Mikel
-
Items
5 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Mikel
-
-
Ik kan je melden dat m'n PC merkelijk vlugger opstart (in ongev. 2.30 min. en ook vlugger alslaat bij het stoppen).
Hier de log van Combofix
ComboFix 09-04-22.A0 - Eigenaar 22/04/2009 10:45.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1023.309 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\Eigenaar\Bureaublad\cfscript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Nieuw herstelpunt werd aangemaakt
FILE ::
c:\windows\system32\tmp4D68D.FOT
c:\windows\system32\tmp5148D.FOT
c:\windows\system32\tmp9F58D.FOT
c:\windows\system32\tmpAD58D.FOT
c:\windows\system32\tmpBA58D.FOT
c:\windows\system32\tmpD558D.FOT
c:\windows\system32\tmpFF48D.FOT
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Hitman Pro
c:\program files\Hitman Pro\blank.ini
c:\program files\Hitman Pro\Controls.ini
c:\program files\Hitman Pro\epcompilersigs.dat
c:\program files\Hitman Pro\eppackersigs.dat
c:\program files\Hitman Pro\hitmanpro2.sys
c:\program files\Hitman Pro\Language.ini
c:\program files\Hitman Pro\logs\buynow.gif
c:\program files\Hitman Pro\logs\Hitman_Pro_2005-05-29_16-58-26.htm
c:\program files\Hitman Pro\logs\Hitman_Pro_2005-05-29_17-00-40.htm
c:\program files\Hitman Pro\logs\Hitman_Pro_2008-04-14_00-31-27.htm
c:\program files\Hitman Pro\logs\Hitman_Pro_2008-04-14_00-36-19.htm
c:\program files\Hitman Pro\logs\Hitman_Pro_2008-04-14_09-57-40.htm
c:\program files\Hitman Pro\logs\hitmanpro.jpg
c:\program files\Hitman Pro\MRCAgent.exe
c:\program files\Hitman Pro\roamingsigs
c:\program files\Hitman Pro\sigcheck.exe
c:\program files\Hitman Pro\StriderCache.ini
c:\windows\system32\tmp4D68D.FOT
c:\windows\system32\tmp5148D.FOT
c:\windows\system32\tmp9F58D.FOT
c:\windows\system32\tmpAD58D.FOT
c:\windows\system32\tmpBA58D.FOT
c:\windows\system32\tmpD558D.FOT
c:\windows\system32\tmpFF48D.FOT
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CTREDRV.SYS
-------\Service_ctredrv.sys
(((((((((((((((((((( Bestanden Gemaakt van 2009-03-22 to 2009-04-22 ))))))))))))))))))))))))))))))
.
2009-04-19 16:05 . 2009-04-19 16:05 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Malwarebytes
2009-04-19 16:05 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-19 16:05 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-19 16:05 . 2009-04-21 13:37 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-19 16:05 . 2009-04-19 16:05 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-18 22:08 . 2009-04-18 22:08 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Audio Editor Deluxe
2009-04-18 22:07 . 2006-03-23 10:56 113486 ----a-w c:\windows\system32\NCTWMAProfiles.prx
2009-04-18 22:07 . 2005-05-18 09:52 1212416 ----a-w c:\windows\system32\NCTAudioInformation2.dll
2009-04-18 22:07 . 2005-05-17 10:37 1986560 ----a-w c:\windows\system32\NCTAudioFile2.dll
2009-04-18 22:07 . 2005-04-25 11:01 458752 ----a-w c:\windows\system32\NCTAudioRecord2.dll
2009-04-18 22:07 . 2005-04-25 11:01 458752 ----a-w c:\windows\system32\NCTAudioPlayer2.dll
2009-04-18 22:07 . 2005-04-15 10:08 880640 ----a-w c:\windows\system32\NCTAudioEditor2.dll
2009-04-18 22:07 . 2005-04-04 15:21 602112 ----a-w c:\windows\system32\NCTAudioTransform2.dll
2009-04-18 22:07 . 2005-03-29 05:57 2084864 ----a-w c:\windows\system32\NCTAudioDesign2.dll
2009-04-18 22:07 . 2005-03-28 13:56 417792 ----a-w c:\windows\system32\NCTAudioDisplay2.dll
2009-04-18 22:07 . 2005-03-28 13:54 479232 ----a-w c:\windows\system32\NCTAudioVisualization2.dll
2009-04-18 22:07 . 2005-02-24 09:51 348160 ----a-w c:\windows\system32\NCTWMAFile2.dll
2009-04-18 22:07 . 2004-11-04 11:31 835584 ----a-w c:\windows\system32\NCTAudioCDGrabber2.dll
2009-04-18 20:07 . 2009-04-18 20:07 -------- d-----w c:\program files\Trend Micro
2009-04-18 16:23 . 2009-04-18 16:23 67 ----a-w c:\windows\wininit.ini
2009-04-16 20:47 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 20:47 . 2009-03-06 14:23 285696 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-16 20:47 . 2009-02-09 11:27 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-16 20:47 . 2009-02-09 10:56 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 20:47 . 2009-02-09 10:56 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 20:47 . 2009-02-09 10:56 684544 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 20:47 . 2009-02-09 10:56 734208 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 20:47 . 2009-02-09 10:56 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 20:47 . 2009-02-09 10:56 735744 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 20:46 . 2009-03-27 06:59 1203922 -c----w c:\windows\system32\dllcache\sysmain.sdb
2009-04-16 20:46 . 2008-04-21 21:16 218624 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-14 21:09 . 2009-02-23 15:15 85281 ------w c:\windows\hpgins01.dat.temp
2009-04-14 21:09 . 2004-05-13 20:33 145 ------w c:\windows\hpgmdl01.dat.temp
2009-04-12 12:37 . 2009-04-12 12:37 -------- d-----w c:\documents and settings\All Users\Application Data\TERMINAL Studio
2009-04-08 17:00 . 2008-12-13 12:47 40496 ----a-w c:\windows\system32\drivers\hotcore3.sys
