Ga naar inhoud

ariekuij

Lid
  • Items

    30
  • Registratiedatum

  • Laatst bezocht

ariekuij's prestaties

  1. Fix it gedaan en het werkt. Heel fijn. Heel erg bedankt.
  2. Heb eerst nog gescand met spyware doctor en ook nog malware bytes. Niets gevonden. En waar zit de knop om runtime errors uit te schakelen? Kon vorige week overigens nog wel betalen door foutmelding te negeren, maar dat gaat nu ook niet meer. Heb dus "fix it" niet eens geprobeerd. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:39:44, on 31-8-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Apps\Softex\OmniPass\Omniserv.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Apps\Softex\OmniPass\OPXPApp.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\mHotkey.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Apps\Softex\OmniPass\scureapp.exe C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Fingerprint Sensor\ATSwpNav.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\APPS\SMP\SmpSys.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\eFax Messenger 4.2\J2GTray.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Home | Publiekeomroep.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: MSTBR - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - C:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MSTBR - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - C:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [eFax 4.2] "C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe" /R O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe O4 - Global Startup: eFax 4.2.lnk = C:\Program Files\eFax Messenger 4.2\J2GTray.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\nl.htm O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1172652532359 O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader4.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate1c9abb1bbf3ed3a) (gupdate1c9abb1bbf3ed3a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 11620 bytes
  3. Heb voortdurend runtime error als ik de website van mijn bank wil openen. Rest van internet geen enkel probleem, maar bij mijn bank loopt dit telkens weer fout. Hierover enige weken geleden al een vraag gesteld en toen heeft o.a. Kape me goed geholpen, maar helaas niet afdoende. Heeft iemand ervaring met How to Fix Runtime Error>??? Die website belooft een runtime error te kunnen herstllen, maar ik heb het niet zo op onbekende sites die gouden bergen beloven.
  4. Heb goede hoop dat probleem is opgelost. Kon bankrek. bereiken, vloog er vervolgens via de Runtime error 2x achter elkaar uit, werd weer verbonden met bankpag. (ging automatisch) en kon toen bankzaken regelen. Wonderlijk, wonderlijk. Internet lijkt ook weer als vanouds te gaan. Dus: houd ik het erop dat het probleem is opgelost, waarvoor mijn zeer grote dank. Nog wel de vraag, hoe dit te voorkomen?
  5. Vanmorgen getest en helaas geen verbetering. Opvragen van sites gaat nog, maar sub-pagina's komen traag of niet. Ook mijn bankpag. geeft weer een runtime error. Info daarover ongewijzigd. Kan er nog steeds geen prtscr van maken. :stupid:
  6. Hallo, Heb chkdsk uitgevoerd. Kreeg geen rapport helaas, tenzij ik het over het hoofd heb gezien. Heb internet gecheckt. Is snel, geeft ook subpag. snel en geen runtime error meer. Omdat die fout niet altijd optreedt, houd ik nog even slag om arm, maar resultaat lijkt zeer bevredigend. Morgen nog eens testen. :-) Was er nu sprake van virus oid of van vervuiling van registry? En hoe te voorkomen?
  7. Het maken van een screenprint van het kadertje van die runtime error lukt me op geen enkele manier. Soms verdwijnt de mededeling op het moment dat ik hem aanklik (ook met rechts). Ik heb de volgende tekst overgenomen (= signatuur van de fout op moment van voorkomen): App Name : iexplore.exe App Ver : 8.0.6001.18702 Mod. Name : msidcrl40.dll (NB eerst las ik msidcr1 .. , maar vergelijkend bleek 1 een l) Mod. Ver. : 5.0.818.6 Offset : 000cbe90 Ik heb overigens zowel msidcr140.dll als msidcrl40.dll door zoeken gehaald. Bij de 2e komen er oudere bestanden uit 2007 naar voren. Lijken me geen probleem te kunnen zijn) Heb het meest recente scanverslag van ik weet niet wat wel bijgevoegd. Daarin komt msidcrl40.dll 2x voor. Een keer als fout. Mis ik toch iets? Toepassingsuitzondering: Toep: C:\Program Files\internet explorer\iexplore.exe (PID=3472) Tijd: 18-8-2010 @ 14:20:44.156 Uitzonderingsnummer: c0000005 (schending van toegang) *----> Systeemgegevens <----* Computernaam: 049720120221 Gebruikersnaam: Dhr. A. Kuij Terminalsessie-id: 0 Aantal processors: 2 Processortype: x86 Family 15 Model 4 Stepping 9 Windows-versie: 5.1 Actieve gecompileerde versie: 2600 Service Pack: 3 Huidig type: Multiprocessor Free Geregistreerde organisatie: Geregistreerde eigenaar: Dhr. A. Kuij *----> Taakoverzicht <----* 0 System Process 4 System 492 smss.exe 560 csrss.exe 588 winlogon.exe 632 services.exe 644 lsass.exe 816 svchost.exe 864 svchost.exe 948 svchost.exe 1024 svchost.exe 1140 svchost.exe 1232 AvastSvc.exe 1488 spoolsv.exe 2024 svchost.exe 148 BDTUpdateService.exe 220 CLCapSvc.exe 232 CLMLServer.exe 260 HIDSERVICE.exe 268 CLMLService.exe 404 jqs.exe 512 nvsvc32.exe 1100 Omniserv.exe 1464 pctsAuxs.exe 1556 pctsSvc.exe 1744 svchost.exe 1764 ULCDRSvr.exe 1796 CLSched.exe 2556 OPXPApp.exe 2812 alg.exe 3344 pctsTray.exe 3364 Explorer.EXE 4008 mHotkey.exe 4068 RUNDLL32.EXE 556 RTHDCPL.EXE 716 scureapp.exe 480 monitor.exe 848 PCMService.exe 924 GoogleDesktop.exe 1088 J2GDllCmd.exe 1044 realsched.exe 1152 ATSwpNav.exe 1084 jusched.exe 1552 avastUI.exe 1608 SmpSys.exe 1616 GoogleToolbarNotifier.exe 860 ctfmon.exe 1920 J2GTray.exe 2996 GoogleDesktop.exe 3572 SKYPE.EXE 388 iexplore.exe 3472 iexplore.exe 3056 dwwin.exe 3892 drwtsn32.exe 3428 RealUpgrade.exe *----> Modulelijst <----* (0000000000400000 - 000000000049c000: C:\Program Files\internet explorer\iexplore.exe (0000000001790000 - 0000000001a65000: C:\WINDOWS\system32\xpsp2res.dll (0000000001a80000 - 0000000001a89000: C:\WINDOWS\system32\Normaliz.dll (0000000001eb0000 - 0000000001ec7000: C:\WINDOWS\system32\ws2_32.dll (0000000001ed0000 - 0000000001ed8000: C:\WINDOWS\system32\WS2HELP.dll (0000000002130000 - 0000000002170000: C:\WINDOWS\system32\mswsock.dll (00000000021b0000 - 00000000021b8000: C:\WINDOWS\System32\wshtcpip.dll (00000000024d0000 - 0000000002520000: C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (0000000002730000 - 0000000002b29000: C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_65EB47E0814C2821.dll (0000000002cb0000 - 0000000002e50000: C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (0000000003820000 - 00000000038eb000: C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (0000000003920000 - 0000000003932000: C:\WINDOWS\system32\MPR.dll (0000000003fe0000 - 0000000004082000: C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (0000000004090000 - 000000000423f000: C:\WINDOWS\PCTBDCore.dll (0000000004b00000 - 0000000004bdf000: C:\Program Files\Spyware Doctor\BDT\PCTLicReset.dll (0000000004c00000 - 0000000004c0a000: C:\WINDOWS\system32\WSOCK32.dll (0000000004c60000 - 0000000004c98000: C:\Program Files\Spyware Doctor\BDT\utility.dll (00000000054e0000 - 0000000005509000: C:\WINDOWS\system32\msls31.dll (0000000005510000 - 00000000055d2000: C:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll (0000000005720000 - 0000000005753000: C:\WINDOWS\system32\MSRATING.dll (0000000007550000 - 0000000007611000: C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll (0000000009410000 - 000000000999c000: C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx (0000000010000000 - 000000001000e000: C:\Apps\Softex\OmniPass\SCUREDLL.dll (0000000010930000 - 0000000010979000: C:\WINDOWS\system32\PortableDeviceApi.dll (000000001b000000 - 000000001b00c000: C:\WINDOWS\system32\ImgUtil.dll (000000001b060000 - 000000001b06e000: C:\WINDOWS\system32\pngfilt.dll (000000001f840000 - 000000001f858000: C:\WINDOWS\system32\odbcint.dll (0000000027500000 - 000000002761a000: C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll (0000000029500000 - 0000000029567000: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (0000000035c50000 - 0000000035c89000: C:\WINDOWS\system32\Dxtrans.dll (0000000035cb0000 - 0000000035d07000: C:\WINDOWS\system32\Dxtmsft.dll (00000000402e0000 - 0000000040890000: C:\WINDOWS\system32\mshtml.dll (0000000040be0000 - 0000000040c94000: C:\WINDOWS\system32\jscript.dll (0000000040ca0000 - 0000000040d86000: C:\WINDOWS\system32\WININET.dll (0000000041340000 - 0000000041528000: C:\WINDOWS\system32\iertutil.dll (0000000041530000 - 0000000041fc4000: C:\WINDOWS\system32\IEFRAME.dll (00000000439d0000 - 00000000439ff000: C:\WINDOWS\system32\iepeers.dll (00000000451f0000 - 00000000451f6000: C:\Program Files\internet explorer\xpshims.dll (00000000456d0000 - 0000000045803000: C:\WINDOWS\system32\urlmon.dll (00000000458d0000 - 0000000045910000: C:\Program Files\Internet Explorer\ieproxy.dll (000000004d580000 - 000000004d5d9000: C:\WINDOWS\system32\WINHTTP.dll (000000004eb80000 - 000000004ed2b000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll (0000000059e70000 - 0000000059f11000: C:\WINDOWS\system32\dbghelp.dll (000000005b190000 - 000000005b1c8000: C:\WINDOWS\system32\UxTheme.dll (000000005cfa0000 - 000000005cfc6000: C:\WINDOWS\system32\ShimEng.dll (000000005d4e0000 - 000000005d57a000: C:\WINDOWS\system32\comctl32.dll (000000005f230000 - 000000005f247000: C:\WINDOWS\system32\olepro32.dll (00000000609f0000 - 00000000609f3000: C:\Program Files\Microsoft Silverlight\4.0.50524.0\nl\mscorrc.dll (0000000061200000 - 0000000061259000: C:\WINDOWS\system32\hnetcfg.dll (0000000062e40000 - 0000000062e49000: C:\WINDOWS\system32\LPK.DLL (00000000633d0000 - 000000006341f000: D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (00000000634b0000 - 00000000634cd000: D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll (00000000636e0000 - 000000006370a000: C:\Program Files\Spyware Doctor\smum32.dll (0000000066b90000 - 0000000066b9b000: C:\WINDOWS\system32\inetmib1.dll (0000000068000000 - 0000000068036000: C:\WINDOWS\system32\rsaenh.dll (0000000068100000 - 0000000068126000: C:\WINDOWS\system32\dssenh.dll (000000006d440000 - 000000006d44c000: C:\Program Files\Java\jre6\bin\jp2ssv.dll (000000006d940000 - 000000006d94a000: C:\WINDOWS\system32\ddrawex.dll (000000006db00000 - 000000006db12000: C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (000000006ff20000 - 000000006ff75000: C:\WINDOWS\system32\NETAPI32.dll (0000000070e20000 - 0000000070e33000: C:\WINDOWS\system32\asycfilt.dll (0000000071600000 - 0000000071679000: C:\WINDOWS\AppPatch\AcLayers.DLL (0000000071b80000 - 0000000071b93000: C:\WINDOWS\System32\SAMLIB.dll (0000000071ba0000 - 0000000071bae000: C:\WINDOWS\System32\ntlanman.dll (0000000071c10000 - 0000000071c17000: C:\WINDOWS\System32\NETRAP.dll (0000000071c20000 - 0000000071c60000: C:\WINDOWS\System32\NETUI1.dll (0000000071c60000 - 0000000071c77000: C:\WINDOWS\System32\NETUI0.dll (0000000071cd0000 - 0000000071ceb000: C:\WINDOWS\system32\actxprxy.dll (0000000071ef0000 - 0000000071ef8000: C:\WINDOWS\system32\snmpapi.dll (0000000072240000 - 0000000072245000: C:\WINDOWS\system32\sensapi.dll (0000000072c80000 - 0000000072c88000: C:\WINDOWS\system32\msacm32.drv (0000000072c90000 - 0000000072c99000: C:\WINDOWS\system32\wdmaud.drv (0000000072f70000 - 0000000072f96000: C:\WINDOWS\system32\WINSPOOL.DRV (0000000073270000 - 00000000732da000: C:\WINDOWS\system32\vbscript.dll (00000000736d0000 - 000000007371b000: C:\WINDOWS\system32\DDRAW.dll (00000000738b0000 - 0000000073980000: C:\WINDOWS\system32\D3DIM700.DLL (0000000073aa0000 - 0000000073ab5000: C:\WINDOWS\system32\mscms.dll (0000000073b10000 - 0000000073b23000: C:\WINDOWS\system32\sti.dll (0000000073b30000 - 0000000073b36000: C:\WINDOWS\system32\dciman32.dll (0000000073e50000 - 0000000073e54000: C:\WINDOWS\system32\KsUser.dll (0000000073e80000 - 0000000073edc000: C:\WINDOWS\system32\DSOUND.dll (00000000745d0000 - 000000007460d000: C:\WINDOWS\system32\ODBC32.dll (0000000074670000 - 000000007469a000: C:\WINDOWS\system32\msimtf.dll (00000000746a0000 - 00000000746ec000: C:\WINDOWS\system32\MSCTF.dll (0000000074900000 - 0000000074a23000: C:\WINDOWS\system32\msxml3.dll (0000000074a60000 - 0000000074a67000: C:\WINDOWS\system32\CFGMGR32.dll (0000000074c00000 - 0000000074c2c000: C:\WINDOWS\system32\OLEACC.dll (0000000074d10000 - 0000000074d7b000: C:\WINDOWS\system32\USP10.dll (0000000075250000 - 000000007527e000: C:\WINDOWS\system32\msctfime.ime (0000000075910000 - 0000000075a09000: C:\WINDOWS\system32\MSGINA.dll (0000000075d40000 - 0000000075dd1000: C:\WINDOWS\system32\MLANG.dll (0000000075f00000 - 0000000075f07000: C:\WINDOWS\System32\drprov.dll (0000000075f10000 - 0000000075f1a000: C:\WINDOWS\System32\davclnt.dll (0000000076020000 - 0000000076085000: C:\WINDOWS\system32\MSVCP60.dll (0000000076300000 - 0000000076310000: C:\WINDOWS\system32\WINSTA.dll (0000000076320000 - 0000000076325000: C:\WINDOWS\system32\MSIMG32.dll (0000000076330000 - 000000007634d000: C:\WINDOWS\system32\IMM32.DLL (0000000076350000 - 000000007639a000: C:\WINDOWS\system32\comdlg32.dll (0000000076580000 - 0000000076593000: C:\WINDOWS\system32\cryptnet.dll (0000000076740000 - 000000007674c000: C:\WINDOWS\system32\cryptdll.dll (00000000767a0000 - 00000000767c8000: C:\WINDOWS\system32\schannel.dll (0000000076940000 - 0000000076966000: C:\WINDOWS\system32\ntshrui.dll (0000000076970000 - 0000000076a25000: C:\WINDOWS\system32\USERENV.dll (0000000076ad0000 - 0000000076ae1000: C:\WINDOWS\system32\ATL.DLL (0000000076af0000 - 0000000076b1e000: C:\WINDOWS\system32\WINMM.dll (0000000076bb0000 - 0000000076bbb000: C:\WINDOWS\system32\PSAPI.DLL (0000000076bf0000 - 0000000076c1e000: C:\WINDOWS\system32\WINTRUST.dll (0000000076c50000 - 0000000076c78000: C:\WINDOWS\system32\IMAGEHLP.dll (0000000076d00000 - 0000000076d18000: C:\WINDOWS\system32\MPRAPI.dll (0000000076d20000 - 0000000076d39000: C:\WINDOWS\system32\iphlpapi.dll (0000000076dd0000 - 0000000076df5000: C:\WINDOWS\system32\adsldpc.dll (0000000076e40000 - 0000000076e4e000: C:\WINDOWS\system32\rtutils.dll (0000000076e50000 - 0000000076e62000: C:\WINDOWS\system32\rasman.dll (0000000076e70000 - 0000000076e9f000: C:\WINDOWS\system32\TAPI32.dll (0000000076ea0000 - 0000000076edc000: C:\WINDOWS\system32\RASAPI32.dll (0000000076ee0000 - 0000000076f07000: C:\WINDOWS\system32\DNSAPI.dll (0000000076f20000 - 0000000076f4d000: C:\WINDOWS\system32\WLDAP32.dll (0000000076f70000 - 0000000076f78000: C:\WINDOWS\System32\winrnr.dll (0000000076f80000 - 0000000076f86000: C:\WINDOWS\system32\rasadhlp.dll (0000000076f90000 - 000000007700f000: C:\WINDOWS\system32\CLBCATQ.DLL (0000000077010000 - 00000000770dd000: C:\WINDOWS\system32\COMRes.dll (00000000770e0000 - 000000007716b000: C:\WINDOWS\system32\OLEAUT32.dll (0000000077390000 - 0000000077493000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (00000000774a0000 - 00000000775dd000: C:\WINDOWS\system32\ole32.dll (0000000077650000 - 0000000077671000: C:\WINDOWS\system32\NTMARTA.DLL (00000000778e0000 - 00000000779d7000: C:\WINDOWS\system32\SETUPAPI.dll (0000000077a40000 - 0000000077ad6000: C:\WINDOWS\system32\CRYPT32.dll (0000000077ae0000 - 0000000077af2000: C:\WINDOWS\system32\MSASN1.dll (0000000077b00000 - 0000000077b22000: C:\WINDOWS\system32\appHelp.dll (0000000077ba0000 - 0000000077ba7000: C:\WINDOWS\system32\midimap.dll (0000000077bb0000 - 0000000077bc5000: C:\WINDOWS\system32\MSACM32.dll (0000000077bd0000 - 0000000077bd8000: C:\WINDOWS\system32\VERSION.dll (0000000077be0000 - 0000000077c38000: C:\WINDOWS\system32\msvcrt.dll (0000000077c40000 - 0000000077c65000: C:\WINDOWS\system32\msv1_0.dll (0000000077c90000 - 0000000077cc2000: C:\WINDOWS\system32\ACTIVEDS.dll (0000000077da0000 - 0000000077e32000: C:\WINDOWS\system32\RPCRT4.dll (0000000077e40000 - 0000000077e89000: C:\WINDOWS\system32\GDI32.dll (0000000077e90000 - 0000000077f06000: C:\WINDOWS\system32\SHLWAPI.dll (0000000077f10000 - 0000000077f21000: C:\WINDOWS\system32\Secur32.dll (0000000077f40000 - 0000000077feb000: C:\WINDOWS\system32\ADVAPI32.dll (0000000079150000 - 00000000794b8000: C:\Program Files\Microsoft Silverlight\4.0.50524.0\coreclr.dll (000000007b860000 - 000000007b95c000: C:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll (000000007b970000 - 000000007bf26000: C:\Program Files\Microsoft Silverlight\4.0.50524.0\agcore.dll (000000007c340000 - 000000007c396000: C:\WINDOWS\system32\MSVCR71.dll (000000007c3a0000 - 000000007c41b000: C:\WINDOWS\system32\MSVCP71.dll (000000007c7d0000 - 000000007c8d0000: C:\WINDOWS\system32\kernel32.dll (000000007c900000 - 000000007c9b8000: C:\WINDOWS\system32\ntdll.dll (000000007c9c0000 - 000000007d1e2000: C:\WINDOWS\system32\SHELL32.dll (000000007d1f0000 - 000000007d4ac000: C:\WINDOWS\system32\msi.dll (000000007d9b0000 - 000000007db17000: C:\WINDOWS\system32\query.dll (000000007e390000 - 000000007e421000: C:\WINDOWS\system32\USER32.dll (000000007e6a0000 - 000000007e750000: C:\WINDOWS\system32\SXS.DLL *----> Statusdump voor subproces-ID 0xf7c <----* eax=00000000 ebx=00000000 ecx=7ffd7000 edx=029d35c4 esi=029d35b8 edi=029d3558 eip=02737b7f esp=0178cd24 ebp=0178cd48 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00210246 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_65EB47E0814C2821.dll - functie: GoogleToolbarDynamic_32_65EB47E!DllGetClassObject 02737b68 ec in al,dx 02737b69 1c56 sbb al,0x56 02737b6b 8bf1 mov esi,ecx 02737b6d 6a01 push 0x1 02737b6f 8d460c lea eax,[esi+0xc] 02737b72 50 push eax 02737b73 8d4de4 lea ecx,[ebp-0x1c] 02737b76 e8459effff call GoogleToolbarDynamic_32_65EB47E+0x19c0 (027319c0) 02737b7b 8b4604 mov eax,[esi+0x4] 02737b7e 56 push esi Fout ->02737b7f ff30 push dword ptr [eax] ds:0023:00000000=???????? 02737b81 8d4df4 lea ecx,[ebp-0xc] 02737b84 e807531000 call GoogleToolbarDynamic_32_65EB47E+0x10ce90 (0283ce90) 02737b89 eb22 jmp GoogleToolbarDynamic_32_65EB47E!DllGetClassObject+0x2e78 (02737bad) 02737b8b 8d4df4 lea ecx,[ebp-0xc] 02737b8e e8d79f0800 call GoogleToolbarDynamic_32_65EB47E!DllGetClassObject+0x8ce35 (027c1b6a) 02737b93 8b4004 mov eax,[eax+0x4] 02737b96 8b4d08 mov ecx,[ebp+0x8] 02737b99 8945fc mov [ebp-0x4],eax 02737b9c 8d45fc lea eax,[ebp-0x4] 02737b9f 50 push eax *----> Stack Back Trace <----* WARNING: Stack unwind information not available. Following frames may be wrong. *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ntdll.dll - *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll - *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll - ChildEBP RetAddr Args to Child 0178cd48 02736b7c 0178cd58 029d3568 00000002 GoogleToolbarDynamic_32_65EB47E!DllGetClassObject+0x2e4a 0178cd78 02736c01 00000001 4fed9f79 029d3558 GoogleToolbarDynamic_32_65EB47E!DllGetClassObject+0x1e47 0178cdc0 02736de6 02b94300 02887331 7265a493 GoogleToolbarDynamic_32_65EB47E!DllGetClassObject+0x1ecc 0178ce00 028873c0 00000000 00000000 00000001 GoogleToolbarDynamic_32_65EB47E!DllGetClassObject+0x20b1 0178ce28 0287e45a 02730000 00000000 00000001 GoogleToolbarDynamic_32_65EB47E+0x1573c0 0178ce68 0287e4c4 02730000 7c90118a 02730000 GoogleToolbarDynamic_32_65EB47E+0x14e45a 0178ce90 7c923ada 0287e4a7 02730000 00000000 GoogleToolbarDynamic_32_65EB47E+0x14e4c4 0178cf14 7c7ecaae 0178d674 00000001 275caf01 ntdll!RtlDestroyEnvironment+0x178 0178d008 7c7ecb26 00000003 77e8f3b0 ffffffff kernel32!IsValidLocale+0x8eb 0178d01c 275c9807 00000003 275c9a0d 00000003 kernel32!ExitProcess+0x14 0178d05c 275c9a32 00000003 00000001 00000000 msidcrl40!CreatePassportAuthUIContext+0x2ed77 0178d0fc 0178d0f0 00000001 0178d128 00110010 msidcrl40!CreatePassportAuthUIContext+0x2efa2 7c7d00f0 0004014c 49c4f537 00000000 00000000 0x178d0f0 00004550 00000000 00000000 00000000 00000000 0x4014c *----> Raw Stack Dump <----* 000000000178cd24 b8 35 9d 02 58 35 9d 02 - c4 35 9d 02 01 19 73 02 .5..X5...5....s. 000000000178cd34 e4 35 9d 02 b8 35 9d 02 - 5f 7b 73 02 58 35 9d 02 .5...5.._{s.X5.. 000000000178cd44 e4 35 9d 02 78 cd 78 01 - 7c 6b 73 02 58 cd 78 01 .5..x.x.|ks.X.x. 000000000178cd54 68 35 9d 02 02 00 00 00 - 00 00 00 00 00 00 00 00 h5.............. 000000000178cd64 00 00 00 00 20 e9 90 7c - 60 00 91 7c ff ff ff ff .... ..|`..|.... 000000000178cd74 5d 00 91 7c c0 cd 78 01 - 01 6c 73 02 01 00 00 00 ]..|..x..ls..... 000000000178cd84 79 9f ed 4f 58 35 9d 02 - 3f 6c 73 02 01 00 00 00 y..OX5..?ls..... 000000000178cd94 01 00 00 00 58 35 9d 02 - 00 00 00 00 34 6d 73 02 ....X5......4ms. 000000000178cda4 58 35 9d 02 01 00 00 00 - cc 6d 73 02 00 00 00 00 X5.......ms..... 000000000178cdb4 58 35 9d 02 84 35 9d 02 - 01 35 9d 02 00 ce 78 01 X5...5...5....x. 000000000178cdc4 e6 6d 73 02 00 43 b9 02 - 31 73 88 02 93 a4 65 72 .ms..C..1s....er 000000000178cdd4 00 00 00 00 00 00 00 00 - 00 00 73 02 00 43 b9 02 ..........s..C.. 000000000178cde4 08 40 b9 02 d0 cd 78 01 - 00 00 73 02 58 ce 78 01 .@....x...s.X.x. 000000000178cdf4 50 c4 87 02 83 8e 87 71 - 00 00 00 00 28 ce 78 01 P......q....(.x. 000000000178ce04 c0 73 88 02 00 00 00 00 - 00 00 00 00 01 00 00 00 .s.............. 000000000178ce14 27 e3 87 02 01 00 00 00 - 00 00 00 00 00 00 73 02 '.............s. 000000000178ce24 f8 45 b9 02 68 ce 78 01 - 5a e4 87 02 00 00 73 02 .E..h.x.Z.....s. 000000000178ce34 00 00 00 00 01 00 00 00 - fb a4 65 72 00 00 00 00 ..........er.... 000000000178ce44 84 ce 78 01 90 50 25 00 - 01 00 00 00 3c ce 78 01 ..x..P%.....<.x. 000000000178ce54 5b 08 ea 59 04 cf 78 01 - 50 c4 87 02 43 8a 87 71 [..Y..x.P...C..q
  8. Hallo, Heb msidcr140.dll opgezocht, ook in verborgen bestanden etc., maar het is er niet meer. Heb vervolgens alles gescand, eerst met Spyware Doctor en daarna nog eens met Malware. Niets gevonden. Vervolgens internet geprobeerd. Probleem nog aanwezig; Sommige (sub) pagina's zijn niet of zeer traag te bereiken. Mijn bankpag. vliegt eruit zodra ik mijn rekening wil bekijken. Runtime error nog steeds aanwezig. :stupid:
  9. Wist niet dat ik verborgen bestanden heb. Daarin drie keer zo'n bestand gevonden. Alle drie FireFox. Geen idee wat dat is en hoe ik eraan kom. Wat te doen?
