore helper;c:\windows\system32\DRIVERS\hotcore3.sys [2008-12-13 40496] S0 iteraid;ITERAID_Service_Install;c:\windows\system32\DRIVERS\iteraid.sys [2004-06-01 24971] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-03-06 64160] S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-03-09 325640] S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-04-10 108552] S1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board;c:\windows\system32\drivers\DCxxMJPG.sys [2002-06-04 132940] S1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\DRIVERS\StarPortLite.sys [2008-12-26 95592] S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-03-09 908056] S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-09 298264] S2 History Explorer Service;History Explorer Service;h:\giveawayoftheday\History Explorer\HistoryExplorer.Service.exe [2009-01-06 51200] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632] S2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712] S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [2008-07-14 184968] S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592] S3 ASNDIS5;ASNDIS5 Protocol Driver;c:\windows\system32\ASNDIS5.SYS [2002-09-09 16269] S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\DRIVERS\whfltr2k.sys [2007-01-25 6784] . Inhoud van de 'Gedeelde Taken' map 2009-04-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 17:27] 2009-04-22 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20] 2009-04-22 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2008-07-19 16:02] 2009-04-22 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-29 13:38] 2009-04-22 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 16:20] 2009-03-15 c:\windows\Tasks\Wise Disk Cleaner 4.job - h:\giveawayoftheday\Wise Disk Cleaner\WiseDiskCleaner.exe [2009-03-15 19:12] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.hln.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://www.google.be/ig?sourceid=navclient&hl=nl&ie=UTF-8 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - Sign In IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab FF - ProfilePath - c:\documents and settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\lob8pztu.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.rocketdivision.com/search/ FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=nl-be&FORM=MICJE3&q= FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeploytk.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdivx32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npnul32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOFF12.DLL FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\nppdf32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-22 10:54 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-343818398-842925246-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(860) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3600) c:\program files\BillP Studios\WinPatrol\PATROLPRO.DLL c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\wpdshext.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\Audiodev.dll c:\windows\system32\WMVCore.DLL c:\windows\system32\WMASF.DLL c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\ati2evxx.exe c:\program files\Ahead\InCD\InCDsrv.exe c:\program files\Common Files\Symantec Shared\CCSETMGR.EXE c:\program files\Common Files\Symantec Shared\CCEVTMGR.EXE c:\windows\system32\ati2evxx.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\gearsec.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Norton Ghost\Agent\VProSvc.exe c:\program files\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe c:\windows\system32\searchindexer.exe c:\program files\AVG\AVG8\avgcsrvx.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Lavasoft\Ad-Aware\AAWTray.exe . ************************************************************************** . Voltooingstijd: 2009-04-22 11:03 - machine werd herstart ComboFix-quarantined-files.txt 2009-04-22 09:03 ComboFix2.txt 2009-04-21 16:28 ComboFix3.txt 2009-04-21 15:30 Pre-Run: 10.671.685.632 bytes beschikbaar Post-Run: 10.549.395.456 bytes beschikbaar 391 --- E O F --- 2009-04-22 08:02 Nogmaals veel dank, Mikel
