Ga naar inhoud

redcliff

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    70

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door redcliff

  1. redcliff
    oke ga dat doen
  2. redcliff
    dat zal ik niet zelf kunnen oplossen zeker
  3. redcliff
    heb hem afgesloten en terug opgestart maar bleef weer hangen terug de stekker moeten uitrekken dan start hij op .
  4. redcliff
    scan is gedaan ---------- Post toegevoegd om 13:35 ---------- Vorige post was om 13:34 ---------- ga dat nu uittesten
  5. redcliff
    de scan is voltooid maar er is niets uitgekomen denk dus dat alles in orde is
  6. redcliff
    oke ga het doen laat wel iets weten als het in orde is
  7. redcliff
    ja zal ze nemen maar wat moet ik doen als de cd van windows iets vraagt
  8. redcliff
    jammer maar is niet opgelost. soms start de pc gewoon op maar als ik hem dan na een tijd afsluit en een paar uur nadien weer wil opstarten ,dan krijg ik het scherm van windows xp met logo en die blauwe balkes .die balkjes beginnen dan te lopen maar stoppen dan ineens en blijven hangen. als ik dan de stekker van de pc uittrek en terug insteek krijg ik wel een tekst van windows is niet goed afgesloten .en kan ik kiezen uit veilige modus of normaal opstarten ik kies dan normaal opstarten en dan doet hij dat direkt . vervelend dat ik altijd eerst de stekker dan moet uittrekken wat me opvalt is als ik hem voor het eerst opstart bvb smorgens dan doet hij het altijd
  9. redcliff
    ComboFix 09-11-18.06 - Chris 18/11/2009 11:34.4.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.2038.1367 [GMT 1:00] Gestart vanuit: c:\documents and settings\Chris\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Chris\Bureaublad\CFScript.txt..txt AV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! FILE :: "c:\windows\system32\3E.tmp" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\12148 c:\documents and settings\All Users\Application Data\12148\{D2F18318-4592-4BA5-9F61-E8BA4E39BD64}.swf c:\documents and settings\Chris\Local Settings\Application Data\BearShare c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Artwork\wEih86UbZfo.tmp c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Creatives.xml c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\1.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\10.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\1040.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\1043.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\1044.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\1050.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\1054.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\1055.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\1057.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\1058.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\1060.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\1062.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\1063.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\1070.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\11.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\12.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\13.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\14.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\15.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\16.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\17.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\18.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\19.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\2.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\20.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\21.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\22.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\23.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\24.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\25.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\26.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\27.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\28.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\29.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\3.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\30.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\31.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\32.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\33.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\34.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\35.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\36.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\37.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\38.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\4.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\5.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\6.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\7.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\8.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\CreativesFiles\9.gif c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\BackUp\Cddb.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\BackUp\ContentDirs.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\BackUp\ContentFile.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\BackUp\DownloadFile.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\BackUp\PartsHashes.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\BackUp\Playlists.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\BackUp\VirtualFile.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\Cddb.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\ContentDirs.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\ContentFile.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\DownloadFile.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\PartsHashes.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\Playlists.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\Data\VirtualFile.db c:\documents and settings\Chris\Local Settings\Application Data\BearShare\player.swf c:\documents and settings\Chris\Local Settings\Application Data\BearShare\shistory.im c:\program files\BearShare Applications c:\program files\BearShare Applications\BearShare\ammp3.dll c:\program files\BearShare Applications\BearShare\avcodec-51.dll c:\program files\BearShare Applications\BearShare\avformat-51.dll c:\program files\BearShare Applications\BearShare\avutil-49.dll c:\program files\BearShare Applications\BearShare\BearShare.exe c:\program files\BearShare Applications\BearShare\BerkeleyLoader.dll c:\program files\BearShare Applications\BearShare\DiscoveryHelper.dll c:\program files\BearShare Applications\BearShare\FFPage.exe c:\program files\BearShare Applications\BearShare\FixAudioDriverSignature.reg c:\program files\BearShare Applications\BearShare\GIFAnimator.dll c:\program files\BearShare Applications\BearShare\HTML\error.html c:\program files\BearShare Applications\BearShare\HTML\Images\bg-top.jpg c:\program files\BearShare Applications\BearShare\HTML\loading.html c:\program files\BearShare Applications\BearShare\HTML\noInternet.html c:\program files\BearShare Applications\BearShare\HTML\offline.html c:\program files\BearShare Applications\BearShare\HTML\Recommendation_Offline.html c:\program files\BearShare Applications\BearShare\ImageUploader5.ocx c:\program files\BearShare Applications\BearShare\IMTrProgress.dll c:\program files\BearShare Applications\BearShare\IMWebControl.dll c:\program files\BearShare Applications\BearShare\INSTALL.LOG c:\program files\BearShare Applications\BearShare\InstallHelper.dll c:\program files\BearShare Applications\BearShare\Launcher.exe c:\program files\BearShare Applications\BearShare\libungif4.dll c:\program files\BearShare Applications\BearShare\lic_helper.dll c:\program files\BearShare Applications\BearShare\license.txt c:\program files\BearShare Applications\BearShare\NCTAudioCDGrabber2.dll c:\program files\BearShare Applications\BearShare\NCTAudioCDWriter2.dll c:\program files\BearShare Applications\BearShare\NCTAudioCompress3.dll c:\program files\BearShare Applications\BearShare\NCTAudioFile3.dll c:\program files\BearShare Applications\BearShare\NCTAudioFileWMA3.dll c:\program files\BearShare Applications\BearShare\NCTAudioFormatSettings3.dll c:\program files\BearShare Applications\BearShare\NCTDataCDWriter2.dll c:\program files\BearShare Applications\BearShare\ResourcesLOC.dll c:\program files\BearShare Applications\BearShare\Shw32.dll c:\program files\BearShare