  10. Internet gaat sneller, alhoewel het soms lang duurt om een vervolgpagina te openen, ook als dathele gewone sites zijn. MIjn bankpagina was gisteravond wel te bereiken, maar vanmorgen weer niet. Dan krijg ik toch nog een runtime error. Daarvan de volg. gegevens: App Name: iexplore.exe App Ver : 8.0.6001.18702 Mod Name : msidcr140.dll Mod Ver : 5.0.818.6 Offset : 000cbe90 Vreemd allemaal, heel vreemd. Of 't spookt, hè gr.
  11. Heb nieuw log bijgevoegd. Mocht dit weer niet voldoende zijn, dan weet ik niet hoe ik de nieuwe opdrachen in ComboFix moet plakken. OVerigens werden na de scan een hele rij bestandjes verwijderd. Ook werd er een server geupload, maar dat proces werd tot twee keer toe afgebroken. ALhoewel met de nodige reserve heb ik dat verzenden maar oegestaan. Was dat de bedoeling? ComboFix 10-08-15.04 - Dhr. A. Kuijvenhoven 16-08-2010 14:37:48.3.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.501 [GMT 2:00] Gestart vanuit: d:\documents and settings\Dhr. A. Kuijvenhoven\Mijn documenten\Downloads\ComboFix.exe gebruikte Opdracht switches :: d:\documents and settings\Dhr. A. Kuijvenhoven\Mijn documenten\Downloads\CFScript.txt.txt AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FILE :: "c:\program files\20070716_0600_GFS_120912.grb" "c:\program files\AdbeRdr80_nl_NL.exe" "c:\program files\agsetup.exe" "c:\program files\AlexAdvancedPlusIndicatorpackSetup.exe" "c:\program files\AlexAdvancedPlusSetup.exe" "c:\program files\ccsetup226.exe" "c:\program files\ccsetup227.exe" "c:\program files\ccsetup229.exe" "c:\program files\ccsetup230.exe" "c:\program files\DigiLeenSetup_v1.1.00.0025.exe" "c:\program files\Firefox Setup 3.5.11.exe" "c:\program files\FoxitReader31_enu_Setup_091125.exe" "c:\program files\googleupdatesetup.exe" "c:\program files\HijackThisInstaller.exe" "c:\program files\install_UGRIB.exe" "c:\program files\iTunesSetup.exe" "c:\program files\mbam-setup.exe" "c:\program files\QuickTimeInstaller.exe" "c:\program files\setup_av_free_dut.exe" "c:\program files\Snelkoppeling naar agsetup.lnk" "c:\program files\Snelkoppeling naar ccsetup226.lnk" "c:\program files\Snelkoppeling naar setup_av_free_dut.lnk" "c:\program files\winamp5541_full_all.exe" "c:\program files\wmp11-windowsxp-x86-nl-nl.exe" "c:\program files\YouSendItAcrobatPluginSetup1_0_0.exe" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\20070716_0600_GFS_120912.grb c:\program files\AdbeRdr80_nl_NL.exe c:\program files\agsetup.exe c:\program files\AlexAdvancedPlusIndicatorpackSetup.exe c:\program files\AlexAdvancedPlusSetup.exe c:\program files\AskBarDis\bar\bin\askPopStp.dll c:\program files\AskBarDis\bar\bin\psvince.dll c:\program files\AskBarDis\bar\Cache\0003D216 c:\program files\AskBarDis\bar\Cache\00F0DADF.bin c:\program files\AskBarDis\bar\Cache\00F0DD31.bin c:\program files\AskBarDis\bar\Cache\00F0DF73.bin c:\program files\AskBarDis\bar\Cache\00F0E129.bin c:\program files\AskBarDis\bar\Cache\00F0E2CF.bin c:\program files\AskBarDis\bar\Cache\00F0E455.bin c:\program files\AskBarDis\bar\Cache\00F0E5CC.bin c:\program files\AskBarDis\bar\Cache\00F0E743.bin c:\program files\AskBarDis\bar\Cache\00F0E918.bin c:\program files\AskBarDis\bar\Cache\00F0EA8F.bin c:\program files\AskBarDis\bar\Cache\files.ini c:\program files\AskBarDis\bar\History\search c:\program files\AskBarDis\bar\Settings\config.dat c:\program files\AskBarDis\bar\Settings\config.dat.bak c:\program files\AskBarDis\bar\Settings\prevcfg.htm c:\program files\ccsetup226.exe c:\program files\ccsetup227.exe c:\program files\ccsetup229.exe c:\program files\ccsetup230.exe c:\program files\DigiLeenSetup_v1.1.00.0025.exe c:\program files\Firefox Setup 3.5.11.exe c:\program files\FoxitReader31_enu_Setup_091125.exe c:\program files\googleupdatesetup.exe c:\program files\HijackThisInstaller.exe c:\program files\install_UGRIB.exe c:\program files\iTunesSetup.exe c:\program files\mbam-setup.exe c:\program files\QuickTimeInstaller.exe c:\program files\setup_av_free_dut.exe c:\program files\Snelkoppeling naar agsetup.lnk c:\program files\Snelkoppeling naar ccsetup226.lnk c:\program files\Snelkoppeling naar setup_av_free_dut.lnk c:\program files\winamp5541_full_all.exe c:\program files\wmp11-windowsxp-x86-nl-nl.exe c:\program files\YouSendItAcrobatPluginSetup1_0_0.exe d:\documents and settings\LocalService.NT AUTHORITY.004\Application Data\McAfee d:\documents and settings\LocalService.NT AUTHORITY.004\Application Data\McAfee\sacore\sacore.db d:\documents and settings\LocalService.NT AUTHORITY.004\Application Data\McAfee\sacore\sacore_cache.db . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-16 to 2010-08-16 )))))))))))))))))))))))))))))) . 2010-08-16 10:19 . 2010-08-16 12:24 -------- d--h--r- d:\documents and settings\Dhr. A. Kuijvenhoven\Onlangs geopend 2010-08-13 19:54 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-13 19:54 . 2010-08-13 19:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-13 19:54 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-13 09:56 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-08-13 09:56 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-08-13 09:56 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-08-13 09:56 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-08-13 09:56 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-08-13 09:56 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-08-13 09:56 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-08-13 09:55 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr 2010-08-13 09:55 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe 2010-08-13 09:55 . 2010-08-13 09:55 -------- d-----w- d:\documents and settings\All Users\Application Data\Alwil Software 2010-08-13 09:55 . 2010-08-13 09:55 -------- d-----w- c:\program files\Alwil Software 2010-08-11 17:34 . 2010-08-11 17:34 -------- d-----w- c:\program files\Common Files\Java 2010-08-11 14:14 . 2010-08-11 14:14 -------- d-----w- c:\windows\Performance 2010-08-11 14:14 . 2010-08-11 14:14 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Local Settings\Application Data\Microsoft Corporation 2010-07-26 18:42 . 2010-07-26 18:42 -------- d-----w- c:\program files\Uniblue 2010-07-26 12:45 . 2010-07-26 12:45 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\OpenCandy 2010-07-26 12:45 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll 2010-07-26 12:45 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2010-07-26 12:45 . 2010-07-26 12:45 -------- d-----w- c:\windows\Logs 2010-07-26 12:45 . 2010-07-26 12:45 -------- d-----w- c:\program files\Winamp Detect 2010-07-26 12:45 . 2010-07-26 12:45 -------- d-----w- c:\program files\Winamp Toolbar 2010-07-21 20:05 . 2010-07-21 20:05 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\FastStone 2010-07-21 20:04 . 2010-07-21 20:05 -------- d-----w- c:\program files\FastStone Image Viewer 2010-07-21 20:04 . 2010-07-21 20:04 4769574 ----a-w- c:\program files\FSViewerSetup42.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-16 12:48 . 2007-08-20 15:21 -------- d-----w- c:\program files\Spyware Doctor 2010-08-16 12:22 . 2007-07-16 10:25 -------- d---a-w- d:\documents and settings\All Users\Application Data\TEMP 2010-08-16 09:28 . 2007-02-27 11:32 61012 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\wklnhst.dat 2010-08-16 07:01 . 2007-03-02 13:04 -------- d-----w- d:\documents and settings\All Users\Application Data\Google Updater 2010-08-13 19:41 . 2009-12-09 13:10 -------- d-----w- c:\program files\AskBarDis 2010-08-13 19:41 . 2007-02-28 10:13 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\OpenOffice.org2 2010-08-13 09:07 . 2008-06-03 13:08 -------- d-----w- c:\program files\PC Veilig 2010-08-13 09:04 . 2008-06-03 13:08 -------- d-----w- d:\documents and settings\All Users\Application Data\F-Secure 2010-08-13 09:04 . 