Ricardo
-
Items
203 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Ricardo
-
-
Probeer het eens met deze download.
Na een tijdje vogelen is het gelukt kind blij en ik blij.
-
Hallo Kweewzie Wabbit,
Ik heb het een en ander gevonden over ac 97 sound drivers. Maar ze praten over gratis downloaden en aan het einde toch betalen. Als het niet anders kan dan is het zo ,maar is er ook een site die dat niet heeft?
-
Probeer anders rechtstreeks op de site van nVidea: Drivers - Download NVIDIA Drivers
Kies de optie 2 om zeker de beste drivers voor jou kaart te hebben.
Ik heb optie 1 moeten nemen want twee kreeg ik niet voor elkaar.Het is wel gelukt met optie 1.
Bedankt ,ik kan me nu bezig houden met het geluid.
Zij kan ook geen you tube afspelen. Ieder geval is het instaleren van de video kaart gelukt.
-
Klopt het dat het een betaalde site is?
Ik heb het wel gevonden maar ik moet een reg.code in voeren.
-
Linkje naar Everest
Download start automatisch.
Ok bedankt , dit is wat ik gevonden hebt kunnen jullie hier wat mee of is dit te weinig info.
Veld Waarde
Bus 1, Apparaat 0, Functie 0 nVIDIA GeForce 6800 GT Video Adapter
Veld Waarde
Apparaatbeschrijving Intel 82801EB ICH5 - AC'97 Audio Controller [A-2/A-3]
Kan ik de software vinden op internet?
Groet ,
Ricardo
-
ooh ,dat zou het weleens kunnen zijn, mijn dochter heeft die pc gekregen maar niet met de software erbij want ze heeft ook geen geluid. Ik weet niet wat voor kaart erin zit want de mensen van wie ze het heeft gekregen zijn uit elkaar en verhuisd.Help het als ik de pc openmaakt en erachter probeer te komen wat voor kaart het is?
groet ,
Ricardo
-
Beste mensen,
Ik stuur dit berichtje via de pc van mijn dochter,ze had een virus op de pc waarbij ik de c- schijf moest formateren.Ik heb de c- schijf opnieuw geiinstalleerd maar nu gaat het scrollen erg schokkend.
Wat kan ik hier aan doen?
mvg,
Ricardo
-
Het is me gelukt nu heb al mijn berichten op een veilige plaats staan.
Bedankt
-
Ik heb een syssteem herstel gemaak en heb al mijn mails weer terug.
Maar ik zou grag willen weten of ik de locatie van de opgeslagen berichten kan veranderen zonder dat ik weer al mijn mails kwijt ben.
Ricardo
-
Hallo ,
Mag ik gelijk even gebruik maken van dit item?
Ik heb ook outlook express en wilde mijn berichten saven , ik heb gevonden hoe ik dat moest doen maar op een gegeven moment kreeg ik de keuze om gebruik te maken van het huidige archief of het nieuwe en ik koos voor het huidige. Wat er toen gebeurde was dat ik alle mailtjes zag verdwijnen en nu weet ik niet waar ik ze terug moet vinden want ze zouden opgeslagen moeten zijn ergens op mijn harde schijf. Ik wilde namelijk de locatie van het opslaan van de berichten veranderen. ik zou graag u hulp willen hebben.
Groet Ricardo
EDIT : heb even een eigen onderwerp voor je aangemaakt. Posten in het onderwerp van een andere gebruiker, leidt alleen maar tot verwarring.
-
ik heb het uitgevoerd en het is goed. De tabbladen komen niet meer automatisch erbij.
Een ander puntje als het mag.
Hoe krijg ik het veranderd wanneer ik mijn pc opstart dat ik niet op enter hoef te drukken om door te gaan. Dus ik start mijn pc dan krijg je de technische info met zwart scherm.
Dan krijg ik een blauw met een venster waarbij ik mijn wachtwoord in moet vullen Maar ik druk dan op enter en dan gaat hij door. Maar voor heen hoefde ik dat niet te doen. Wanneer de pc uit stond, een druk op de knop en wachten tot hij helemaall klaar was. Hoe krijg ik dat weer in die stand?
-
Ik wil je hartelijk bedanken voor je hulp en geduld. Het is inderdaad verholpen, ik ben zeer onder de indruk van je/jullie expertiese.
Ricardo
-
Bij deze het gevraagde.
Eerst van combofix
ComboFix 09-05-31.02 - Hill 01-06-2009 0:53.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2047.1283 [GMT 2:00]
Gestart vanuit: i:\documents and settings\Hill.RICARDO\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: i:\documents and settings\Hill.RICARDO\Bureaublad\CFScript.txt
AV: Quick Heal 10.00 *On-access scanning disabled* (Updated) {05C1329D-F0E0-4B19-9D15-54F9BC3ADE87}
FW: Quick Heal Firewall Pro *enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
FILE ::
"i:\windows\system32\b2.exe"
"i:\windows\system32\vic_setup.exe"
"i:\windows\Tasks\RegTool Scan.job"
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
i:\documents and settings\Hill.RICARDO\Application Data\RegTool
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-23 02-53-500.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-23 03-13-370.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-23 09-13-310.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-23 12-00-000.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-23 12-00-001.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-23 18-18-450.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-24 14-09-120.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-25 06-47-260.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-25 12-00-000.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-25 12-00-001.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-26 07-16-240.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-26 12-00-000.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-26 12-00-001.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-27 07-47-340.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-27 12-00-000.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-27 12-00-001.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-27 17-38-580.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-27 17-42-150.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-28 12-00-000.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-28 12-00-001.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-30 12-00-000.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-30 12-00-001.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-31 12-00-000.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-31 12-00-001.log
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 02-56-160\filelist.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\file0.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\file1.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\file2.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\file3.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\file4.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\filelist.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-0.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-1.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-10.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-11.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-12.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-13.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-14.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-2.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-3.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-4.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-5.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-6.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-7.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-8.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-9.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\file0.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\filelist.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-0.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-1.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-10.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-11.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-12.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-13.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-14.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-15.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-16.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-17.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-18.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-19.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-2.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-20.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-21.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-22.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-23.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-24.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-25.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-26.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-3.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-4.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-5.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-6.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-7.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-8.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-9.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\file0.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\file1.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\file2.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\file3.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\filelist.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-0.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-1.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-2.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-3.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-4.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-5.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-6.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-7.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-8.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\file0.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\filelist.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-0.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-1.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-2.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-3.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-4.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-5.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-6.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-7.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\file0.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\file1.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\file2.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\filelist.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-0.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-1.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-10.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-11.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-2.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-3.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-4.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-5.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-6.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-7.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-8.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-9.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\filelist.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\regb-0.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\regb-1.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\regb-2.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\regb-3.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\regb-4.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\regb-5.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\filelist.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\regb-0.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\regb-1.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\regb-2.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\regb-3.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\regb-4.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\regb-5.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Results\Evidence.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Results\Junk.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Results\Registry.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Results\Update.db
i:\documents and settings\Hill.RICARDO\Application Data\RegTool\spy_ignore.db
i:\windows\system32\b2.exe
i:\windows\system32\vic_setup.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SNDINTD
-------\Service_sndintd
(((((((((((((((((((( Bestanden Gemaakt van 2009-04-28 to 2009-05-31 ))))))))))))))))))))))))))))))
.