  3. Mikel
    Na wat moeite in het begin met AVG antivirus is het denk ik toch gelukt ComboFix 09-04-21.A8 - Eigenaar 21/04/2009 18:22.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1023.435 [GMT 2:00] Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((( Bestanden Gemaakt van 2009-03-21 to 2009-04-21 )))))))))))))))))))))))))))))) . 2009-04-19 16:05 . 2009-04-19 16:05 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Malwarebytes 2009-04-19 16:05 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-04-19 16:05 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-04-19 16:05 . 2009-04-21 13:37 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-04-19 16:05 . 2009-04-19 16:05 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2009-04-18 22:08 . 2009-04-18 22:08 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Audio Editor Deluxe 2009-04-18 22:07 . 2006-03-23 10:56 113486 ----a-w c:\windows\system32\NCTWMAProfiles.prx 2009-04-18 22:07 . 2005-05-18 09:52 1212416 ----a-w c:\windows\system32\NCTAudioInformation2.dll 2009-04-18 22:07 . 2005-05-17 10:37 1986560 ----a-w c:\windows\system32\NCTAudioFile2.dll 2009-04-18 22:07 . 2005-04-25 11:01 458752 ----a-w c:\windows\system32\NCTAudioRecord2.dll 2009-04-18 22:07 . 2005-04-25 11:01 458752 ----a-w c:\windows\system32\NCTAudioPlayer2.dll 2009-04-18 22:07 . 2005-04-15 10:08 880640 ----a-w c:\windows\system32\NCTAudioEditor2.dll 2009-04-18 22:07 . 2005-04-04 15:21 602112 ----a-w c:\windows\system32\NCTAudioTransform2.dll 2009-04-18 22:07 . 2005-03-29 05:57 2084864 ----a-w c:\windows\system32\NCTAudioDesign2.dll 2009-04-18 22:07 . 2005-03-28 13:56 417792 ----a-w c:\windows\system32\NCTAudioDisplay2.dll 2009-04-18 22:07 . 2005-03-28 13:54 479232 ----a-w c:\windows\system32\NCTAudioVisualization2.dll 2009-04-18 22:07 . 2005-02-24 09:51 348160 ----a-w c:\windows\system32\NCTWMAFile2.dll 2009-04-18 22:07 . 2004-11-04 11:31 835584 ----a-w c:\windows\system32\NCTAudioCDGrabber2.dll 2009-04-18 20:07 . 2009-04-18 20:07 -------- d-----w c:\program files\Trend Micro 2009-04-18 16:23 . 2009-04-18 16:23 67 ----a-w c:\windows\wininit.ini 2009-04-16 20:47 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe 2009-04-16 20:47 . 2009-03-06 14:23 285696 -c----w c:\windows\system32\dllcache\pdh.dll 2009-04-16 20:47 . 2009-02-09 11:27 111104 -c----w c:\windows\system32\dllcache\services.exe 2009-04-16 20:47 . 2009-02-09 10:56 401408 -c----w c:\windows\system32\dllcache\rpcss.dll 2009-04-16 20:47 . 2009-02-09 10:56 473600 -c----w c:\windows\system32\dllcache\fastprox.dll 2009-04-16 20:47 . 2009-02-09 10:56 684544 -c----w c:\windows\system32\dllcache\advapi32.dll 2009-04-16 20:47 . 2009-02-09 10:56 734208 -c----w c:\windows\system32\dllcache\lsasrv.dll 2009-04-16 20:47 . 2009-02-09 10:56 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll 2009-04-16 20:47 . 2009-02-09 10:56 735744 -c----w c:\windows\system32\dllcache\ntdll.dll 2009-04-16 20:46 . 2009-03-27 06:59 1203922 -c----w c:\windows\system32\dllcache\sysmain.sdb 2009-04-16 20:46 . 2008-04-21 21:16 218624 -c----w c:\windows\system32\dllcache\wordpad.exe 2009-04-14 21:09 . 2009-02-23 15:15 85281 ------w c:\windows\hpgins01.dat.temp 2009-04-14 21:09 . 2004-05-13 20:33 145 ------w c:\windows\hpgmdl01.dat.temp 2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmpFF48D.FOT 2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmpD558D.FOT 2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmpBA58D.FOT 2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmpAD58D.FOT 2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmp9F58D.FOT 2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmp5148D.FOT 2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmp4D68D.FOT 2009-04-12 12:37 . 2009-04-12 12:37 -------- d-----w c:\documents and settings\All Users\Application Data\TERMINAL Studio 2009-04-08 17:00 . 2008-12-13 12:47 40496 ----a-w c:\windows\system32\drivers\hotcore3.sys 2009-04-08 16:57 . 2009-04-08 16:57 -------- d-----w c:\program files\Paragon Software 2009-04-07 22:08 . 2009-04-07 22:08 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Talkback 2009-04-05 16:45 . 