Applications\BearShare\Skins\Default.skn c:\program files\BearShare Applications\BearShare\Skins\Default.xml c:\program files\BearShare Applications\BearShare\Skins\Images\DefArtwork.jpg c:\program files\BearShare Applications\BearShare\Skins\Images\DefFemale.gif c:\program files\BearShare Applications\BearShare\Skins\Images\DefMale.gif c:\program files\BearShare Applications\BearShare\Skins\Images\FriendshipNotif.jpg c:\program files\BearShare Applications\BearShare\Skins\Images\SendPlaylist.jpg c:\program files\BearShare Applications\BearShare\Skins\Images\TAFLogo.PNG c:\program files\BearShare Applications\BearShare\Skins\Images\ToGoLogo.PNG c:\program files\BearShare Applications\BearShare\Skins\PS.exe c:\program files\BearShare Applications\BearShare\Skins\RemoteSkin.wmz c:\program files\BearShare Applications\BearShare\Skins\Settings.xml c:\program files\BearShare Applications\BearShare\UninstallSurvey.exe c:\program files\BearShare Applications\BearShare\UninstallUsers.exe c:\program files\BearShare Applications\BearShare\UNWISE.EXE c:\program files\BearShare Applications\BearShare\UnwiseLauncher.exe c:\program files\BearShare Applications\BearShare\UpdateInst.exe c:\program files\BearShare Applications\BearShare\WMAProfiles.prx c:\program files\BearShare Applications\BearShare\WMHelper.dll c:\program files\BearShare Applications\BearShare\WMHelper.log c:\windows\system32\3E.tmp c:\windows\system32\d3dx9_3232.dll c:\windows\system32\LocalService c:\windows\TEMP\logishrd\LVPrcInj01.dll . (((((((((((((((((((( Bestanden Gemaakt van 2009-10-18 to 2009-11-18 )))))))))))))))))))))))))))))) . 2009-11-18 10:20 . 2009-09-22 08:00 259440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091117.049\ECMSVR32.DLL 2009-11-18 10:20 . 2009-09-15 08:00 2747952 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091117.049\CCERASER.DLL 2009-11-18 10:20 . 2009-08-27 08:00 84912 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091117.049\NAVENG.SYS 2009-11-18 10:20 . 2009-08-27 08:00 371248 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091117.049\EECTRL.SYS 2009-11-18 10:20 . 2009-08-27 08:00 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091117.049\NAVENG32.DLL 2009-11-18 10:20 . 2009-08-27 08:00 1647984 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091117.049\NAVEX32A.DLL 2009-11-18 10:20 . 2009-08-27 08:00 1323568 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091117.049\NAVEX15.SYS 2009-11-18 10:20 . 2009-08-27 08:00 102448 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091117.049\ERASER.SYS 2009-11-17 13:40 . 2009-11-17 13:40 1962544 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe 2009-11-15 08:50 . 2009-11-15 08:50 -------- d-----w- c:\documents and settings\Chris\Application Data\blg 2009-11-15 08:50 . 2009-11-15 08:50 -------- d-----w- c:\documents and settings\All Users\Application Data\blg 2009-11-13 09:57 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSvix86.sys 2009-11-13 09:57 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSXpx86.sys 2009-11-13 09:57 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\Scxpx86.dll 2009-11-13 09:57 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSxpx86.dll 2009-11-13 09:57 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSviA64.sys 2009-11-12 13:13 . 2009-11-18 10:30 -------- d--h--r- c:\documents and settings\Chris\Onlangs geopend 2009-11-11 09:56 . 2009-11-11 09:56 -------- d-----w- c:\documents and settings\All Users\Application Data\1C148 2009-11-04 15:55 . 2009-11-04 15:55 -------- d-----w- c:\documents and settings\Chris\Application Data\URSE Games 2009-11-04 15:03 . 2009-11-04 15:03 152576 ----a-w- c:\documents and settings\Chris\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys 2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys 2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll 2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll 2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys 2009-10-28 13:11 . 2009-10-28 13:11 123392 ----a-w- c:\windows\system32\D3DX9_3832.dll 2009-10-27 19:15 . 2009-10-27 19:15 -------- d-----w- c:\program files\ReflexiveArcade 2009-10-26 10:32 . 2009-10-26 10:32 -------- d-----w- c:\documents and settings\Chris\Application Data\Big Fish Games 2009-10-22 09:22 . 2009-10-22 09:22 -------- d-----w- c:\documents and settings\Chris\Application Data\TitanicMystery . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-18 10:42 . 2009-10-07 10:41 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs 2009-11-18 10:42 . 2009-10-07 10:39 0 ----a-w- c:\windows\system32\drivers\logiflt.iad 2009-11-18 10:09 . 2009-04-30 09:15 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2009-11-16 14:30 . 2004-08-04 12:00 87620 ----a-w- c:\windows\system32\perfc013.dat 2009-11-16 14:30 . 2004-08-04 12:00 502530 ----a-w- c:\windows\system32\perfh013.dat 2009-11-16 10:45 . 2009-05-06 13:11 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-11-11 12:19 . 2009-03-29 17:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-11-11 10:21 . 2009-03-29 17:57 -------- d-----w- c:\program files\Common Files\Ahead 2009-11-04 15:04 . 2009-03-29 18:08 -------- d-----w- c:\program files\Java 2009-11-02 09:56 . 2009-09-17 11:16 -------- d-----w- c:\documents and settings\Chris\Application Data\Merscom 2009-11-02 09:56 . 2009-09-17 11:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Merscom 2009-10-30 10:24 . 2009-04-17 13:39 -------- d-----w- c:\documents and settings\Chris\Application Data\SpinTop Games 2009-10-29 09:42 . 2009-03-29 18:09 -------- d-----w- c:\documents and settings\Chris\Application Data\LimeWire 2009-10-24 15:59 . 2009-04-06 13:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Gogii 2009-10-15 12:24 . 2009-10-15 12:24 -------- d-----w- c:\documents and settings\Chris\Application Data\Flood Light Games 2009-10-15 12:24 . 2009-10-15 12:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Flood Light Games 2009-10-15 09:50 . 2009-04-30 09:23 -------- d-----w- c:\program files\Common Files\Adobe 2009-10-11 08:37 . 2009-10-11 08:37 -------- d-----w- c:\documents and settings\Chris\Application Data\Ph03nixNewMedia 2009-10-11 03:17 . 2009-03-29 19:12 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-09 06:44 . 2009-10-09 06:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Alawar Stargaze 2009-10-08 18:09 . 2009-10-07 10:38 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd 2009-10-07 10:47 . 2009-10-07 10:47 69232 ----a-w- c:\documents and settings\Chris\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-07 10:41 . 2009-10-07 10:38 -------- d-----w- c:\program files\Logitech 2009-10-07 10:41 . 2009-10-07 10:41 -------- d-----w- c:\documents and settings\Chris\Application Data\Leadertech 2009-10-07 10:40 . 2009-10-07 10:38 -------- d-----w- c:\program files\Common Files\LogiShrd 2009-10-06 18:37 . 2009-04-04 09:13 -------- d-----w- c:\documents and settings\Chris\Application Data\PlayFirst 2009-10-06 18:37 . 2009-04-04 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst 2009-10-06 17:25 . 2009-10-06 17:25 -------- d-----w- c:\documents and settings\Chris\Application Data\URSoft 2009-10-04 10:40 . 2009-10-04 10:40 -------- d-----w- c:\documents and settings\Chris\Application Data\Magic Academy 2 2009-10-01 11:19 . 2009-03-31 16:54 -------- d-----w- c:\program files\Windows Live 2009-10-01 11:17 . 2009-03-31 16:54 -------- d-----w- c:\program files\Microsoft 2009-09-28 09:00 . 2009-09-28 09:00 -------- d-----w- c:\documents and settings\Chris\Application Data\FlyWheelGames 2009-09-26 13:06 . 2009-09-26 13:06 -------- d-----w- c:\documents and settings\All Users\Application Data\SOS 2009-09-25 15:38 . 2009-09-25 15:38 -------- d-----w- c:\documents and settings\Chris\Application Data\ERS G-Studio 2009-09-25 10:43 . 2009-09-25 10:43 -------- d-----w- c:\documents and settings\Chris\Application Data\SecretIslandEng 2009-09-11 14:20 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-11 09:20 . 2009-04-01 01:32 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL 2009-09-11 09:20 . 2009-04-01 01:32 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2009-09-11 09:20 . 2008-01-29 10:01 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys 2009-09-11 09:20 . 2008-01-29 10:02 107368 ----a-r- c:\windows\system32\GEARAspi.dll 2009-09-04 21:05 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 08:00 . 2004-08-04 12:00 916480 ------w- c:\windows\system32\wininet.dll 2009-08-26 08:02 . 2004-08-04 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-22 08:13 . 