wietsebuseyne
-
Items
49 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door wietsebuseyne
-
Ik heb onlangs een hdmi kabel van 10m gekocht, en heb met deze mijn pc en tv verbonden. Tevens krijg ik geen beeld op mijn tv, ik heb al bij beelscherminstellingen geprobeert de tv te vinden, maar dit lukt mij niet. Graag help, dank bij voorbaat.
-
aangezien niemand reageert zal ik deze topic maar sluiten
-
Hijackthis log, plz analyse
wietsebuseyne reageerde op wietsebuseyne's topic in Archief Bestrijding malware & virussen
bedankt voor de reactie kape, maar ondertussen heb ik op mijn D-partitie al windows7 geinstalleerd, en dit werkt wel goed. Aangezien ik niet denk dat mijn probleem met windows vista gemakkelijk kan worden opgelost, ga ik gewoon mijn hele C-schijf formateren en gewoon op windows 7 verdergaan... Dan is mijn computer ineens vrij van alle mal en weet-ik-nog-veel-wat ware en beginnen we terug met een "cleane" computer. Nogmaals dank voor je hulp (weeral), je hebt me al vaak geholpen en apprecieer je hulp zeer hard... EDIT: Ik heb mijn probleem met windows vista toch net kunnen oplossen... Het had niets met virussen ofzo te maken, gwn een stomme instelling van het scherm... Ze hadden mij verteld dat de PC gecrasht was, en daarom dacht ik er natuurlijk niet aan dat het iets met het scherm kon zijn... Maar goed, nu zijn alle problemen opgelost, nogmaal bedankt voor je hulp! WB -
Hijackthis log, plz analyse
wietsebuseyne reageerde op wietsebuseyne's topic in Archief Bestrijding malware & virussen
EDIT: new hijackthis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:12:02, on 9/11/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Safe mode with network support Running processes: C:\Windows\Explorer.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [TVEService] "C:\Program Files\HomeCinema\TV Enhance\TVEService.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [softickPPP] "C:\Program Files\Softick\PPP\Bin\PPPGate.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Packard Bell Software Suite] C:\Program Files\Packard Bell\Packard Bell Software Suite\Launcher.exe /run O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [GM4IE] C:\Program Files\GM4IE\gm4ie.exe O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldnl-be.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate1c9ba0415a8d4b2) (gupdate1c9ba0415a8d4b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Net Burner iSCSI Service (NetBurnerService) - Paragon GmbH - C:\Program Files\Paragon Software\Drive Backup 8.5 Professional\Net Burner Service\NetBurnerService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Packard Bell Software Suite Service 1 (Service1) - Packard Bell Services - C:\Program Files\Packard Bell\Packard Bell Software Suite\PowerSave\HDPBSSS.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\System32\nvSCPAPISvr.exe O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 11498 bytes nog steeds mijn probleem niet opgelost... Ik ga eens proberen om windows 7 op een nieuwe partitie te installeren en zien of dat problemen geeft... -
Hijackthis log, plz analyse
wietsebuseyne reageerde op wietsebuseyne's topic in Archief Bestrijding malware & virussen
hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:29:56, on 9/11/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Safe mode with network support Running processes: C:\Windows\Explorer.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [TVEService] "C:\Program Files\HomeCinema\TV Enhance\TVEService.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [softickPPP] "C:\Program Files\Softick\PPP\Bin\PPPGate.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Packard Bell Software Suite] C:\Program Files\Packard Bell\Packard Bell Software Suite\Launcher.exe /run O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [GM4IE] C:\Program Files\GM4IE\gm4ie.exe O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe (User 'Default user') O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldnl-be.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate1c9ba0415a8d4b2) (gupdate1c9ba0415a8d4b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Net Burner iSCSI Service (NetBurnerService) - Paragon GmbH - C:\Program Files\Paragon Software\Drive Backup 8.5 Professional\Net Burner Service\NetBurnerService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Packard Bell Software Suite Service 1 (Service1) - Packard Bell Services - C:\Program Files\Packard Bell\Packard Bell Software Suite\PowerSave\HDPBSSS.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\System32\nvSCPAPISvr.exe O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 11799 bytes malwarebytes (stond eigenlijk ook al in vorige post, maar heb nog eens gescand): Malwarebytes' Anti-Malware 1.41 Database versie: 3130 Windows 6.0.6001 Service Pack 1 (Safe Mode) 9/11/2009 15:33:59 mbam-log-2009-11-09 (15-33-59).txt Scan type: Snelle Scan Objecten gescand: 101427 Verstreken tijd: 5 minute(s), 8 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) -
Hijackthis log, plz analyse
wietsebuseyne plaatste een topic in Archief Bestrijding malware & virussen
Hallo, sinds kort krijg ik mijn computer niet meer opgestart in gewone modus. In veilige modus lukt dit wel. Maar een paar documenten zijn precies verdwenen en word-documenten opslaan en sommige andere dingen lukt mij ook niet meer:s Als ik hem in gewone modus opstart kreeg ik eerst gwn geen startbalk maar wel wat iconen (andere dan normaal), en later alleen maar een achtergrond. alt+ctr+del lukt niet, dan word hij gwn zwart, en ik heb al geprobeert naar explorer.exe te zoeken, en heb al wat andere post gelezen, maar niets helpt. Dus denk ik dat er een virus ofzo op zit, en heb ik snel dit hijackthis logje gemaakt. Dank Bij Voorbaat, Wietse Buseyne Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:41:46, on 8/11/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Safe mode with network support Running processes: C:\Windows\Explorer.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe C:\Program Files\AVG\AVG8\avgui.exe C:\Program Files\AVG\AVG8\avgscanx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102399 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHP0.dll R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHP0.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MEGAUPLOADTOOLBAR - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll O3 - Toolbar: MEGAUPLOADTOOLBAR - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll O3 - Toolbar: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHP0.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [TVEService] "C:\Program Files\HomeCinema\TV Enhance\TVEService.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [softickPPP] "C:\Program Files\Softick\PPP\Bin\PPPGate.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Packard Bell Software Suite] C:\Program Files\Packard Bell\Packard Bell Software Suite\Launcher.exe /run O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [GM4IE] C:\Program Files\GM4IE\gm4ie.exe O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe (User 'Default user') O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldnl-be.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate1c9ba0415a8d4b2) (gupdate1c9ba0415a8d4b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Net Burner iSCSI Service (NetBurnerService) - Paragon GmbH - C:\Program Files\Paragon Software\Drive Backup 8.5 Professional\Net Burner Service\NetBurnerService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Packard Bell Software Suite Service 1 (Service1) - Packard Bell Services - C:\Program Files\Packard Bell\Packard Bell Software Suite\PowerSave\HDPBSSS.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\System32\nvSCPAPISvr.exe O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 13387 bytes hier is mijn malwarebytes log (ziet er nogal goed uit ) Malwarebytes' Anti-Malware 1.41 Database versie: 3130 Windows 6.0.6001 Service Pack 1 (Safe Mode) 8/11/2009 22:02:00 mbam-log-2009-11-08 (22-02-00).txt Scan type: Snelle Scan Objecten gescand: 101819 Verstreken tijd: 4 minute(s), 31 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) -
[OPGELOST] excel moeilijke formule
wietsebuseyne reageerde op wietsebuseyne's topic in Archief Microsoft Office
Zeer hard bedankt, dit is wat ik wou hebben!xD, alleen moest 1e veranderen in 2e en 2e veranderen in 3e... Bedankt om dit voor mij op te lossen!xD :ciao: Wietse -
[OPGELOST] optellende lijst
wietsebuseyne reageerde op wietsebuseyne's topic in Archief Microsoft Office
ah, bedankt, dat was de oplossing die ik eigenlijk zocht (ooit nog eens geleerd op school...) -
Ik weet niet of het mogelijk is, maar hier is mijn probleem (eerst even screenshot): Ten eerste zou ik dus willen dat in F4 de naam komt van degene die het meeste punten had in spel 1 (Timp) en in G4 degene met het 2e meeste punten (Papoe), enz... Ten tweede zou ik willen dat bij totaal de winnaar van alle punten bijeen komt te staan (ong hetzelfde als het vorige) Bij totaal heb ik al ingesteld dat hij gwn het lijstje eronder bij elkaar optelt... Voor de rest heb ik al gevonden hoe je het hoogste getal kan krijgen [max(B4:E4)], maar nu zou ik willen dat hij dan niet het aantal punten weergeeft maar natuurlijk de naam die erboven staat...