2009-04-05 16:45 -------- d-----w c:\documents and settings\Eigenaar\Application Data\TERMINAL Studio 2009-04-05 16:43 . 2007-11-06 15:46 106496 ----a-w c:\windows\system32\Astro Gemini Screensaver Manager.scr 2009-04-05 16:43 . 2009-04-05 16:43 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Astro Gemini Software 2009-04-05 16:43 . 2009-04-05 16:43 -------- d-----w c:\program files\Astro Gemini Software 2009-04-05 16:43 . 2008-08-21 10:30 12636160 ----a-w c:\windows\system32\Dinosaurs 3D Screensaver.scr 2009-04-04 12:48 . 2009-04-04 12:56 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Jetbricks 2009-04-01 14:58 . 2009-04-01 14:58 -------- d-----w c:\documents and settings\Eigenaar\Local Settings\Application Data\FileMaker 2009-03-31 16:40 . 2009-03-31 16:40 -------- d-----w c:\documents and settings\All Users\Application Data\PCPitstop 2009-03-28 11:20 . 2009-03-28 11:20 -------- d-----w c:\documents and settings\All Users\Application Data\Gameeel 2009-03-23 15:15 . 2009-03-23 15:15 23 ----a-w c:\windows\SWFDecompiler.INI 2009-03-23 15:13 . 2009-03-27 22:53 -------- d-----w c:\program files\Common Files\SourceTec . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-21 16:19 . 2005-04-29 17:48 -------- d-----w c:\program files\Mozilla Sunbird 2009-04-21 16:10 . 2008-07-28 10:30 -------- d-----w c:\program files\SPAMfighter 2009-04-21 16:08 . 2009-01-23 19:48 130477 ----a-w C:\aaw7boot.log 2009-04-21 15:18 . 2007-05-29 10:52 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-04-19 13:44 . 2009-03-16 11:58 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-04-17 22:31 . 2008-04-13 21:59 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-04-17 06:28 . 2004-08-04 12:00 580636 ----a-w c:\windows\system32\perfh013.dat 2009-04-17 06:28 . 2004-08-04 12:00 117582 ----a-w c:\windows\system32\perfc013.dat 2009-04-10 18:43 . 2008-05-26 17:40 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys 2009-04-05 20:36 . 2009-03-15 11:34 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Gold Casual Games 2009-04-05 20:36 . 2009-03-15 11:34 -------- d-----w c:\documents and settings\All Users\Application Data\Gold Casual Games 2009-04-01 16:48 . 2009-01-28 20:36 -------- d-----w c:\program files\DivX 2009-04-01 16:48 . 2009-01-03 13:56 -------- d-----w c:\program files\TweakRAM 2009-04-01 16:48 . 2008-11-25 21:56 -------- d-----w c:\program files\QuickTime 2009-04-01 16:48 . 2008-06-17 12:32 -------- d-----w c:\program files\FotoXpert 2009-04-01 16:48 . 2008-03-03 18:22 -------- d-----w c:\program files\Windows Live Toolbar 2009-04-01 16:48 . 2008-10-05 09:38 -------- d-----w c:\documents and settings\Eigenaar\Application Data\SpinTop 2009-03-31 14:00 . 2008-12-28 17:31 -------- d-----w c:\program files\WinUtilities 2009-03-31 13:15 . 2009-03-20 20:36 -------- d-----w c:\program files\Flexbyte Software 2009-03-31 09:55 . 2009-03-14 15:49 -------- d-----w c:\program files\JLC's Software 2009-03-28 07:12 . 2008-11-25 21:58 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Apple Computer 2009-03-24 14:16 . 2009-03-20 20:37 -------- d-----w c:\documents and settings\Eigenaar\Application Data\NetStat Agent 2009-03-24 14:15 . 2008-11-25 21:57 -------- d-----w c:\program files\Bonjour 2009-03-24 08:23 . 2005-04-02 07:13 -------- d-----w c:\program files\Google 2009-03-24 07:45 . 2009-01-15 21:12 -------- d-----w c:\documents and settings\All Users\Application Data\History Explorer 2009-03-20 14:28 . 2005-03-29 13:23 282440 ----a-w c:\documents and settings\Eigenaar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-03-20 14:15 . 2009-03-20 14:15 -------- d-----w c:\program files\JRE 2009-03-20 14:15 . 2009-03-20 14:15 -------- d-----w c:\program files\OpenOffice.org 3 2009-03-19 09:06 . 2005-03-31 11:06 -------- d-----w c:\program files\Topcom 2009-03-18 23:48 . 2009-03-18 23:48 -------- d-----w c:\program files\Common Files\Bcgsoft 2009-03-18 00:17 . 2007-04-22 06:06 -------- d-----w c:\program files\Microsoft SQL Server 2009-03-17 22:41 . 2009-03-17 22:41 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Windows Search 2009-03-17 22:41 . 2009-03-17 22:41 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Windows Desktop Search 2009-03-17 22:40 . 