2009-05-15 21:42 . 2009-05-15 21:42 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Malwarebytes
2009-05-15 21:42 . 2009-04-06 13:32 15504 ----a-w- i:\windows\system32\drivers\mbam.sys
2009-05-15 21:42 . 2009-04-06 13:32 38496 ----a-w- i:\windows\system32\drivers\mbamswissarmy.sys
2009-05-15 21:42 . 2009-05-15 21:42 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-05-15 21:22 . 2009-05-15 21:22 -------- d-----w- i:\program files\The Weather Channel FW
2009-05-15 21:17 . 2009-05-15 21:17 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Sammsoft
2009-05-15 21:16 . 2009-05-15 21:21 -------- d-----w- i:\program files\Advanced Registry Optimizer
2009-05-15 21:13 . 2009-05-15 21:13 -------- d-----w- i:\documents and settings\Hill.RICARDO\Local Settings\Application Data\The Weather Channel
2009-05-13 16:11 . 2009-05-13 16:16 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-05-13 16:06 . 2009-05-13 16:06 -------- d-----w- i:\program files\TeaTimer (Spybot - Search & Destroy)
2009-05-13 16:06 . 2009-05-13 16:06 -------- d-----w- i:\program files\SDHelper (Spybot - Search & Destroy)
2009-05-10 23:08 . 2008-12-11 10:57 333952 -c----w- i:\windows\system32\dllcache\srv.sys
2009-05-10 23:08 . 2008-10-24 11:21 455296 -c----w- i:\windows\system32\dllcache\mrxsmb.sys
2009-05-10 23:08 . 2008-10-15 16:37 337408 -c----w- i:\windows\system32\dllcache\netapi32.dll
2009-05-10 23:07 . 2008-04-11 19:06 691712 -c----w- i:\windows\system32\dllcache\inetcomm.dll
2009-05-10 23:07 . 2009-05-10 23:17 -------- d--h--w- i:\windows\$hf_mig$
2009-05-10 23:07 . 2008-06-14 17:36 272640 -c----w- i:\windows\system32\dllcache\bthport.sys
2009-05-10 23:07 . 2008-05-08 14:02 203136 -c----w- i:\windows\system32\dllcache\rmcast.sys
2009-05-10 22:44 . 2009-05-15 21:50 -------- dc----w- I:\ProgramData
2009-05-10 22:44 . 2009-05-10 22:44 -------- d-----w- i:\program files\Angle Interactive
2009-05-08 08:27 . 2009-05-08 08:27 -------- d-----w- i:\program files\Trend Micro
2009-05-03 16:09 . 2009-05-03 16:09 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Nero
2009-05-03 15:16 . 2009-05-03 15:40 766 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_template_icon.exe
2009-05-03 15:16 . 2009-05-03 15:40 766 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_label_icon.exe
2009-05-03 15:16 . 2009-05-03 15:40 9158 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_cdrLabel_chm_icon.exe
2009-05-03 15:16 . 2009-05-03 15:40 7406 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_Register_url_icon.exe
2009-05-03 15:16 . 2009-05-03 15:40 7406 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_RegCL_exe_icon.exe
2009-05-03 15:16 . 2009-05-03 15:40 7406 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_cdrLabel_url_icon.exe
2009-05-03 15:16 . 2009-05-03 15:40 7398 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_cdrLabel_exe_icon.exe
2009-05-03 14:10 . 2009-05-03 14:10 82380 ----a-w- i:\windows\system32\drivers\AFS2K.SYS
2009-05-03 14:05 . 2009-05-03 14:11 20480 ----a-w- i:\windows\hpoins01.dat
2009-05-03 14:05 . 2003-04-06 04:33 16622 ------w- i:\windows\hpomdl01.dat
2009-05-03 14:04 . 2003-03-09 20:31 81920 ----a-r- i:\windows\system32\hpovst08.dll
2009-05-03 00:47 . 2009-05-03 15:56 28276 ----a-w- i:\windows\system32\drivers\MxlW2k.sys
2009-05-03 00:46 . 2009-05-03 00:46 -------- d-----w- i:\program files\MUSICMATCH
2009-05-02 23:46 . 2009-05-02 23:52 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\VERITAS
2009-05-02 23:46 . 2009-05-02 23:46 -------- d-----w- i:\program files\VERITAS Software
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-31 23:00 . 2008-02-08 19:21 -------- d-----w- i:\program files\SPAMfighter
2009-05-31 20:56 . 2008-02-28 11:55 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Skype
2009-05-31 19:14 . 2008-02-26 02:32 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Google Updater
2009-05-31 15:56 . 2008-02-28 12:05 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\skypePM
2009-05-23 20:43 . 2008-02-27 23:11 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Nokia
2009-05-23 20:27 . 2006-04-10 12:00 536884 ----a-w- i:\windows\system32\perfh013.dat
2009-05-23 20:27 . 2006-04-10 12:00 101106 ----a-w- i:\windows\system32\perfc013.dat
2009-05-23 01:09 . 2008-02-27 00:54 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\LimeWire
2009-05-15 20:07 . 2009-01-23 19:01 65144 ----a-w- i:\windows\system32\drivers\catflt.sys
2009-05-11 21:36 . 2009-04-17 17:55 -------- d---a-w- i:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-05-10 23:31 . 2008-02-25 22:58 70008 ----a-w- i:\documents and settings\Hill.RICARDO\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-10 23:18 . 2008-02-25 22:19 86811 ----a-w- i:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-03 15:55 . 2008-01-26 16:58 -------- d-----w- i:\program files\Common Files\Ahead
2009-05-03 00:46 . 2008-01-26 16:42 -------- d--h--w- i:\program files\InstallShield Installation Information
2009-04-30 22:34 . 2009-04-30 22:34 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Ahead
2009-04-30 09:00 . 2008-02-27 00:53 -------- d-----w- i:\program files\Java
2009-04-30 08:59 . 2009-04-28 07:22 152576 ----a-w- i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-29 08:37 . 2008-06-04 16:58 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Logishrd
2009-04-29 08:37 . 2008-06-04 16:58 -------- d-----w- i:\program files\Common Files\LogiShrd
2009-04-29 08:34 . 2008-03-01 18:09 -------- d-----w- i:\program files\Common Files\Logitech
2009-04-29 08:31 . 2008-02-06 00:51 -------- d-----w- i:\program files\NCH Swift Sound
2009-04-29 08:26 . 2008-02-04 18:05 -------- d-----w- i:\program files\Apple Software Update
2009-04-28 06:46 . 2008-01-26 17:10 -------- d-----w- i:\program files\Common Files\Nokia
2009-04-28 06:46 . 2008-01-26 17:09 -------- d-----w- i:\program files\Nokia
2009-04-28 06:46 . 2009-04-28 06:46 -------- d-----w- i:\program files\PC Connectivity Solution
2009-04-28 06:44 . 2008-07-21 15:37 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations
2009-04-28 06:44 . 2009-04-28 06:44 8192 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-04-28 06:44 . 2009-04-28 06:44 61440 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-04-28 06:44 . 2009-04-28 06:44 10240 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-04-28 06:42 . 2009-04-28 06:44 34150776 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_dut.exe
2009-04-27 16:23 . 2009-04-27 15:54 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Spybot - Search & Destroy
2009-04-26 17:02 . 2009-04-15 21:02 -------- d-----w- i:\program files\Common Files\Adobe
2009-04-25 22:39 . 2009-04-25 22:39 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\CyberLink
2009-04-25 22:39 . 2009-04-25 22:39 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\CyberLink
2009-04-25 22:38 . 2009-04-25 22:38 -------- d-----w- i:\program files\Cyberlink
2009-04-18 10:25 . 2009-04-18 10:25 3351812 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\msxml6Exec.exe
2009-04-18 10:25 . 2009-04-18 10:25 36864 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\Sleep.exe
2009-04-18 10:25 . 2009-04-18 10:25 3181612 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\vcredistExec.exe
2009-04-18 10:24 . 2009-04-18 10:25 24528928 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\NokiaSoftwareUpdaterSetup_1.4.98NP.exe
2009-04-16 18:13 . 2009-04-16 18:13 -------- d-----w- i:\program files\AOER
2009-04-16 17:59 . 2008-02-25 22:41 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-04-16 16:36 . 2009-04-16 16:36 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Windows Search
2009-04-16 05:02 . 2009-04-16 05:02 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Windows Desktop Search
2009-04-16 04:55 . 2009-04-15 19:58 -------- d-----w- i:\program files\Downloaded Installers
2009-04-16 04:17 . 2008-01-26 17:37 -------- d-----w- i:\program files\MSBuild
2009-04-16 04:17 . 2009-04-16 04:17 -------- d-----w- i:\program files\Reference Assemblies
2009-04-15 21:45 . 2009-04-15 21:45 -------- d-----w- i:\program files\Windows Desktop Search
2009-04-15 21:04 . 2009-04-15 21:04 152576 ----a-w- i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\jre1.6.0_12\lzma.dll
2009-04-15 20:21 . 2008-02-24 20:45 -------- d-----w- i:\program files\internet explorer(2)
2009-04-15 20:21 . 2008-02-27 00:52 -------- d-----w- i:\program files\LimeWire
2009-04-14 23:16 . 2008-02-27 00:17 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\NCH Swift Sound
2009-04-14 22:37 . 2009-04-14 22:37 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Uniblue
2009-03-12 16:30 . 2009-03-12 16:30 133 ---ha-w- I:\hpothb07.dat
2009-03-09 03:19 . 2009-02-01 13:22 410984 ----a-w- i:\windows\system32\deploytk.dll
2009-03-06 14:23 . 2006-04-10 12:00 285696 ----a-w- i:\windows\system32\pdh.dll
2009-03-03 00:16 . 2006-04-10 12:00 826368 ----a-w- i:\windows\system32\wininet.dll