2004-09-10 16:24 92008 ----a-w- c:\windows\system32\perfc013.dat 2010-08-13 09:04 . 2004-09-10 16:24 511734 ----a-w- c:\windows\system32\perfh013.dat 2010-08-11 17:34 . 2007-02-26 21:49 -------- d-----w- c:\program files\Java 2010-07-27 11:59 . 2009-12-07 21:43 -------- d-----w- c:\program files\CCleaner 2010-07-27 06:33 . 2008-11-20 10:06 -------- d-----w- c:\program files\Winamp 2010-07-26 19:27 . 2007-02-27 11:13 -------- d-----w- c:\program files\Encarta 2010-07-26 12:57 . 2007-02-26 21:49 -------- d-----w- c:\program files\Common Files\Adobe 2010-07-26 12:49 . 2008-11-20 10:06 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Winamp 2010-07-26 12:08 . 2009-12-10 09:19 -------- d-----w- d:\documents and settings\All Users\Application Data\NOS 2010-07-26 10:33 . 2007-02-26 21:49 -------- d-----w- c:\program files\QuickTime 2010-07-21 08:18 . 2009-11-24 08:53 767928 ----a-w- c:\windows\BDTSupport.dll 2010-07-19 13:15 . 2007-02-27 10:05 -------- d-----w- c:\program files\ABBYY FineReader 4.0 Sprint 2010-07-19 07:26 . 2009-11-24 08:53 192 ----a-w- c:\windows\UDB.zip 2010-07-19 07:26 . 2009-11-24 08:53 149456 ----a-w- c:\windows\SGDetectionTool.dll 2010-07-19 07:26 . 2009-11-24 08:53 264144 ----a-w- c:\windows\PCTBDRes.dll 2010-07-19 07:26 . 2009-11-24 08:53 1435600 ----a-w- c:\windows\PCTBDCore.dll 2010-07-17 03:00 . 2010-05-10 20:26 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-07-09 13:06 . 2010-07-09 13:06 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\CompleteGuide.D7AEE78E2D43EBD31B3DBE76266084994F93EC42.1 2010-07-09 13:06 . 2010-07-09 13:06 -------- d-----w- c:\program files\Complete Guide 2010-06-30 12:33 . 2004-09-10 16:23 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:27 . 2004-09-10 16:23 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2004-09-10 16:23 1852032 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2004-09-10 16:23 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2004-09-10 16:23 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2004-09-10 16:46 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 07:43 . 2004-09-10 16:23 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-03-10 16:27 . 2010-03-10 16:27 38824552 ----a-w- c:\program files\FileFormatConverters.exe 2009-12-03 11:00 . 2009-12-03 11:00 401720 ----a-w- c:\program files\HijackThis.exe 2009-02-23 10:39 . 2009-02-23 10:19 1234120 -c--a-w- c:\program files\Winrar3.80.exe 2009-02-11 20:38 . 2009-02-11 20:38 4865408 -c--a-w- c:\program files\Silverlight.2.0.exe 2008-08-08 09:47 . 2008-08-08 09:46 1945800 -c--a-w- c:\program files\PPVIEWER.EXE 2008-07-19 13:08 . 2008-07-19 13:08 467968 -c--a-w- c:\program files\ZoekWekkerDesktopSetup.msi 2008-06-03 13:07 . 2008-06-03 13:06 68244328 -c--a-w- c:\program files\PCveilig.exe 2007-12-12 17:35 . 2007-12-12 17:35 2402832 -c--a-w- c:\program files\WLinstaller.exe 2007-07-16 10:54 . 2007-07-16 10:54 5320856 -c--a-w- c:\program files\ps2pdf995.exe 2007-07-16 10:52 . 2007-07-16 10:52 2572952 -c--a-w- c:\program files\pdf995s.exe 2007-05-02 14:51 . 2007-05-02 14:50 3838056 -c--a-w- c:\program files\msgrplus.exe 2008-09-19 06:26 . 2007-03-18 17:37 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-12-08 975360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-20 68856] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264] "Windows Registry Repair Pro"="c:\program files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe" [2005-09-08 1363968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATSwpNav"="c:\program files\Fingerprint Sensor\ATSwpNav -run" [X] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "NECHotkey"="mHotkey.exe" [2006-01-11 548864] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656] "nwiz"="nwiz.exe" [2005-08-02 1519616] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-08 57344] "RTHDCPL"="RTHDCPL.EXE" [2005-06-29 14720000] "OmniPass"="c:\apps\Softex\OmniPass\scureapp.exe" [2005-08-12 1859584] "Ulead AutoDetector v2"="c:\program files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112] "PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-05-11 127118] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-19 29744] "eFax 4.2"="c:\program files\eFax Messenger 4.2\J2GDllCmd.exe" [2006-07-14 107008] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-17 202256] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952] "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-05-27 1287120] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] d:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ eFax 4.2.lnk - c:\program files\eFax Messenger 4.2\J2GTray.exe [2007-5-2 612352] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina] 2005-08-12 16:01 49152 ----a-w- c:\apps\Softex\OmniPass\OPXPGina.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\GRIB.US\\Ugrib.exe"= "c:\\Program Files\\Common Files\\InstallShield\\UpdateService\\agent.exe"= R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [24-11-2009 10:52 218592] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13-8-2010 11:56 165456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13-8-2010 11:56 17744] R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [24-11-2009 10:53 198608] R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [10-5-2010 22:11 366840] S2 gupdate1c9abb1bbf3ed3a;Google Updateservice (gupdate1c9abb1bbf3ed3a);c:\program files\Google\Update\GoogleUpdate.exe [23-3-2009 14:20 133104] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [18-3-2007 19:37 29744] S3 hitmanpro3;Hitman Pro 3 Support Driver;c:\windows\system32\drivers\hitmanpro3.sys [1-7-2008 8:13 3328] --- Andere Services/Drivers In Geheugen --- *Deregistered* - PCTSDInjDriver32 . Inhoud van de 'Gedeelde Taken' map 2010-08-16 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-27 08:02] 2010-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-23 12:19] 2010-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-23 12:19] 2010-08-16 c:\windows\Tasks\Master CD_DVD Creator.job - c:\apps\SMP\MCDCHECK.EXE [2005-11-08 14:26] 2010-08-16 c:\windows\Tasks\PC instellen.job - c:\apps\SMP\PCSETUP.EXE [2005-11-17 09:03] 2010-08-16 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-779791498-3118289738-2137124882-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2010-08-16 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-779791498-3118289738-2137124882-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2010-08-16 c:\windows\Tasks\Uitgebreide garantie.job - c:\apps\SMP\PBCARNOT.EXE [2005-11-09 12:55] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.omroep.nl/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader4.cab FF - ProfilePath - d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Mozilla\Firefox\Profiles\d53xk6w4.default\ FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query= FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - component: c:\program files\Spyware Doctor\BDT\FireFox\platform\WINNT_x86-msvc\components\libheuristic.dll FF - component: d:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll FF - component: d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Mozilla\Firefox\Profiles\d53xk6w4.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - component: d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Mozilla\Firefox\Profiles\d53xk6w4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-16 14:48 Windows 5.1.2600 Service Pack 3 NTFS detected NTDLL code modification: ZwClose scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-779791498-3118289738-2137124882-1006\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(580) c:\apps\Softex\OmniPass\opxpgina.dll c:\windows\system32\MPR.dll . Voltooingstijd: 2010-08-16 14:53:04 ComboFix-quarantined-files.txt 2010-08-16 12:52 ComboFix2.txt 2010-08-16 08:49 ComboFix3.txt 2010-08-13 21:11 ComboFix4.txt 2009-12-04 11:03 Pre-Run: 15.067.947.008 bytes beschikbaar Post-Run: 14.523.641.856 bytes beschikbaar - - End Of File - - 8B396DD2CB53B1FF20D961DA4B2BC405