2009-03-17 22:40 -------- d-----w c:\program files\Windows Desktop Search 2009-03-17 22:20 . 2009-03-17 22:20 -------- d-----w c:\program files\Microsoft Works 2009-03-17 22:19 . 2007-02-05 10:01 -------- d-----w c:\program files\Microsoft.NET 2009-03-17 21:53 . 2009-02-05 16:56 -------- d-----w c:\program files\MSBuild 2009-03-17 16:26 . 2008-12-26 14:00 -------- d-----w c:\program files\Premium Booster 2009-03-16 11:27 . 2007-04-22 06:13 -------- d-----w c:\program files\Microsoft Small Business 2009-03-14 15:49 . 2009-03-14 15:49 -------- d-----w c:\documents and settings\Eigenaar\Application Data\JLC's Software 2009-03-14 08:31 . 2009-03-14 08:31 -------- d-----w c:\program files\SystemRequirementsLab 2009-03-14 08:31 . 2009-03-14 08:31 -------- d-----w c:\documents and settings\Eigenaar\Application Data\SystemRequirementsLab 2009-03-12 16:46 . 2008-04-14 10:56 -------- d-----w c:\program files\Spybot - Search & Destroy 2009-03-11 16:28 . 2005-03-29 13:11 -------- d--h--w c:\program files\InstallShield Installation Information 2009-03-11 16:22 . 2005-04-06 12:19 -------- d-----w c:\program files\Pinnacle 2009-03-11 16:07 . 2009-03-08 17:16 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Vso 2009-03-09 16:12 . 2009-03-09 10:37 -------- d-----w c:\documents and settings\Eigenaar\Application Data\AVGTOOLBAR 2009-03-09 10:38 . 2008-05-26 17:40 325640 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-03-09 10:37 . 2008-05-26 17:40 10520 ----a-w c:\windows\system32\avgrsstx.dll 2009-03-09 10:37 . 2008-05-26 17:39 -------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-03-08 17:16 . 2009-03-08 17:16 81920 ----a-w c:\documents and settings\Eigenaar\Application Data\ezpinst.exe 2009-03-08 17:16 . 2009-03-08 17:16 47360 ----a-w c:\windows\system32\drivers\pcouffin.sys 2009-03-08 17:16 . 2009-03-08 17:16 47360 ----a-w c:\documents and settings\Eigenaar\Application Data\pcouffin.sys 2009-03-07 23:20 . 2009-03-07 23:20 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Gamelab 2009-03-06 17:27 . 2009-01-23 17:48 15688 ----a-w c:\windows\system32\lsdelete.exe 2009-03-06 17:27 . 2009-01-23 17:27 64160 ----a-w c:\windows\system32\drivers\Lbd.sys 2009-03-06 14:23 . 2004-08-04 12:00 285696 ----a-w c:\windows\system32\pdh.dll 2009-03-04 17:35 . 2008-11-25 20:51 -------- d-----w c:\program files\MultiStage Recovery 2009-03-03 00:16 . 2004-08-04 12:00 826368 ----a-w c:\windows\system32\wininet.dll 2009-03-02 22:44 . 2009-03-02 22:44 -------- d-----w c:\program files\Quicksys 2009-03-01 10:05 . 2009-03-01 10:01 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Archibald's Adventures 2009-03-01 07:19 . 2008-11-19 00:01 -------- d-----w c:\program files\Common Files\Adobe AIR 2009-02-27 22:37 . 2009-02-27 22:37 -------- d-----w c:\documents and settings\All Users\Application Data\Quicksys 2009-02-27 21:21 . 2009-02-27 21:21 -------- d-----w c:\documents and settings\Eigenaar\Application Data\OpenOffice.org 2009-02-27 21:17 . 2009-02-26 12:11 -------- d-----w c:\program files\OpenOffice.org 2.4 2009-02-27 21:04 . 2008-08-07 19:39 -------- d-----w c:\documents and settings\Eigenaar\Application Data\OpenOffice.org2 2009-02-27 20:24 . 2009-02-27 17:29 -------- d-----w c:\documents and settings\Eigenaar\Application Data\RegTool 2009-02-26 12:03 . 2009-02-26 12:03 410984 ----a-w c:\windows\system32\deploytk.dll 2009-02-26 12:03 . 2006-10-29 03:14 -------- d-----w c:\program files\Java 2009-02-23 15:15 . 2005-04-04 12:27 85281 ------w c:\windows\hpgins01.dat 2009-02-23 15:14 . 2009-02-23 15:14 -------- d-----w c:\documents and settings\All Users\Application Data\Hewlett-Packard 2009-02-23 15:14 . 2005-04-04 12:28 -------- d-----w c:\program files\HP 2009-02-23 15:06 . 2005-03-31 20:50 -------- d-----w c:\program files\Hewlett-Packard 2009-02-23 14:25 . 2005-04-04 12:32 -------- d-----w c:\program files\Readiris Pro 9 2009-02-21 14:14 . 2009-02-21 14:14 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Sytexis Software 2009-02-20 17:18 . 2004-08-04 12:00 78336 ----a-w c:\windows\system32\ieencode.dll 2009-02-09 14:08 . 2004-08-04 12:00 1846912 ----a-w c:\windows\system32\win32k.sys 2009-02-09 11:27 . 