2008-03-01 13:58 . 2008-03-01 13:58 25605664 ----a-w- i:\program files\qhntplus2008.exe
2008-02-26 01:34 . 2008-02-26 01:29 25212600 ----a-w- i:\program files\qhnteval quick Heal.exe
2008-02-07 19:23 . 2008-02-07 19:23 387968 ----a-w- i:\program files\spywarefighter.exe
2008-02-07 19:07 . 2008-02-07 23:45 1406096 ----a-w- i:\program files\spamfighter_web.exe
2008-02-07 00:24 . 2008-02-07 00:24 870008 ------w- i:\program files\Google Updater.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-05-31_12.14.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-31 22:57 . 2009-05-31 22:57 16384 i:\windows\Temp\Perflib_Perfdata_2d8.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="i:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"PopUpStopperFreeEdition"="e:\program files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe" [2005-03-17 536576]
"swg"="i:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-02 68856]
"OM_Monitor"="e:\backup g schijf bestuuring\Program Files\Monitor.exe" [2004-08-06 61440]
"OM2_Monitor"="i:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-05-15 95536]
"TomTomHOME.exe"="e:\backup g schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-04-08 251240]
"PC Suite Tray"="c:\program files\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]
"SpybotSD TeaTimer"="e:\backup k schijf applicaties\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"AROReminder"="i:\program files\Advanced Registry Optimizer\aro.exe" [2008-08-22 2084480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="i:\windows\ehome\ehtray.exe" [2005-08-17 64512]
"GrooveMonitor"="i:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"NeroFilterCheck"="i:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-05-28 570664]
"StartCCC"="i:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"NSLauncher"="i:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2006-11-28 2658304]
"tsnpstd3"="i:\windows\tsnpstd3.exe" [2006-08-21 114688]
"QuickTime Task"="i:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"iTunesHelper"="i:\program files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"PAC207_Monitor"="i:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"Monitor"="i:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"Email Protection"="i:\progra~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE" [2009-01-23 267640]
"Update Scheduler"="i:\progra~1\QUICKH~1\QUICKH~1\UPSCHD.EXE" [2009-01-23 95608]
"Startup Scan"="i:\progra~1\QUICKH~1\QUICKH~1\Sensor.EXE" [2009-01-23 144760]
"ResumeQuickupDownload"="i:\progra~1\QUICKH~1\QUICKH~1\acappaa.exe" [2009-01-23 95608]
"Quick Heal Monitor"="i:\progra~1\QUICKH~1\QUICKH~2\op_mon.exe" [2008-07-31 1941504]
"RemoteControl"="E:\PDVDServ.exe" [2007-01-08 68640]
"LanguageShortcut"="e:\language\Language.exe" [2007-01-08 52256]
"Adobe Reader Speed Launcher"="i:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="i:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"StorageGuard"="i:\program files\VERITAS Software\Update Manager\sgtray.exe" [2002-06-17 155648]
"MMTray"="i:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2003-03-14 143360]
"SPAMfighter Agent"="i:\program files\SPAMfighter\SFAgent.exe" [2009-03-12 326792]
"Resume Quickup"="i:\progra~1\QUICKH~1\QUICKH~1\QuickUp.exe" [2009-05-15 284024]
"On-Line Protection"="i:\progra~1\QUICKH~1\QUICKH~1\cateye.exe" [2009-05-15 210296]
"RTHDCPL"="RTHDCPL.EXE" - i:\windows\RTHDCPL.exe [2006-10-30 16269312]
"SkyTel"="SkyTel.EXE" - i:\windows\SkyTel.exe [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Startup Scan"="i:\progra~1\QUICKH~1\QUICKH~1\Sensor.EXE" [2009-01-23 144760]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="i:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
i:\documents and settings\Hill.RICARDO\Menu Start\Programma's\Opstarten\
OneNote 2007 Schermopname en Snel starten.lnk - i:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
i:\documents and settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\
hp psc 2000 Series.lnk - e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpobnz08.exe [2003-4-6 323646]
hpoddt01.exe.lnk - e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]
Windows Search.lnk - i:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoSecCPL"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoConfigPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoNetSetup"= 0 (0x0)
"NoNetSetupIDPage"= 0 (0x0)
"NoNetSetupSecurityPage"= 0 (0x0)
"NoWorkgroupContents"= 0 (0x0)
"NoEntireNetwork"= 0 (0x0)
"NoFileSharingControl"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)
"RestrictRun"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "i:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"i:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"i:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"i:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"i:\\Program Files\\LimeWire\\LimeWire.exe"=
"i:\\Program Files\\Messenger\\msmsgs.exe"=
"e:\\backup G Schijf bestuuring\\Program Files\\LimeWire pro\\LimeWire.exe"=
"i:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"i:\\Program Files\\Skype\\Phone\\Skype.exe"=
"i:\\Program Files\\Bonjour\\mDNSResponder.exe"=
R1 SandBox;SandBox;i:\windows\system32\drivers\SandBox.sys [23-1-2009 21:27 673920]
R2 acssrv;Quick Heal Client Security Service;i:\progra~1\QUICKH~1\QUICKH~2\acs.exe [23-1-2009 21:27 1224704]
R2 catflt;catflt;i:\windows\system32\drivers\catflt.sys [23-1-2009 21:01 65144]
R2 EMLSS;EMLSS;i:\windows\system32\drivers\EMLTDI.SYS [23-1-2009 21:01 28656]
R2 gearsec;gearsec;i:\windows\system32\gearsec.exe [30-11-2005 12:43 58952]
R2 Online Protection System;Online Protection System;i:\progra~1\QUICKH~1\QUICKH~1\opssvc.exe [23-1-2009 21:01 17272]
R2 Quick Heal Antivirus Plus Mail Protection;Quick Heal Antivirus Plus Mail Protection;i:\progra~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE [23-1-2009 21:01 50552]
R2 Quick Update Service;Quick Update Service;i:\progra~1\QUICKH~1\QUICKH~1\quhlpsvc.exe [23-1-2009 21:01 58744]
R2 SPAMfighter Update Service;SPAMfighter Update Service;i:\program files\SPAMfighter\sfus.exe [16-1-2009 11:11 184968]
R2 TomTomHOMEService;TomTomHOMEService;e:\backup g schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMEService.exe [8-4-2009 12:38 92008]
R3 afw;Agnitum firewall driver;i:\windows\system32\drivers\afw.sys [23-1-2009 21:27 30864]
R3 afwcore;afwcore;i:\windows\system32\drivers\afwcore.sys [23-1-2009 21:28 234640]
R3 PAC207;Trust 100K Series Webcam;i:\windows\system32\drivers\PFC027.SYS [1-1-2009 2:57 618112]
S3 hitmanpro3;Hitman Pro 3 Support Driver; [x]
S3 SpyFighter;SpyFighter Guard Device;i:\program files\SPYWAREfighter\spyfighter.sys [21-2-2008 15:38 8336]
S3 SPYWAREfighterRP;SPYWAREfighterRP;i:\program files\SPYWAREfighter\spfprc.exe [21-2-2008 15:37 406160]
.
Inhoud van de 'Gedeelde Taken' map
2009-05-31 i:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job
- i:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 09:20]
2009-05-03 i:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 2100 series5E771253C1676EBED677BF361FDFC537825E15B8241360262.job
- e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]
2009-05-31 i:\windows\Tasks\Google Software Updater.job
- i:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-02 19:04]
.
.
------- Bijkomende Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - i:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
.
**************************************************************************
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden:
**************************************************************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'winlogon.exe'(960)
i:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3856)
e:\program files\Panicware\Pop-Up Stopper Free Edition\XAHook.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
i:\windows\system32\ati2evxx.exe
i:\windows\system32\ati2evxx.exe
i:\program files\Bonjour\mDNSResponder.exe
i:\windows\ehome\ehRecvr.exe
i:\windows\ehome\ehSched.exe
i:\program files\Java\jre6\bin\jqs.exe
i:\program files\Common Files\LightScribe\LSSrvc.exe
i:\program files\Cyberlink\Shared Files\RichVideo.exe
i:\progra~1\QUICKH~1\QUICKH~1\SCANWSCS.EXE
i:\windows\ehome\mcrdsvc.exe
i:\windows\system32\searchindexer.exe
i:\windows\system32\dllhost.exe
i:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
i:\windows\ehome\ehmsas.exe
i:\program files\PC Connectivity Solution\ServiceLayer.exe
i:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
i:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
i:\progra~1\QUICKH~1\QUICKH~1\onlinent.exe
i:\program files\iPod\bin\iPodService.exe
i:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
i:\windows\system32\msiexec.exe
e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpoevm08.exe
e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hposts08.exe
.
**************************************************************************
.