2009-04-01 01:32 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys . ((((((((((((((((((((((((((((( SnapShot@2009-11-16_11.04.38 ))))))))))))))))))))))))))))))))))))))))) . + 2009-11-18 10:11 . 2009-11-18 10:11 16384 c:\windows\Temp\Perflib_Perfdata_cc.dat + 2009-11-18 10:42 . 2009-11-18 10:42 16384 c:\windows\Temp\Perflib_Perfdata_5a4.dat - 2004-08-04 12:00 . 2009-10-25 08:27 68606 c:\windows\system32\perfc009.dat + 2004-08-04 12:00 . 2009-11-16 14:30 68606 c:\windows\system32\perfc009.dat + 2009-11-17 13:40 . 2009-11-17 13:40 88589 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe - 2009-08-10 11:32 . 2009-08-10 11:41 88589 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe + 2009-07-26 08:06 . 2009-11-17 10:24 6308 c:\windows\system32\Restore\rstrlog.dat - 2004-08-04 12:00 . 2009-10-25 08:27 435710 c:\windows\system32\perfh009.dat + 2004-08-04 12:00 . 2009-11-16 14:30 435710 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-04-30 5472016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-08 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-11-08 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-08 137752] "Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016] "Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-07-03 16876032] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"= R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0305020.00B\SymEFA.sys [9/09/2009 8:50 310320] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\N360\0305020.00B\BHDrvx86.sys [9/09/2009 8:50 259632] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0305020.00B\cchpx86.sys [9/09/2009 8:50 482432] R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSXpx86.sys [13/11/2009 10:57 329592] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [9/05/2009 10:28 54752] R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [9/09/2009 8:49 117640] R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [29/05/2008 10:18 202016] R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [28/03/2009 22:57 36864] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [27/08/2009 9:00 102448] S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 21:48 704864] --- Andere Services/Drivers In Geheugen --- *Deregistered* - mbr . Inhoud van de 'Gedeelde Taken' map 2009-04-01 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2009-11-18 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2009-11-18 c:\windows\Tasks\User_Feed_Synchronization-{8B8B62A1-46CE-47ED-B5BC-2A559A621610}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.jansmit.com/index/?/nl/index.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html Trusted Zone: minatica.be\www Trusted Zone: onlinehelpdesk.be\www DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll . - - - - ORPHANS VERWIJDERD - - - - AddRemove-BearShare - c:\program files\BearShare Applications\BearShare\UninstallSurvey.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-11-18 11:42 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.5.2.11\diMaster.dll\" /prefetch:1" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(1496) c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll c:\program files\Common Files\Ahead\Lib\NeroSearchTrayHook.dll c:\program files\Common Files\Ahead\Lib\MFC71U.DLL c:\program files\Common Files\Ahead\Lib\BCGCBPRO800u.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\igfxsrvc.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\windows\system32\wscntfy.exe c:\program files\Windows Live\Contacts\wlcomm.exe c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Voltooingstijd: 2009-11-18 11:45 - machine werd herstart ComboFix-quarantined-files.txt 2009-11-18 10:45 ComboFix2.txt 2009-11-16 11:08 ComboFix3.txt 2009-08-22 17:17 Pre-Run: 359.166.480.384 bytes beschikbaar Post-Run: 359.145.103.360 bytes beschikbaar - - End Of File - - 85D7D41B6310410AF046D0C273EAD4F8 ga alles nu een paar dagen testen en laat dan iets weten of alles oke is bedankt groetjes
  10. redcliff
    ik kreeg wel dit toen Combofix bezig was . boot partitie kan niet correct opgeteld worden. heb dan op oke gedrukt en is verder gegaan hier mijn log ComboFix 09-11-16.05 - Chris 16/11/2009 11:57.3.2 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.2038.1463 [GMT 1:00] Gestart vanuit: c:\documents and settings\Chris\Bureaublad\ComboFix.exe AV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} * Nieuw herstelpunt werd aangemaakt WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Chris\Application Data\02000000046c88a9684C.manifest c:\documents and settings\Chris\Application Data\02000000046c88a9684O.manifest c:\documents and settings\Chris\Application Data\02000000046c88a9684P.manifest c:\documents and settings\Chris\Application Data\02000000046c88a9684S.manifest c:\documents and settings\Chris\Application Data\02000000046c88a9691C.manifest c:\documents and settings\Chris\Application Data\02000000046c88a9691O.manifest c:\documents and settings\Chris\Application Data\02000000046c88a9691P.manifest c:\documents and settings\Chris\Application Data\02000000046c88a9691S.manifest c:\documents and settings\Chris\Application Data\Desktopicon c:\documents and settings\Chris\Application Data\Desktopicon\config.ini c:\documents and settings\Chris\Application Data\Desktopicon\eBayShortcuts.exe c:\windows\system32\LocalService\329.crack.zip c:\windows\system32\LocalService\329.crack.zip.kwd c:\windows\system32\LocalService\330.keygen.zip c:\windows\system32\LocalService\330.keygen.zip.kwd c:\windows\system32\LocalService\331.serial.zip c:\windows\system32\LocalService\331.serial.zip.kwd c:\windows\system32\LocalService\332.setup.zip c:\windows\system32\LocalService\332.setup.zip.kwd c:\windows\system32\LocalService\333.music.au c:\windows\system32\LocalService\333.music.au.kwd c:\windows\system32\LocalService\334.music2.au c:\windows\system32\LocalService\334.music2.au.kwd c:\windows\system32\LocalService\335.music3.au c:\windows\system32\LocalService\335.music3.au.kwd c:\windows\system32\LocalService\336.music4.au c:\windows\system32\LocalService\336.music4.au.kwd c:\windows\TEMP\logishrd\LVPrcInj01.dll . (((((((((((((((((((( Bestanden Gemaakt van 2009-10-16 to 2009-11-16 )))))))))))))))))))))))))))))) . 2009-11-16 09:03 . 2009-08-27 08:00 84912 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091115.020\NAVENG.SYS 2009-11-16 09:03 . 2009-08-27 08:00 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091115.020\NAVENG32.DLL 2009-11-16 09:03 . 2009-08-27 08:00 1647984 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091115.020\NAVEX32A.DLL 2009-11-16 09:03 . 2009-08-27 08:00 1323568 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091115.020\NAVEX15.SYS 2009-11-16 09:03 . 2009-09-22 08:00 259440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091115.020\ECMSVR32.DLL 2009-11-16 09:03 . 2009-09-15 08:00 2747952 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091115.020\CCERASER.DLL 2009-11-16 09:03 . 2009-08-27 08:00 371248 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091115.020\EECTRL.SYS 2009-11-16 09:03 . 2009-08-27 08:00 102448 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091115.020\ERASER.SYS 2009-11-15 08:50 . 2009-11-15 08:50 -------- d-----w- c:\documents and settings\Chris\Application Data\blg 2009-11-15 08:50 . 2009-11-15 08:50 -------- d-----w- c:\documents and settings\All Users\Application Data\blg 2009-11-13 09:57 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSvix86.sys 2009-11-13 09:57 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSXpx86.sys 2009-11-13 09:57 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\Scxpx86.dll 2009-11-13 09:57 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSxpx86.dll 2009-11-13 09:57 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSviA64.sys 2009-11-12 13:13 . 2009-11-15 09:02 -------- d--h--r- c:\documents and settings\Chris\Onlangs geopend 2009-11-11 09:56 . 2009-11-11 09:56 -------- d-----w- c:\documents and settings\All Users\Application Data\1C148 2009-11-04 15:55 . 2009-11-04 15:55 -------- d-----w- c:\documents and settings\Chris\Application Data\URSE Games 2009-11-04 15:03 . 2009-11-04 15:03 152576 ----a-w- c:\documents and settings\Chris\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-11-02 09:55 . 2009-11-02 09:56 -------- d-----w- c:\program files\Wisegal - NL 2009-10-29 09:48 . 2009-11-11 10:01 -------- d-----w- c:\documents and settings\Chris\Local Settings\Application Data\BearShare 2009-10-29 09:48 . 2009-10-29 09:48 -------- d-----w- c:\program files\BearShare Applications 2009-10-29 09:27 . 