2004-08-04 00:58 2028544 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-02-09 11:27 . 2004-08-04 12:00 2149888 ----a-w c:\windows\system32\ntoskrnl.exe 2009-02-09 11:27 . 2004-08-04 12:00 111104 ----a-w c:\windows\system32\services.exe 2009-02-09 10:56 . 2004-08-04 12:00 734208 ----a-w c:\windows\system32\lsasrv.dll 2009-02-09 10:56 . 2004-08-04 12:00 684544 ----a-w c:\windows\system32\advapi32.dll 2009-02-09 10:56 . 2004-08-04 12:00 401408 ----a-w c:\windows\system32\rpcss.dll 2009-02-09 10:56 . 2004-08-04 12:00 735744 ----a-w c:\windows\system32\ntdll.dll 2009-02-06 10:39 . 2004-08-04 12:00 35328 ----a-w c:\windows\system32\sc.exe 2009-02-05 16:57 . 2009-02-05 16:57 432008 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-02-03 19:59 . 2004-08-04 12:00 56832 ----a-w c:\windows\system32\secur32.dll 2008-05-04 20:29 . 2008-05-04 20:29 9 ----a-w c:\documents and settings\Eigenaar\Application Data\mdb.bin 2008-04-03 18:09 . 2008-03-14 08:21 105272 ----a-w c:\documents and settings\Gast\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2007-11-03 16:51 . 2007-10-29 21:54 1452 ----a-w c:\documents and settings\Eigenaar\Emails.dat 2007-10-29 21:54 . 2007-10-29 21:54 10 ----a-w c:\documents and settings\Eigenaar\user.dat 2007-02-01 18:28 . 2005-04-23 16:08 56824 ----a-w c:\documents and settings\Eigenaar\Application Data\GDIPFONTCACHEV1.DAT 2005-03-31 18:05 . 2005-03-31 18:05 131 ----a-w c:\documents and settings\Eigenaar\Local Settings\Application Data\fusioncache.dat 2008-08-30 08:56 . 2008-08-30 08:56 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008083020080831\index.dat . ((((((((((((((((((((((((((((( SnapShot@2009-04-21_15.28.14 ))))))))))))))))))))))))))))))))))))))))) . + 2009-04-21 16:10 . 2009-04-21 16:10 16384 c:\windows\Temp\usgthrsvc\Perflib_Perfdata_c48.dat + 2009-04-21 16:09 . 2009-04-21 16:09 16384 c:\windows\Temp\Perflib_Perfdata_8cc.dat + 2009-04-21 16:09 . 2009-04-21 16:09 16384 c:\windows\Temp\Perflib_Perfdata_620.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "TweakRAM"="c:\program files\TweakRAM\TweakRAM.exe" [2008-12-20 1189888] "Wireless LAN Card Utilities"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2006-09-18 1696768] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-29 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2008-09-18 333120] "QuickTime Task"="c:\program files\QUICKTIME\QTTASK.EXE" [2008-11-04 413696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792] "MSConfig"="c:\windows\pchealth\helpctr\Binaries\MSCONFIG.EXE" [2008-04-14 172032] c:\documents and settings\Eigenaar\Menu Start\Programma's\Opstarten\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440] sunbird.exe.lnk - c:\program files\Mozilla Sunbird\sunbird.exe [2005-4-29 6354540] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-03-09 10:37 10520 ----a-w c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Acrobat Assistant.lnk] backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar^Menu Start^Programma's^Opstarten^Adobe Media Player.lnk] backup=c:\windows\pss\Adobe Media Player.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "CloneCDTray"="c:\program files\Elaborate Bytes\CloneCD\CloneCDTray.exe" "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" -hide "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe "snpstd3"=c:\windows\vsnpstd3.exe "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" "QuickTime Task"="c:\program files\QUICKTIME\QTTASK.EXE" -atboottime [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= R1 ctredrv.sys;ctredrv.sys; [x] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632] R3 DCamUSBSTK017;STK017 Camera;c:\windows\system32\DRIVERS\STK017W2.sys [2003-11-17 99476] R3 hitmanpro2;Hitman Pro 2 Driver;c:\program files\Hitman Pro\hitmanpro2.sys [2006-11-03 10336] R3 USRPCI;USRobotics Wireless PCI Adapter Service; [x] R3 wlanndi5;wlanndi5 NDIS Protocol Driver;c:\windows\system32\wlanndi5.SYS [2004-04-21 16384] S0 hotcore3;Hotcore helper;c:\windows\system32\DRIVERS\hotcore3.sys [2008-12-13 40496] S0 iteraid;ITERAID_Service_Install;c:\windows\system32\DRIVERS\iteraid.sys [2004-06-01 24971] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-03-06 