Voltooingstijd: 2009-05-31 1:02 - machine werd herstart
ComboFix-quarantined-files.txt 2009-05-31 23:02
ComboFix2.txt 2009-05-31 22:37
ComboFix3.txt 2009-05-31 22:26
ComboFix4.txt 2009-05-31 12:21
Pre-Run: 5.360.648.192 bytes beschikbaar
Post-Run: 5.365.350.400 bytes beschikbaar
432 --- E O F --- 2009-05-23 01:17
==============================================================
hijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:05:02, on 1-6-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Bonjour\mDNSResponder.exe
I:\WINDOWS\eHome\ehRecvr.exe
I:\WINDOWS\eHome\ehSched.exe
I:\WINDOWS\system32\gearsec.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Common Files\LightScribe\LSSrvc.exe
I:\PROGRA~1\QUICKH~1\QUICKH~1\opssvc.exe
I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE
I:\PROGRA~1\QUICKH~1\QUICKH~1\quhlpsvc.exe
I:\Program Files\Cyberlink\Shared Files\RichVideo.exe
I:\PROGRA~1\QUICKH~1\QUICKH~1\scanwscs.exe
I:\Program Files\SPAMfighter\sfus.exe
I:\WINDOWS\system32\svchost.exe
E:\backup G Schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMEService.exe
I:\WINDOWS\system32\SearchIndexer.exe
I:\WINDOWS\system32\dllhost.exe
I:\WINDOWS\ehome\ehtray.exe
I:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
I:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
I:\WINDOWS\RTHDCPL.EXE
I:\WINDOWS\eHome\ehmsas.exe
I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
I:\WINDOWS\tsnpstd3.exe
I:\Program Files\iTunes\iTunesHelper.exe
I:\WINDOWS\PixArt\PAC207\Monitor.exe
I:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE
I:\PROGRA~1\QUICKH~1\QUICKH~1\UPSCHD.EXE
I:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
E:\PDVDServ.exe
I:\Program Files\Java\jre6\bin\jusched.exe
I:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
I:\Program Files\SPAMfighter\SFAgent.exe
I:\PROGRA~1\QUICKH~1\QUICKH~1\OnlineNT.EXE
I:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\backup G Schijf bestuuring\Program Files\Monitor.exe
I:\Program Files\iPod\bin\iPodService.exe
E:\backup G Schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\program Files\Nokia PC Suite 7\PCSuite.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
I:\WINDOWS\system32\msiexec.exe
E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpobnz08.exe
E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpotdd01.exe
I:\Program Files\Windows Desktop Search\WindowsSearch.exe
I:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpoevm08.exe
E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\Bin\hpoSTS08.exe
I:\WINDOWS\explorer.exe
I:\WINDOWS\system32\SearchProtocolHost.exe
I:\Program Files\Trend Micro\HijackThis\HijackThis.exe
I:\Program Files\Internet Explorer\IEXPLORE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - I:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\BA5FEC~1\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EmailBHO - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - E:\backup G Schijf bestuuring\Program Files\jZip\WebmailPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - I:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ehTray] I:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "I:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] I:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [startCCC] I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [NSLauncher] I:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [skyTel] SkyTel.EXE
O4 - HKLM\..\Run: [tsnpstd3] I:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PAC207_Monitor] I:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] I:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE
O4 - HKLM\..\Run: [update Scheduler] I:\PROGRA~1\QUICKH~1\QUICKH~1\UPSCHD.EXE /CHECK
O4 - HKLM\..\Run: [startup Scan] I:\PROGRA~1\QUICKH~1\QUICKH~1\Sensor.EXE /LOADRUN
O4 - HKLM\..\Run: [ResumeQuickupDownload] I:\PROGRA~1\QUICKH~1\QUICKH~1\acappaa.exe
O4 - HKLM\..\Run: [Quick Heal Monitor] I:\PROGRA~1\QUICKH~1\QUICKH~2\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [RemoteControl] E:\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] E:\Language\Language.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [storageGuard] "I:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] I:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [sPAMfighter Agent] "I:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Resume Quickup] I:\PROGRA~1\QUICKH~1\QUICKH~1\QuickUp.exe /resumei /silent /show
O4 - HKLM\..\Run: [On-Line Protection] I:\PROGRA~1\QUICKH~1\QUICKH~1\cateye.exe
O4 - HKLM\..\RunOnce: [startup Scan] I:\PROGRA~1\QUICKH~1\QUICKH~1\Sensor.EXE /check
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM_Monitor] E:\backup G Schijf bestuuring\Program Files\Monitor.exe
O4 - HKCU\..\Run: [OM2_Monitor] "I:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [PC Suite Tray] "C:\program Files\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [AROReminder] I:\Program Files\Advanced Registry Optimizer\aro.exe -rem
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Windows Search.lnk = I:\Program Files\Windows Desktop Search\WindowsSearch.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211811587296
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: gearsec - GEAR Software - I:\WINDOWS\system32\gearsec.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - I:\Program Files\SPAMfighter\sfus.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - I:\Program Files\SPYWAREfighter\spfprc.exe
-
Het heeft even geduurd door mijjn werkzaamheden maar ik heb combifix uitgevoerd en inderdaad ik kan weer mijn schijven defragmenteren. Ik heb toch voor de zekerheid het logje meegestuurd.
aComboFix 09-05-24.07 - Hill 31-05-2009 14:02.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2047.1609 [GMT 2:00]
Gestart vanuit: M:\ComboFix.exe
AV: Quick Heal 10.00 *On-access scanning enabled* (Outdated) {05C1329D-F0E0-4B19-9D15-54F9BC3ADE87}
FW: Quick Heal Firewall Pro *enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\xcrashdump.dat
i:\windows\IE4 Error Log.txt
i:\windows\system32\drivers\ovfsthxtpmxarlp.sys
i:\windows\system32\ovfsthxnvhidddp.dat
i:\windows\system32\ovfsthxpstdinep.dll
i:\windows\system32\ovfsthxqgoasakc.dll
i:\windows\system32\ovfsthxujcjsnus.dat
i:\windows\system32\ovfsthxuwyerdks.dll
i:\windows\system32\uniq.tll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_ovfsthxuntlmpai
-------\Legacy_IAS
-------\Legacy_PCM1394
-------\Service_Ias
-------\Service_pcm1394
-------\Service_WinDHCPsvc
(((((((((((((((((((( Bestanden Gemaakt van 2009-04-28 to 2009-05-31 ))))))))))))))))))))))))))))))
.