2009-10-29 09:27 -------- d-----w- c:\documents and settings\All Users\Application Data\12148 2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys 2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys 2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll 2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll 2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys 2009-10-28 13:11 . 2009-10-28 13:11 123392 ----a-w- c:\windows\system32\D3DX9_3832.dll 2009-10-27 19:15 . 2009-10-27 19:15 -------- d-----w- c:\program files\ReflexiveArcade 2009-10-26 10:32 . 2009-10-26 10:32 -------- d-----w- c:\documents and settings\Chris\Application Data\Big Fish Games 2009-10-23 09:02 . 2009-11-16 11:02 -------- d-sh--w- c:\windows\system32\LocalService 2009-10-22 09:22 . 2009-10-22 09:22 -------- d-----w- c:\documents and settings\Chris\Application Data\TitanicMystery . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-16 11:04 . 2009-10-07 10:41 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs 2009-11-16 11:04 . 2009-10-07 10:39 0 ----a-w- c:\windows\system32\drivers\logiflt.iad 2009-11-16 10:45 . 2009-05-06 13:11 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-11-11 12:19 . 2009-03-29 17:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-11-11 10:21 . 2009-03-29 17:57 -------- d-----w- c:\program files\Common Files\Ahead 2009-11-04 15:04 . 2009-03-29 18:08 -------- d-----w- c:\program files\Java 2009-11-02 09:56 . 2009-09-17 11:16 -------- d-----w- c:\documents and settings\Chris\Application Data\Merscom 2009-11-02 09:56 . 2009-09-17 11:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Merscom 2009-10-30 10:24 . 2009-04-17 13:39 -------- d-----w- c:\documents and settings\Chris\Application Data\SpinTop Games 2009-10-29 09:42 . 2009-03-29 18:09 -------- d-----w- c:\documents and settings\Chris\Application Data\LimeWire 2009-10-28 13:12 . 2009-10-28 13:12 522240 --sha-w- c:\windows\system32\3E.tmp 2009-10-25 08:27 . 2004-08-04 12:00 87620 ----a-w- c:\windows\system32\perfc013.dat 2009-10-25 08:27 . 2004-08-04 12:00 502530 ----a-w- c:\windows\system32\perfh013.dat 2009-10-24 15:59 . 2009-04-06 13:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Gogii 2009-10-15 12:24 . 2009-10-15 12:24 -------- d-----w- c:\documents and settings\Chris\Application Data\Flood Light Games 2009-10-15 12:24 . 2009-10-15 12:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Flood Light Games 2009-10-15 09:50 . 2009-04-30 09:23 -------- d-----w- c:\program files\Common Files\Adobe 2009-10-11 08:37 . 2009-10-11 08:37 -------- d-----w- c:\documents and settings\Chris\Application Data\Ph03nixNewMedia 2009-10-11 03:17 . 2009-03-29 19:12 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-09 06:44 . 2009-10-09 06:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Alawar Stargaze 2009-10-08 18:09 . 2009-10-07 10:38 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd 2009-10-07 10:47 . 2009-10-07 10:47 69232 ----a-w- c:\documents and settings\Chris\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-07 10:41 . 2009-10-07 10:38 -------- d-----w- c:\program files\Logitech 2009-10-07 10:41 . 2009-10-07 10:41 -------- d-----w- c:\documents and settings\Chris\Application Data\Leadertech 2009-10-07 10:40 . 2009-10-07 10:38 -------- d-----w- c:\program files\Common Files\LogiShrd 2009-10-06 18:37 . 2009-04-04 09:13 -------- d-----w- c:\documents and settings\Chris\Application Data\PlayFirst 2009-10-06 18:37 . 2009-04-04 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst 2009-10-06 17:25 . 2009-10-06 17:25 -------- d-----w- c:\documents and settings\Chris\Application Data\URSoft 2009-10-04 10:40 . 2009-10-04 10:40 -------- d-----w- c:\documents and settings\Chris\Application Data\Magic Academy 2 2009-10-01 11:19 . 2009-03-31 16:54 -------- d-----w- c:\program files\Windows Live 2009-10-01 11:17 . 2009-03-31 16:54 -------- d-----w- c:\program files\Microsoft 2009-09-28 09:00 . 2009-09-28 09:00 -------- d-----w- c:\documents and settings\Chris\Application Data\FlyWheelGames 2009-09-26 13:06 . 2009-09-26 13:06 -------- d-----w- c:\documents and settings\All Users\Application Data\SOS 2009-09-26 12:40 . 2009-09-26 12:40 121344 ----a-w- c:\windows\system32\d3dx9_3232.dll 2009-09-25 15:38 . 2009-09-25 15:38 -------- d-----w- c:\documents and settings\Chris\Application Data\ERS G-Studio 2009-09-25 10:43 . 2009-09-25 10:43 -------- d-----w- c:\documents and settings\Chris\Application Data\SecretIslandEng 2009-09-11 14:20 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-11 09:20 . 2009-04-01 01:32 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL 2009-09-11 09:20 . 2009-04-01 01:32 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2009-09-11 09:20 . 2008-01-29 10:01 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys 2009-09-11 09:20 . 2008-01-29 10:02 107368 ----a-r- c:\windows\system32\GEARAspi.dll 2009-09-04 21:05 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 08:00 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2009-08-26 08:02 . 2004-08-04 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-22 08:13 . 2009-04-01 01:32 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-04-30 5472016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-08 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-11-08 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-08 137752] "Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016] "Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-07-03 16876032] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"= R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0305020.00B\SymEFA.sys [9/09/2009 8:50 310320] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\N360\0305020.00B\BHDrvx86.sys [9/09/2009 8:50 259632] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0305020.00B\cchpx86.sys [9/09/2009 8:50 482432] R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSXpx86.sys [13/11/2009 10:57 329592] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [9/05/2009 10:28 54752] R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [9/09/2009 8:49 117640] R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [29/05/2008 10:18 202016] R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [28/03/2009 22:57 36864] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [27/08/2009 9:00 102448] S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 21:48 704864] --- Andere Services/Drivers In Geheugen --- *Deregistered* - mbr . Inhoud van de 'Gedeelde Taken' map 2009-04-01 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2009-11-16 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2009-11-15 c:\windows\Tasks\User_Feed_Synchronization-{8B8B62A1-46CE-47ED-B5BC-2A559A621610}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.jansmit.com/index/?/nl/index.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html Trusted Zone: minatica.be\www Trusted Zone: onlinehelpdesk.be\www DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll . - - - - ORPHANS VERWIJDERD - - - - HKLM-Run-NWEReboot - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-11-16 12:04 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.5.2.11\diMaster.dll\" /prefetch:1" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(3796) c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll c:\program files\Common Files\Ahead\Lib\NeroSearchTrayHook.dll c:\program files\Common Files\Ahead\Lib\MFC71U.DLL c:\program files\Common Files\Ahead\Lib\BCGCBPRO800u.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\igfxsrvc.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\program files\Windows Live\Contacts\wlcomm.exe c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Voltooingstijd: 2009-11-16 12:08 - machine werd herstart ComboFix-quarantined-files.txt 2009-11-16 11:07 ComboFix2.txt 2009-08-22 17:17 Pre-Run: 359.084.769.280 bytes beschikbaar Post-Run: 359.260.913.664 bytes beschikbaar - - End Of File - - 21CE3A9D8642570BA0CE212A55C75169
  11. redcliff
    mijn pc blijft soms hangen als ik opstart .dan zie ik alleen windows xp staan .en dan loopt het eerst traag en dan blijft het hangen.als ik de stekker dan eens uittrek en opnieuw opstart lukt het wel. en dan werkt alles goed .ik heb belgacom b-box2 laten aansluiten en sinds dan is dat begonnen.ik ben een leek met pc maar mischien kan iemand me wel helpen. hierbij mijn log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:07:37, on 16/11/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\windows\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\igfxpers.exe C:\windows\RTHDCPL.EXE C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\windows\system32\ctfmon.exe C:\Program Files\Logitech\Logitech Vid\vid.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\windows\system32\svchost.exe C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\windows\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Jan Smit R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O15 - Trusted Zone: Minatica.be O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238528189484 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -- End of file - 7625 bytes