64160] S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-03-09 325640] S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-04-10 108552] S1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board;c:\windows\system32\drivers\DCxxMJPG.sys [2002-06-04 132940] S1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\DRIVERS\StarPortLite.sys [2008-12-26 95592] S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-03-09 908056] S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-09 298264] S2 History Explorer Service;History Explorer Service;h:\giveawayoftheday\History Explorer\HistoryExplorer.Service.exe [2009-01-06 51200] S2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712] S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [2008-07-14 184968] S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592] S3 ASNDIS5;ASNDIS5 Protocol Driver;c:\windows\system32\ASNDIS5.SYS [2002-09-09 16269] S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\DRIVERS\whfltr2k.sys [2007-01-25 6784] . Inhoud van de 'Gedeelde Taken' map 2009-04-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 17:27] 2009-04-21 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20] 2009-04-21 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2008-07-19 16:02] 2009-04-21 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-29 13:38] 2009-04-21 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 16:20] 2009-03-15 c:\windows\Tasks\Wise Disk Cleaner 4.job - h:\giveawayoftheday\Wise Disk Cleaner\WiseDiskCleaner.exe [2009-03-15 19:12] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.hln.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://www.google.be/ig?sourceid=navclient&hl=nl&ie=UTF-8 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - Sign In IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab FF - ProfilePath - c:\documents and settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\lob8pztu.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.rocketdivision.com/search/ FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=nl-be&FORM=MICJE3&q= FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeploytk.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdivx32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npnul32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOFF12.DLL FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\nppdf32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-21 18:26 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-343818398-842925246-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(832) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(1992) c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\wpdshext.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\Audiodev.dll c:\windows\system32\WMVCore.DLL c:\windows\system32\WMASF.DLL c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll . Voltooingstijd: 2009-04-21 18:28 ComboFix-quarantined-files.txt 2009-04-21 16:28 ComboFix2.txt 2009-04-21 15:30 Pre-Run: 10.769.453.056 bytes beschikbaar Post-Run: 10.756.988.928 bytes beschikbaar 331 --- E O F --- 2009-04-16 23:36 Groetjes, Mikel
  4. Mikel
    Eerst en vooral van harte bedankt voor de vlugge reactie. Ik heb alles uitgevoerd zoals je beschreven hebt. Ik werk met Windows XP met servisp 3. Ik had nu reeds de indruk dat de computer ietsje sneller opstarte na MBam. In ieder geval nogmaals bedankt aan kxeezie wabbit en zeker ook aan de specialist kape Hier het bestandje van MBAM en eronder dat van HijackThis {\rtf1\ansi\ansicpg1252\deff0\deflang2067{\fonttbl{\f0\fswiss\fcharset0 Arial;}} {\*\generator Msftedit 5.41.15.1515;}\viewkind4\uc1\pard\f0\fs20 Malwarebytes' Anti-Malware 1.36\par Database versie: 1945\par Windows 5.1.2600 Service Pack 3\par \par 21/04/2009 15:35:35\par mbam-log-2009-04-21 (15-35-35).txt\par \par Scan type: Snelle Scan\par Objecten gescand: 87264\par Verstreken tijd: 7 minute(s), 2 second(s)\par \par Geheugenprocessen ge\'efnfecteerd: 0\par Geheugenmodulen ge\'efnfecteerd: 0\par Registersleutels ge\'efnfecteerd: 0\par Registerwaarden ge\'efnfecteerd: 0\par Registerdata bestanden ge\'efnfecteerd: 0\par Mappen ge\'efnfecteerd: 0\par Bestanden