-
[OPGELOST] optellende lijst
wietsebuseyne reageerde op wietsebuseyne's topic in Archief Microsoft Office
OK, ik heb het zelf al gevonden, je moet gwn bij a1 1 ingeven bij a2 de formule "=a1+1" die formule kopieren naar alle vakjes eronder -
Dit gaat heel stom klinken:s:pcguru:, maar hoe maak je in excel een lijst die begint bij 1 en zo naar beneden altijd er 1 bij optelt; dus A1=1, A2=2, A3=3, enz enz... ik weet alleen hoe je met [=som(...:...] kunt werken maar zo kan je zo'n lijst niet maken(denk ik toch):s:s:s
-
Hallo, ik heb een probleem, een tijdje geleden had ik ubuntu geinstalleerd, en dat ging goed, behalve dat wnr ik mijn pc opstarte zonder mijn harde schijf, mijn grub een error gaf (wss stonde er installatie bestanden op mijn hs) Ik heb dan alle ubuntu partities verwijderd, zodat alleen windows overbleef, maar mijn grub was ik vergeten verwijderen, zodat die een error gaf bij het booten... Toen had ik ubuntu maar opnieuw geinstalleerd, zodat ik weer op windows zou kunnen, maar nu kan ik niet meer aan mijn d partitie als ik op vista ga... Ik denk dat het probleem is dat ubuntu op de d partitie staat... Ik zou nu terug aan mijn D-partitie willen graken, ubuntu mag verwijderd worden hierbij, maar vertel me dan ook hoe ik dat GRUB gedoe kan verwijderen, aangezien anders die weer een error gaat geven.... ps: bij mijn laptop zat geen vista cd, dus die kan ik niet gebruiken... Wietse
-
Bedankt voor je reactie, maar dat gedoe met virtualdub is allemaal een beetje te veel werk voor mij (dan zou ik het bij 20+ afleveringen moeten doen), dan zoek ik wel extra boxjes en sluit die aan elke keer dat ik naar een aflevering van de serie wil kijken... welk geluid het is weet ik niet, maar het is een .mkv bestand. Ik heb al op het internet gezocht en gevonden dat er wel meer problemen zijn met .mkv bestanden (geluid en video niet gelijk (dat is eveneens bij mij)). Ik zal dan maar gewoon worden aan het zachte geluid, zo'n ramp is het nu ook weer nietxD, maar ik dacht dat er mss een makkelijke oplossing voor was... zeer bedankt voor je antwoord! Wietse
-
Hallo, Ik heb een laptop, en hier is het maximumgeluid toch luid, en daar zou ik dus niets aan willen veranderen. Wat dan wel het probleem is, is dat ik een film op mijn laptop heb, en dat het geluid van die film zeer zacht is opgenomen. Zelfs op het luidste van mijn laptop klinkt het niet hard, terwijl andere geluiden dan wel luid klinken. Nu was mijn vraag of er softwarematig iets aan de film te veranderen valt (geld speelt geen rol), zodat die luider klinkt. Ik heb al een conversieprogramma (ultra mobile converter) waar ik het geluid op 600% kan zetten (zoiets bedoel ik) maar de kwaliteit van het beeld wordt dan automatisch veel slechter aangezien hij het naar kwaliteit voor je gsm converteert... Alvast bedankt, Wietse
-
[OPGELOST] hulp met spyware
wietsebuseyne reageerde op wietsebuseyne's topic in Archief Bestrijding malware & virussen
Bedankt voor je reactie Kape, de browser waar ik de ongewenste geschiedenis heb gevonden is firefox, maar zal direct eens kijken of ik ook iets op IE8 kan vinden. Ik heb nu ook eens op IE8 gekeken maar daar is niks veranderd aan mijn geschiedenis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:28:50, on 23/07/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Cyberlink\PowerDVD9\PDVD9Serv.exe C:\Program Files\Cyberlink\Shared files\brs.exe C:\Windows\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\conime.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Wietse\Desktop\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0709&m=aspire_8930 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0709&m=aspire_8930 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0709&m=aspire_8930 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7632EC29-9B01-415D-9A88-93DB1F2BE932}: NameServer = 193.74.208.65,194.119.228.67 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: AVGRSSTX.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL O23 - Service: McAfee Application Installer Cleanup (0304341247039525) (0304341247039525mcinstcleanup) - Unknown owner - C:\Windows\TEMP\030434~1.EXE (file missing) O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe -- End of file - 10936 bytes -
[OPGELOST] hulp met spyware
wietsebuseyne reageerde op wietsebuseyne's topic in Archief Bestrijding malware & virussen
Ik dacht al dat dat er aan ging kome en had hijackthis maar al gedownload Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 0:01:44, on 23/07/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Cyberlink\PowerDVD9\PDVD9Serv.exe C:\Program Files\Cyberlink\Shared files\brs.exe C:\Windows\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\iTunes\iTunes.exe C:\Users\Wietse\AppData\Local\Temp\AutoRun.exe C:\Program Files\Hamachi\hamachi.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Wietse\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0709&m=aspire_8930 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0709&m=aspire_8930 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0709&m=aspire_8930 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe (file missing) O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe (file missing) O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing) O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing) O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7632EC29-9B01-415D-9A88-93DB1F2BE932}: NameServer = 193.74.208.65,194.119.228.67 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: AVGRSSTX.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (file missing) O23 - Service: McAfee Application Installer Cleanup (0304341247039525) (0304341247039525mcinstcleanup) - Unknown owner - C:\Windows\TEMP\030434~1.EXE (file missing) O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe -- End of file - 11861 bytes -
[OPGELOST] hulp met spyware
wietsebuseyne plaatste een topic in Archief Bestrijding malware & virussen
Ik heb de laatste tijd iets raars voor met mijn (pas nieuwe) laptop. Ten eerste zie ik soms precies de muis bewegen of flikkeren (bewegen kan wel goed zijn van mijn touchpad dat ik per ongeluk aanraak), maar het kan ook goed zijn dat ik gwn een beetje zot word.:stupid::stupid: Dan is ook nog iets met mijn browsergeschiedenis. Daar staan namelijk sites op waar ik helemaal niet op ben geweest... Het is zeker dat mijn broer het niet is geweest, want er is een wachtwoord dat hij niet kent... Is er iets spyware ofzo die geschiedenis toevoegt ofzo? Als zoiets niet bestaat gelieve me het te zeggen, zodat ik me geen zorgen moet maken. Wietse -
ik heb het zelf al opgelost (na een hele dag sukkelen). Mensen die dit probleem ook hebben: -eerst de (gele) kabel op je laptop aansluiten -de cd starten (op de laptop) -instructies volgen tot je bij draadloos netwerk komt (je gegevens nog ingeven) -hierna router (gele kabel) op je pc aansluiten -hier cd starten -instructies volgen, duidelijk naam + beveiligingssleutel kiezen -op laptop verbinden met draadloos netwerk en sleutel ingeven -genieten van een snelle internetverbinding!
-
voila, ik heb dus vista. bedankt voor je hulp al
-
Ik heb een laptop, een pc (beiden vista) en een linksys wag160n. Ik heb dit http://www.pc-helpforum.be/f184/opgelost-ethernetkabel-lijkt-niet-goed-te-15621/index2.html topic al wel gelezen, maar mijn problemen waren niet opgelost na het volgen van de instructies. Nu, ik heb de router dus netjes aangesloten op mijn pc, de cd gestart, maar bij stap 4 zegt hij dat de ethernetkabel niet goed is aangesloten, maar die steekt dus wel goed in. Ook is de poort/kabel niet defect, want mijn internet werkt wel met dezelfde kabel op een andere modem. Nu zou ik graag willen weten wat ik kan proberen zodat mijn internet al werkt via draad, en daarna zonder draad. Ik heb de draad ook al eens op mijn laptop aangesloten, en toen werkte het internet wel even, maar opeens niet meer, en de cd geeft altijd een c++ error en valt uit, waardoor ik hem niet meer opnieuw kan instellen. Wietse
-
[OPGELOST] hijack log, plz analyse!
wietsebuseyne reageerde op wietsebuseyne's topic in Archief Bestrijding malware & virussen
Ja, bedankt voor alle hulp!!! (zie hulde aan Kape-post :p ) -
[OPGELOST] hijack log, plz analyse!
wietsebuseyne reageerde op wietsebuseyne's topic in Archief Bestrijding malware & virussen