2009-05-27 16:07 . 2009-05-27 16:07 17408 ----a-w i:\windows\system32\b2.exe
2009-05-27 15:52 . 2009-05-27 15:52 107155 ----a-w i:\windows\system32\vic_setup.exe
2009-05-23 00:53 . 2009-05-23 10:00 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\RegTool
2009-05-15 21:42 . 2009-05-15 21:42 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Malwarebytes
2009-05-15 21:42 . 2009-04-06 13:32 15504 ----a-w i:\windows\system32\drivers\mbam.sys
2009-05-15 21:42 . 2009-04-06 13:32 38496 ----a-w i:\windows\system32\drivers\mbamswissarmy.sys
2009-05-15 21:42 . 2009-05-15 21:42 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-05-15 21:22 . 2009-05-15 21:22 -------- d-----w i:\program files\The Weather Channel FW
2009-05-15 21:17 . 2009-05-15 21:17 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Sammsoft
2009-05-15 21:16 . 2009-05-15 21:21 -------- d-----w i:\program files\Advanced Registry Optimizer
2009-05-15 21:13 . 2009-05-15 21:13 -------- d-----w i:\documents and settings\Hill.RICARDO\Local Settings\Application Data\The Weather Channel
2009-05-13 16:11 . 2009-05-13 16:16 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-05-13 16:06 . 2009-05-13 16:06 -------- d-----w i:\program files\TeaTimer (Spybot - Search & Destroy)
2009-05-13 16:06 . 2009-05-13 16:06 -------- d-----w i:\program files\SDHelper (Spybot - Search & Destroy)
2009-05-10 23:08 . 2008-12-11 10:57 333952 -c----w i:\windows\system32\dllcache\srv.sys
2009-05-10 23:08 . 2008-10-24 11:21 455296 -c----w i:\windows\system32\dllcache\mrxsmb.sys
2009-05-10 23:08 . 2008-10-15 16:37 337408 -c----w i:\windows\system32\dllcache\netapi32.dll
2009-05-10 23:07 . 2008-04-11 19:06 691712 -c----w i:\windows\system32\dllcache\inetcomm.dll
2009-05-10 23:07 . 2009-05-10 23:17 -------- d--h--w i:\windows\$hf_mig$
2009-05-10 23:07 . 2008-06-14 17:36 272640 -c----w i:\windows\system32\dllcache\bthport.sys
2009-05-10 23:07 . 2008-05-08 14:02 203136 -c----w i:\windows\system32\dllcache\rmcast.sys
2009-05-10 22:44 . 2009-05-15 21:50 -------- dc----w I:\ProgramData
2009-05-10 22:44 . 2009-05-10 22:44 -------- d-----w i:\program files\Angle Interactive
2009-05-08 08:27 . 2009-05-08 08:27 -------- d-----w i:\program files\Trend Micro
2009-05-03 16:09 . 2009-05-03 16:09 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Nero
2009-05-03 15:16 . 2009-05-03 15:40 766 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_template_icon.exe
2009-05-03 15:16 . 2009-05-03 15:40 766 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_label_icon.exe
2009-05-03 15:16 . 2009-05-03 15:40 9158 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_cdrLabel_chm_icon.exe
2009-05-03 15:16 . 2009-05-03 15:40 7406 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_Register_url_icon.exe
2009-05-03 15:16 . 2009-05-03 15:40 7406 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_RegCL_exe_icon.exe
2009-05-03 15:16 . 2009-05-03 15:40 7406 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_cdrLabel_url_icon.exe
2009-05-03 15:16 . 2009-05-03 15:40 7398 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_cdrLabel_exe_icon.exe
2009-05-03 14:10 . 2009-05-03 14:10 82380 ----a-w i:\windows\system32\drivers\AFS2K.SYS
2009-05-03 14:05 . 2009-05-03 14:11 20480 ----a-w i:\windows\hpoins01.dat
2009-05-03 14:05 . 2003-04-06 04:33 16622 ------w i:\windows\hpomdl01.dat
2009-05-03 14:04 . 2003-03-09 20:31 81920 ----a-r i:\windows\system32\hpovst08.dll
2009-05-03 00:47 . 2009-05-03 15:56 28276 ----a-w i:\windows\system32\drivers\MxlW2k.sys
2009-05-03 00:46 . 2009-05-03 00:46 -------- d-----w i:\program files\MUSICMATCH
2009-05-02 23:46 . 2009-05-02 23:52 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\VERITAS
2009-05-02 23:46 . 2009-05-02 23:46 -------- d-----w i:\program files\VERITAS Software
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-31 12:17 . 2008-02-08 19:21 -------- d-----w i:\program files\SPAMfighter
2009-05-30 18:13 . 2008-02-26 02:32 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Google Updater
2009-05-23 20:43 . 2008-02-27 23:11 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Nokia
2009-05-23 20:27 . 2006-04-10 12:00 536884 ----a-w i:\windows\system32\perfh013.dat
2009-05-23 20:27 . 2006-04-10 12:00 101106 ----a-w i:\windows\system32\perfc013.dat
2009-05-23 16:01 . 2008-02-28 11:55 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Skype
2009-05-23 01:09 . 2008-02-27 00:54 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\LimeWire
2009-05-15 23:07 . 2009-04-17 17:55 -------- d-----w i:\program files\PC Doc Pro
2009-05-15 20:07 . 2009-01-23 19:01 65144 ----a-w i:\windows\system32\drivers\catflt.sys
2009-05-14 20:20 . 2008-02-28 12:05 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\skypePM
2009-05-11 21:36 . 2009-04-17 17:55 -------- d---a-w i:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-05-10 23:31 . 2008-02-25 22:58 70008 ----a-w i:\documents and settings\Hill.RICARDO\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-10 23:18 . 2008-02-25 22:19 86811 ----a-w i:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-03 15:55 . 2008-01-26 16:58 -------- d-----w i:\program files\Common Files\Ahead
2009-05-03 00:46 . 2008-01-26 16:42 -------- d--h--w i:\program files\InstallShield Installation Information
2009-04-30 22:34 . 2009-04-30 22:34 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Ahead
2009-04-30 09:00 . 2008-02-27 00:53 -------- d-----w i:\program files\Java
2009-04-30 08:59 . 2009-04-28 07:22 152576 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-29 08:38 . 2009-04-29 08:38 499712 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-56efb34e-n\msvcp71.dll
2009-04-29 08:38 . 2009-04-29 08:38 499712 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-56efb34e-n\jmc.dll
2009-04-29 08:38 . 2009-04-29 08:38 348160 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-56efb34e-n\msvcr71.dll
2009-04-29 08:37 . 2008-06-04 16:58 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Logishrd
2009-04-29 08:37 . 2008-06-04 16:58 -------- d-----w i:\program files\Common Files\LogiShrd
2009-04-29 08:34 . 2008-03-01 18:09 -------- d-----w i:\program files\Common Files\Logitech
2009-04-29 08:31 . 2008-02-06 00:51 -------- d-----w i:\program files\NCH Swift Sound
2009-04-29 08:26 . 2008-02-04 18:05 -------- d-----w i:\program files\Apple Software Update
2009-04-29 06:55 . 2009-04-29 06:55 24064 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\15\4e09eacf-4d454dc2-n\Decora-D3D.dll
2009-04-28 06:46 . 2008-01-26 17:10 -------- d-----w i:\program files\Common Files\Nokia
2009-04-28 06:46 . 2008-01-26 17:09 -------- d-----w i:\program files\Nokia
2009-04-28 06:46 . 2009-04-28 06:46 -------- d-----w i:\program files\PC Connectivity Solution
2009-04-28 06:44 . 2008-07-21 15:37 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Installations
2009-04-28 06:44 . 2009-04-28 06:44 8192 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-04-28 06:44 . 2009-04-28 06:44 61440 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-04-28 06:44 . 2009-04-28 06:44 10240 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-04-28 06:42 . 2009-04-28 06:44 34150776 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_dut.exe
2009-04-27 16:23 . 2009-04-27 15:54 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Spybot - Search & Destroy
2009-04-26 17:02 . 2009-04-15 21:02 -------- d-----w i:\program files\Common Files\Adobe
2009-04-25 22:39 . 2009-04-25 22:39 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\CyberLink
2009-04-25 22:39 . 2009-04-25 22:39 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\CyberLink
2009-04-25 22:38 . 2009-04-25 22:38 -------- d-----w i:\program files\Cyberlink
2009-04-22 14:01 . 2009-04-22 14:01 57344 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\50\5b902232-63dba348-n\Decora-SSE.dll
2009-04-18 10:25 . 2009-04-18 10:25 3351812 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\msxml6Exec.exe
2009-04-18 10:25 . 2009-04-18 10:25 36864 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\Sleep.exe
2009-04-18 10:25 . 2009-04-18 10:25 3181612 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\vcredistExec.exe
2009-04-18 10:24 . 2009-04-18 10:25 24528928 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\NokiaSoftwareUpdaterSetup_1.4.98NP.exe
2009-04-16 18:13 . 2009-04-16 18:13 -------- d-----w i:\program files\AOER
2009-04-16 17:59 . 2008-02-25 22:41 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-04-16 16:36 . 2009-04-16 16:36 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Windows Search
2009-04-16 05:02 . 2009-04-16 05:02 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Windows Desktop Search
2009-04-16 04:55 . 2009-04-15 19:58 -------- d-----w i:\program files\Downloaded Installers
2009-04-16 04:17 . 2008-01-26 17:37 -------- d-----w i:\program files\MSBuild
2009-04-16 04:17 . 2009-04-16 04:17 -------- d-----w i:\program files\Reference Assemblies
2009-04-15 21:45 . 2009-04-15 21:45 -------- d-----w i:\program files\Windows Desktop Search
2009-04-15 21:15 . 2009-04-15 21:15 315392 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-2bf90666-n\jogl.dll
2009-04-15 21:15 . 2009-04-15 21:15 20480 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-2bf90666-n\jogl_awt.dll
2009-04-15 21:15 . 2009-04-15 21:15 114688 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-2bf90666-n\jogl_cg.dll
2009-04-15 21:06 . 2009-04-15 21:06 20480 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\45\4f710eed-1dfd6847-n\gluegen-rt.dll