2009-04-08 16:57 . 2009-04-08 16:57 -------- d-----w c:\program files\Paragon Software
2009-04-07 22:08 . 2009-04-07 22:08 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Talkback
2009-04-05 16:45 . 2009-04-05 16:45 -------- d-----w c:\documents and settings\Eigenaar\Application Data\TERMINAL Studio
2009-04-05 16:43 . 2007-11-06 15:46 106496 ----a-w c:\windows\system32\Astro Gemini Screensaver Manager.scr
2009-04-05 16:43 . 2009-04-05 16:43 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Astro Gemini Software
2009-04-05 16:43 . 2009-04-05 16:43 -------- d-----w c:\program files\Astro Gemini Software
2009-04-05 16:43 . 2008-08-21 10:30 12636160 ----a-w c:\windows\system32\Dinosaurs 3D Screensaver.scr
2009-04-04 12:48 . 2009-04-04 12:56 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Jetbricks
2009-04-01 14:58 . 2009-04-01 14:58 -------- d-----w c:\documents and settings\Eigenaar\Local Settings\Application Data\FileMaker
2009-03-31 16:40 . 2009-03-31 16:40 -------- d-----w c:\documents and settings\All Users\Application Data\PCPitstop
2009-03-28 11:20 . 2009-03-28 11:20 -------- d-----w c:\documents and settings\All Users\Application Data\Gameeel
2009-03-23 15:15 . 2009-03-23 15:15 23 ----a-w c:\windows\SWFDecompiler.INI
2009-03-23 15:13 . 2009-03-27 22:53 -------- d-----w c:\program files\Common Files\SourceTec
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-22 08:54 . 2008-07-28 10:30 -------- d-----w c:\program files\SPAMfighter
2009-04-22 08:53 . 2005-04-29 17:48 -------- d-----w c:\program files\Mozilla Sunbird
2009-04-22 08:52 . 2009-01-23 19:48 132269 ----a-w C:\aaw7boot.log
2009-04-21 16:53 . 2009-04-21 16:53 26476 ----a-w C:\log21-04-09.txt
2009-04-21 16:36 . 2009-04-21 16:36 26476 ----a-w C:\log.txt
2009-04-21 15:18 . 2007-05-29 10:52 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-04-19 13:44 . 2009-03-16 11:58 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-04-17 22:31 . 2008-04-13 21:59 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-17 06:28 . 2004-08-04 12:00 580636 ----a-w c:\windows\system32\perfh013.dat
2009-04-17 06:28 . 2004-08-04 12:00 117582 ----a-w c:\windows\system32\perfc013.dat
2009-04-10 18:43 . 2008-05-26 17:40 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-04-05 20:36 . 2009-03-15 11:34 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Gold Casual Games
2009-04-05 20:36 . 2009-03-15 11:34 -------- d-----w c:\documents and settings\All Users\Application Data\Gold Casual Games
2009-04-01 16:48 . 2009-01-28 20:36 -------- d-----w c:\program files\DivX
2009-04-01 16:48 . 2009-01-03 13:56 -------- d-----w c:\program files\TweakRAM
2009-04-01 16:48 . 2008-11-25 21:56 -------- d-----w c:\program files\QuickTime
2009-04-01 16:48 . 2008-06-17 12:32 -------- d-----w c:\program files\FotoXpert
2009-04-01 16:48 . 2008-03-03 18:22 -------- d-----w c:\program files\Windows Live Toolbar
2009-04-01 16:48 . 2008-10-05 09:38 -------- d-----w c:\documents and settings\Eigenaar\Application Data\SpinTop
2009-03-31 14:00 . 2008-12-28 17:31 -------- d-----w c:\program files\WinUtilities
2009-03-31 13:15 . 2009-03-20 20:36 -------- d-----w c:\program files\Flexbyte Software
2009-03-31 09:55 . 2009-03-14 15:49 -------- d-----w c:\program files\JLC's Software
2009-03-28 07:12 . 2008-11-25 21:58 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Apple Computer
2009-03-24 14:16 . 2009-03-20 20:37 -------- d-----w c:\documents and settings\Eigenaar\Application Data\NetStat Agent
2009-03-24 14:15 . 2008-11-25 21:57 -------- d-----w c:\program files\Bonjour
2009-03-24 08:23 . 2005-04-02 07:13 -------- d-----w c:\program files\Google
2009-03-24 07:45 . 2009-01-15 21:12 -------- d-----w c:\documents and settings\All Users\Application Data\History Explorer
2009-03-20 14:28 . 2005-03-29 13:23 282440 ----a-w c:\documents and settings\Eigenaar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-20 14:15 . 2009-03-20 14:15 -------- d-----w c:\program files\JRE
2009-03-20 14:15 . 2009-03-20 14:15 -------- d-----w c:\program files\OpenOffice.org 3
2009-03-19 09:06 . 2005-03-31 11:06 -------- d-----w c:\program files\Topcom
2009-03-18 23:48 . 2009-03-18 23:48 -------- d-----w c:\program files\Common Files\Bcgsoft
2009-03-18 00:17 . 2007-04-22 06:06 -------- d-----w c:\program files\Microsoft SQL Server
2009-03-17 22:41 . 2009-03-17 22:41 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Windows Search
2009-03-17 22:41 . 2009-03-17 22:41 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Windows Desktop Search
2009-03-17 22:40 . 2009-03-17 22:40 -------- d-----w c:\program files\Windows Desktop Search
2009-03-17 22:20 . 2009-03-17 22:20 -------- d-----w c:\program files\Microsoft Works
2009-03-17 22:19 . 2007-02-05 10:01 -------- d-----w c:\program files\Microsoft.NET
2009-03-17 21:53 . 2009-02-05 16:56 -------- d-----w c:\program files\MSBuild
2009-03-17 16:26 . 2008-12-26 14:00 -------- d-----w c:\program files\Premium Booster
2009-03-16 11:27 . 2007-04-22 06:13 -------- d-----w c:\program files\Microsoft Small Business
2009-03-14 15:49 . 2009-03-14 15:49 -------- d-----w c:\documents and settings\Eigenaar\Application Data\JLC's Software