  12. Dit moet het goede dan zijn. De scan van HiJack in mijn vorige bericht is gebaseerd op een cf. jouw advies bijgewerkt combofix. Excuus voor misverstand. Als dit niet het goede is, dan is het me niet gelukt om jouw adveis op te volgen en de voorgestelde wijzigingen in mijn combofix te plakken. ComboFix 10-08-15.02 - Dhr. A. Kuijvenhoven 16-08-2010 10:36:29.2.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.461 [GMT 2:00] Gestart vanuit: d:\documents and settings\Dhr. A. Kuijvenhoven\Mijn documenten\Downloads\ComboFix.exe gebruikte Opdracht switches :: d:\documents and settings\Dhr. A. Kuijvenhoven\Bureaublad\CFScript.txt.lnk AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-16 to 2010-08-16 )))))))))))))))))))))))))))))) . 2010-08-14 07:48 . 2010-08-16 08:31 -------- d--h--r- d:\documents and settings\Dhr. A. Kuijvenhoven\Onlangs geopend 2010-08-13 19:54 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-13 19:54 . 2010-08-13 19:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-13 19:54 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-13 09:56 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-08-13 09:56 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-08-13 09:56 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-08-13 09:56 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-08-13 09:56 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-08-13 09:56 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-08-13 09:56 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-08-13 09:55 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr 2010-08-13 09:55 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe 2010-08-13 09:55 . 2010-08-13 09:55 -------- d-----w- d:\documents and settings\All Users\Application Data\Alwil Software 2010-08-13 09:55 . 2010-08-13 09:55 -------- d-----w- c:\program files\Alwil Software 2010-08-13 09:54 . 2010-08-13 09:55 49348328 ----a-w- c:\program files\setup_av_free_dut.exe 2010-08-13 09:43 . 2010-08-13 09:43 388096 ----a-r- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-08-11 17:34 . 2010-08-11 17:34 -------- d-----w- c:\program files\Common Files\Java 2010-08-11 14:14 . 2010-08-11 14:14 -------- d-----w- c:\windows\Performance 2010-08-11 14:14 . 2010-08-11 14:14 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Local Settings\Application Data\Microsoft Corporation 2010-08-09 12:02 . 2010-08-09 12:02 503808 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3c15b93e-n\msvcp71.dll 2010-08-09 12:02 . 2010-08-09 12:02 499712 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3c15b93e-n\jmc.dll 2010-08-09 12:02 . 2010-08-09 12:02 348160 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3c15b93e-n\msvcr71.dll 2010-08-09 12:02 . 2010-08-09 12:02 12800 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-56b22dbe-n\decora-d3d.dll 2010-08-09 12:02 . 2010-08-09 12:02 61440 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-56b22dbe-n\decora-sse.dll 2010-07-31 09:10 . 2010-07-23 15:22 1496064 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Mozilla\Firefox\Profiles\d53xk6w4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll 2010-07-31 09:10 . 2010-07-23 15:22 43008 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Mozilla\Firefox\Profiles\d53xk6w4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll 2010-07-31 09:10 . 2010-07-23 15:22 338944 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Mozilla\Firefox\Profiles\d53xk6w4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll 2010-07-31 09:10 . 2010-07-23 15:22 346112 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Mozilla\Firefox\Profiles\d53xk6w4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll 2010-07-26 18:42 . 2010-07-26 18:42 -------- d-----w- c:\program files\Uniblue 2010-07-26 12:45 . 2010-07-26 12:45 0 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\OpenCandy\OpenCandy_90025766732D4C77946B0E95C225C87F\DLMgr_3_1.6.44.exe 2010-07-26 12:45 . 2010-07-26 12:45 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\OpenCandy 2010-07-26 12:45 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll 2010-07-26 12:45 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2010-07-26 12:45 . 2010-07-26 12:45 -------- d-----w- c:\windows\Logs 2010-07-26 12:45 . 2010-07-26 12:45 -------- d-----w- c:\program files\Winamp Detect 2010-07-26 12:45 . 2010-07-26 12:45 -------- d-----w- c:\program files\Winamp Toolbar 2010-07-26 12:35 . 2010-07-26 12:36 8098640 ----a-w- c:\program files\Firefox Setup 3.5.11.exe 2010-07-26 10:37 . 2010-07-26 10:37 -------- d-----w- d:\documents and settings\LocalService.NT AUTHORITY.004\Application Data\McAfee 2010-07-21 20:05 . 2010-07-21 20:05 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\FastStone 2010-07-21 20:04 . 2010-07-21 20:05 -------- d-----w- c:\program files\FastStone Image Viewer 2010-07-21 20:04 . 2010-07-21 20:04 4769574 ----a-w- c:\program files\FSViewerSetup42.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-16 08:36 . 2007-08-20 15:21 -------- d-----w- c:\program files\Spyware Doctor 2010-08-16 08:31 . 2007-07-16 10:25 -------- d---a-w- d:\documents and settings\All Users\Application Data\TEMP 2010-08-16 08:14 . 2007-02-27 11:32 61088 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\wklnhst.dat 2010-08-16 07:01 . 2007-03-02 13:04 -------- d-----w- d:\documents and settings\All Users\Application Data\Google Updater 2010-08-13 19:41 . 2009-12-09 13:10 -------- d-----w- c:\program files\AskBarDis 2010-08-13 19:41 . 2007-02-28 10:13 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\OpenOffice.org2 2010-08-13 09:57 . 2010-08-13 09:57 579 ----a-w- c:\program files\Snelkoppeling naar setup_av_free_dut.lnk 2010-08-13 09:07 . 2008-06-03 13:08 -------- d-----w- c:\program files\PC Veilig 2010-08-13 09:04 . 2008-06-03 13:08 -------- d-----w- d:\documents and settings\All Users\Application Data\F-Secure 2010-08-13 09:04 . 2004-09-10 16:24 92008 ----a-w- c:\windows\system32\perfc013.dat 2010-08-13 09:04 . 2004-09-10 16:24 511734 ----a-w- c:\windows\system32\perfh013.dat 2010-08-11 17:34 . 2007-02-26 21:49 -------- d-----w- c:\program files\Java 2010-07-27 11:59 . 2009-12-07 21:43 -------- d-----w- c:\program files\CCleaner 2010-07-27 06:33 . 2008-11-20 10:06 -------- d-----w- c:\program files\Winamp 2010-07-26 19:27 . 2007-02-27 11:13 -------- d-----w- c:\program files\Encarta 2010-07-26 12:57 . 2007-02-26 21:49 -------- d-----w- c:\program files\Common Files\Adobe 2010-07-26 12:49 . 2008-11-20 10:06 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Winamp 2010-07-26 12:08 . 2009-12-10 09:19 -------- d-----w- d:\documents and settings\All Users\Application Data\NOS 2010-07-26 10:33 . 2007-02-26 21:49 -------- d-----w- c:\program files\QuickTime 2010-07-21 08:18 . 2009-11-24 08:53 767928 ----a-w- c:\windows\BDTSupport.dll 2010-07-19 13:15 . 2007-02-27 10:05 -------- d-----w- c:\program files\ABBYY FineReader 4.0 Sprint 2010-07-19 07:26 . 2009-11-24 08:53 192 ----a-w- c:\windows\UDB.zip 2010-07-19 07:26 . 2009-11-24 08:53 149456 ----a-w- c:\windows\SGDetectionTool.dll 2010-07-19 07:26 . 2009-11-24 08:53 264144 ----a-w- c:\windows\PCTBDRes.dll 2010-07-19 07:26 . 2009-11-24 08:53 1435600 ----a-w- c:\windows\PCTBDCore.dll 2010-07-17 03:00 . 2010-05-10 20:26 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-07-09 13:06 . 2010-07-09 13:06 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\CompleteGuide.D7AEE78E2D43EBD31B3DBE76266084994F93EC42.1 2010-07-09 13:06 . 2010-07-09 13:06 -------- d-----w- c:\program files\Complete Guide 2010-06-30 12:33 . 2004-09-10 16:23 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:27 . 