2009-04-15 21:04 . 2009-04-15 21:04 152576 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\jre1.6.0_12\lzma.dll
2009-04-15 20:21 . 2008-02-24 20:45 -------- d-----w i:\program files\internet explorer(2)
2009-04-15 20:21 . 2008-02-27 00:52 -------- d-----w i:\program files\LimeWire
2009-04-15 19:59 . 2009-04-15 16:40 -------- d-----w i:\program files\TweakNow RegCleaner Std
2009-04-14 23:16 . 2008-02-27 00:17 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\NCH Swift Sound
2009-04-14 22:37 . 2009-04-14 22:37 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Uniblue
2009-03-12 16:30 . 2009-03-12 16:30 133 ---ha-w I:\hpothb07.dat
2009-03-09 03:19 . 2009-02-01 13:22 410984 ----a-w i:\windows\system32\deploytk.dll
2009-03-06 14:23 . 2006-04-10 12:00 285696 ----a-w i:\windows\system32\pdh.dll
2009-03-03 00:16 . 2006-04-10 12:00 826368 ----a-w i:\windows\system32\wininet.dll
2008-03-01 13:58 . 2008-03-01 13:58 25605664 ----a-w i:\program files\qhntplus2008.exe
2008-02-26 01:34 . 2008-02-26 01:29 25212600 ----a-w i:\program files\qhnteval quick Heal.exe
2008-02-07 19:23 . 2008-02-07 19:23 387968 ----a-w i:\program files\spywarefighter.exe
2008-02-07 19:07 . 2008-02-07 23:45 1406096 ----a-w i:\program files\spamfighter_web.exe
2008-02-07 00:24 . 2008-02-07 00:24 870008 ------w i:\program files\Google Updater.exe
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="i:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"PopUpStopperFreeEdition"="e:\program files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe" [2005-03-17 536576]
"swg"="i:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-02 68856]
"OM_Monitor"="e:\backup g schijf bestuuring\Program Files\Monitor.exe" [2004-08-06 61440]
"OM2_Monitor"="i:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-05-15 95536]
"TomTomHOME.exe"="e:\backup g schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-04-08 251240]
"PC Suite Tray"="c:\program files\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]
"SpybotSD TeaTimer"="e:\backup k schijf applicaties\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"AROReminder"="i:\program files\Advanced Registry Optimizer\aro.exe" [2008-08-22 2084480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="i:\windows\ehome\ehtray.exe" [2005-08-17 64512]
"GrooveMonitor"="i:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"NeroFilterCheck"="i:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-05-28 570664]
"StartCCC"="i:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"NSLauncher"="i:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2006-11-28 2658304]
"tsnpstd3"="i:\windows\tsnpstd3.exe" [2006-08-21 114688]
"QuickTime Task"="i:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"iTunesHelper"="i:\program files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"PAC207_Monitor"="i:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"Monitor"="i:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"Email Protection"="i:\progra~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE" [2009-01-23 267640]
"Update Scheduler"="i:\progra~1\QUICKH~1\QUICKH~1\UPSCHD.EXE" [2009-01-23 95608]
"Startup Scan"="i:\progra~1\QUICKH~1\QUICKH~1\Sensor.EXE" [2009-01-23 144760]
"ResumeQuickupDownload"="i:\progra~1\QUICKH~1\QUICKH~1\acappaa.exe" [2009-01-23 95608]
"Quick Heal Monitor"="i:\progra~1\QUICKH~1\QUICKH~2\op_mon.exe" [2008-07-31 1941504]
"RemoteControl"="E:\PDVDServ.exe" [2007-01-08 68640]
"LanguageShortcut"="e:\language\Language.exe" [2007-01-08 52256]
"Adobe Reader Speed Launcher"="i:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="i:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"StorageGuard"="i:\program files\VERITAS Software\Update Manager\sgtray.exe" [2002-06-17 155648]
"MMTray"="i:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2003-03-14 143360]
"SPAMfighter Agent"="i:\program files\SPAMfighter\SFAgent.exe" [2009-03-12 326792]
"Resume Quickup"="i:\progra~1\QUICKH~1\QUICKH~1\QuickUp.exe" [2009-05-15 284024]
"RTHDCPL"="RTHDCPL.EXE" - i:\windows\RTHDCPL.exe [2006-10-30 16269312]
"SkyTel"="SkyTel.EXE" - i:\windows\SkyTel.exe [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Startup Scan"="i:\progra~1\QUICKH~1\QUICKH~1\Sensor.EXE" [2009-01-23 144760]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="i:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"svc"="c:\program files\ThunMail\testabd.exe" [2009-05-27 61440]
i:\documents and settings\Hill.RICARDO\Menu Start\Programma's\Opstarten\
OneNote 2007 Schermopname en Snel starten.lnk - i:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
i:\documents and settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\
hp psc 2000 Series.lnk - e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpobnz08.exe [2003-4-6 323646]
hpoddt01.exe.lnk - e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]
Windows Search.lnk - i:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoSecCPL"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoConfigPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoNetSetup"= 0 (0x0)
"NoNetSetupIDPage"= 0 (0x0)
"NoNetSetupSecurityPage"= 0 (0x0)
"NoWorkgroupContents"= 0 (0x0)
"NoEntireNetwork"= 0 (0x0)
"NoFileSharingControl"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)
"RestrictRun"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "i:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"i:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"i:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"i:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"i:\\Program Files\\LimeWire\\LimeWire.exe"=
"i:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"i:\\Program Files\\Messenger\\msmsgs.exe"=
"e:\\backup G Schijf bestuuring\\Program Files\\LimeWire pro\\LimeWire.exe"=
"i:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"i:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 SandBox;SandBox;i:\windows\system32\drivers\SandBox.sys [23-1-2009 21:27 673920]
R2 acssrv;Quick Heal Client Security Service;i:\progra~1\QUICKH~1\QUICKH~2\acs.exe [23-1-2009 21:27 1224704]
R2 catflt;catflt;i:\windows\system32\drivers\catflt.sys [23-1-2009 21:01 65144]
R2 EMLSS;EMLSS;i:\windows\system32\drivers\EMLTDI.SYS [23-1-2009 21:01 28656]
R2 gearsec;gearsec;i:\windows\system32\gearsec.exe [30-11-2005 12:43 58952]
R2 Quick Heal Antivirus Plus Mail Protection;Quick Heal Antivirus Plus Mail Protection;i:\progra~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE [23-1-2009 21:01 50552]
R2 Quick Update Service;Quick Update Service;i:\progra~1\QUICKH~1\QUICKH~1\quhlpsvc.exe [23-1-2009 21:01 58744]
R2 SPAMfighter Update Service;SPAMfighter Update Service;i:\program files\SPAMfighter\sfus.exe [16-1-2009 11:11 184968]
R2 TomTomHOMEService;TomTomHOMEService;e:\backup g schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMEService.exe [8-4-2009 12:38 92008]
R3 afw;Agnitum firewall driver;i:\windows\system32\drivers\afw.sys [23-1-2009 21:27 30864]
R3 afwcore;afwcore;i:\windows\system32\drivers\afwcore.sys [23-1-2009 21:28 234640]
R3 PAC207;Trust 100K Series Webcam;i:\windows\system32\drivers\PFC027.SYS [1-1-2009 2:57 618112]
S3 hitmanpro3;Hitman Pro 3 Support Driver; [x]
S3 sndintd;sndintd; [x]
S3 SpyFighter;SpyFighter Guard Device;i:\program files\SPYWAREfighter\spyfighter.sys [21-2-2008 15:38 8336]
S3 SPYWAREfighterRP;SPYWAREfighterRP;i:\program files\SPYWAREfighter\spfprc.exe [21-2-2008 15:37 406160]
S4 Online Protection System;Online Protection System;i:\progra~1\QUICKH~1\QUICKH~1\opssvc.exe [23-1-2009 21:01 17272]
.
Inhoud van de 'Gedeelde Taken' map
2009-05-31 i:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job
- i:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 09:20]
2009-05-03 i:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 2100 series5E771253C1676EBED677BF361FDFC537825E15B8241360262.job
- e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]
2009-05-31 i:\windows\Tasks\Google Software Updater.job
- i:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-02 19:04]
2009-05-31 i:\windows\Tasks\RegTool Scan.job
- l:\bestanden en set ups\RegTool\RegTool.exe [2009-05-02 06:40]
.
- - - - ORPHANS VERWIJDERD - - - -
SafeBoot-procexp90.Sys
.
------- Bijkomende Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - i:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-05-31 14:14
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'winlogon.exe'(960)
i:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3108)
e:\program files\Panicware\Pop-Up Stopper Free Edition\XAHook.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
i:\windows\system32\ati2evxx.exe
i:\windows\system32\ati2evxx.exe
i:\program files\Bonjour\mDNSResponder.exe
i:\windows\ehome\ehRecvr.exe
i:\windows\ehome\ehSched.exe
i:\program files\Java\jre6\bin\jqs.exe
i:\program files\Common Files\LightScribe\LSSrvc.exe
i:\program files\Cyberlink\Shared Files\RichVideo.exe
i:\progra~1\QUICKH~1\QUICKH~1\SCANWSCS.EXE
i:\windows\ehome\mcrdsvc.exe
i:\windows\system32\searchindexer.exe
i:\windows\system32\dllhost.exe
i:\windows\system32\wscntfy.exe
i:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
i:\windows\ehome\ehmsas.exe
i:\program files\PC Connectivity Solution\ServiceLayer.exe
i:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
i:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
i:\windows\system32\msiexec.exe
i:\program files\iPod\bin\iPodService.exe
e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpoevm08.exe
i:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hposts08.exe
.
**************************************************************************
.