2009-03-14 08:31 . 2009-03-14 08:31 -------- d-----w c:\program files\SystemRequirementsLab
2009-03-14 08:31 . 2009-03-14 08:31 -------- d-----w c:\documents and settings\Eigenaar\Application Data\SystemRequirementsLab
2009-03-12 16:46 . 2008-04-14 10:56 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-11 16:28 . 2005-03-29 13:11 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-11 16:22 . 2005-04-06 12:19 -------- d-----w c:\program files\Pinnacle
2009-03-11 16:07 . 2009-03-08 17:16 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Vso
2009-03-09 16:12 . 2009-03-09 10:37 -------- d-----w c:\documents and settings\Eigenaar\Application Data\AVGTOOLBAR
2009-03-09 10:38 . 2008-05-26 17:40 325640 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-03-09 10:37 . 2008-05-26 17:40 10520 ----a-w c:\windows\system32\avgrsstx.dll
2009-03-09 10:37 . 2008-05-26 17:39 -------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-03-08 17:16 . 2009-03-08 17:16 81920 ----a-w c:\documents and settings\Eigenaar\Application Data\ezpinst.exe
2009-03-08 17:16 . 2009-03-08 17:16 47360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2009-03-08 17:16 . 2009-03-08 17:16 47360 ----a-w c:\documents and settings\Eigenaar\Application Data\pcouffin.sys
2009-03-07 23:20 . 2009-03-07 23:20 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Gamelab
2009-03-06 17:27 . 2009-01-23 17:48 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-03-06 17:27 . 2009-01-23 17:27 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-03-06 14:23 . 2004-08-04 12:00 285696 ----a-w c:\windows\system32\pdh.dll
2009-03-04 17:35 . 2008-11-25 20:51 -------- d-----w c:\program files\MultiStage Recovery
2009-03-03 00:16 . 2004-08-04 12:00 826368 ----a-w c:\windows\system32\wininet.dll
2009-03-02 22:44 . 2009-03-02 22:44 -------- d-----w c:\program files\Quicksys
2009-03-01 10:05 . 2009-03-01 10:01 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Archibald's Adventures
2009-03-01 07:19 . 2008-11-19 00:01 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-02-27 22:37 . 2009-02-27 22:37 -------- d-----w c:\documents and settings\All Users\Application Data\Quicksys
2009-02-27 21:21 . 2009-02-27 21:21 -------- d-----w c:\documents and settings\Eigenaar\Application Data\OpenOffice.org
2009-02-27 21:17 . 2009-02-26 12:11 -------- d-----w c:\program files\OpenOffice.org 2.4
2009-02-27 21:04 . 2008-08-07 19:39 -------- d-----w c:\documents and settings\Eigenaar\Application Data\OpenOffice.org2
2009-02-27 20:24 . 2009-02-27 17:29 -------- d-----w c:\documents and settings\Eigenaar\Application Data\RegTool
2009-02-26 12:03 . 2009-02-26 12:03 410984 ----a-w c:\windows\system32\deploytk.dll
2009-02-26 12:03 . 2006-10-29 03:14 -------- d-----w c:\program files\Java
2009-02-23 15:15 . 2005-04-04 12:27 85281 ------w c:\windows\hpgins01.dat
2009-02-23 15:14 . 2009-02-23 15:14 -------- d-----w c:\documents and settings\All Users\Application Data\Hewlett-Packard
2009-02-23 15:14 . 2005-04-04 12:28 -------- d-----w c:\program files\HP
2009-02-23 15:06 . 2005-03-31 20:50 -------- d-----w c:\program files\Hewlett-Packard
2009-02-23 14:25 . 2005-04-04 12:32 -------- d-----w c:\program files\Readiris Pro 9
2009-02-21 14:14 . 2009-02-21 14:14 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Sytexis Software
2009-02-20 17:18 . 2004-08-04 12:00 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-09 14:08 . 2004-08-04 12:00 1846912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:27 . 2004-08-04 00:58 2028544 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 11:27 . 2004-08-04 12:00 2149888 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:27 . 2004-08-04 12:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:56 . 2004-08-04 12:00 734208 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:56 . 2004-08-04 12:00 684544 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:56 . 2004-08-04 12:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:56 . 2004-08-04 12:00 735744 ----a-w c:\windows\system32\ntdll.dll
2009-02-06 10:39 . 2004-08-04 12:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-05 16:57 . 2009-02-05 16:57 432008 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-02-03 19:59 . 2004-08-04 12:00 56832 ----a-w c:\windows\system32\secur32.dll
2008-05-04 20:29 . 2008-05-04 20:29 9 ----a-w c:\documents and settings\Eigenaar\Application Data\mdb.bin
2008-04-03 18:09 . 2008-03-14 08:21 105272 ----a-w c:\documents and settings\Gast\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2007-11-03 16:51 . 2007-10-29 21:54 1452 ----a-w c:\documents and settings\Eigenaar\Emails.dat
2007-10-29 21:54 . 2007-10-29 21:54 10 ----a-w c:\documents and settings\Eigenaar\user.dat
2007-02-01 18:28 . 2005-04-23 16:08 56824 ----a-w c:\documents and settings\Eigenaar\Application Data\GDIPFONTCACHEV1.DAT
2005-03-31 18:05 . 2005-03-31 18:05 131 ----a-w c:\documents and settings\Eigenaar\Local Settings\Application Data\fusioncache.dat
2008-08-30 08:56 . 2008-08-30 08:56 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008083020080831\index.dat
.