Ik had wel 1 probleempje: Ik had AVG uitgezet maar toch zei combofix dat het nog actief was... Ik heb dan maar bij processen gekeken en zag dat er idd nog 2 processen van AVG draaiden, maar ik kon ze om de een of andere reden niet beëindigen. Ik heb dan maar gewoon doorgegaan aangezien de hoofdcomponent van AVG al uitstond.... Hier is het logje: ComboFix 09-07-04.04 - Eigenaar 05/07/2009 0:31.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.32.1043.18.3069.1791 [GMT 2:00] Gestart vanuit: c:\users\Eigenaar\Desktop\Downloads\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\Microsoft\Windows\Start Menu\Programs\videosoft c:\users\Eigenaar\AppData\Roaming\inst.exe c:\users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\videosoft c:\users\Eigenaar\cookies.sqlite c:\windows\Installer\2bfc5.msi c:\windows\Installer\51602.msi D:\resycled . (((((((((((((((((((( Bestanden Gemaakt van 2009-06-04 to 2009-07-04 )))))))))))))))))))))))))))))) . 2009-07-04 22:40 . 2009-07-04 22:40 -------- d-----w- c:\users\Eigenaar\AppData\Local\temp 2009-07-04 22:40 . 2009-07-04 22:40 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp 2009-07-04 22:27 . 2009-07-04 22:27 -------- d-----w- c:\program files\iPod 2009-07-04 22:27 . 2009-07-04 22:27 -------- d-----w- c:\program files\iTunes 2009-07-04 22:25 . 2009-07-04 22:25 -------- d-----w- c:\program files\QuickTime 2009-07-04 22:20 . 2009-07-04 22:20 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe 2009-07-04 18:28 . 2009-07-04 18:28 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\Malwarebytes 2009-07-04 18:28 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-04 18:28 . 2009-07-04 18:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-07-04 18:28 . 2009-07-04 18:28 -------- d-----w- c:\programdata\Malwarebytes 2009-07-04 18:28 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-04 16:20 . 2009-07-04 16:20 -------- d-----w- c:\program files\Trend Micro 2009-07-04 15:45 . 2009-07-04 15:45 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\RadiantSettings 2009-07-04 15:44 . 2009-07-04 15:44 -------- d-----w- c:\program files\GtkRadiant 1.5.0 2009-07-04 13:43 . 2009-07-04 13:43 290816 ----a-w- c:\users\Eigenaar\AppData\Roaming\SystemRequirementsLab\SRLProxy_nvd_4.dll 2009-07-04 13:43 . 2009-07-04 13:43 290816 ----a-w- c:\users\Eigenaar\AppData\Roaming\SystemRequirementsLab\SRLProxy_nvd_3.dll 2009-07-04 13:43 . 2009-07-04 13:43 290816 ----a-w- c:\users\Eigenaar\AppData\Roaming\SystemRequirementsLab\SRLProxy_nvd_2.dll 2009-07-04 13:43 . 2009-07-04 13:43 290816 ----a-w- c:\users\Eigenaar\AppData\Roaming\SystemRequirementsLab\SRLProxy_nvd_1.dll 2009-07-02 14:46 . 2009-07-04 21:35 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-07-02 14:46 . 2009-07-04 21:35 107832 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-07-02 13:27 . 1999-12-17 08:13 86016 ----a-w- c:\windows\unvise32.exe 2009-07-02 13:24 . 2009-07-04 15:43 -------- d-----w- c:\program files\Quake III Arena 2009-07-01 21:48 . 2009-07-01 21:48 -------- d-----w- c:\program files\uTorrent 2009-07-01 21:35 . 2009-07-01 21:39 -------- d-----w- c:\program files\CrossLoop 2009-06-30 16:10 . 2009-06-30 16:11 -------- d-----w- c:\program files\Master of Defense 2009-06-30 16:09 . 2009-06-30 16:09 -------- d-----w- c:\program files\bfgclient 2009-06-30 16:08 . 2009-06-30 16:09 -------- d-----w- C:\BigFishGamesCache 2009-06-25 13:30 . 2009-06-25 16:48 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment 2009-06-25 13:05 . 2009-06-25 13:05 -------- d-----w- c:\programdata\Blizzard 2009-06-25 08:30 . 2009-06-25 08:30 -------- d-----w- c:\programdata\FLEXnet 2009-06-24 16:57 . 2009-06-25 16:49 -------- d-----w- c:\users\Public\Games 2009-06-24 16:17 . 2009-06-24 16:17 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2009-06-24 15:43 . 2009-07-04 08:43 -------- d-----w- c:\programdata\TrackMania 2009-06-23 16:42 . 2009-06-27 15:54 -------- d-----w- c:\program files\Raptor 1.04b 2009-06-23 11:26 . 2009-06-23 11:26 86528 ----a-w- c:\windows\cadkasdeinst01e.exe 2009-06-22 16:01 . 2009-06-22 16:01 -------- d-----w- c:\program files\ATTNaturalVoices 2009-06-21 15:00 . 2009-06-21 15:00 -------- d-----w- c:\program files\NextUp-ScanSoft 2009-06-21 14:58 . 2009-06-21 14:58 -------- d-----w- c:\program files\NeoSpeech 2009-06-20 18:26 . 2009-06-20 18:26 -------- d-----w- c:\users\Eigenaar\AppData\Local\Native Instruments 2009-06-20 18:24 . 2009-06-20 18:24 -------- d-----w- c:\program files\Native Instruments 2009-06-20 12:52 . 2009-06-20 12:54 -------- d-----w- c:\program files\Portable_EasyCoverDesignPro_2.08 2009-06-19 17:27 . 2009-06-20 17:56 -------- d-----w- c:\program files\Easy CD & DVD Cover Creator 2009-06-19 17:07 . 2009-06-19 17:08 -------- d-----w- c:\program files\coverXP 2009-06-19 16:58 . 2009-06-19 16:58 -------- d-----w- c:\program files\CoverPro 2009-06-19 09:38 . 2009-06-19 09:56 -------- d-----w- c:\users\Eigenaar\dwhelper 2009-06-19 09:33 . 2009-06-19 09:33 -------- d-----w- c:\program files\ConvertHelper 2009-06-17 12:48 . 2008-12-11 06:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2009-06-17 12:48 . 2009-04-03 09:18 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2009-06-17 12:48 . 2008-12-18 10:16 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2009-06-17 12:48 . 2009-06-17 12:49 -------- d-----w- c:\program files\Common Files\PC Tools 2009-06-17 12:48 . 2008-12-10 09:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2009-06-17 12:48 . 2009-06-17 12:48 -------- d-----w- c:\programdata\PC Tools 2009-06-16 17:44 . 2009-07-01 22:22 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\uTorrent 2009-06-14 15:03 . 2009-06-14 15:05 -------- d-----w- c:\program files\Peggle Nights Deluxe 2009-06-14 15:03 . 2009-06-14 15:03 -------- d-----w- c:\program files\Steveredrum 2009-06-14 14:35 . 2009-06-14 14:35 -------- d-----w- c:\programdata\Steam 2009-06-14 14:35 . 2009-06-14 14:35 -------- d-----w- c:\program files\Peggle Extreme 2009-06-13 08:27 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys 2009-06-13 08:27 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll 2009-06-13 08:27 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll 2009-06-10 16:33 . 2009-06-10 16:33 9899296 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2009-06-10 16:33 . 2009-06-10 16:33 678432 ----a-w- c:\windows\system32\nvcuvid.dll 2009-06-10 16:33 . 2009-06-10 16:33 457248 ----a-w- c:\windows\system32\nvudisp.exe 2009-06-10 16:33 . 2009-06-10 16:33 3148288 ----a-w- c:\windows\system32\nvwgf2um.dll 2009-06-10 16:33 . 2009-06-10 16:33 1704960 ----a-w- c:\windows\system32\nvcuda.dll 2009-06-10 16:33 . 2009-06-10 16:33 151552 ----a-w- c:\windows\system32\nvcod155.dll 2009-06-10 16:33 . 2009-06-10 16:33 151552 ----a-w- c:\windows\system32\nvcod.dll 2009-06-10 16:33 . 2009-06-10 16:33 1317408 ----a-w- c:\windows\system32\nvcuvenc.dll 2009-06-10 16:33 . 2009-06-10 16:33 10379264 ----a-w- c:\windows\system32\nvoglv32.dll 2009-06-10 06:35 . 2009-06-10 06:35 1505824 ----a-w- c:\windows\system32\nvcpluir.dll 2009-06-10 06:35 . 2009-06-10 06:35 1358368 ----a-w- c:\windows\system32\nvsvsr.dll 2009-06-10 06:35 . 2009-06-10 06:35 1194528 ----a-w- c:\windows\system32\nvcplui.exe 2009-06-10 06:35 . 2009-06-10 06:35 1296928 ----a-w- c:\windows\system32\nvsvs.dll 2009-06-10 04:33 . 2009-06-10 04:33 467968 ----a-w- c:\windows\system32\nvstlink.exe 2009-06-10 04:33 . 2009-06-10 04:33 3953152 ----a-w- c:\windows\system32\nvstwiz.exe 2009-06-10 04:33 . 2009-06-10 04:33 141824 ----a-w- c:\windows\system32\nvStereoApiI.dll 2009-06-10 04:33 . 2009-06-10 04:33 171520 ----a-w- c:\windows\system32\nvStereoApiI64.dll 2009-06-10 04:33 . 2009-06-10 04:33 232960 ----a-w- c:\windows\system32\nvSCPAPISvr.exe 2009-06-10 04:32 . 2009-06-10 04:32 257536 ----a-w- c:\windows\system32\nvSCPAPI.dll 2009-06-10 04:32 . 2009-06-10 04:32 301568 ----a-w- c:\windows\system32\nvSCPAPI64.dll 2009-06-07 17:52 . 2009-06-07 18:03 -------- d-----w- c:\program files\Pariah . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-04 22:31 . 2008-10-27 22:14 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\DNA 2009-07-04 22:28 . 2009-05-09 19:49 133970 ----a-w- c:\programdata\nvModes.dat 2009-07-04 22:27 . 2008-10-29 17:17 -------- d-----w- c:\program files\Common Files\Apple 2009-07-04 21:34 . 2008-10-20 20:06 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\Xfire 2009-07-04 21:31 . 2008-02-13 10:23 -------- d-----w- c:\programdata\NVIDIA 2009-07-04 21:30 . 2008-10-27 22:14 -------- d-----w- c:\program files\DNA 2009-07-04 21:30 . 2008-10-21 17:48 680 ----a-w- c:\users\Eigenaar\AppData\Local\d3d9caps.dat 2009-07-04 13:52 . 2008-12-15 11:49 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-07-04 13:52 . 2008-12-15 11:50 -------- d-----w- c:\program files\AGEIA Technologies 2009-07-04 13:43 . 2008-12-10 18:58 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\SystemRequirementsLab 2009-07-04 13:30 . 2008-12-10 19:31 -------- d-----w- c:\programdata\DriverScanner 2009-07-02 21:23 . 2007-10-12 10:57 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-02 16:51 . 2008-12-09 11:29 -------- d-----w- c:\program files\Ultra Mobile 3GP Video Converter 2009-07-02 14:46 . 2008-12-16 19:33 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-07-02 13:25 . 2009-03-06 16:57 -------- d-----w- c:\program files\Mplayer 2009-07-01 22:59 . 2006-11-02 16:11 670070 ----a-w- c:\windows\system32\perfh013.dat 2009-07-01 22:59 . 2006-11-02 16:11 127694 ----a-w- c:\windows\system32\perfc013.dat 2009-07-01 22:26 . 2008-11-22 16:23 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\Hamachi 2009-07-01 12:55 . 2009-04-16 02:56 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\LimeWire 2009-06-30 13:15 . 2008-12-26 00:22 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\Browzar 2009-06-28 07:48 . 2009-02-03 16:15 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-06-28 07:48 . 2009-01-26 15:23 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-06-28 07:48 . 2009-01-26 15:23 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-27 15:54 . 2008-11-29 21:00 -------- d-----w- c:\programdata\Xfire 2009-06-27 07:29 . 2009-04-27 07:12 552 ----a-w- c:\users\Eigenaar\AppData\Local\d3d8caps.dat 2009-06-24 16:28 . 2008-10-20 19:43 -------- d-----w- c:\program files\Common Files\Adobe 2009-06-23 13:16 . 2009-02-25 19:36 -------- d-----w- c:\program files\UltraStar Deluxe 2009-06-23 10:10 . 2008-11-29 21:01 -------- d-----w- c:\program files\Warcraft III 2009-06-22 13:25 . 2008-10-14 14:30 121560 ----a-w- c:\users\Eigenaar\AppData\Local\GDIPFONTCACHEV1.DAT 2009-06-21 19:49 . 2008-10-14 14:21 -------- d-----w- c:\program files\Google 2009-06-21 19:48 . 