  12. redcliff
    heel er bedankt ga dat zeker nog doen thanks chris
  13. redcliff
    neen alles werkt perfect nu . alleen staat bij software nog die mirar heb geprobeerd die te verwijderen maar dat gaat niet maar verder geen problemen meer alvast bedankt en groetjes
  14. redcliff
    ComboFix 09-08-21.02 - Chris 22/08/2009 19:11.2.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.2038.1413 [GMT 2:00] Gestart vanuit: c:\documents and settings\Chris\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Chris\Bureaublad\CFScript.txt..txt AV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! FILE :: "c:\windows\system32\drivers\hitmanpro35.sys" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Findbasic c:\documents and settings\All Users\Application Data\Findbasic\findbasic117.exe c:\documents and settings\All Users\Application Data\Hitman Pro c:\documents and settings\All Users\Application Data\Hitman Pro\Banner.bin c:\documents and settings\All Users\Application Data\Hitman Pro\HitmanPro.key c:\documents and settings\All Users\Application Data\Hitman Pro\HitmanPro.lic c:\program files\Findbasic c:\program files\Findbasic\findbasic.dll c:\program files\Findbasic\findbasic.exe c:\program files\Findbasic\uninstall.exe c:\program files\MegaSwellAdsForYou c:\program files\MegaSwellAdsForYou\uninstall.exe c:\windows\system32\drivers\hitmanpro35.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_FINDBASIC_SERVICE -------\Service_Findbasic Service (((((((((((((((((((( Bestanden Gemaakt van 2009-07-22 to 2009-08-22 )))))))))))))))))))))))))))))) . 2009-08-22 15:05 . 2009-08-22 15:05 -------- d-----w- c:\documents and settings\Chris\Application Data\VSRevoGroup 2009-08-22 14:45 . 2009-08-22 15:07 -------- d-----w- c:\program files\SpywareGuard 2009-08-22 09:13 . 2009-08-22 09:13 -------- d-----w- c:\program files\Trend Micro 2009-08-22 07:04 . 2009-08-19 08:00 87888 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\NAVENG.SYS 2009-08-22 07:04 . 2009-08-19 08:00 875728 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\NAVEX15.SYS 2009-08-22 07:04 . 2009-08-19 08:00 259368 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\ECMSVR32.DLL 2009-08-22 07:04 . 2009-08-19 08:00 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\NAVENG32.DLL 2009-08-22 07:04 . 2009-08-19 08:00 1181040 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\NAVEX32A.DLL 2009-08-22 07:04 . 2009-04-01 01:32 371248 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\EECTRL.SYS 2009-08-22 07:04 . 2009-04-01 01:32 101936 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\ERASER.SYS 2009-08-22 07:04 . 2009-04-01 01:32 2414128 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\CCERASER.DLL 2009-08-19 09:03 . 2009-08-20 12:49 -------- d-----w- c:\documents and settings\Chris\Application Data\MysteryStudio 2009-08-17 09:34 . 2009-08-17 09:34 -------- d-----w- c:\documents and settings\Chris\Application Data\PoBros 2009-08-17 09:34 . 2009-08-17 09:34 -------- d-----w- c:\documents and settings\All Users\Application Data\PoBros 2009-08-12 10:15 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll 2009-08-12 10:14 . 2009-08-19 14:31 -------- d--h--w- c:\windows\$hf_mig$ 2009-08-12 09:05 . 2009-07-11 19:34 276344 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSXpx86.sys 2009-08-12 09:05 . 2009-07-11 19:34 293424 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSvix86.sys 2009-08-12 09:05 . 2009-07-11 19:34 533880 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\Scxpx86.dll 2009-08-12 09:05 . 2009-07-11 19:34 451960 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSxpx86.dll 2009-08-12 09:05 . 2009-07-11 19:34 397360 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSviA64.sys 2009-08-10 11:41 . 2009-08-10 11:41 1962544 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe 2009-08-08 17:08 . 2009-08-08 17:08 -------- d-----w- c:\windows\system32\XPSViewer 2009-08-08 17:08 . 2009-08-08 17:08 -------- d-----w- c:\program files\Reference Assemblies 2009-08-08 16:09 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-08-08 16:09 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-08-08 16:09 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-08-08 16:09 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-08-08 16:09 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-08-08 16:09 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2009-08-08 16:09 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-08-05 09:01 . 2009-08-05 09:01 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll 2009-08-05 08:03 . 2009-08-05 08:03 152576 ----a-w- c:\documents and settings\Chris\Application Data\Sun\Java\jre1.6.0_15\lzma.dll 2009-08-04 13:44 . 2009-08-04 13:44 -------- d-----w- c:\documents and settings\Chris\Application Data\she_is_a_shadow 2009-08-03 12:13 . 2009-08-03 12:13 -------- d-----w- c:\documents and settings\Chris\Application Data\EleFun Games 2009-07-31 09:26 . 2009-07-11 19:34 276344 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\IDSXpx86.sys 2009-07-31 09:26 . 2009-07-11 19:34 293424 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\IDSvix86.sys 2009-07-31 09:26 . 2009-07-11 19:34 533880 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\Scxpx86.dll 2009-07-31 09:26 . 2009-07-11 19:34 451960 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\IDSxpx86.dll 2009-07-31 09:26 . 2009-07-11 19:34 397360 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\IDSviA64.sys 2009-07-29 08:33 . 2009-08-02 10:47 -------- d-----w- c:\documents and settings\Chris\Local Settings\Application Data\TheLostIncaProphecy 2009-07-28 11:54 . 2009-07-28 11:54 -------- d-----w- c:\documents and settings\Chris\Application Data\Malwarebytes 2009-07-28 11:54 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-28 11:54 . 2009-07-28 11:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-07-28 11:54 . 2009-08-21 16:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-07-28 11:54 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-26 11:06 . 2009-07-26 11:06 -------- d-----w- c:\documents and settings\Chris\.housecall6.6 2009-07-26 10:17 . 2009-07-26 10:30 -------- d-----w- c:\documents and settings\Chris\Application Data\Desktopicon 2009-07-26 10:17 . 2009-07-26 10:40 -------- d-----w- c:\program files\Unlocker 2009-07-24 14:07 . 2009-07-24 14:07 -------- d--h--w- c:\windows\PIF 2009-07-24 13:58 . 2009-07-24 13:59 -------- d-----w- c:\program files\Incomplete . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-22 17:05 . 2009-05-06 13:11 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-08-21 14:21 . 2009-03-29 18:09 -------- d-----w- c:\documents and settings\Chris\Application Data\LimeWire 2009-08-20 10:41 . 2009-04-27 11:51 -------- d-----w- c:\program files\Wise Registry Cleaner 2009-08-19 15:24 . 2009-04-04 09:13 -------- d-----w- c:\documents and settings\Chris\Application Data\PlayFirst 2009-08-12 13:32 . 2009-03-29 17:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-08-11 06:44 . 2009-04-30 09:15 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2009-08-10 17:21 . 2009-04-30 09:15 -------- d-----w- c:\program files\NOS 2009-08-09 15:57 . 2009-07-09 09:42 -------- d-----w- c:\documents and settings\All Users\Application Data\SulusGames 2009-08-08 18:53 . 2009-03-29 17:39 69232 ----a-w- c:\documents and settings\Chris\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-08 17:12 . 2004-08-04 12:00 87620 ----a-w- c:\windows\system32\perfc013.dat 2009-08-08 17:12 . 2004-08-04 12:00 502530 ----a-w- c:\windows\system32\perfh013.dat 2009-08-08 17:05 . 2009-03-29 17:42 -------- d-----w- c:\program files\Microsoft Works 2009-08-08 17:03 . 2009-03-29 17:42 -------- d-----w- c:\program files\MSBuild 2009-08-05 09:01 . 2004-08-04 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-05 08:03 . 2009-03-29 18:08 -------- d-----w- c:\program files\Java 2009-07-25 03:23 . 2009-03-29 19:12 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-07-24 14:21 . 