2004-09-10 16:23 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2004-09-10 16:23 1852032 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2004-09-10 16:23 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2004-09-10 16:23 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2004-09-10 16:46 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 07:43 . 2004-09-10 16:23 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-05-26 07:06 . 2010-05-26 07:06 503808 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-6d153c80-n\msvcp71.dll 2010-05-26 07:06 . 2010-05-26 07:06 499712 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-6d153c80-n\jmc.dll 2010-05-26 07:06 . 2010-05-26 07:06 12800 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7a906f1f-n\decora-d3d.dll 2010-05-26 07:06 . 2010-05-26 07:06 61440 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7a906f1f-n\decora-sse.dll 2010-05-26 07:06 . 2010-05-26 07:06 348160 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-6d153c80-n\msvcr71.dll 2010-04-08 07:33 . 2010-04-08 07:33 3376656 ----a-w- c:\program files\ccsetup230.exe 2010-03-10 16:27 . 2010-03-10 16:27 38824552 ----a-w- c:\program files\FileFormatConverters.exe 2010-03-07 15:30 . 2010-03-07 15:30 3396856 ----a-w- c:\program files\ccsetup229.exe 2010-02-10 19:09 . 2010-02-10 19:09 564064 ----a-w- c:\program files\googleupdatesetup.exe 2009-12-24 17:55 . 2009-12-24 17:55 3357024 ----a-w- c:\program files\ccsetup227.exe 2009-12-09 13:09 . 2009-12-09 13:08 5359048 ----a-w- c:\program files\FoxitReader31_enu_Setup_091125.exe 2009-12-07 21:40 . 2009-12-07 21:40 544 ----a-w- c:\program files\Snelkoppeling naar ccsetup226.lnk 2009-12-07 21:40 . 2009-12-07 21:40 3326576 ----a-w- c:\program files\ccsetup226.exe 2009-12-03 11:16 . 2009-12-03 11:16 4045528 ----a-w- c:\program files\mbam-setup.exe 2009-12-03 11:01 . 2009-12-03 11:01 812344 ----a-w- c:\program files\HijackThisInstaller.exe 2009-12-03 11:00 . 2009-12-03 11:00 401720 ----a-w- c:\program files\HijackThis.exe 2009-02-23 10:39 . 2009-02-23 10:19 1234120 -c--a-w- c:\program files\Winrar3.80.exe 2009-02-19 19:05 . 2009-02-19 19:05 9506496 -c--a-w- c:\program files\YouSendItAcrobatPluginSetup1_0_0.exe 2009-02-17 18:34 . 2009-02-17 18:34 21878064 -c--a-w- c:\program files\QuickTimeInstaller.exe 2009-02-11 20:38 . 2009-02-11 20:38 4865408 -c--a-w- c:\program files\Silverlight.2.0.exe 2008-11-20 09:58 . 2008-11-20 09:58 11485056 -c--a-w- c:\program files\winamp5541_full_all.exe 2008-10-21 15:22 . 2008-10-21 15:22 527 -c--a-w- c:\program files\Snelkoppeling naar agsetup.lnk 2008-10-21 12:10 . 2008-10-21 12:10 1665325 -c--a-w- c:\program files\agsetup.exe 2008-08-08 09:47 . 2008-08-08 09:46 1945800 -c--a-w- c:\program files\PPVIEWER.EXE 2008-07-19 13:08 . 2008-07-19 13:08 467968 -c--a-w- c:\program files\ZoekWekkerDesktopSetup.msi 2008-06-03 13:07 . 2008-06-03 13:06 68244328 -c--a-w- c:\program files\PCveilig.exe 2008-05-30 08:53 . 2008-02-06 13:22 25827912 -c--a-w- c:\program files\wmp11-windowsxp-x86-nl-nl.exe 2008-05-29 09:21 . 2008-05-29 09:21 5754289 -c--a-w- c:\program files\DigiLeenSetup_v1.1.00.0025.exe 2008-04-07 10:10 . 2008-04-07 10:10 59782440 -c--a-w- c:\program files\iTunesSetup.exe 2007-12-12 17:35 . 2007-12-12 17:35 2402832 -c--a-w- c:\program files\WLinstaller.exe 2007-07-20 20:10 . 2007-07-20 20:09 4507040 -c--a-w- c:\program files\AlexAdvancedPlusIndicatorpackSetup.exe 2007-07-16 12:09 . 2007-07-16 15:34 22278 -c--a-w- c:\program files\20070716_0600_GFS_120912.grb 2007-07-16 12:04 . 2007-07-15 19:00 2692662 -c--a-w- c:\program files\install_UGRIB.exe 2007-07-16 10:54 . 2007-07-16 10:54 5320856 -c--a-w- c:\program files\ps2pdf995.exe 2007-07-16 10:52 . 2007-07-16 10:52 2572952 -c--a-w- c:\program files\pdf995s.exe 2007-07-10 10:43 . 2007-07-10 10:43 19302104 -c--a-w- c:\program files\AlexAdvancedPlusSetup.exe 2007-05-14 10:57 . 2007-05-14 10:56 22456888 -c--a-w- c:\program files\AdbeRdr80_nl_NL.exe 2007-05-02 14:51 . 2007-05-02 14:50 3838056 -c--a-w- c:\program files\msgrplus.exe 2008-09-19 06:26 . 2007-03-18 17:37 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-12-08 975360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-20 68856] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264] "Windows Registry Repair Pro"="c:\program files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe" [2005-09-08 1363968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATSwpNav"="c:\program files\Fingerprint Sensor\ATSwpNav -run" [X] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "NECHotkey"="mHotkey.exe" [2006-01-11 548864] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656] "nwiz"="nwiz.exe" [2005-08-02 1519616] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-08 57344] "RTHDCPL"="RTHDCPL.EXE" [2005-06-29 14720000] "OmniPass"="c:\apps\Softex\OmniPass\scureapp.exe" [2005-08-12 1859584] "Ulead AutoDetector v2"="c:\program files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112] "PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-05-11 127118] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-19 29744] "eFax 4.2"="c:\program files\eFax Messenger 4.2\J2GDllCmd.exe" [2006-07-14 107008] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-17 202256] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952] "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-05-27 1287120] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] d:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ eFax 4.2.lnk - c:\program files\eFax Messenger 4.2\J2GTray.exe [2007-5-2 612352] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina] 2005-08-12 16:01 49152 ----a-w- c:\apps\Softex\OmniPass\OPXPGina.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\GRIB.US\\Ugrib.exe"= "c:\\Program Files\\Common Files\\InstallShield\\UpdateService\\agent.exe"= R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [24-11-2009 10:52 218592] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13-8-2010 11:56 165456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13-8-2010 11:56 17744] R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [24-11-2009 10:53 198608] R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [10-5-2010 22:11 366840] S2 gupdate1c9abb1bbf3ed3a;Google Updateservice (gupdate1c9abb1bbf3ed3a);c:\program files\Google\Update\GoogleUpdate.exe [23-3-2009 14:20 133104] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [18-3-2007 19:37 29744] S3 hitmanpro3;Hitman Pro 3 Support Driver;c:\windows\system32\drivers\hitmanpro3.sys [1-7-2008 8:13 3328] --- Andere Services/Drivers In Geheugen --- *Deregistered* - PCTSDInjDriver32 . Inhoud van de 'Gedeelde Taken' map 2010-08-16 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-27 08:02] 2010-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-23 12:19] 2010-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-23 12:19] 2010-08-16 c:\windows\Tasks\Master CD_DVD Creator.job - c:\apps\SMP\MCDCHECK.EXE [2005-11-08 14:26] 2010-08-16 c:\windows\Tasks\PC instellen.job - c:\apps\SMP\PCSETUP.EXE [2005-11-17 09:03] 2010-08-16 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-779791498-3118289738-2137124882-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2010-08-16 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-779791498-3118289738-2137124882-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2010-08-16 c:\windows\Tasks\Uitgebreide garantie.job - c:\apps\SMP\PBCARNOT.EXE [2005-11-09 12:55] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.omroep.nl/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader4.cab FF - ProfilePath - d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Mozilla\Firefox\Profiles\d53xk6w4.default\ FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query= FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - component: c:\program files\Spyware Doctor\BDT\FireFox\platform\WINNT_x86-msvc\components\libheuristic.dll FF - component: d:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll FF - component: d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Mozilla\Firefox\Profiles\d53xk6w4.