2009-05-31 21:40 -------- d-----w- c:\program files\PopCap Games 2009-06-21 19:47 . 2008-11-08 14:52 -------- d-----w- c:\program files\Ubisoft 2009-06-21 16:49 . 2009-01-17 21:47 -------- d-----w- c:\program files\Left 4 Dead 2009-06-19 14:26 . 2009-04-09 14:43 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2009-06-19 14:26 . 2009-04-09 14:43 -------- d-----w- c:\program files\DVDVideoSoft 2009-06-19 12:49 . 2009-01-07 15:52 -------- d-----w- c:\program files\The Witcher 2009-06-19 12:46 . 2009-01-19 19:56 -------- d-----w- c:\program files\ImTOO 2009-06-17 13:18 . 2009-02-18 16:03 -------- d-----w- c:\program files\Spyware Doctor 2009-06-16 18:51 . 2009-06-01 12:35 -------- d-----w- c:\program files\TextAloud 2009-06-14 15:03 . 2009-05-31 21:40 -------- d-----w- c:\programdata\PopCap Games 2009-06-13 08:34 . 2007-10-12 14:40 -------- d-----w- c:\programdata\Microsoft Help 2009-06-12 17:10 . 2009-05-02 16:59 -------- d-----w- c:\program files\Diablo II 2009-06-10 16:33 . 2009-06-10 16:33 4224 ----a-w- c:\windows\system32\drivers\nvBridge.kmd 2009-06-10 16:33 . 2008-02-13 09:21 7611904 ----a-w- c:\windows\system32\nvd3dum.dll 2009-06-10 16:33 . 2008-02-13 09:21 989696 ----a-w- c:\windows\system32\nvapi.dll 2009-06-10 04:33 . 2008-03-27 16:50 244736 ----a-w- c:\windows\system32\nvStInst.exe 2009-06-10 04:32 . 2008-03-27 16:50 3293184 ----a-w- c:\windows\system32\nvstres.dll 2009-06-10 04:32 . 2008-03-27 16:50 5847 ----a-w- c:\windows\system32\oglstreg.reg 2009-06-10 04:31 . 2008-03-27 16:50 167424 ----a-w- c:\windows\system32\nvstreg.exe 2009-06-10 04:31 . 2008-03-27 16:50 1718272 ----a-w- c:\windows\system32\nvsttest.exe 2009-06-10 04:31 . 2008-03-27 16:50 1034752 ----a-w- c:\windows\system32\nvstview.exe 2009-06-10 04:31 . 2008-03-27 16:50 89088 ----a-w- c:\windows\system32\nvimage.dll 2009-06-10 04:29 . 2008-03-27 16:50 1656 ----a-w- c:\windows\system32\nvstdef.reg 2009-06-04 14:39 . 2008-02-13 10:19 457248 ----a-w- c:\windows\system32\NVUNINST.EXE 2009-06-01 12:36 . 2009-06-01 12:36 -------- d-----w- c:\programdata\NextUp 2009-06-01 12:08 . 2009-06-01 12:08 4930 ----a-w- c:\windows\system32\drivers\hwinterface32B01.sys 2009-05-29 11:36 . 2009-05-29 11:36 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2009-05-29 11:36 . 2009-05-29 11:36 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll 2009-05-25 16:22 . 2009-02-21 12:13 -------- d-----w- c:\program files\Garena 2009-05-24 15:04 . 2008-10-20 19:35 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\BSplayer 2009-05-24 09:36 . 2009-05-24 09:36 -------- d-----w- c:\program files\EclipseCrossword 2009-05-23 15:28 . 2009-05-23 15:28 -------- d-----w- c:\program files\Thrustmaster 2009-05-21 11:14 . 2009-05-21 11:14 -------- d-----w- c:\program files\Devious Codeworks 2009-05-18 16:33 . 2008-12-03 19:13 -------- d-----w- c:\program files\Activision 2009-05-18 16:32 . 2007-10-12 10:57 -------- d-----w- c:\program files\Common Files\InstallShield 2009-05-13 11:42 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-05-10 08:26 . 2009-05-10 08:25 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-05-09 17:37 . 2009-05-09 17:37 -------- d-----w- c:\program files\Microsoft SQL Server 2009-05-09 17:37 . 2009-05-09 17:32 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0 2009-05-09 17:37 . 2009-05-09 17:37 -------- d-----w- c:\program files\Microsoft Synchronization Services 2009-05-09 17:37 . 2009-05-09 17:37 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-05-09 17:35 . 2009-05-09 17:35 193824 ----a-w- c:\programdata\Microsoft\VBExpress\9.0\1033\ResourceCache.dll 2009-05-09 17:34 . 2009-05-09 17:34 416 ----a-w- c:\programdata\Microsoft\MSDN\9.0\1033\ResourceCache.dll 2009-05-09 17:31 . 2009-05-09 17:31 -------- d-----w- c:\program files\Microsoft SDKs 2009-05-09 17:09 . 2008-11-12 17:45 -------- d-----w- c:\program files\SystemRequirementsLab 2009-05-09 05:50 . 2009-06-13 08:26 915456 ----a-w- c:\windows\system32\wininet.dll 2009-05-09 05:34 . 2009-06-13 08:26 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-05-02 17:42 . 2009-05-02 17:32 36055 ----a-w- c:\windows\DIIUnin.dat 2009-05-02 17:32 . 2009-05-02 17:32 2829 ----a-w- c:\windows\DIIUnin.pif 2009-05-02 17:32 . 2009-05-02 17:32 94208 ----a-w- c:\windows\DIIUnin.exe 2009-04-30 20:02 . 2009-04-30 20:02 143360 ----a-w- c:\windows\system32\nvcod146.dll 2009-04-28 07:55 . 2009-04-28 07:55 70936 ----a-w- c:\windows\system32\PhysXLoader.dll 2009-04-25 14:33 . 2009-04-25 14:33 220926964 ----a-w- c:\users\Eigenaar\AppData\Roaming\ijjigame\U_GUNZ_setup.exe 2009-04-25 14:33 . 2009-04-25 14:58 480688 ----a-w- c:\users\Eigenaar\AppData\Roaming\ijjigame\ijjistarter2FxB.exe 2009-04-23 12:43 . 2009-06-13 08:26 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-04-23 12:42 . 2009-06-13 08:26 636928 ----a-w- c:\windows\system32\localspl.dll 2009-04-21 22:20 . 2009-04-21 22:20 14311680 ----a-w- c:\windows\system32\xlive.dll 2009-04-21 22:20 . 2009-04-21 22:20 13642496 ----a-w- c:\windows\system32\xlivefnt.dll 2009-04-16 02:56 . 2009-04-16 02:56 8192 ----a-w- c:\users\Eigenaar\AppData\Roaming\LimeWire\browser\xulrunner\AccessibleMarshal.dll 2009-04-16 02:56 . 2009-04-16 02:56 20480 ----a-w- c:\users\Eigenaar\AppData\Roaming\LimeWire\browser\xulrunner\IA2Marshal.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-15 342848] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-15 202024] "Packard Bell Software Suite"="c:\program files\Packard Bell\Packard Bell Software Suite\Launcher.exe" [2007-11-05 1791488] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-05-15 95536] "GM4IE"="c:\program files\GM4IE\gm4ie.exe" [2006-07-23 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "TVEService"="c:\program files\HomeCinema\TV Enhance\TVEService.exe" [2007-10-19 155648] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-08 178712] "NMSSupport"="c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2007-06-27 439512] "CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2007-06-27 215256] "toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-26 6707744] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-28 1948440] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2008-05-15 54576] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "SoftickPPP"="c:\program files\Softick\PPP\Bin\PPPGate.exe" [2004-02-16 158208] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13785632] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10a.exe" [2008-10-05 235936] c:\users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Xfire.lnk - c:\program files\Xfire\xfire.exe [2009-3-21 3025232] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{7D4572D2-8784-406B-A5F8-4D2D5959C3C3}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{FFADDC61-246B-4985-9A66-50351C78F6D6}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{31767E90-F446-4E00-812E-84AA42CC264D}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM "{750444E4-9977-4204-98A1-6D956B2E46DC}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM "{AEDD3BB0-38BB-4736-9DB4-96BF96EAE3F1}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service "{B07A6A26-92B7-4FCE-B8C3-EAE549466843}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service "{3C6AF1D9-ACF3-4195-9602-5EF8FAC65380}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server "{1FED2666-923C-4A82-B741-A7FC4EE1D9F6}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server "{C06E1107-89C0-4DAF-978F-9DD588D3FC36}"= TCP:Profile=Private|Profile=Public|9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery "{11297E20-CFAF-45CB-89E6-465AA8EA2C4E}"= TCP:Profile=Private|Profile=Public|1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery "{4A72BF13-1DD4-484F-8692-152511D4C267}"= c:\program files\HomeCinema\TV Enhance\TVEnhance.exe:CyberLink TVEnhance "{D72B71F6-74BE-4417-98C6-370B0F1B93FE}"= c:\program files\HomeCinema\TV Enhance\TVEService.exe:CyberLink TVEnhance Resident Program "{0957244D-6AE3-404A-9F9F-20549BB40341}"= c:\program files\HomeCinema\MakeDisc\MakeDisc.exe:CyberLink MakeDisc "{B3CA7FFE-CC21-47A4-AFC3-C66C42F4E449}"= c:\program files\HomeCinema\PowerDirector\PDR.EXE:CyberLink PowerDirector "{60F06109-F1C7-4580-85F1-025D1A64AD15}"= c:\program files\HomeCinema\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD "TCP Query User{0571E6C7-5FBA-4FC7-B6BD-9F20BBF2673E}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord "UDP Query User{F45E4789-5E11-4810-B74A-B22E91C27586}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord "{AB7B7193-D16D-44EF-9C2B-4AD17983BE49}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "TCP Query User{D946F7E8-ACDF-4083-A1F1-4996A41B5ACD}c:\\program files\\games-masters.com\\cabal online (europe)\\launcher\\update\\estdnheadless.exe"= UDP:c:\program files\games-masters.com\cabal online (europe)\launcher\update\estdnheadless.exe:EST! download engine "UDP Query User{64C31394-5508-41FD-B040-F97394AE67C4}c:\\program files\\games-masters.com\\cabal online (europe)\\launcher\\update\\estdnheadless.exe"= TCP:c:\program files\games-masters.com\cabal online (europe)\launcher\update\estdnheadless.exe:EST! download engine "TCP Query User{92BF6371-0FF7-466A-9D69-2E73024565FF}c:\\program files\\bearshare pro\\bearshare.exe"= UDP:c:\program files\bearshare pro\bearshare.exe:BearShare "UDP Query User{102AA3BD-0017-41BB-A701-5FAB1BB446DA}c:\\program files\\bearshare pro\\bearshare.exe"= TCP:c:\program files\bearshare pro\bearshare.exe:BearShare "{28434F8D-B932-41C3-AE1B-276899CF78D2}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{ABA682C8-8911-4A70-B168-2B68BA4DEE54}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "TCP Query User{CE3B8BAF-A735-4DBE-9685-9A008EC36695}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{B7C7EF08-8635-45BB-8B7A-9B64182461CF}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "{3FC44AED-785F-49D3-96AB-45F754EDCDC0}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{F3B9AADA-BC68-440F-B42A-D1674B864FF7}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "{EC85C417-3833-4B97-A8B5-92CBB00E19CE}"= UDP:c:\users\Eigenaar\Desktop\Bittorrent\BitTorrent.exe:BitTorrent (TCP-In) "{5399E380-48BB-4EAD-B43A-F00B7B6624B8}"= TCP:c:\users\Eigenaar\Desktop\Bittorrent\BitTorrent.exe:BitTorrent (UDP-In) "{F6E339F8-40EF-4878-A290-4856CBE839A5}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In) "{99CB2447-5D0C-4568-A8CE-00BA0BC5CE23}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In) "{312EFA62-BA87-4D37-AE25-CF4A7C9F998F}"= UDP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9 "{030FE5FE-D2DF-4278-962F-379270F49C65}"= TCP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9 "{0FB96E23-0548-449E-BFD4-EBAF23D96E58}"= UDP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10 "{643B4B6A-C827-420A-9774-25F0698747DB}"= TCP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10 "{1E45E3B5-AB74-410A-AB23-ED10D49BCD64}"= UDP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update "{9FDADCBF-AD7C-4496-8DAB-7D51DD6BD1D6}"= TCP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update "TCP Query User{A5373F64-6A71-4D54-A227-00164A3610DA}c:\\program files\\real\\realplayer\\realplay.exe"= UDP:c:\program files\real\realplayer\realplay.exe:RealPlayer "UDP Query User{15685C45-81B7-42CF-A0E3-3142602D3F6D}c:\\program files\\real\\realplayer\\realplay.exe"= TCP:c:\program files\real\realplayer\realplay.exe:RealPlayer "TCP Query User{9E6A72BE-CC73-4BA6-BF6A-9A24429409CF}c:\\program files\\codemasters\\overlord\\overlord.exe"= UDP:c:\program files\codemasters\overlord\overlord.exe:Game Application "UDP Query User{9B130FDB-BFE6-48B1-8BF3-54858CEB62EF}c:\\program files\\codemasters\\overlord\\overlord.exe"= TCP:c:\program files\codemasters\overlord\overlord.exe:Game Application "TCP Query User{1223F9DB-6093-4518-8EDE-DC7F81C7D0D5}c:\\program files\\hamachi\\hamachi.exe"= UDP:c:\program files\hamachi\hamachi.exe:Hamachi Client "UDP Query User{8FB626F5-5336-46F4-B9C1-226160380BF4}c:\\program files\\hamachi\\hamachi.exe"= TCP:c:\program files\hamachi\hamachi.exe:Hamachi Client "TCP Query User{6E8B11C3-F57A-4F2F-84F9-8B79D6B40E58}c:\\users\\eigenaar\\desktop\\bittorrent\\bittorrent.exe"= UDP:c:\users\eigenaar\desktop\bittorrent\bittorrent.exe:bittorrent.exe "UDP Query User{36573855-6813-4765-8457-DFC2D2F9FF90}c:\\users\\eigenaar\\desktop\\bittorrent\\bittorrent.exe"= TCP:c:\users\eigenaar\desktop\bittorrent\bittorrent.exe:bittorrent.exe "TCP Query User{36EE903F-ECB8-4C9D-8181-B392AF9026C1}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire "UDP Query User{BF431D83-372D-421C-9B6D-34993E4A1AD1}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire "TCP Query User{2DD9B992-5761-470E-B43E-E193C7CD8F07}c:\\users\\eigenaar\\desktop\\warcraft iii\\war3.exe"= UDP:c:\users\eigenaar\desktop\warcraft iii\war3.exe:war3.exe "UDP Query User{499883FD-F749-41CB-B3F8-A491C0711DE1}c:\\users\\eigenaar\\desktop\\warcraft iii\\war3.exe"= TCP:c:\users\eigenaar\desktop\warcraft iii\war3.exe:war3.exe "{B0E5B698-1E8F-422B-9277-42459284B153}"= UDP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club "{857B3F69-CD6C-4712-A578-A354A5C354E7}"= TCP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club "TCP Query User{547C1932-9192-40B4-BBD1-DCAC9F9F5087}c:\\program files\\rockstar games\\grand theft auto iv\\gtaiv.exe"= UDP:c:\program files\rockstar games\grand theft auto iv\gtaiv.exe:Grand Theft Auto IV "UDP Query User{6A14A688-9241-42BF-9829-07CE756B430D}c:\\program files\\rockstar games\\grand theft auto iv\\gtaiv.exe"= TCP:c:\program files\rockstar games\grand theft auto iv\gtaiv.exe:Grand Theft Auto IV "{7DD522A5-4371-41EC-B761-D0B14DAE6761}"= UDP:c:\users\Eigenaar\Desktop\Downloads\portable_clusterwire\Portable.LimeWire.PRO.4.18.8-By-Clusterbomb\Portable.LimeWire.PRO.4.18.8-By-Meeen.exe:LimeWire "{7B3CF7E4-615E-48EA-A704-C3C3DB1A00D1}"= TCP:c:\users\Eigenaar\Desktop\Downloads\portable_clusterwire\Portable.LimeWire.PRO.4.18.8-By-Clusterbomb\Portable.LimeWire.PRO.4.18.8-By-Meeen.exe:LimeWire "TCP Query User{F4E1F8A9-1F44-4198-8990-74F366937786}c:\\program files\\activision\\call of duty - world at war\\codwaw_lanfixed.exe"= UDP:c:\program files\activision\call of duty - world at war\codwaw_lanfixed.exe:Call of Duty(R): World at War Campaign/Coop "UDP Query User{E932D053-09F7-4805-A719-CCF98D2CBA1E}c:\\program files\\activision\\call of duty - world at war\\codwaw_lanfixed.exe"= TCP:c:\program files\activision\call of duty - world at war\codwaw_lanfixed.exe:Call of Duty(R): World at War Campaign/Coop "TCP Query User{82E49889-649C-4190-9964-A0BF806786F6}c:\\program files\\activision\\call of duty - world at war\\codwawmp.exe"= UDP:c:\program files\activision\call of duty - world at war\codwawmp.exe:Call of Duty(R): World at War Multiplayer "UDP Query User{5042704E-CB60-4A1D-9BA8-49656BB48429}c:\\program files\\activision\\call of duty - world at war\\codwawmp.exe"= TCP:c:\program files\activision\call of duty - world at war\codwawmp.exe:Call of Duty(R): World at War Multiplayer "{1601F6AA-27B1-4DE7-84C0-98254C355BD4}"= UDP:c:\users\Eigenaar\AppData\Local\Temp\PurpleBean.exe:PurpleBean.exe "{CC3A51E9-E095-40E2-9CAB-C2D0578F934D}"= TCP:c:\users\Eigenaar\AppData\Local\Temp\PurpleBean.exe:PurpleBean.exe "TCP Query User{96E4ACE4-3584-488C-8FF6-BD9DE1D6DB47}c:\\ijji\\english\\u_sf\\soldierfront.exe"= UDP:c:\ijji\english\u_sf\soldierfront.exe:soldierfront "UDP Query User{40AD9D3B-441E-4B52-B6BF-5489B059F8DE}c:\\ijji\\english\\u_sf\\soldierfront.exe"= TCP:c:\ijji\english\u_sf\soldierfront.exe:soldierfront "TCP Query User{5CD726B8-8098-4869-BC35-7519D530B893}c:\\program files\\trackmania united\\tmunited.exe"= UDP:c:\program files\trackmania united\tmunited.exe:TmUnited "UDP Query User{319B46ED-BA1F-4B00-987A-D0D1B679811D}c:\\program files\\trackmania united\\tmunited.exe"= TCP:c:\program files\trackmania united\tmunited.exe:TmUnited "TCP Query User{D4234521-39AA-45A7-B03C-4B20A7AEBC79}c:\\users\\eigenaar\\desktop\\downloads\\tmu-dtn\\crack\\tmunited.exe"= Disabled:UDP:c:\users\eigenaar\desktop\downloads\tmu-dtn\crack\tmunited.exe:tmunited.exe "UDP Query User{5E64B695-605E-447A-8B4B-8FFF67B9129E}c:\\users\\eigenaar\\desktop\\downloads\\tmu-dtn\\crack\\tmunited.exe"= Disabled:TCP:c:\users\eigenaar\desktop\downloads\tmu-dtn\crack\tmunited.exe:tmunited.exe "TCP Query User{5E2EB10D-B5B7-4438-8E92-055C71C11FD5}c:\\program files\\tmnationsforever\\tmforever.exe"= UDP:c:\program files\tmnationsforever\tmforever.exe:TmForever "UDP Query User{25272485-4CDD-4204-9C56-A7253734BCB8}c:\\program files\\tmnationsforever\\tmforever.exe"= TCP:c:\program files\tmnationsforever\tmforever.exe:TmForever "TCP Query User{E4554992-21B6-48E9-A77D-AEB82D716D6B}c:\\program files\\tmunitedforever\\tmforever.exe"= UDP:c:\program files\tmunitedforever\tmforever.exe:TmForever "UDP Query User{8B02BDDF-0F66-4732-AC7B-FE8BEF902BC0}c:\\program files\\tmunitedforever\\tmforever.exe"= TCP:c:\program files\tmunitedforever\tmforever.exe:TmForever "TCP Query User{4583C8BF-EA9B-4D65-99D8-E9C7A5372FAC}f:\\spelletjes\\race\\test drive unlimited\\tdu\\tdu\\testdriveunlimited.exe"= UDP:f:\spelletjes\race\test drive unlimited\tdu\tdu\testdriveunlimited.exe:Test Drive Unlimited "UDP Query User{2F0ED514-D4FD-4AA9-A9FE-8403114E9840}f:\\spelletjes\\race\\test drive unlimited\\tdu\\tdu\\testdriveunlimited.exe"= TCP:f:\spelletjes\race\test drive unlimited\tdu\tdu\testdriveunlimited.exe:Test Drive Unlimited "TCP Query User{75B10F15-27D9-4F99-897E-8224B03DB996}c:\\users\\eigenaar\\desktop\\tdu\\tdu\\testdriveunlimited.exe"= UDP:c:\users\eigenaar\desktop\tdu\tdu\testdriveunlimited.exe:testdriveunlimited.exe "UDP Query User{EDDC02DD-7925-4E22-9D62-AE68B44E6DB3}c:\\users\\eigenaar\\desktop\\tdu\\tdu\\testdriveunlimited.exe"= TCP:c:\users\eigenaar\desktop\tdu\tdu\testdriveunlimited.exe:testdriveunlimited.exe "TCP Query User{58AD7619-6922-4961-9C03-1F8FCA8306D3}c:\\users\\eigenaar\\documents\\wietse\\spelletjes\\uploader.exe"= UDP:c:\users\eigenaar\documents\wietse\spelletjes\uploader.exe:uploader.exe "UDP Query User{2FDB576F-A0F7-4650-8D7D-50A52523F78C}c:\\users\\eigenaar\\documents\\wietse\\spelletjes\\uploader.exe"= TCP:c:\users\eigenaar\documents\wietse\spelletjes\uploader.exe:uploader.exe "TCP Query User{E195148C-C566-456E-9468-BFE969DEE5CC}c:\\users\\eigenaar\\documents\\wietse\\spelletjes\\gsm\\uploader.exe"= UDP:c:\users\eigenaar\documents\wietse\spelletjes\gsm\uploader.exe:uploader.exe "UDP Query User{37A9373C-F431-4D0A-9910-35DBD3391954}c:\\users\\eigenaar\\documents\\wietse\\spelletjes\\gsm\\uploader.exe"= TCP:c:\users\eigenaar\documents\wietse\spelletjes\gsm\uploader.exe:uploader.exe "TCP Query User{B29DC984-1312-417D-B75A-3104B2403C36}c:\\users\\eigenaar\\documents\\wietse\\spelletjes\\gsm\\uploader.exe"= UDP:c:\users\eigenaar\documents\wietse\spelletjes\gsm\uploader.exe:uploader.exe "UDP Query User{7AE6AA01-E444-45AF-9C3B-3170C1418198}c:\\users\\eigenaar\\documents\\wietse\\spelletjes\\gsm\\uploader.exe"= TCP:c:\users\eigenaar\documents\wietse\spelletjes\gsm\uploader.exe:uploader.exe "TCP Query User{5AA408B1-A101-4A48-9CE4-233521A8BDD5}c:\\program files\\test driver unlimited\\tdu\\testdriveunlimited.exe"= UDP:c:\program files\test driver unlimited\tdu\testdriveunlimited.exe:Test Drive Unlimited "UDP Query User{89E80A2C-9DC9-4074-B5B6-DAECE0550970}c:\\program files\\test driver unlimited\\tdu\\testdriveunlimited.exe"= TCP:c:\program files\test driver unlimited\tdu\testdriveunlimited.exe:Test Drive Unlimited "TCP Query User{2E2B0270-9C05-44B0-ADC4-99DCE0F948B1}c:\\program files\\rockstar games\\grand theft auto iv\\gtaiv.exe"= UDP:c:\program files\rockstar games\grand theft auto iv\gtaiv.exe:Grand Theft Auto IV "UDP Query User{2866B8A5-668A-4B97-A7B2-EC7E953BF7F9}c:\\program files\\rockstar games\\grand theft auto iv\\gtaiv.exe"= TCP:c:\program files\rockstar games\grand theft auto iv\gtaiv.exe:Grand Theft Auto IV "TCP Query User{CD33F38F-9152-44F7-9EC8-C396AF91BF26}c:\\program files\\left 4 dead\\left4dead.exe"= UDP:c:\program files\left 4 dead\left4dead.exe:left4dead "UDP Query User{0A2F0A50-41C0-4B9E-BC6A-938F11850F46}c:\\program files\\left 4 dead\\left4dead.exe"= TCP:c:\program files\left 4 dead\left4dead.exe:left4dead "{C032D311-AC6E-4BB0-BD46-E1203898DA4C}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "{066F06D4-7D77-4257-ABD2-3F1EAE10716F}"= UDP:c:\program files\Kontiki\KService.exe:Delivery Manager Service "{55A5610B-9430-4DF9-B93F-21668EAB64D5}"= TCP:c:\program files\Kontiki\KService.exe:Delivery Manager Service "TCP Query User{EA013C5C-2F62-4148-AF67-642A2DAF301F}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord "UDP Query User{0D0A6367-6577-482B-9D9F-BF6A298C9AD2}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord "TCP Query User{79C3AE71-2316-4491-809E-97D0FDC1EC8A}c:\\program files\\cabal online eu\\launcher\\update\\estdnheadless.exe"= UDP:c:\program files\cabal online eu\launcher\update\estdnheadless.exe:EST! download engine "UDP Query User{4C5690F5-F8B3-4C5B-A015-F895C91DB8AC}c:\\program files\\cabal online eu\\launcher\\update\\estdnheadless.exe"= TCP:c:\program files\cabal online eu\launcher\update\estdnheadless.exe:EST! download engine "TCP Query User{B14DA4DB-AC3F-45D5-9658-6E8EFBD8B75C}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= UDP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary "UDP Query User{4E945EB8-63FA-465C-A45F-EEB1E4F9D6B5}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= TCP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary "TCP Query User{809B4739-2EAC-4FB9-9C80-D6DAD7B5488D}c:\\windows\\system32\\java.exe"= UDP:c:\windows\system32\java.exe:Java(TM) Platform SE binary "UDP Query User{F94ECB4E-08FD-4CB3-A56A-B3D675E854CE}c:\\windows\\system32\\java.exe"= TCP:c:\windows\system32\java.exe:Java(TM) Platform SE binary "TCP Query User{9F8FFDDD-91A6-4924-B629-172C2CCCE9EB}f:\\spelletjes\\roleplaying\\deep silver\\sacred 2 - fallen angel\\system\\s2gs.exe"= UDP:f:\spelletjes\roleplaying\deep silver\sacred 2 - fallen angel\system\s2gs.exe:Sacred 2 - Game Server "UDP Query User{BE2A5433-DF3B-4731-8D1E-B6F9777EE07C}f:\\spelletjes\\roleplaying\\deep silver\\sacred 2 - fallen angel\\system\\s2gs.exe"= TCP:f:\spelletjes\roleplaying\deep silver\sacred 2 - fallen angel\system\s2gs.exe:Sacred 2 - Game Server "TCP Query User{D175962C-A778-48A0-9DF6-4AF6EA67C97E}c:\\program files\\garena\\garena.exe"= UDP:c:\program files\garena\garena.exe:Garena "UDP Query User{79CF7EBD-6E7A-4594-B75F-36EC4E910151}c:\\program files\\garena\\garena.exe"= TCP:c:\program files\garena\garena.exe:Garena "TCP Query User{6C310037-AA01-48BF-8188-4989AC29BD5E}c:\\program files\\left 4 dead\\left4dead.exe"= UDP:c:\program files\left 4 dead\left4dead.exe:left4dead "UDP Query User{83141191-2B60-44F5-AC2B-48A49B58D633}c:\\program files\\left 4 dead\\left4dead.exe"= TCP:c:\program files\left 4 dead\left4dead.exe:left4dead "TCP Query User{176475E4-AEC6-4871-A378-C654E5B96E4A}c:\\program files\\warcraft iii\\war3.exe"= UDP:c:\program files\warcraft iii\war3.exe:Warcraft III "UDP Query User{E1A4CC75-D9E5-43C4-A2C1-B132FBB40FF9}c:\\program files\\warcraft iii\\war3.exe"= TCP:c:\program files\warcraft iii\war3.exe:Warcraft III "TCP Query User{E2E388E9-F201-42C0-AB12-A0CEE61FE4A9}c:\\program files\\3do\\heroes3\\heroes3.exe"= UDP:c:\program files\3do\heroes3\heroes3.exe:Heroes of Might and Magic® III "UDP Query User{92931291-7156-4C7E-BA05-4CC49AC603C7}c:\\program files\\3do\\heroes3\\heroes3.exe"= TCP:c:\program files\3do\heroes3\heroes3.exe:Heroes of Might and Magic® III "{AD298C45-3218-4C07-8791-2A146A2559FB}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{7E5BB613-92FB-4C03-AE44-D1E8567CFC18}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{BD783058-3EB3-4B1F-91BA-E2C7B5706839}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{03C90648-B1A1-49D1-B0CB-830098B61C84}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "TCP Query User{6A1576BF-3D3F-4069-8BCB-1B0320BF7835}c:\\program files\\hasbro interactive\\rollercoaster tycoon\\rct.exe"= UDP:c:\program files\hasbro interactive\rollercoaster tycoon\rct.exe:rct "UDP Query User{B597FC4C-30EA-4664-9A5A-FED4DEBA9584}c:\\program files\\hasbro interactive\\rollercoaster tycoon\\rct.exe"= TCP:c:\program files\hasbro interactive\rollercoaster tycoon\rct.exe:rct "TCP Query User{0D5D9504-3AE9-4906-81E4-AA011E9E6D11}c:\\users\\eigenaar\\desktop\\downloads\\rct\\rct.exe"= UDP:c:\users\eigenaar\desktop\downloads\rct\rct.exe:rct.exe "UDP Query User{3FD4AEC9-46CD-44A1-B29A-E94C0847D925}c:\\users\\eigenaar\\desktop\\downloads\\rct\\rct.exe"= TCP:c:\users\eigenaar\desktop\downloads\rct\rct.exe:rct.exe "TCP Query User{CAB16F1F-0ABC-408F-80B4-6B8AB1D8A2B0}c:\\users\\eigenaar\\desktop\\hasbro interactive\\rollercoaster tycoon\\rct.exe"= UDP:c:\users\eigenaar\desktop\hasbro interactive\rollercoaster tycoon\rct.exe:rct.exe "UDP Query User{6DE329C1-6831-4C46-879A-7BFDCB847F81}c:\\users\\eigenaar\\desktop\\hasbro interactive\\rollercoaster tycoon\\rct.exe"= TCP:c:\users\eigenaar\desktop\hasbro interactive\rollercoaster tycoon\rct.exe:rct.exe "{E5FB2325-3B92-4492-9CC5-D1F49E106C3C}"= UDP:c:\users\Eigenaar\Desktop\Downloads\Harde schijf\Limewire Pro\Portable.LimeWire.PRO.4.18.8-By-Clusterbomb\Portable.LimeWire.PRO.4.18.8-By-Meeen.exe:LimeWire "{8CE343CC-6563-4A7E-8DD6-B6982A67C2B4}"= TCP:c:\users\Eigenaar\Desktop\Downloads\Harde schijf\Limewire Pro\Portable.LimeWire.PRO.4.18.8-By-Clusterbomb\Portable.LimeWire.PRO.4.18.8-By-Meeen.exe:LimeWire "TCP Query User{A4EABF04-6127-4177-8272-188D061C1081}c:\\users\\eigenaar\\desktop\\cryptload_1.1.6\\routerclient.exe"= UDP:c:\users\eigenaar\desktop\cryptload_1.1.6\routerclient.exe:routerclient.exe "UDP Query User{46A420A7-C4C4-4489-B3A0-B6E104875EB2}c:\\users\\eigenaar\\desktop\\cryptload_1.1.6\\routerclient.exe"= TCP:c:\users\eigenaar\desktop\cryptload_1.1.6\routerclient.exe:routerclient.exe "{8FB9B53A-154F-42A9-90D2-6D2029D02824}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{A292F15C-AE6F-45F3-8366-7835CBCF92FD}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "TCP Query User{37BDBBB0-6C03-47B7-BFBC-E6C39119A53A}c:\\fifa 09\\fifa 09\\fifa09.exe"= UDP:c:\fifa 09\fifa 09\fifa09.exe:FIFA09 "UDP Query User{F1DA740C-7A2A-4D7E-9A2E-D1D058EE1A0F}c:\\fifa 09\\fifa 09\\fifa09.exe"= TCP:c:\fifa 09\fifa 09\fifa09.exe:FIFA09 "TCP Query User{28693368-C0E6-4CFC-85AA-5FA33AC9B948}k:\\spelletjes\\race\\test drive unlimited\\tdu\\testdriveunlimited.exe"= UDP:k:\spelletjes\race\test drive unlimited\tdu\testdriveunlimited.exe:Test Drive Unlimited "UDP Query User{C0964F5A-216A-47BE-8663-D5ABAF8E9242}k:\\spelletjes\\race\\test drive unlimited\\tdu\\testdriveunlimited.exe"= TCP:k:\spelletjes\race\test drive unlimited\tdu\testdriveunlimited.exe:Test Drive Unlimited "TCP Query User{B3F9DD31-58EC-40FC-B6D8-750557726401}c:\\ijji\\english\\u_gunz.exe"= UDP:c:\ijji\english\u_gunz.exe:<ijji Downloader> "UDP Query User{C70C9BC6-ED11-40A0-BA35-6781A34C3626}c:\\ijji\\english\\u_gunz.exe"= TCP:c:\ijji\english\u_gunz.exe:<ijji Downloader> "TCP Query User{5C2EB139-55CA-491F-887C-C2D8734A4AC5}c:\\ijji\\english\\gunz\\gunz.exe"= UDP:c:\ijji\english\gunz\gunz.exe:Gunz "UDP Query User{F80D936C-2827-4744-A4FE-CE69E7F9FEB4}c:\\ijji\\english\\gunz\\gunz.exe"= TCP:c:\ijji\english\gunz\gunz.exe:Gunz "TCP Query User{0F2A4849-8CEA-4828-96F6-9B66B7361290}c:\\users\\eigenaar\\desktop\\downloads\\uploader.exe"= UDP:c:\users\eigenaar\desktop\downloads\uploader.exe:uploader.exe "UDP Query User{0BBF7096-387F-482C-A802-3A487BB37FC8}c:\\users\\eigenaar\\desktop\\downloads\\uploader.exe"= TCP:c:\users\eigenaar\desktop\downloads\uploader.exe:uploader.exe "{892B81A4-6BC8-465F-9C8F-93A1ECE8D2E1}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{6D1811BD-0139-448A-A2B2-26D02C6E182E}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "TCP Query User{FDAFC778-3EEE-49F1-A0A6-556D516F3D92}c:\\program files\\activision\\call of duty - world at war\\lan fix v1.4.exe"= UDP:c:\program files\activision\call of duty - world at war\lan fix v1.4.exe:Call of Duty(R): World at War Campaign/Coop "UDP Query User{59FC1887-E174-4A29-83F8-30504A407A1F}c:\\program files\\activision\\call of duty - world at war\\lan fix v1.4.exe"= TCP:c:\program files\activision\call of duty - world at war\lan fix v1.4.exe:Call of Duty(R): World at War Campaign/Coop "TCP Query User{5D3BEBFA-AC1B-4A4C-964C-FD754E158145}c:\\program files\\activision\\call of duty 2\\cod2mp_s.exe"= UDP:c:\program files\activision\call of duty 2\cod2mp_s.exe:CoD2MP_s "UDP