2009-03-29 18:08 -------- d-----w- c:\program files\LimeWire 2009-07-21 08:29 . 2009-07-21 08:29 -------- d-----w- c:\documents and settings\Chris\Application Data\Gogii Games 2009-07-21 08:29 . 2009-07-21 08:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Gogii Games 2009-07-17 19:04 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-17 10:23 . 2009-07-17 10:23 -------- d-----w- c:\documents and settings\Chris\Application Data\Little Games Company 2009-07-17 10:23 . 2009-07-17 10:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Little Games Company 2009-07-13 21:43 . 2004-08-04 12:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-13 09:32 . 2009-07-08 14:06 -------- d-----w- c:\documents and settings\Chris\Application Data\Games 2009-07-11 19:34 . 2009-07-11 19:34 276344 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys 2009-07-11 19:34 . 2009-07-11 19:34 293424 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys 2009-07-11 19:34 . 2009-07-11 19:34 533880 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll 2009-07-11 19:34 . 2009-07-11 19:34 451960 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll 2009-07-11 19:34 . 2009-07-11 19:34 397360 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys 2009-07-10 10:46 . 2009-06-20 15:03 -------- d-----w- c:\documents and settings\All Users\Application Data\AlawarWrapper 2009-07-09 15:04 . 2009-07-09 15:03 -------- d-----w- c:\documents and settings\Chris\Application Data\SprillRichiEng 2009-07-09 13:21 . 2009-07-09 13:21 -------- d-----w- c:\documents and settings\Chris\Application Data\GARMIN 2009-07-09 13:20 . 2009-07-09 13:20 -------- d-----w- c:\program files\Garmin GPS Plugin 2009-07-09 13:20 . 2009-07-09 13:20 -------- d-----w- c:\program files\DIFX 2009-07-09 13:20 . 2009-07-09 13:20 -------- d-----w- c:\program files\Garmin 2009-07-09 09:42 . 2009-07-09 09:42 -------- d-----w- c:\documents and settings\Chris\Application Data\SulusGames 2009-07-07 09:43 . 2009-07-07 09:43 -------- d-----w- c:\documents and settings\Chris\Application Data\MA 2009-07-03 17:00 . 2004-08-04 12:00 915456 ------w- c:\windows\system32\wininet.dll 2009-07-03 11:04 . 2009-07-03 11:04 -------- d-----w- c:\documents and settings\Chris\Application Data\Aisle 5 Games, Inc 2009-06-30 14:06 . 2009-06-30 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Sandlot Games 2009-06-29 09:57 . 2009-06-29 09:57 -------- d-----w- c:\documents and settings\All Users\Application Data\MumboJumbo 2009-06-27 13:43 . 2009-06-27 09:57 -------- d-----w- c:\documents and settings\Chris\Application Data\Enlightenus 2009-06-26 14:42 . 2009-06-26 14:42 -------- d-----w- c:\documents and settings\All Users\Application Data\JollyBear 2009-06-25 10:31 . 2009-06-25 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\IntDreams 2009-06-16 14:40 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-06-16 14:40 . 2004-08-04 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-15 10:45 . 2004-08-04 12:00 79872 ----a-w- c:\windows\system32\telnet.exe 2009-06-10 14:16 . 2004-08-04 12:00 85504 ----a-w- c:\windows\system32\avifil32.dll 2009-06-10 07:22 . 2009-03-28 21:15 2066432 ----a-w- c:\windows\system32\mstscax.dll 2009-06-10 06:16 . 2004-08-04 12:00 132096 ----a-w- c:\windows\system32\wkssvc.dll 2009-06-03 19:11 . 2004-08-04 12:00 1295360 ----a-w- c:\windows\system32\quartz.dll . ((((((((((((((((((((((((((((( SnapShot@2009-08-22_12.31.55 ))))))))))))))))))))))))))))))))))))))))) . + 2009-08-22 17:14 . 2009-08-22 17:14 16384 c:\windows\Temp\Perflib_Perfdata_338.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 94208] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-08 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-11-08 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-08 137752] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-07-03 16876032] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0300000.086\SymEFA.sys [1/04/2009 3:32 310320] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\N360\0300000.086\BHDrvx86.sys [1/04/2009 3:32 258608] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0300000.086\cchpx86.sys [1/04/2009 3:32 482352] R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSXpx86.sys [12/08/2009 11:05 276344] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [9/05/2009 11:28 55152] R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe [1/04/2009 3:32 115560] R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [29/05/2008 11:18 202016] R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [28/03/2009 23:57 36864] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [1/04/2009 10:39 101936] S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [6/02/2009 18:08 533360] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-04-01 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2009-08-22 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2009-08-22 c:\windows\Tasks\User_Feed_Synchronization-{8B8B62A1-46CE-47ED-B5BC-2A559A621610}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.jansmit.com/index/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html Trusted Zone: minatica.be\www Trusted Zone: onlinehelpdesk.be\www DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-08-22 19:15 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.0.0.134\diMaster.dll\" /prefetch:1" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(564) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\igfxsrvc.exe c:\program files\Windows Live\Contacts\wlcomm.exe c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Voltooingstijd: 2009-08-22 19:17 - machine werd herstart ComboFix-quarantined-files.txt 2009-08-22 17:17 ComboFix2.txt 2009-08-22 12:32 Pre-Run: 363.835.121.664 bytes beschikbaar Post-Run: 363.710.496.768 bytes beschikbaar 267 --- E O F --- 2009-08-12 13:32 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:22:00, on 22/08/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\windows\RTHDCPL.EXE C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\windows\system32\svchost.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\windows\System32\svchost.exe C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe C:\windows\explorer.exe C:\windows\system32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Jan Smit R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.0.0.134\IPSBHO.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O15 - Trusted Zone: Minatica.be O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238528189484 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -- End of file - 6896 bytes
  15. redcliff
    bij software staat nog altijd een map met mirar maar kan ze niet verwijderen
  16. redcliff
    ComboFix 09-08-21.02 - Chris 22/08/2009 14:29.1.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.2038.1572 [GMT 2:00] Gestart vanuit: c:\documents and settings\Chris\Bureaublad\ComboFix.exe AV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} * Nieuw herstelpunt werd aangemaakt WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Chris\Application Data\02000000046c88a9648C.manifest c:\documents and settings\Chris\Application Data\02000000046c88a9648O.manifest c:\documents and settings\Chris\Application Data\02000000046c88a9648P.manifest c:\documents and settings\Chris\Application Data\02000000046c88a9648S.manifest c:\windows\Installer\534801.msi c:\windows\Installer\534802.msp c:\windows\Installer\534803.msp c:\windows\Installer\534804.msp c:\windows\Installer\534805.msp c:\windows\Installer\534806.msp c:\windows\Installer\534807.msp c:\windows\Installer\534808.msp c:\windows\Installer\534809.msp c:\windows\Installer\53480a.msp c:\windows\Installer\53480b.msp c:\windows\system32\E9yE9Iy.vbs . (((((((((((((((((((( Bestanden Gemaakt van 2009-07-22 to 2009-08-22 )))))))))))))))))))))))))))))) . 2009-08-22 09:13 . 2009-08-22 09:13 -------- d-----w- c:\program files\Trend Micro 2009-08-22 07:04 . 2009-08-19 08:00 87888 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\NAVENG.SYS 2009-08-22 07:04 . 2009-08-19 08:00 875728 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\NAVEX15.SYS 2009-08-22 07:04 . 2009-08-19 08:00 259368 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\ECMSVR32.DLL 2009-08-22 07:04 . 2009-08-19 08:00 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\NAVENG32.DLL 2009-08-22 07:04 . 2009-08-19 08:00 1181040 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\NAVEX32A.DLL 2009-08-22 07:04 . 2009-04-01 01:32 371248 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\EECTRL.SYS 2009-08-22 07:04 . 