((((((((((((((((((((((((((((( SnapShot@2009-04-21_15.28.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-22 08:53 . 2009-04-22 08:53 16384 c:\windows\Temp\usgthrsvc\Perflib_Perfdata_bf4.dat
+ 2009-04-22 08:29 . 2009-04-22 08:29 16384 c:\windows\Temp\Perflib_Perfdata_64c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"TweakRAM"="c:\program files\TweakRAM\TweakRAM.exe" [2008-12-20 1189888]
"Wireless LAN Card Utilities"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2006-09-18 1696768]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-29 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2008-09-18 333120]
"QuickTime Task"="c:\program files\QUICKTIME\QTTask.exe" [2008-11-04 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-09 1932568]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2005-01-03 1385472]
c:\documents and settings\Eigenaar\Menu Start\Programma's\Opstarten\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]
sunbird.exe.lnk - c:\program files\Mozilla Sunbird\sunbird.exe [2005-4-29 6354540]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-09 10:37 10520 ----a-w c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Acrobat Assistant.lnk]
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar^Menu Start^Programma's^Opstarten^Adobe Media Player.lnk]
backup=c:\windows\pss\Adobe Media Player.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"CloneCDTray"="c:\program files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" -hide
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"snpstd3"=c:\windows\vsnpstd3.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files\QUICKTIME\QTTASK.EXE" -atboottime
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
R3 DCamUSBSTK017;STK017 Camera;c:\windows\system32\DRIVERS\STK017W2.sys [2003-11-17 99476]
R3 hitmanpro2;Hitman Pro 2 Driver; [x]
R3 USRPCI;USRobotics Wireless PCI Adapter Service; [x]
R3 wlanndi5;wlanndi5 NDIS Protocol Driver;c:\windows\system32\wlanndi5.SYS [2004-04-21 16384]
S0 hotcore3;Hotcore helper;c:\windows\system32\DRIVERS\hotcore3.sys [2008-12-13 40496]
S0 iteraid;ITERAID_Service_Install;c:\windows\system32\DRIVERS\iteraid.sys [2004-06-01 24971]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-03-06 64160]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-03-09 325640]
S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-04-10 108552]
S1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board;c:\windows\system32\drivers\DCxxMJPG.sys [2002-06-04 132940]
S1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\DRIVERS\StarPortLite.sys [2008-12-26 95592]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-03-09 908056]
S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-09 298264]
S2 History Explorer Service;History Explorer Service;h:\giveawayoftheday\History Explorer\HistoryExplorer.Service.exe [2009-01-06 51200]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632]
S2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [2008-07-14 184968]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 ASNDIS5;ASNDIS5 Protocol Driver;c:\windows\system32\ASNDIS5.SYS [2002-09-09 16269]
S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\DRIVERS\whfltr2k.sys [2007-01-25 6784]
.
Inhoud van de 'Gedeelde Taken' map
2009-04-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 17:27]
2009-04-22 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
2009-04-22 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2008-07-19 16:02]
2009-04-22 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-29 13:38]
2009-04-22 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 16:20]
2009-03-15 c:\windows\Tasks\Wise Disk Cleaner 4.job
- h:\giveawayoftheday\Wise Disk Cleaner\WiseDiskCleaner.exe [2009-03-15 19:12]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.hln.be/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.be/ig?sourceid=navclient&hl=nl&ie=UTF-8
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - Sign In
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\lob8pztu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.rocketdivision.com/search/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=nl-be&FORM=MICJE3&q=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdivx32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npnul32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOFF12.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nppdf32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-22 10:54
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_USERS\S-1-5-21-343818398-842925246-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'winlogon.exe'(860)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3600)
c:\program files\BillP Studios\WinPatrol\PATROLPRO.DLL
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\wpdshext.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\Audiodev.dll
c:\windows\system32\WMVCore.DLL
c:\windows\system32\WMASF.DLL
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Ahead\InCD\InCDsrv.exe
c:\program files\Common Files\Symantec Shared\CCSETMGR.EXE
c:\program files\Common Files\Symantec Shared\CCEVTMGR.EXE
c:\windows\system32\ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\gearsec.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Norton Ghost\Agent\VProSvc.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\windows\system32\searchindexer.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Voltooingstijd: 2009-04-22 11:03 - machine werd herstart
ComboFix-quarantined-files.txt 2009-04-22 09:03
ComboFix2.txt 2009-04-21 16:28
ComboFix3.txt 2009-04-21 15:30
Pre-Run: 10.671.685.632 bytes beschikbaar
Post-Run: 10.549.395.456 bytes beschikbaar
391 --- E O F --- 2009-04-22 08:02
Nogmaals veel dank, Mikel
-
Na wat moeite in het begin met AVG antivirus is het denk ik toch gelukt
ComboFix 09-04-21.A8 - Eigenaar 21/04/2009 18:22.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1023.435 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-03-21 to 2009-04-21 ))))))))))))))))))))))))))))))
.