Voltooingstijd: 2009-05-31 14:21 - machine werd herstart
ComboFix-quarantined-files.txt 2009-05-31 12:21
Pre-Run: 5.442.093.056 bytes beschikbaar
Post-Run: 5.418.242.048 bytes beschikbaar
WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
i:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /fastdetect /NoExecute=OptIn
327 --- E O F --- 2009-05-23 01:17
-
Na een diep scan van mijn virus scanner en menigmale opstarten van mijn pc heb ik geen gebruik hoeven te maken van "Combofix" ik kreeg hem aanvankelijk niet gedownload en later wel en toen was het niet nodig. De "AskBarDis" heb ik kunnen verwijderen. Ik moet zeggen dat ik geen last meer er van heb van die ongevraagde tabbladen. Was die combofix speciaal om die askbardis te verwijderen of is het een handig programma sowieso?
Ik heb inmiddels ook nog ander probleem erbij gekregen. Mag dat onder dit hoofdstuk of onder een ander? Het gaat over dat ik mijn schijven niet meer kan defragmenteren.
-
Volgens mij is er geen bijlage meegekomen. Kan ik wel wel een bijlage meesturen? Ik wilde een print screen laten lezen.
---------- Bericht toegevoegd om 08:41 ---------- Vorig bericht was om 08:37 ----------
Het zegt : "kan het bestand niet verwijderen toegang geweigerd.Controleerd of de schijf vol is (dat is hij niet) of tegen schrijven beveiligd of in gebruikt is.
-
Klik op 'Fix checked' om de items te verwijderen.
Verwijder volgende vetgedrukte map met Windows Verkenner :
I:\Program Files\AskBarDis
Dit stukje krijg ik niet verwijderd hij geeft een melding zie bijlage.
-
Nu het is een hele waslijst.
Malwarebytes' Anti-Malware 1.36
Database versie: 2138
Windows 5.1.2600 Service Pack 3
21-5-2009 19:11:37
mbam-log-2009-05-21 (19-11-37).txt
Scan type: Volledige Scan (C:\|D:\|E:\|I:\|)
Objecten gescand: 238398
Verstreken tijd: 35 minute(s), 38 second(s)
Geheugenprocessen geïnfecteerd: 1
Geheugenmodulen geïnfecteerd: 1
Registersleutels geïnfecteerd: 4
Registerwaarden geïnfecteerd: 2
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 7
Bestanden geïnfecteerd: 22
Geheugenprocessen geïnfecteerd:
I:\Documents and Settings\Hill.RICARDO\Bureaublad\RegTool.exe (Rogue.RegTool) -> Unloaded process successfully.
Geheugenmodulen geïnfecteerd:
I:\WINDOWS\system32\__c00DF018.dat (Trojan.Agent) -> Delete on reboot.
Registersleutels geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c0073990 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00df018 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f1c5c558.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Mappen geïnfecteerd:
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool (Rogue.RegTool) -> Delete on reboot.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\Logs (Rogue.RegTool) -> Delete on reboot.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\QuarantineW (Rogue.RegTool) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-19 17-11-400 (Rogue.RegTool) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-19 17-14-580 (Rogue.RegTool) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-19 17-24-330 (Rogue.RegTool) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\Results (Rogue.RegTool) -> Delete on reboot.
Bestanden geïnfecteerd:
I:\Documents and Settings\Hill.RICARDO\Bureaublad\RegTool.exe (Rogue.RegTool) -> Delete on reboot.
C:\program Files\MyRegistryCleaner\RdvChk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
I:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O1Q3SHIJ\lsp[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\spy_ignore.db (Rogue.RegTool) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-19 17-06-380.log (Rogue.RegTool) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-19 17-09-450.log (Rogue.RegTool) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-20 09-08-570.log (Rogue.RegTool) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-20 12-00-000.log (Rogue.RegTool) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-20 12-00-001.log (Rogue.RegTool) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-21 07-04-140.log (Rogue.RegTool) -> Delete on reboot.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-19 17-11-400\filelist.db (Rogue.RegTool) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-19 17-14-580\filelist.db (Rogue.RegTool) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-19 17-24-330\filelist.db (Rogue.RegTool) -> Quarantined and deleted successfully.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\Results\Evidence.db (Rogue.RegTool) -> Delete on reboot.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\Results\Junk.db (Rogue.RegTool) -> Delete on reboot.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\Results\Registry.db (Rogue.RegTool) -> Delete on reboot.
I:\Documents and Settings\Hill.RICARDO\Application Data\RegTool\Results\Update.db (Rogue.RegTool) -> Delete on reboot.
I:\WINDOWS\system32\MSVolume.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
I:\WINDOWS\Temp\_A00F1C5C558.exe (Trojan.Agent) -> Quarantined and deleted successfully.
I:\WINDOWS\system32\6to4v32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
I:\WINDOWS\system32\__c00DF018.dat (Trojan.Vundo) -> Delete on reboot.
I:\WINDOWS\Tasks\RegTool Scan.job (Rogue.RegTool) -> Quarantined and deleted successfully.
Hijack This
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:46:58, on 21-5-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\spoolsv.exe
I:\PROGRA~1\QUICKH~1\QUICKH~2\acs.exe
I:\Program Files\Bonjour\mDNSResponder.exe
I:\WINDOWS\eHome\ehRecvr.exe
I:\WINDOWS\eHome\ehSched.exe
I:\WINDOWS\system32\gearsec.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Common Files\LightScribe\LSSrvc.exe
I:\PROGRA~1\QUICKH~1\QUICKH~1\opssvc.exe
I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE
I:\PROGRA~1\QUICKH~1\QUICKH~1\quhlpsvc.exe
I:\Program Files\Cyberlink\Shared Files\RichVideo.exe
I:\PROGRA~1\QUICKH~1\QUICKH~1\scanwscs.exe
I:\Program Files\SPAMfighter\sfus.exe
I:\WINDOWS\system32\svchost.exe
E:\backup G Schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMEService.exe
I:\WINDOWS\system32\SearchIndexer.exe
I:\WINDOWS\system32\dllhost.exe
I:\WINDOWS\Explorer.EXE
I:\WINDOWS\ehome\ehtray.exe
I:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
I:\WINDOWS\eHome\ehmsas.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
I:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
I:\WINDOWS\RTHDCPL.EXE
I:\WINDOWS\tsnpstd3.exe
I:\Program Files\iTunes\iTunesHelper.exe
I:\WINDOWS\PixArt\PAC207\Monitor.exe
I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE
I:\PROGRA~1\QUICKH~1\QUICKH~1\UPSCHD.EXE
I:\PROGRA~1\QUICKH~1\QUICKH~1\SCANMSG.EXE
I:\PROGRA~1\QUICKH~1\QUICKH~1\OnlineNT.EXE
I:\PROGRA~1\QUICKH~1\QUICKH~2\op_mon.exe
E:\PDVDServ.exe
I:\Program Files\Java\jre6\bin\jusched.exe
I:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
I:\Program Files\SPAMfighter\SFAgent.exe
I:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\backup G Schijf bestuuring\Program Files\Monitor.exe
E:\backup G Schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\program Files\Nokia PC Suite 7\PCSuite.exe
E:\backup K Schijf applicaties\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe
I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
I:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
I:\Program Files\iPod\bin\iPodService.exe
I:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpobnz08.exe
E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpotdd01.exe
I:\Program Files\Windows Desktop Search\WindowsSearch.exe
I:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpoevm08.exe
E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\Bin\hpoSTS08.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
I:\WINDOWS\system32\drwtsn32.exe
I:\WINDOWS\system32\drwtsn32.exe
I:\WINDOWS\system32\rundll32.exe
I:\WINDOWS\system32\drwtsn32.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - I:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - I:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\backup K Schijf applicaties\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: EmailBHO - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - E:\backup G Schijf bestuuring\Program Files\jZip\WebmailPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - I:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - I:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [ehTray] I:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "I:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] I:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [startCCC] I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [NSLauncher] I:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [skyTel] SkyTel.EXE
O4 - HKLM\..\Run: [tsnpstd3] I:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PAC207_Monitor] I:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] I:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE
O4 - HKLM\..\Run: [update Scheduler] I:\PROGRA~1\QUICKH~1\QUICKH~1\UPSCHD.EXE /CHECK
O4 - HKLM\..\Run: [On-Line Protection] I:\PROGRA~1\QUICKH~1\QUICKH~1\cateye.exe
O4 - HKLM\..\Run: [Messenger] I:\PROGRA~1\QUICKH~1\QUICKH~1\SCANMSG.EXE
O4 - HKLM\..\Run: [startup Scan] I:\PROGRA~1\QUICKH~1\QUICKH~1\Sensor.EXE /LOADRUN
O4 - HKLM\..\Run: [ResumeQuickupDownload] I:\PROGRA~1\QUICKH~1\QUICKH~1\acappaa.exe
O4 - HKLM\..\Run: [Quick Heal Monitor] I:\PROGRA~1\QUICKH~1\QUICKH~2\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [RemoteControl] E:\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] E:\Language\Language.exe
O4 - HKLM\..\Run: [VT100 Emulator] I:\WINDOWS\system32\VT100.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [storageGuard] "I:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] I:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [sPAMfighter Agent] "I:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Resume Quickup] I:\PROGRA~1\QUICKH~1\QUICKH~1\QuickUp.exe /resumei /silent /show
O4 - HKLM\..\RunOnce: [startup Scan] I:\PROGRA~1\QUICKH~1\QUICKH~1\Sensor.EXE /check
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM_Monitor] E:\backup G Schijf bestuuring\Program Files\Monitor.exe
O4 - HKCU\..\Run: [OM2_Monitor] "I:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [PC Suite Tray] "C:\program Files\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [AROReminder] I:\Program Files\Advanced Registry Optimizer\aro.exe -rem
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [inetChk] I:\WINDOWS\TEMP\ms1242161876.exe work (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Windows Search.lnk = I:\Program Files\Windows Desktop Search\WindowsSearch.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211811587296
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: c:\progra~1\ThunMail\testabd.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: gearsec - GEAR Software - I:\WINDOWS\system32\gearsec.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - I:\Program Files\SPAMfighter\sfus.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - I:\Program Files\SPYWAREfighter\spfprc.exe
-
Ja uiteindelijk is het gelukt ,het heeft wel een aantal keren proberen geduurd want in kwam niet op de Malwarebytes site. Inmiddels geinstalleerd en laten werken.Ik moet zeggen dat het wel mider is maar niet helemaal weg ,want soms sluit hij een/het internet tablad af of hij wil niet openen.Wat moet ik met het bestandje Hijack This doen?