2009-04-01 01:32 101936 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\ERASER.SYS 2009-08-22 07:04 . 2009-04-01 01:32 2414128 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090821.039\CCERASER.DLL 2009-08-21 14:27 . 2009-08-13 19:32 54776 ----a-w- c:\documents and settings\All Users\Application Data\Findbasic\findbasic117.exe 2009-08-21 14:25 . 2009-08-21 14:32 -------- d-----w- c:\program files\Findbasic 2009-08-21 14:25 . 2009-08-21 14:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Findbasic 2009-08-21 14:23 . 2009-08-22 07:04 -------- d-----w- c:\program files\MegaSwellAdsForYou 2009-08-19 09:03 . 2009-08-20 12:49 -------- d-----w- c:\documents and settings\Chris\Application Data\MysteryStudio 2009-08-17 09:34 . 2009-08-17 09:34 -------- d-----w- c:\documents and settings\Chris\Application Data\PoBros 2009-08-17 09:34 . 2009-08-17 09:34 -------- d-----w- c:\documents and settings\All Users\Application Data\PoBros 2009-08-12 10:15 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll 2009-08-12 10:14 . 2009-08-19 14:31 -------- d--h--w- c:\windows\$hf_mig$ 2009-08-12 09:05 . 2009-07-11 19:34 276344 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSXpx86.sys 2009-08-12 09:05 . 2009-07-11 19:34 293424 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSvix86.sys 2009-08-12 09:05 . 2009-07-11 19:34 533880 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\Scxpx86.dll 2009-08-12 09:05 . 2009-07-11 19:34 451960 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSxpx86.dll 2009-08-12 09:05 . 2009-07-11 19:34 397360 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSviA64.sys 2009-08-10 11:41 . 2009-08-10 11:41 1962544 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe 2009-08-08 17:08 . 2009-08-08 17:08 -------- d-----w- c:\windows\system32\XPSViewer 2009-08-08 17:08 . 2009-08-08 17:08 -------- d-----w- c:\program files\Reference Assemblies 2009-08-08 16:09 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-08-08 16:09 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-08-08 16:09 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-08-08 16:09 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-08-08 16:09 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-08-08 16:09 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2009-08-08 16:09 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-08-05 09:01 . 2009-08-05 09:01 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll 2009-08-05 08:03 . 2009-08-05 08:03 152576 ----a-w- c:\documents and settings\Chris\Application Data\Sun\Java\jre1.6.0_15\lzma.dll 2009-08-04 13:44 . 2009-08-04 13:44 -------- d-----w- c:\documents and settings\Chris\Application Data\she_is_a_shadow 2009-08-03 12:13 . 2009-08-03 12:13 -------- d-----w- c:\documents and settings\Chris\Application Data\EleFun Games 2009-07-31 09:26 . 2009-07-11 19:34 276344 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\IDSXpx86.sys 2009-07-31 09:26 . 2009-07-11 19:34 293424 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\IDSvix86.sys 2009-07-31 09:26 . 2009-07-11 19:34 533880 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\Scxpx86.dll 2009-07-31 09:26 . 2009-07-11 19:34 451960 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\IDSxpx86.dll 2009-07-31 09:26 . 2009-07-11 19:34 397360 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\IDSviA64.sys 2009-07-29 08:33 . 2009-08-02 10:47 -------- d-----w- c:\documents and settings\Chris\Local Settings\Application Data\TheLostIncaProphecy 2009-07-28 11:54 . 2009-07-28 11:54 -------- d-----w- c:\documents and settings\Chris\Application Data\Malwarebytes 2009-07-28 11:54 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-28 11:54 . 2009-07-28 11:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-07-28 11:54 . 2009-08-21 16:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-07-28 11:54 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-26 11:06 . 2009-07-26 11:06 -------- d-----w- c:\documents and settings\Chris\.housecall6.6 2009-07-26 10:33 . 2009-07-27 15:18 11904 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2009-07-26 10:32 . 2009-07-26 10:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro 2009-07-26 10:17 . 2009-07-26 10:30 -------- d-----w- c:\documents and settings\Chris\Application Data\Desktopicon 2009-07-26 10:17 . 2009-07-26 10:40 -------- d-----w- c:\program files\Unlocker 2009-07-24 14:07 . 2009-07-24 14:07 -------- d--h--w- c:\windows\PIF 2009-07-24 13:58 . 2009-07-24 13:59 -------- d-----w- c:\program files\Incomplete . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-22 09:11 . 2009-05-06 13:11 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-08-21 14:21 . 2009-03-29 18:09 -------- d-----w- c:\documents and settings\Chris\Application Data\LimeWire 2009-08-20 10:41 . 2009-04-27 11:51 -------- d-----w- c:\program files\Wise Registry Cleaner 2009-08-19 15:24 . 2009-04-04 09:13 -------- d-----w- c:\documents and settings\Chris\Application Data\PlayFirst 2009-08-12 13:32 . 2009-03-29 17:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-08-11 06:44 . 2009-04-30 09:15 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2009-08-10 17:21 . 2009-04-30 09:15 -------- d-----w- c:\program files\NOS 2009-08-09 15:57 . 2009-07-09 09:42 -------- d-----w- c:\documents and settings\All Users\Application Data\SulusGames 2009-08-08 18:53 . 2009-03-29 17:39 69232 ----a-w- c:\documents and settings\Chris\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-08 17:12 . 2004-08-04 12:00 87620 ----a-w- c:\windows\system32\perfc013.dat 2009-08-08 17:12 . 2004-08-04 12:00 502530 ----a-w- c:\windows\system32\perfh013.dat 2009-08-08 17:05 . 2009-03-29 17:42 -------- d-----w- c:\program files\Microsoft Works 2009-08-08 17:03 . 2009-03-29 17:42 -------- d-----w- c:\program files\MSBuild 2009-08-05 09:01 . 2004-08-04 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-05 08:03 . 2009-03-29 18:08 -------- d-----w- c:\program files\Java 2009-07-25 03:23 . 2009-03-29 19:12 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-07-24 14:21 . 2009-03-29 18:08 -------- d-----w- c:\program files\LimeWire 2009-07-21 08:29 . 2009-07-21 08:29 -------- d-----w- c:\documents and settings\Chris\Application Data\Gogii Games 2009-07-21 08:29 . 2009-07-21 08:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Gogii Games 2009-07-17 19:04 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-17 10:23 . 2009-07-17 10:23 -------- d-----w- c:\documents and settings\Chris\Application Data\Little Games Company 2009-07-17 10:23 . 2009-07-17 10:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Little Games Company 2009-07-13 21:43 . 2004-08-04 12:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-13 09:32 . 2009-07-08 14:06 -------- d-----w- c:\documents and settings\Chris\Application Data\Games 2009-07-11 19:34 . 2009-07-11 19:34 276344 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys 2009-07-11 19:34 . 2009-07-11 19:34 293424 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys 2009-07-11 19:34 . 2009-07-11 19:34 533880 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll 2009-07-11 19:34 . 2009-07-11 19:34 451960 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll 2009-07-11 19:34 . 2009-07-11 19:34 397360 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys 2009-07-10 10:46 . 2009-06-20 15:03 -------- d-----w- c:\documents and settings\All Users\Application Data\AlawarWrapper 2009-07-09 15:04 . 2009-07-09 15:03 -------- d-----w- c:\documents and settings\Chris\Application Data\SprillRichiEng 2009-07-09 13:21 . 2009-07-09 13:21 -------- d-----w- c:\documents and settings\Chris\Application Data\GARMIN 2009-07-09 13:20 . 2009-07-09 13:20 -------- d-----w- c:\program files\Garmin GPS Plugin 2009-07-09 13:20 . 2009-07-09 13:20 -------- d-----w- c:\program files\DIFX 2009-07-09 13:20 . 2009-07-09 13:20 -------- d-----w- c:\program files\Garmin 2009-07-09 09:42 . 2009-07-09 09:42 -------- d-----w- c:\documents and settings\Chris\Application Data\SulusGames 2009-07-07 09:43 . 2009-07-07 09:43 -------- d-----w- c:\documents and settings\Chris\Application Data\MA 2009-07-03 17:00 . 2004-08-04 12:00 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-03 11:04 . 2009-07-03 11:04 -------- d-----w- c:\documents and settings\Chris\Application Data\Aisle 5 Games, Inc 2009-06-30 14:06 . 2009-06-30 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Sandlot Games 2009-06-29 09:57 . 2009-06-29 09:57 -------- d-----w- c:\documents and settings\All Users\Application Data\MumboJumbo 2009-06-27 13:43 . 2009-06-27 09:57 -------- d-----w- c:\documents and settings\Chris\Application Data\Enlightenus 2009-06-26 14:42 . 