ge\'efnfecteerd: 0\par \par Geheugenprocessen ge\'efnfecteerd:\par (Geen kwaadaardige items gevonden)\par \par Geheugenmodulen ge\'efnfecteerd:\par (Geen kwaadaardige items gevonden)\par \par Registersleutels ge\'efnfecteerd:\par (Geen kwaadaardige items gevonden)\par \par Registerwaarden ge\'efnfecteerd:\par (Geen kwaadaardige items gevonden)\par \par Registerdata bestanden ge\'efnfecteerd:\par (Geen kwaadaardige items gevonden)\par \par Mappen ge\'efnfecteerd:\par (Geen kwaadaardige items gevonden)\par \par Bestanden ge\'efnfecteerd:\par (Geen kwaadaardige items gevonden)\par } Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:42:23, on 21/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\TweakRAM\TweakRAM.exe H:\GiveAwayOfTheDay\History Explorer\HistoryExplorer.Service.exe C:\Program Files\ASUS\WLAN Card Utilities\Center.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Mozilla Sunbird\sunbird.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\SPAMfighter\sfus.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search - Web Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Search R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot O4 - HKLM\..\Run: [QuickTime Task] "C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TweakRAM] C:\Program Files\TweakRAM\TweakRAM.exe O4 - HKCU\..\Run: [Wireless LAN Card Utilities] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: sunbird.exe.lnk = C:\Program Files\Mozilla Sunbird\sunbird.exe O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Elf%20Bowling%20Holiday%20Pack/Images/stg_drm.ocx O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178228126671 O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://www.chat-united.com/controls/msnchat45.cab O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: History Explorer Service - Exendo - H:\GiveAwayOfTheDay\History Explorer\HistoryExplorer.Service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 11589 bytes
  5. Mikel
    M'n computer start sinds enige tijd traag op en ik heb er reeds verschillende registercanners en diskcleaners op losgelaten maar er is geen noemenswaardige verbetering. Nu heb ik HijackThis geinstaleert en een scan genomen. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:18:36, on 20/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\TweakRAM\TweakRAM.exe H:\GiveAwayOfTheDay\History Explorer\HistoryExplorer.Service.exe C:\Program Files\ASUS\WLAN Card Utilities\Center.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Mozilla Sunbird\sunbird.exe C:\Program Files\SPAMfighter\sfus.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Rocket Division Software\StarWind Lite\StarWindServiceLite.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\PROGRAM FILES\AHEAD\INCD\INCD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search - Web Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot O4 - HKLM\..\Run: [QuickTime Task] "C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TweakRAM] C:\Program Files\TweakRAM\TweakRAM.exe O4 - HKCU\..\Run: [Wireless LAN Card Utilities] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: sunbird.exe.lnk = C:\Program Files\Mozilla Sunbird\sunbird.exe O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Elf%20Bowling%20Holiday%20Pack/Images/stg_drm.ocx O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178228126671 O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/DDD%20Pool/Images/armhelper.ocx O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://www.chat-united.com/controls/msnchat45.cab O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: History Explorer Service - Exendo - H:\GiveAwayOfTheDay\History Explorer\HistoryExplorer.Service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe O23 - Service: StarWind Service Lite (StarWindServiceLite) - Rocket Division Software - C:\Program Files\Rocket Division Software\StarWind Lite\StarWindServiceLite.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 12420 bytes Ik denk dat m'n computer besmet is met jestertb.dll . AVG duit geen virus aan. Kan iemand me zeggen wat me te doen staat? Dank bij voorbaat. Mikel
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.