2009-04-19 16:05 . 2009-04-19 16:05 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Malwarebytes
2009-04-19 16:05 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-19 16:05 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-19 16:05 . 2009-04-21 13:37 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-19 16:05 . 2009-04-19 16:05 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-18 22:08 . 2009-04-18 22:08 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Audio Editor Deluxe
2009-04-18 22:07 . 2006-03-23 10:56 113486 ----a-w c:\windows\system32\NCTWMAProfiles.prx
2009-04-18 22:07 . 2005-05-18 09:52 1212416 ----a-w c:\windows\system32\NCTAudioInformation2.dll
2009-04-18 22:07 . 2005-05-17 10:37 1986560 ----a-w c:\windows\system32\NCTAudioFile2.dll
2009-04-18 22:07 . 2005-04-25 11:01 458752 ----a-w c:\windows\system32\NCTAudioRecord2.dll
2009-04-18 22:07 . 2005-04-25 11:01 458752 ----a-w c:\windows\system32\NCTAudioPlayer2.dll
2009-04-18 22:07 . 2005-04-15 10:08 880640 ----a-w c:\windows\system32\NCTAudioEditor2.dll
2009-04-18 22:07 . 2005-04-04 15:21 602112 ----a-w c:\windows\system32\NCTAudioTransform2.dll
2009-04-18 22:07 . 2005-03-29 05:57 2084864 ----a-w c:\windows\system32\NCTAudioDesign2.dll
2009-04-18 22:07 . 2005-03-28 13:56 417792 ----a-w c:\windows\system32\NCTAudioDisplay2.dll
2009-04-18 22:07 . 2005-03-28 13:54 479232 ----a-w c:\windows\system32\NCTAudioVisualization2.dll
2009-04-18 22:07 . 2005-02-24 09:51 348160 ----a-w c:\windows\system32\NCTWMAFile2.dll
2009-04-18 22:07 . 2004-11-04 11:31 835584 ----a-w c:\windows\system32\NCTAudioCDGrabber2.dll
2009-04-18 20:07 . 2009-04-18 20:07 -------- d-----w c:\program files\Trend Micro
2009-04-18 16:23 . 2009-04-18 16:23 67 ----a-w c:\windows\wininit.ini
2009-04-16 20:47 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 20:47 . 2009-03-06 14:23 285696 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-16 20:47 . 2009-02-09 11:27 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-16 20:47 . 2009-02-09 10:56 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 20:47 . 2009-02-09 10:56 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 20:47 . 2009-02-09 10:56 684544 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 20:47 . 2009-02-09 10:56 734208 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 20:47 . 2009-02-09 10:56 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 20:47 . 2009-02-09 10:56 735744 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 20:46 . 2009-03-27 06:59 1203922 -c----w c:\windows\system32\dllcache\sysmain.sdb
2009-04-16 20:46 . 2008-04-21 21:16 218624 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-14 21:09 . 2009-02-23 15:15 85281 ------w c:\windows\hpgins01.dat.temp
2009-04-14 21:09 . 2004-05-13 20:33 145 ------w c:\windows\hpgmdl01.dat.temp
2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmpFF48D.FOT
2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmpD558D.FOT
2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmpBA58D.FOT
2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmpAD58D.FOT
2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmp9F58D.FOT
2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmp5148D.FOT
2009-04-14 21:08 . 2009-04-14 21:08 1409 ----a-w c:\windows\system32\tmp4D68D.FOT
2009-04-12 12:37 . 2009-04-12 12:37 -------- d-----w c:\documents and settings\All Users\Application Data\TERMINAL Studio
2009-04-08 17:00 . 2008-12-13 12:47 40496 ----a-w c:\windows\system32\drivers\hotcore3.sys
2009-04-08 16:57 . 2009-04-08 16:57 -------- d-----w c:\program files\Paragon Software
2009-04-07 22:08 . 2009-04-07 22:08 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Talkback
2009-04-05 16:45 . 2009-04-05 16:45 -------- d-----w c:\documents and settings\Eigenaar\Application Data\TERMINAL Studio
2009-04-05 16:43 . 2007-11-06 15:46 106496 ----a-w c:\windows\system32\Astro Gemini Screensaver Manager.scr
2009-04-05 16:43 . 2009-04-05 16:43 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Astro Gemini Software
2009-04-05 16:43 . 2009-04-05 16:43 -------- d-----w c:\program files\Astro Gemini Software
2009-04-05 16:43 . 2008-08-21 10:30 12636160 ----a-w c:\windows\system32\Dinosaurs 3D Screensaver.scr
2009-04-04 12:48 . 2009-04-04 12:56 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Jetbricks
2009-04-01 14:58 . 2009-04-01 14:58 -------- d-----w c:\documents and settings\Eigenaar\Local Settings\Application Data\FileMaker
2009-03-31 16:40 . 2009-03-31 16:40 -------- d-----w c:\documents and settings\All Users\Application Data\PCPitstop
2009-03-28 11:20 . 2009-03-28 11:20 -------- d-----w c:\documents and settings\All Users\Application Data\Gameeel
2009-03-23 15:15 . 2009-03-23 15:15 23 ----a-w c:\windows\SWFDecompiler.INI
2009-03-23 15:13 . 2009-03-27 22:53 -------- d-----w c:\program files\Common Files\SourceTec
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-21 16:19 . 2005-04-29 17:48 -------- d-----w c:\program files\Mozilla Sunbird
2009-04-21 16:10 . 2008-07-28 10:30 -------- d-----w c:\program files\SPAMfighter
2009-04-21 16:08 . 2009-01-23 19:48 130477 ----a-w C:\aaw7boot.log
2009-04-21 15:18 . 2007-05-29 10:52 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-04-19 13:44 . 2009-03-16 11:58 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-04-17 22:31 . 2008-04-13 21:59 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-17 06:28 . 2004-08-04 12:00 580636 ----a-w c:\windows\system32\perfh013.dat
2009-04-17 06:28 . 2004-08-04 12:00 117582 ----a-w c:\windows\system32\perfc013.dat
2009-04-10 18:43 . 2008-05-26 17:40 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-04-05 20:36 . 2009-03-15 11:34 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Gold Casual Games
2009-04-05 20:36 . 2009-03-15 11:34 -------- d-----w c:\documents and settings\All Users\Application Data\Gold Casual Games
2009-04-01 16:48 . 2009-01-28 20:36 -------- d-----w c:\program files\DivX
2009-04-01 16:48 . 2009-01-03 13:56 -------- d-----w c:\program files\TweakRAM
2009-04-01 16:48 . 2008-11-25 21:56 -------- d-----w c:\program files\QuickTime
2009-04-01 16:48 . 2008-06-17 12:32 -------- d-----w c:\program files\FotoXpert
2009-04-01 16:48 . 2008-03-03 18:22 -------- d-----w c:\program files\Windows Live Toolbar