Query User{A5389950-BC00-4486-A421-2BBF410740AF}c:\\program files\\activision\\call of duty 2\\cod2mp_s.exe"= TCP:c:\program files\activision\call of duty 2\cod2mp_s.exe:CoD2MP_s "{13F0E9C9-47B6-4426-B1CA-7E843CF11F1D}"= UDP:c:\program files\Nakido\nakido.exe:Nakido "{62980855-38C9-4762-93B4-9DAEE2513E9F}"= TCP:c:\program files\Nakido\nakido.exe:Nakido "TCP Query User{718A94C6-1E20-48EC-80C9-7B8DDA5B7083}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent "UDP Query User{022B581C-8075-4BDC-8E0D-433523B5BBE5}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent "TCP Query User{16065CD9-881C-4830-8473-A8A3D1664764}c:\\users\\eigenaar\\desktop\\downloads\\freezer v1.4\\freezer.exe"= UDP:c:\users\eigenaar\desktop\downloads\freezer v1.4\freezer.exe:freezer.exe "UDP Query User{53A8703D-802A-464B-BC4C-5E9E65178D6A}c:\\users\\eigenaar\\desktop\\downloads\\freezer v1.4\\freezer.exe"= TCP:c:\users\eigenaar\desktop\downloads\freezer v1.4\freezer.exe:freezer.exe "TCP Query User{79AB2579-5DB3-4AFD-8F17-4C5DB27F5413}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox "UDP Query User{6141434C-D116-4D4B-933A-99AA572A6BCD}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox "{B7B60BBF-0108-406E-BA46-86A6770DB56F}"= Disabled:UDP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009 "{5DC00FC8-CCAE-4956-AFA8-826EA7C88E14}"= Disabled:TCP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009 "TCP Query User{0BF2A27D-B100-4E4E-BFDF-FB10B61A9786}c:\\users\\eigenaar\\appdata\\local\\temp\\rarsfx2\\flash.exe"= UDP:c:\users\eigenaar\appdata\local\temp\rarsfx2\flash.exe:flash.exe "UDP Query User{B08221A7-487E-46DA-AE72-6B16953F0A90}c:\\users\\eigenaar\\appdata\\local\\temp\\rarsfx2\\flash.exe"= TCP:c:\users\eigenaar\appdata\local\temp\rarsfx2\flash.exe:flash.exe "{4D8C0098-09AC-46DE-B042-9683BBCACEEB}"= UDP:5353:Adobe CSI CS4 "{1DD8065D-F1B7-42AB-8AC9-201D10A04DA2}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "{3EB5CA70-D86C-42BE-8969-BA673731A1FE}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "TCP Query User{C0AD7891-981A-42EB-B5F1-4A5D6F96C420}c:\\program files\\adobe\\adobe flash cs4\\flash.exe"= UDP:c:\program files\adobe\adobe flash cs4\flash.exe:Adobe Flash CS4 "UDP Query User{B580F0E4-23F1-4E09-A22F-9F46DEC34CC0}c:\\program files\\adobe\\adobe flash cs4\\flash.exe"= TCP:c:\program files\adobe\adobe flash cs4\flash.exe:Adobe Flash CS4 "TCP Query User{73649366-F749-41C8-8125-7A151CC68E6E}c:\\downloads\\world of warcraft\\launcher.exe"= UDP:c:\downloads\world of warcraft\launcher.exe:Blizzard Launcher "UDP Query User{AEF0D184-C9F8-4115-B832-A3D0AC19AF59}c:\\downloads\\world of warcraft\\launcher.exe"= TCP:c:\downloads\world of warcraft\launcher.exe:Blizzard Launcher "TCP Query User{A569C1F5-CA49-4113-905A-F963002A2517}c:\\downloads\\world of warcraft\\repair.exe"= UDP:c:\downloads\world of warcraft\repair.exe:Blizzard Repair Utility "UDP Query User{38867AAA-8962-4C91-9E28-C39FE2339ED1}c:\\downloads\\world of warcraft\\repair.exe"= TCP:c:\downloads\world of warcraft\repair.exe:Blizzard Repair Utility "{2F266167-5843-409F-9662-A81CA31EA7D5}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.8.9506-to-3.0.9.9551-enUS-downloader.exe:Blizzard Downloader "{F4D17B76-6577-4758-B858-88B7DA64848F}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.8.9506-to-3.0.9.9551-enUS-downloader.exe:Blizzard Downloader "{9AC56913-96EB-404E-B3B5-C8B6919047D8}"= UDP:3724:Blizzard Downloader: 3724 "{C7DBF976-172A-40B8-800F-DEB373EB9E9F}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe:Blizzard Downloader "{8D144FE1-2A83-43E2-B566-F7C16E119C09}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe:Blizzard Downloader "TCP Query User{63B27E1B-2AD4-4C6B-BBB0-3F2925BE9F08}c:\\program files\\crossloop\\crossloopconnect.exe"= UDP:c:\program files\crossloop\crossloopconnect.exe:CrossLoop - Simple Secure Screen Sharing "UDP Query User{3BAE2879-FE7C-4DA0-A3AE-8390742044B8}c:\\program files\\crossloop\\crossloopconnect.exe"= TCP:c:\program files\crossloop\crossloopconnect.exe:CrossLoop - Simple Secure Screen Sharing "{071B1587-1E46-4037-88F0-95B99F6FAAA5}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{75332FDE-4358-4B38-8242-F072E371F3E5}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "TCP Query User{714943FE-9227-4C54-8D02-4AFD78F801DB}c:\\program files\\quake iii arena\\quake3.exe"= UDP:c:\program files\quake iii arena\quake3.exe:quake3 "UDP Query User{0495A3F6-8181-476D-98A4-696B484F5120}c:\\program files\\quake iii arena\\quake3.exe"= TCP:c:\program files\quake iii arena\quake3.exe:quake3 "TCP Query User{64D810A9-5931-42EF-A03A-5360D852D236}c:\\program files\\quake iii arena\\quake3.exe"= UDP:c:\program files\quake iii arena\quake3.exe:quake3 "UDP Query User{29593AC8-4BA3-45DD-84E8-F82C425FB220}c:\\program files\\quake iii arena\\quake3.exe"= TCP:c:\program files\quake iii arena\quake3.exe:quake3 "{5AB37A13-8E66-4CE9-859C-B7B18BC615A5}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{F6EAA662-86FB-4B93-A0AE-EE90F61E6DC9}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "DisabledInterfaces"= {60C696AB-AA3E-41B5-BB9B-8A8546971D6D} [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent R0 hotcore3;hotcore3;c:\windows\System32\drivers\hotcore3.sys [4/11/2008 19:14 38448] R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [17/06/2009 14:48 130936] R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [5/07/2006 14:46 63352] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [26/01/2009 17:23 327688] R1 hwinterface32B01;hwinterface32B01;c:\windows\System32\drivers\hwinterface32B01.sys [1/06/2009 14:08 4930] R1 NetBurn;Paragon NetBurning Driver;c:\windows\System32\drivers\NetBurn.sys [4/11/2008 19:13 84752] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [3/02/2009 18:15 298776] R2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [12/02/2007 12:46 208896] R2 NetBurnerService;Net Burner iSCSI Service;c:\program files\Paragon Software\Drive Backup 8.5 Professional\Net Burner Service\NetBurnerService.exe [4/11/2008 19:14 223248] R2 NMSCore;Intel(R) NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [27/06/2007 11:14 317656] R2 nmsunidr;UniDriver for NMS;c:\windows\System32\drivers\nmsunidr.sys [18/02/2007 21:34 5376] R2 QualityManager;Intel(R) Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe [27/06/2007 11:17 272600] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\System32\nvSCPAPISvr.exe [10/06/2009 6:33 232960] R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [13/02/2008 14:03 290909] R2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [13/02/2008 14:03 114779] R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\System32\drivers\3xHybrid.sys [13/02/2008 11:20 1302368] R3 IntelDH;IntelDH Driver;c:\windows\System32\drivers\IntelDH.sys [30/10/2007 14:58 5632] R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr28u.sys [9/10/2007 23:26 554496] R3 X10Hid;X10 Hid Device;c:\windows\System32\drivers\x10hid.sys [12/10/2007 13:28 13976] S2 gupdate1c9ba0415a8d4b2;Google Updateservice (gupdate1c9ba0415a8d4b2);c:\program files\Google\Update\GoogleUpdate.exe [10/04/2009 19:44 133104] S3 DHTRACE;Intel(R) DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [27/06/2007 11:15 39640] S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [18/02/2009 18:03 348752] --- Andere Services/Drivers In Geheugen --- *NewlyCreated* - PNKBSTRK *Deregistered* - PnkBstrK [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-10 17:44] 2009-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-10 17:44] 2009-07-04 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-07-04 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab FF - ProfilePath - c:\users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\qluky4qj.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p= FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiCHPlugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- pref(dom.disable_open_during_load, false);. ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-05 00:40 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-1557816039-2575818237-151829343-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DD9B772D-B0D5-55CD-6442-4A3D7820BDF0}*] "bbnckdiojdjmmmmgphihgmedboocippekmfi"=hex:61,62,6f,68,70,69,6b,65,70,69,63,70, 69,6c,6b,61,6d,6a,69,68,69,6e,6d,6c,6e,6c,66,6e,62,6b,69,66,66,6b,00,00 "abnckdiojdjmmmmgphhhdllofejgfnnbkn"=hex:61,62,68,68,68,63,6e,68,70,65,67,6f, 65,6a,6a,64,67,6c,61,66,6a,64,63,67,61,70,64,69,68,6b,6b,6c,70,69,00,00 [HKEY_USERS\S-1-5-21-1557816039-2575818237-151829343-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:32,d9,55,97,71,eb,f5,bf,40,1a,fa,1b,92,81,bd,ec,af,d9,8a,c4,6c,5c,15, b6,0b,f7,39,d8,07,59,5e,55,e1,6e,9e,11,0f,79,f1,dc,57,96,bf,02,c0,c5,96,14,\ "??"=hex:69,6f,5c,46,6a,89,f9,ee,2d,48,e0,10,87,42,1e,12 [HKEY_USERS\S-1-5-21-1557816039-2575818237-151829343-1001\Software\SecuROM\License information*] "datasecu"=hex:4b,42,51,1a,97,ae,f9,4b,ad,89,c4,50,40,85,0e,0d,36,5d,f4,5f,8f, 01,04,4f,d1,91,3d,19,e4,6d,a3,fa,02,7f,92,c1,f4,d3,b3,a3,86,0f,85,5f,57,c5,\ "rkeysecu"=hex:95,61,d2,f0,76,b0,4f,7e,ff,c0,5d,da,98,29,c5,f8 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2009-07-04 0:42 ComboFix-quarantined-files.txt 2009-07-04 22:42 Pre-Run: 45.200.220.160 bytes beschikbaar Post-Run: 45.669.449.728 bytes beschikbaar 518 --- E O F --- 2009-06-24 09:45 Voila, dit is het, ik heb gezien dat videosoft blijkbaar niet zo goed is... Hoop dat nu alle rotzooi verwijderd is! Allesinds bedankt voor de snelle hulp! Wietse -