-
Het is zeer zeker niet mijn bedoeling om een sneer te geven, ik kan me voorstelen dat het niet goed binnen kwam mijn exuces daarvoor.
-
Download MBAM (Malwarebytes' Anti-Malware
Dit is niet gratis .
-
Nee inderdaad de Hijack This is gelukt maar MBAM (Malwarebytes' Anti-Malware).
dat is niet gratis.
-
Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator" of "Uitvoeren als administrator". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O20 - AppInit_DLLs: i:\progra~1\quickh~1\quickh~2\wl_hook.dll,c:\progra~1\ThunMail\testabd.dll
O24 - Desktop Component 0: (no name) - http://www.gerarddummer.nl/google_ea...images/zee.jpg
Klik op 'Fix checked' om de items te verwijderen.
Download MBAM (Malwarebytes' Anti-Malware).
Dubbelklik op mbam-setup.exe om het programma te installeren.
Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".
Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.
Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder)
De log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in MBAM.
Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken.
Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.
Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.
Ik heb het einstalleerd maar ik krijg ze niet aangevink daar het geen freeware program is. Ik moet me registreren door het te kopen.
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:25:43, on 10-5-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\spoolsv.exe
I:\PROGRA~1\QUICKH~1\QUICKH~2\acs.exe
I:\Program Files\Bonjour\mDNSResponder.exe
I:\WINDOWS\eHome\ehRecvr.exe
I:\WINDOWS\eHome\ehSched.exe
I:\WINDOWS\system32\gearsec.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Common Files\LightScribe\LSSrvc.exe
I:\PROGRA~1\QUICKH~1\QUICKH~1\opssvc.exe
I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE
I:\PROGRA~1\QUICKH~1\QUICKH~1\quhlpsvc.exe
I:\Program Files\Cyberlink\Shared Files\RichVideo.exe
I:\PROGRA~1\QUICKH~1\QUICKH~1\scanwscs.exe
I:\Program Files\SPAMfighter\sfus.exe
I:\WINDOWS\system32\svchost.exe
E:\backup G Schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMEService.exe
I:\WINDOWS\system32\SearchIndexer.exe
I:\WINDOWS\system32\dllhost.exe
I:\WINDOWS\Explorer.EXE
I:\WINDOWS\ehome\ehtray.exe
I:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
I:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
I:\WINDOWS\eHome\ehmsas.exe
I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
I:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
I:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
I:\WINDOWS\RTHDCPL.EXE
I:\WINDOWS\tsnpstd3.exe
I:\Program Files\iTunes\iTunesHelper.exe
I:\WINDOWS\PixArt\PAC207\Monitor.exe
I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE
I:\PROGRA~1\QUICKH~1\QUICKH~1\UPSCHD.EXE
I:\PROGRA~1\QUICKH~1\QUICKH~1\SCANMSG.EXE
I:\PROGRA~1\QUICKH~1\QUICKH~1\OnlineNT.EXE
I:\PROGRA~1\QUICKH~1\QUICKH~2\op_mon.exe
E:\PDVDServ.exe
I:\Program Files\Java\jre6\bin\jusched.exe
I:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
I:\Program Files\SPAMfighter\SFAgent.exe
I:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\backup G Schijf bestuuring\Program Files\Monitor.exe
E:\backup G Schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\program Files\Nokia PC Suite 7\PCSuite.exe
E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpobnz08.exe
E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpotdd01.exe
I:\Program Files\Windows Desktop Search\WindowsSearch.exe
I:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
I:\Program Files\iPod\bin\iPodService.exe
E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpoevm08.exe
E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\Bin\hpoSTS08.exe
I:\Program Files\internet explorer\IEXPLORE.EXE
I:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - I:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: EmailBHO - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - E:\backup G Schijf bestuuring\Program Files\jZip\WebmailPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - I:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ehTray] I:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "I:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] I:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [startCCC] I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [NSLauncher] I:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [skyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [tsnpstd3] I:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PAC207_Monitor] I:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] I:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE
O4 - HKLM\..\Run: [update Scheduler] I:\PROGRA~1\QUICKH~1\QUICKH~1\UPSCHD.EXE /CHECK
O4 - HKLM\..\Run: [On-Line Protection] I:\PROGRA~1\QUICKH~1\QUICKH~1\cateye.exe
O4 - HKLM\..\Run: [Messenger] I:\PROGRA~1\QUICKH~1\QUICKH~1\SCANMSG.EXE
O4 - HKLM\..\Run: [startup Scan] I:\PROGRA~1\QUICKH~1\QUICKH~1\Sensor.EXE /LOADRUN
O4 - HKLM\..\Run: [ResumeQuickupDownload] I:\PROGRA~1\QUICKH~1\QUICKH~1\acappaa.exe
O4 - HKLM\..\Run: [Quick Heal Monitor] I:\PROGRA~1\QUICKH~1\QUICKH~2\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [RemoteControl] E:\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] E:\Language\Language.exe
O4 - HKLM\..\Run: [VT100 Emulator] I:\WINDOWS\system32\VT100.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [storageGuard] "I:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] I:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [sPAMfighter Agent] "I:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\RunOnce: [startup Scan] I:\PROGRA~1\QUICKH~1\QUICKH~1\Sensor.EXE /check
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM_Monitor] E:\backup G Schijf bestuuring\Program Files\Monitor.exe
O4 - HKCU\..\Run: [OM2_Monitor] "I:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [PC Suite Tray] "C:\program Files\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Windows Search.lnk = I:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211811587296
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: i:\progra~1\quickh~1\quickh~2\wl_hook.dll,c:\progra~1\ThunMail\testabd.dll
O20 - Winlogon Notify: __c0073990 - I:\WINDOWS\system32\__c0073990.dat
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: gearsec - GEAR Software - I:\WINDOWS\system32\gearsec.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - I:\Program Files\SPAMfighter\sfus.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - I:\Program Files\SPYWAREfighter\spfprc.exe
O24 - Desktop Component 0: (no name) - http://www.gerarddummer.nl/google_earth/opdrachten/Landschappen/Kernkaarten/Het_Weer/images/zee.jpg
cs3
in Archief Andere software
Geplaatst:
Hallo beste mensen,
Ik hoop dat jullie mij kunnen en willen helpen.
Ik wil Adobe cs3 installeren maar het is een sotware met een crack nr.Ik krijg dat nummer er niet uit. Er zit wel een file op de cd maar wanneer ik hem opend dan geeft hij een fout melding met trojan enz,enz
Ik heb geprobeerd met een keygen maar dat is me tot nu toe nog niet gelukt. Hebben jullie een tip,oplossing...?
Op mijn vaste pc is het wel gelukt maar op de laptop niet want ik weet niet het serie nummers meer en ik heb ze ook niet opgeschreven daar ik dacht dat ze van de cd te halen waren.
Groet , Ricardo