2009-04-01 16:48 . 2008-10-05 09:38 -------- d-----w c:\documents and settings\Eigenaar\Application Data\SpinTop
2009-03-31 14:00 . 2008-12-28 17:31 -------- d-----w c:\program files\WinUtilities
2009-03-31 13:15 . 2009-03-20 20:36 -------- d-----w c:\program files\Flexbyte Software
2009-03-31 09:55 . 2009-03-14 15:49 -------- d-----w c:\program files\JLC's Software
2009-03-28 07:12 . 2008-11-25 21:58 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Apple Computer
2009-03-24 14:16 . 2009-03-20 20:37 -------- d-----w c:\documents and settings\Eigenaar\Application Data\NetStat Agent
2009-03-24 14:15 . 2008-11-25 21:57 -------- d-----w c:\program files\Bonjour
2009-03-24 08:23 . 2005-04-02 07:13 -------- d-----w c:\program files\Google
2009-03-24 07:45 . 2009-01-15 21:12 -------- d-----w c:\documents and settings\All Users\Application Data\History Explorer
2009-03-20 14:28 . 2005-03-29 13:23 282440 ----a-w c:\documents and settings\Eigenaar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-20 14:15 . 2009-03-20 14:15 -------- d-----w c:\program files\JRE
2009-03-20 14:15 . 2009-03-20 14:15 -------- d-----w c:\program files\OpenOffice.org 3
2009-03-19 09:06 . 2005-03-31 11:06 -------- d-----w c:\program files\Topcom
2009-03-18 23:48 . 2009-03-18 23:48 -------- d-----w c:\program files\Common Files\Bcgsoft
2009-03-18 00:17 . 2007-04-22 06:06 -------- d-----w c:\program files\Microsoft SQL Server
2009-03-17 22:41 . 2009-03-17 22:41 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Windows Search
2009-03-17 22:41 . 2009-03-17 22:41 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Windows Desktop Search
2009-03-17 22:40 . 2009-03-17 22:40 -------- d-----w c:\program files\Windows Desktop Search
2009-03-17 22:20 . 2009-03-17 22:20 -------- d-----w c:\program files\Microsoft Works
2009-03-17 22:19 . 2007-02-05 10:01 -------- d-----w c:\program files\Microsoft.NET
2009-03-17 21:53 . 2009-02-05 16:56 -------- d-----w c:\program files\MSBuild
2009-03-17 16:26 . 2008-12-26 14:00 -------- d-----w c:\program files\Premium Booster
2009-03-16 11:27 . 2007-04-22 06:13 -------- d-----w c:\program files\Microsoft Small Business
2009-03-14 15:49 . 2009-03-14 15:49 -------- d-----w c:\documents and settings\Eigenaar\Application Data\JLC's Software
2009-03-14 08:31 . 2009-03-14 08:31 -------- d-----w c:\program files\SystemRequirementsLab
2009-03-14 08:31 . 2009-03-14 08:31 -------- d-----w c:\documents and settings\Eigenaar\Application Data\SystemRequirementsLab
2009-03-12 16:46 . 2008-04-14 10:56 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-11 16:28 . 2005-03-29 13:11 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-11 16:22 . 2005-04-06 12:19 -------- d-----w c:\program files\Pinnacle
2009-03-11 16:07 . 2009-03-08 17:16 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Vso
2009-03-09 16:12 . 2009-03-09 10:37 -------- d-----w c:\documents and settings\Eigenaar\Application Data\AVGTOOLBAR
2009-03-09 10:38 . 2008-05-26 17:40 325640 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-03-09 10:37 . 2008-05-26 17:40 10520 ----a-w c:\windows\system32\avgrsstx.dll
2009-03-09 10:37 . 2008-05-26 17:39 -------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-03-08 17:16 . 2009-03-08 17:16 81920 ----a-w c:\documents and settings\Eigenaar\Application Data\ezpinst.exe
2009-03-08 17:16 . 2009-03-08 17:16 47360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2009-03-08 17:16 . 2009-03-08 17:16 47360 ----a-w c:\documents and settings\Eigenaar\Application Data\pcouffin.sys
2009-03-07 23:20 . 2009-03-07 23:20 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Gamelab
2009-03-06 17:27 . 2009-01-23 17:48 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-03-06 17:27 . 2009-01-23 17:27 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-03-06 14:23 . 2004-08-04 12:00 285696 ----a-w c:\windows\system32\pdh.dll
2009-03-04 17:35 . 2008-11-25 20:51 -------- d-----w c:\program files\MultiStage Recovery
2009-03-03 00:16 . 2004-08-04 12:00 826368 ----a-w c:\windows\system32\wininet.dll
2009-03-02 22:44 . 2009-03-02 22:44 -------- d-----w c:\program files\Quicksys
2009-03-01 10:05 . 2009-03-01 10:01 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Archibald's Adventures
2009-03-01 07:19 . 2008-11-19 00:01 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-02-27 22:37 . 2009-02-27 22:37 -------- d-----w c:\documents and settings\All Users\Application Data\Quicksys
2009-02-27 21:21 . 2009-02-27 21:21 -------- d-----w c:\documents and settings\Eigenaar\Application Data\OpenOffice.org
2009-02-27 21:17 . 2009-02-26 12:11 -------- d-----w c:\program files\OpenOffice.org 2.4
2009-02-27 21:04 . 2008-08-07 19:39 -------- d-----w c:\documents and settings\Eigenaar\Application Data\OpenOffice.org2
2009-02-27 20:24 . 2009-02-27 17:29 -------- d-----w c:\documents and settings\Eigenaar\Application Data\RegTool
2009-02-26 12:03 . 2009-02-26 12:03 410984 ----a-w c:\windows\system32\deploytk.dll
2009-02-26 12:03 . 2006-10-29 03:14 -------- d-----w c:\program files\Java
2009-02-23 15:15 . 2005-04-04 12:27 85281 ------w c:\windows\hpgins01.dat
2009-02-23 15:14 . 2009-02-23 15:14 -------- d-----w c:\documents and settings\All Users\Application Data\Hewlett-Packard
2009-02-23 15:14 . 2005-04-04 12:28 -------- d-----w c:\program files\HP
2009-02-23 15:06 . 2005-03-31 20:50 -------- d-----w c:\program files\Hewlett-Packard
2009-02-23 14:25 . 2005-04-04 12:32 -------- d-----w c:\program files\Readiris Pro 9
2009-02-21 14:14 . 2009-02-21 14:14 -------- d-----w c:\documents and settings\Eigenaar\Application Data\Sytexis Software
2009-02-20 17:18 . 2004-08-04 12:00 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-09 14:08 . 2004-08-04 12:00 1846912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:27 . 2004-08-04 00:58 2028544 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 11:27 . 2004-08-04 12:00 2149888 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:27 . 2004-08-04 12:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:56 . 2004-08-04 12:00 734208 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:56 . 2004-08-04 12:00 684544 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:56 . 2004-08-04 12:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:56 . 2004-08-04 12:00 735744 ----a-w c:\windows\system32\ntdll.dll