[OPGELOST] hijack log, plz analyse!
wietsebuseyne reageerde op wietsebuseyne's topic in Archief Bestrijding malware & virussen
Malwarebytes' Anti-Malware 1.38 Database versie: 2374 Windows 6.0.6001 Service Pack 1 4/07/2009 20:41:54 mbam-log-2009-07-04 (20-41-54).txt Scan type: Snelle Scan Objecten gescand: 92395 Verstreken tijd: 6 minute(s), 59 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 9 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 12 Bestanden geïnfecteerd: 17 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CLASSES_ROOT\Typelib\{a44b024a-ce32-4bda-0075-c799a4bff141} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5e06398e-3017-467b-a399-18425a20f655} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\CrucialSoft Ltd (Rogue.MSantiSpyware2009) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\totalvid (Trojan.DNSChanger) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\totalvid (Trojan.DNSChanger) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\totalvid (Trojan.DNSChanger) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\RelatedPageInstall (Adware.Mirar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\{NSINAME} (Trojan.Agent) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully. C:\ProgramData\CrucialSoft Ltd (Rogue.Multiple) -> Quarantined and deleted successfully. c:\programdata\crucialsoft ltd\MS AntiSpyware 2009 (Rogue.Multiple) -> Quarantined and deleted successfully. c:\programdata\crucialsoft ltd\ms antispyware 2009\BASE (Rogue.Multiple) -> Quarantined and deleted successfully. c:\programdata\crucialsoft ltd\ms antispyware 2009\DELETED (Rogue.Multiple) -> Quarantined and deleted successfully. c:\programdata\crucialsoft ltd\ms antispyware 2009\LOG (Rogue.Multiple) -> Quarantined and deleted successfully. c:\programdata\crucialsoft ltd\ms antispyware 2009\SAVED (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\totalvid (Trojan.DNSChanger) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\Privacy center (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\dbases (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\keys (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\temp (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: c:\Users\Eigenaar\AppData\Local\Temp\Sse+H9zp.exe.part (Rogue.Installer) -> Quarantined and deleted successfully. c:\resycled\boot.com (Trojan.DNSChanger) -> Quarantined and deleted successfully. c:\programdata\crucialsoft ltd\ms antispyware 2009\LOG\20090325215514710.log (Rogue.Multiple) -> Quarantined and deleted successfully. c:\program files\totalvid\Uninstall.exe (Trojan.DNSChanger) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\dbases\cg.dat (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\dbases\mw.dat (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\dbases\rd.dat (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\dbases\sc.dat (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\dbases\sm.dat (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\dbases\sp.dat (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\keys\cg.key (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\keys\rd.key (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\keys\sc.key (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\keys\sp.key (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\temp\settings.ini (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. c:\Users\Eigenaar\AppData\Roaming\privacy center\temp\spfilter (Rogue.PrivacyCenter) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\videosoft\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:50:54, on 4/07/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\HomeCinema\TV Enhance\TVEService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\DNA\btdna.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\GM4IE\gm4ie.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MEGAUPLOADTOOLBAR - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll O3 - Toolbar: MEGAUPLOADTOOLBAR - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [TVEService] "C:\Program Files\HomeCinema\TV Enhance\TVEService.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [softickPPP] "C:\Program Files\Softick\PPP\Bin\PPPGate.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Packard Bell Software Suite] C:\Program Files\Packard Bell\Packard Bell Software Suite\Launcher.exe /run O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [GM4IE] C:\Program Files\GM4IE\gm4ie.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'IUSR_NMPR') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" (User 'IUSR_NMPR') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\Run: [Packard Bell Software Suite] C:\Program Files\Packard Bell\Packard Bell Software Suite\Launcher.exe /run (User 'IUSR_NMPR') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'IUSR_NMPR') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" (User 'IUSR_NMPR') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" (User 'IUSR_NMPR') O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe (User 'Default user') O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldnl-be.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O20 - AppInit_DLLs: C:\Program Files\Rockstar Games\Grand Theft Auto IV\TeknoGods.dll, avgrsstx.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate1c9ba0415a8d4b2) (gupdate1c9ba0415a8d4b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Net Burner iSCSI Service (NetBurnerService) - Paragon GmbH - C:\Program Files\Paragon Software\Drive Backup 8.5 Professional\Net Burner Service\NetBurnerService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Packard Bell Software Suite Service 1 (Service1) - Packard Bell Services - C:\Program Files\Packard Bell\Packard Bell Software Suite\PowerSave\HDPBSSS.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\System32\nvSCPAPISvr.exe O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 12968 bytes voilà ze -
[OPGELOST] hijack log, plz analyse!
wietsebuseyne plaatste een topic in Archief Bestrijding malware & virussen
Hallo iedereen, ik heb de laatste tijd wat problemen met mijn computer en heb een sterk vermoeden dat die door malware veroorzaakt worden. Ik heb een hijacklogje gemaakt en hoop dat jullie het kunnen bekijken en mij vertellen wat er verkeerd/slecht is. dank bij voorbaat, Wietse online (al geanalyseerd maar ik heb toch liever dat een mens mij vertelt wat goed/slecht is en geen computer) HiJackThis! Log auto analyzer V2 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:20:32, on 4/07/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\HomeCinema\TV Enhance\TVEService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\DNA\btdna.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\GM4IE\gm4ie.exe C:\Windows\System32\abnapjsdf.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Windows\system32\conime.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\explorer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: (no name) - {5E06398E-3017-467B-A399-18425A20F655} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MEGAUPLOADTOOLBAR - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll O3 - Toolbar: MEGAUPLOADTOOLBAR - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [TVEService] "C:\Program Files\HomeCinema\TV Enhance\TVEService.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [softickPPP] "C:\Program Files\Softick\PPP\Bin\PPPGate.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Packard Bell Software Suite] C:\Program Files\Packard Bell\Packard Bell Software Suite\Launcher.exe /run O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [GM4IE] C:\Program Files\GM4IE\gm4ie.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'IUSR_NMPR') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" (User 'IUSR_NMPR') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\Run: [Packard Bell Software Suite] C:\Program Files\Packard Bell\Packard Bell Software Suite\Launcher.exe /run (User 'IUSR_NMPR') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'IUSR_NMPR') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" (User 'IUSR_NMPR') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\Run: [Windows] "C:\Users\Public\Public Documents\Windows Movie Player\player.exe" (User 'IUSR_NMPR') O4 - HKUS\S-1-5-21-1557816039-2575818237-151829343-1000\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" (User 'IUSR_NMPR') O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe (User 'Default user') O4 - Startup: abnapjsdf.lnk = C:\Windows\System32\abnapjsdf.exe O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldnl-be.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O20 - AppInit_DLLs: C:\Program Files\Rockstar Games\Grand Theft Auto IV\TeknoGods.dll, avgrsstx.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate1c9ba0415a8d4b2) (gupdate1c9ba0415a8d4b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Net Burner iSCSI Service (NetBurnerService) - Paragon GmbH - C:\Program Files\Paragon Software\Drive Backup 8.5 Professional\Net Burner Service\NetBurnerService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Packard Bell Software Suite Service 1 (Service1) - Packard Bell Services - C:\Program Files\Packard Bell\Packard Bell Software Suite\PowerSave\HDPBSSS.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\System32\nvSCPAPISvr.exe O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 13957 bytes