2009-06-26 14:42 -------- d-----w- c:\documents and settings\All Users\Application Data\JollyBear 2009-06-25 10:31 . 2009-06-25 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\IntDreams 2009-06-16 14:40 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-06-16 14:40 . 2004-08-04 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-15 10:45 . 2004-08-04 12:00 79872 ----a-w- c:\windows\system32\telnet.exe 2009-06-10 14:16 . 2004-08-04 12:00 85504 ----a-w- c:\windows\system32\avifil32.dll 2009-06-10 07:22 . 2009-03-28 21:15 2066432 ----a-w- c:\windows\system32\mstscax.dll 2009-06-10 06:16 . 2004-08-04 12:00 132096 ----a-w- c:\windows\system32\wkssvc.dll 2009-06-03 19:11 . 2004-08-04 12:00 1295360 ----a-w- c:\windows\system32\quartz.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 94208] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-08 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-11-08 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-08 137752] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-07-03 16876032] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0300000.086\SymEFA.sys [1/04/2009 3:32 310320] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\N360\0300000.086\BHDrvx86.sys [1/04/2009 3:32 258608] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0300000.086\cchpx86.sys [1/04/2009 3:32 482352] R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSXpx86.sys [12/08/2009 11:05 276344] R2 Findbasic Service;Findbasic Service;c:\documents and settings\All Users\Application Data\Findbasic\findbasic117.exe [21/08/2009 16:27 54776] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [9/05/2009 11:28 55152] R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe [1/04/2009 3:32 115560] R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [29/05/2008 11:18 202016] R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [28/03/2009 23:57 36864] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [1/04/2009 10:39 101936] S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [6/02/2009 18:08 533360] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-04-01 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2009-08-22 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2009-08-21 c:\windows\Tasks\User_Feed_Synchronization-{8B8B62A1-46CE-47ED-B5BC-2A559A621610}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.jansmit.com/index/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html Trusted Zone: minatica.be\www Trusted Zone: onlinehelpdesk.be\www DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-08-22 14:31 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.0.0.134\diMaster.dll\" /prefetch:1" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . Voltooingstijd: 2009-08-22 14:32 ComboFix-quarantined-files.txt 2009-08-22 12:32 Pre-Run: 363.860.549.632 bytes beschikbaar Post-Run: 363.882.713.088 bytes beschikbaar 248 --- E O F --- 2009-08-12 13:32 had wel de nieuwe versie van hijackthis gedownload maar de oude niet verwijderd hoop dat nu alles in orde is combo fix gaf wel een fout aan bij het installeren groetjes
  17. redcliff
    Logfile of HijackThis v1.99.1 Scan saved at 13:22:00, on 22/08/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\windows\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\windows\RTHDCPL.EXE C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\windows\system32\ctfmon.exe C:\Documents and Settings\All Users\Application Data\Findbasic\findbasic117.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\windows\system32\svchost.exe C:\Program Files\Findbasic\findbasic.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe C:\windows\System32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE E:\Mijn dokumenten\instalatie\hjackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Jan Smit R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.0.0.134\IPSBHO.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [iNTERNATIONAL] International O15 - Trusted Zone: Minatica.be O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238528189484 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: igfxcui - C:\windows\SYSTEM32\igfxdev.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Findbasic Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Findbasic\findbasic117.exe" "C:\Program Files\Findbasic\findbasic.dll" Service (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: Norton 360 (N360) - Unknown owner - C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe" /s "N360" /m "C:\Program Files\Norton 360\Engine\3.0.0.134\diMaster.dll" /prefetch:1 (file missing) O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.ex
  18. redcliff
    hier mijn nieuwe logs Logfile of HijackThis v1.99.1 Scan saved at 9:11:14, on 22/08/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\windows\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\windows\RTHDCPL.EXE C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\windows\system32\ctfmon.exe C:\Documents and Settings\All Users\Application Data\Findbasic\findbasic117.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\windows\system32\svchost.exe C:\Program Files\Findbasic\findbasic.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe C:\windows\System32\svchost.exe C:\windows\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE E:\Mijn dokumenten\instalatie\hjackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Jan Smit R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.0.0.134\IPSBHO.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [iNTERNATIONAL] International O15 - Trusted Zone: Minatica.be O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238528189484 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: igfxcui - C:\windows\SYSTEM32\igfxdev.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Findbasic Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Findbasic\findbasic117.exe" "C:\Program Files\Findbasic\findbasic.dll" Service (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: Norton 360 (N360) - Unknown owner - C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe" /s "N360" /m "C:\Program Files\Norton 360\Engine\3.0.0.134\diMaster.dll" /prefetch:1 (file missing) O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe Malwarebytes' Anti-Malware 1.40 Database versie: 2675 Windows 5.1.2600 Service Pack 3 22/08/2009 9:10:17 mbam-log-2009-08-22 (09-10-17).txt Scan type: Snelle Scan Objecten gescand: 87503 Verstreken tijd: 3 minute(s), 18 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden)
  19. redcliff
    hallo als ik mijn internet open krijg ik altijd spyware dat opent daarom kan iemand me helpen hier is mijn hijackthis log Logfile of HijackThis v1.99.1 Scan saved at 18:47:59, on 21/08/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\windows\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\windows\RTHDCPL.EXE C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\windows\system32\ctfmon.exe C:\Documents and Settings\All Users\Application Data\Findbasic\findbasic117.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\windows\system32\svchost.exe C:\Program Files\Findbasic\findbasic.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe C:\windows\System32\svchost.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe E:\Mijn dokumenten\instalatie\hjackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Mirar= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Jan Smit R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Mirar= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.0.0.134\IPSBHO.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MegaSwellAdsForYou - {B8AFA6F8-90AF-2466-C153-04043912FFBC} - C:\Program Files\MegaSwellAdsForYou\MegaSwellAdsForYou.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [iNTERNATIONAL] International O15 - Trusted Zone: Minatica.be O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238528189484 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: igfxcui - C:\windows\SYSTEM32\igfxdev.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Findbasic Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Findbasic\findbasic117.exe" "C:\Program Files\Findbasic\findbasic.dll" Service (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: Norton 360 (N360) - Unknown owner - C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe" /s "N360" /m "C:\Program Files\Norton 360\Engine\3.0.0.134\diMaster.dll" /prefetch:1 (file missing) O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.