2009-02-06 10:39 . 2004-08-04 12:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-05 16:57 . 2009-02-05 16:57 432008 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-02-03 19:59 . 2004-08-04 12:00 56832 ----a-w c:\windows\system32\secur32.dll
2008-05-04 20:29 . 2008-05-04 20:29 9 ----a-w c:\documents and settings\Eigenaar\Application Data\mdb.bin
2008-04-03 18:09 . 2008-03-14 08:21 105272 ----a-w c:\documents and settings\Gast\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2007-11-03 16:51 . 2007-10-29 21:54 1452 ----a-w c:\documents and settings\Eigenaar\Emails.dat
2007-10-29 21:54 . 2007-10-29 21:54 10 ----a-w c:\documents and settings\Eigenaar\user.dat
2007-02-01 18:28 . 2005-04-23 16:08 56824 ----a-w c:\documents and settings\Eigenaar\Application Data\GDIPFONTCACHEV1.DAT
2005-03-31 18:05 . 2005-03-31 18:05 131 ----a-w c:\documents and settings\Eigenaar\Local Settings\Application Data\fusioncache.dat
2008-08-30 08:56 . 2008-08-30 08:56 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008083020080831\index.dat
.
((((((((((((((((((((((((((((( SnapShot@2009-04-21_15.28.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-21 16:10 . 2009-04-21 16:10 16384 c:\windows\Temp\usgthrsvc\Perflib_Perfdata_c48.dat
+ 2009-04-21 16:09 . 2009-04-21 16:09 16384 c:\windows\Temp\Perflib_Perfdata_8cc.dat
+ 2009-04-21 16:09 . 2009-04-21 16:09 16384 c:\windows\Temp\Perflib_Perfdata_620.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"TweakRAM"="c:\program files\TweakRAM\TweakRAM.exe" [2008-12-20 1189888]
"Wireless LAN Card Utilities"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2006-09-18 1696768]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-29 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2008-09-18 333120]
"QuickTime Task"="c:\program files\QUICKTIME\QTTASK.EXE" [2008-11-04 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"MSConfig"="c:\windows\pchealth\helpctr\Binaries\MSCONFIG.EXE" [2008-04-14 172032]
c:\documents and settings\Eigenaar\Menu Start\Programma's\Opstarten\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]
sunbird.exe.lnk - c:\program files\Mozilla Sunbird\sunbird.exe [2005-4-29 6354540]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-09 10:37 10520 ----a-w c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Acrobat Assistant.lnk]
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar^Menu Start^Programma's^Opstarten^Adobe Media Player.lnk]
backup=c:\windows\pss\Adobe Media Player.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"CloneCDTray"="c:\program files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" -hide
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"snpstd3"=c:\windows\vsnpstd3.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files\QUICKTIME\QTTASK.EXE" -atboottime
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
R1 ctredrv.sys;ctredrv.sys; [x]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632]
R3 DCamUSBSTK017;STK017 Camera;c:\windows\system32\DRIVERS\STK017W2.sys [2003-11-17 99476]
R3 hitmanpro2;Hitman Pro 2 Driver;c:\program files\Hitman Pro\hitmanpro2.sys [2006-11-03 10336]
R3 USRPCI;USRobotics Wireless PCI Adapter Service; [x]
R3 wlanndi5;wlanndi5 NDIS Protocol Driver;c:\windows\system32\wlanndi5.SYS [2004-04-21 16384]
S0 hotcore3;Hotcore helper;c:\windows\system32\DRIVERS\hotcore3.sys [2008-12-13 40496]
S0 iteraid;ITERAID_Service_Install;c:\windows\system32\DRIVERS\iteraid.sys [2004-06-01 24971]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-03-06 64160]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-03-09 325640]
S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-04-10 108552]
S1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board;c:\windows\system32\drivers\DCxxMJPG.sys [2002-06-04 132940]
S1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\DRIVERS\StarPortLite.sys [2008-12-26 95592]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-03-09 908056]
S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-09 298264]
S2 History Explorer Service;History Explorer Service;h:\giveawayoftheday\History Explorer\HistoryExplorer.Service.exe [2009-01-06 51200]
S2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [2008-07-14 184968]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 ASNDIS5;ASNDIS5 Protocol Driver;c:\windows\system32\ASNDIS5.SYS [2002-09-09 16269]
S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\DRIVERS\whfltr2k.sys [2007-01-25 6784]
.
Inhoud van de 'Gedeelde Taken' map
2009-04-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 17:27]
2009-04-21 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
2009-04-21 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2008-07-19 16:02]
2009-04-21 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-29 13:38]
2009-04-21 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 16:20]
2009-03-15 c:\windows\Tasks\Wise Disk Cleaner 4.job
- h:\giveawayoftheday\Wise Disk Cleaner\WiseDiskCleaner.exe [2009-03-15 19:12]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.hln.be/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.be/ig?sourceid=navclient&hl=nl&ie=UTF-8
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - Sign In
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\lob8pztu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.rocketdivision.com/search/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=nl-be&FORM=MICJE3&q=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdivx32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npnul32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOFF12.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nppdf32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-21 18:26
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_USERS\S-1-5-21-343818398-842925246-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'winlogon.exe'(832)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(1992)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\wpdshext.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\Audiodev.dll
c:\windows\system32\WMVCore.DLL
c:\windows\system32\WMASF.DLL
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
.
Voltooingstijd: 2009-04-21 18:28
ComboFix-quarantined-files.txt 2009-04-21 16:28
ComboFix2.txt 2009-04-21 15:30
Pre-Run: 10.769.453.056 bytes beschikbaar
Post-Run: 10.756.988.928 bytes beschikbaar
331 --- E O F --- 2009-04-16 23:36
Groetjes, Mikel
-
Eerst en vooral van harte bedankt voor de vlugge reactie.
Ik heb alles uitgevoerd zoals je beschreven hebt. Ik werk met Windows XP met servisp 3. Ik had nu reeds de indruk dat de computer ietsje sneller opstarte na MBam. In ieder geval nogmaals bedankt aan kxeezie wabbit en zeker ook aan de specialist kape
Hier het bestandje van MBAM en eronder dat van HijackThis
{\rtf1\ansi\ansicpg1252\deff0\deflang2067{\fonttbl{\f0\fswiss\fcharset0 Arial;}}
{\*\generator Msftedit 5.41.15.1515;}\viewkind4\uc1\pard\f0\fs20 Malwarebytes' Anti-Malware 1.36\par
Database versie: 1945\par
Windows 5.1.2600 Service Pack 3\par
\par
21/04/2009 15:35:35\par
mbam-log-2009-04-21 (15-35-35).txt\par
\par
Scan type: Snelle Scan\par
Objecten gescand: 87264\par
Verstreken tijd: 7 minute(s), 2 second(s)\par
\par
Geheugenprocessen ge\'efnfecteerd: 0\par
Geheugenmodulen ge\'efnfecteerd: 0\par
Registersleutels ge\'efnfecteerd: 0\par
Registerwaarden ge\'efnfecteerd: 0\par
Registerdata bestanden ge\'efnfecteerd: 0\par
Mappen ge\'efnfecteerd: 0\par
Bestanden ge\'efnfecteerd: 0\par
\par
Geheugenprocessen ge\'efnfecteerd:\par
(Geen kwaadaardige items gevonden)\par
\par
Geheugenmodulen ge\'efnfecteerd:\par
(Geen kwaadaardige items gevonden)\par
\par
Registersleutels ge\'efnfecteerd:\par
(Geen kwaadaardige items gevonden)\par
\par
Registerwaarden ge\'efnfecteerd:\par
(Geen kwaadaardige items gevonden)\par
\par
Registerdata bestanden ge\'efnfecteerd:\par
(Geen kwaadaardige items gevonden)\par
\par
Mappen ge\'efnfecteerd:\par
(Geen kwaadaardige items gevonden)\par
\par
Bestanden ge\'efnfecteerd:\par
(Geen kwaadaardige items gevonden)\par
}
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:42:23, on 21/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\TweakRAM\TweakRAM.exe
H:\GiveAwayOfTheDay\History Explorer\HistoryExplorer.Service.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Mozilla Sunbird\sunbird.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search - Web Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Search
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TweakRAM] C:\Program Files\TweakRAM\TweakRAM.exe
O4 - HKCU\..\Run: [Wireless LAN Card Utilities] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: sunbird.exe.lnk = C:\Program Files\Mozilla Sunbird\sunbird.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Elf%20Bowling%20Holiday%20Pack/Images/stg_drm.ocx
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178228126671
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://www.chat-united.com/controls/msnchat45.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: History Explorer Service - Exendo - H:\GiveAwayOfTheDay\History Explorer\HistoryExplorer.Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 11589 bytes
-
M'n computer start sinds enige tijd traag op en ik heb er reeds verschillende registercanners en diskcleaners op losgelaten maar er is geen noemenswaardige verbetering. Nu heb ik HijackThis geinstaleert en een scan genomen.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:18:36, on 20/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\TweakRAM\TweakRAM.exe
H:\GiveAwayOfTheDay\History Explorer\HistoryExplorer.Service.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Mozilla Sunbird\sunbird.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Rocket Division Software\StarWind Lite\StarWindServiceLite.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\PROGRAM FILES\AHEAD\INCD\INCD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search - Web Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TweakRAM] C:\Program Files\TweakRAM\TweakRAM.exe
O4 - HKCU\..\Run: [Wireless LAN Card Utilities] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: sunbird.exe.lnk = C:\Program Files\Mozilla Sunbird\sunbird.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Elf%20Bowling%20Holiday%20Pack/Images/stg_drm.ocx
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178228126671
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/DDD%20Pool/Images/armhelper.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://www.chat-united.com/controls/msnchat45.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: History Explorer Service - Exendo - H:\GiveAwayOfTheDay\History Explorer\HistoryExplorer.Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: StarWind Service Lite (StarWindServiceLite) - Rocket Division Software - C:\Program Files\Rocket Division Software\StarWind Lite\StarWindServiceLite.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 12420 bytes
Ik denk dat m'n computer besmet is met jestertb.dll . AVG duit geen virus aan. Kan iemand me zeggen wat me te doen staat?
Dank bij voorbaat. Mikel
[OPGELOST] Computer start traag op en afsluiten is ook traag
in Archief Hardware algemeen
Geplaatst:
Ik heb alles uitgevoerd zoals je me aangeprezen hebt en ik kan je meedelen dat m'n computer nu weer goed werkt.
Ik wil je nogmaals van harte bedanken voor de snelle reactie op mijn vraag en vooral op de goede werking en opvolging van het gebeuren. Ik denk wel dat ik deze zaak als opgelost kan beschouwen tenzij je nog enkele uit te voeren bewerkingen voor mij in petto hebt.
Nog een Dikke proficiat aan het bestaan en vooral aan alle medewerkers van deze Site.
Mikel