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - component: d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Mozilla\Firefox\Profiles\d53xk6w4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-16 10:45 Windows 5.1.2600 Service Pack 3 NTFS detected NTDLL code modification: ZwClose scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-779791498-3118289738-2137124882-1006\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(580) c:\apps\Softex\OmniPass\opxpgina.dll c:\windows\system32\MPR.dll - - - - - - - > 'explorer.exe'(3504) c:\apps\Softex\OmniPass\SCUREDLL.dll c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\MPR.dll c:\windows\system32\WS2_32.dll c:\windows\system32\WS2HELP.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2010-08-16 10:49:13 ComboFix-quarantined-files.txt 2010-08-16 08:49 ComboFix2.txt 2010-08-13 21:11 ComboFix3.txt 2009-12-04 11:03 Pre-Run: 15.145.660.416 bytes beschikbaar Post-Run: 15.130.329.088 bytes beschikbaar - - End Of File - - F4C2D14B0D888038C95DD5B4493C76E9
  13. Hier zijn de beide logs ComboFix 10-08-12.03 - Dhr. A. Kuijvenhoven 13-08-2010 22:52:54.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.266 [GMT 2:00] Gestart vanuit: d:\documents and settings\Dhr. A. Kuijvenhoven\Mijn documenten\Downloads\ComboFix.exe AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\Thumbs.db d:\documents and settings\Dhr. A. Kuijvenhoven\GoToAssistDownloadHelper.exe . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-13 to 2010-08-13 )))))))))))))))))))))))))))))) . 2010-08-13 19:54 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-13 19:54 . 2010-08-13 19:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-13 19:54 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-13 09:56 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-08-13 09:56 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-08-13 09:56 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-08-13 09:56 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-08-13 09:56 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-08-13 09:56 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-08-13 09:56 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-08-13 09:55 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr 2010-08-13 09:55 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe 2010-08-13 09:55 . 2010-08-13 09:55 -------- d-----w- d:\documents and settings\All Users\Application Data\Alwil Software 2010-08-13 09:55 . 2010-08-13 09:55 -------- d-----w- c:\program files\Alwil Software 2010-08-13 09:54 . 2010-08-13 09:55 49348328 ----a-w- c:\program files\setup_av_free_dut.exe 2010-08-13 08:55 . 2010-08-13 20:19 -------- d--h--r- d:\documents and settings\Dhr. A. Kuijvenhoven\Onlangs geopend 2010-08-11 17:34 . 2010-08-11 17:34 -------- d-----w- c:\program files\Common Files\Java 2010-08-11 14:14 . 2010-08-11 14:14 -------- d-----w- c:\windows\Performance 2010-08-11 14:14 . 2010-08-11 14:14 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Local Settings\Application Data\Microsoft Corporation 2010-07-26 18:42 . 2010-07-26 18:42 -------- d-----w- c:\program files\Uniblue 2010-07-26 12:45 . 2010-07-26 12:45 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\OpenCandy 2010-07-26 12:45 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll 2010-07-26 12:45 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2010-07-26 12:45 . 2010-07-26 12:45 -------- d-----w- c:\windows\Logs 2010-07-26 12:45 . 2010-07-26 12:45 -------- d-----w- c:\program files\Winamp Detect 2010-07-26 12:45 . 2010-07-26 12:45 -------- d-----w- c:\program files\Winamp Toolbar 2010-07-26 12:35 . 2010-07-26 12:36 8098640 ----a-w- c:\program files\Firefox Setup 3.5.11.exe 2010-07-26 10:37 . 2010-07-26 10:37 -------- d-----w- d:\documents and settings\LocalService.NT AUTHORITY.004\Application Data\McAfee 2010-07-21 20:05 . 2010-07-21 20:05 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\FastStone 2010-07-21 20:04 . 2010-07-21 20:05 -------- d-----w- c:\program files\FastStone Image Viewer 2010-07-21 20:04 . 2010-07-21 20:04 4769574 ----a-w- c:\program files\FSViewerSetup42.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-13 21:07 . 2007-08-20 15:21 -------- d-----w- c:\program files\Spyware Doctor 2010-08-13 21:06 . 2007-07-16 10:25 -------- d---a-w- d:\documents and settings\All Users\Application Data\TEMP 2010-08-13 20:11 . 2007-02-27 11:32 61204 ----a-w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\wklnhst.dat 2010-08-13 19:41 . 2009-12-09 13:10 -------- d-----w- c:\program files\AskBarDis 2010-08-13 19:41 . 2007-02-28 10:13 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\OpenOffice.org2 2010-08-13 10:34 . 2007-03-02 13:04 -------- d-----w- d:\documents and settings\All Users\Application Data\Google Updater 2010-08-13 09:57 . 2010-08-13 09:57 579 ----a-w- c:\program files\Snelkoppeling naar setup_av_free_dut.lnk 2010-08-13 09:07 . 2008-06-03 13:08 -------- d-----w- c:\program files\PC Veilig 2010-08-13 09:04 . 2008-06-03 13:08 -------- d-----w- d:\documents and settings\All Users\Application Data\F-Secure 2010-08-13 09:04 . 2004-09-10 16:24 92008 ----a-w- c:\windows\system32\perfc013.dat 2010-08-13 09:04 . 2004-09-10 16:24 511734 ----a-w- c:\windows\system32\perfh013.dat 2010-08-11 17:34 . 2007-02-26 21:49 -------- d-----w- c:\program files\Java 2010-07-27 11:59 . 2009-12-07 21:43 -------- d-----w- c:\program files\CCleaner 2010-07-27 06:33 . 2008-11-20 10:06 -------- d-----w- c:\program files\Winamp 2010-07-26 19:27 . 2007-02-27 11:13 -------- d-----w- c:\program files\Encarta 2010-07-26 12:57 . 2007-02-26 21:49 -------- d-----w- c:\program files\Common Files\Adobe 2010-07-26 12:49 . 2008-11-20 10:06 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Winamp 2010-07-26 12:08 . 2009-12-10 09:19 -------- d-----w- d:\documents and settings\All Users\Application Data\NOS 2010-07-26 10:33 . 2007-02-26 21:49 -------- d-----w- c:\program files\QuickTime 2010-07-21 08:18 . 2009-11-24 08:53 767928 ----a-w- c:\windows\BDTSupport.dll 2010-07-19 13:15 . 2007-02-27 10:05 -------- d-----w- c:\program files\ABBYY FineReader 4.0 Sprint 2010-07-19 07:26 . 2009-11-24 08:53 192 ----a-w- c:\windows\UDB.zip 2010-07-19 07:26 . 2009-11-24 08:53 149456 ----a-w- c:\windows\SGDetectionTool.dll 2010-07-19 07:26 . 2009-11-24 08:53 264144 ----a-w- c:\windows\PCTBDRes.dll 2010-07-19 07:26 . 2009-11-24 08:53 1435600 ----a-w- c:\windows\PCTBDCore.dll 2010-07-17 03:00 . 2010-05-10 20:26 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-07-09 13:06 . 2010-07-09 13:06 -------- d-----w- d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\CompleteGuide.D7AEE78E2D43EBD31B3DBE76266084994F93EC42.1 2010-07-09 13:06 . 2010-07-09 13:06 -------- d-----w- c:\program files\Complete Guide 2010-06-30 12:33 . 2004-09-10 16:23 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:27 . 2004-09-10 16:23 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2004-09-10 16:23 1852032 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2004-09-10 16:23 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2004-09-10 16:23 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2004-09-10 16:46 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 07:43 . 2004-09-10 16:23 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-04-08 07:33 . 2010-04-08 07:33 3376656 ----a-w- c:\program files\ccsetup230.exe 2010-03-10 16:27 . 2010-03-10 16:27 38824552 ----a-w- c:\program files\FileFormatConverters.exe 2010-03-07 15:30 . 2010-03-07 15:30 3396856 ----a-w- c:\program files\ccsetup229.exe 2010-02-10 19:09 . 2010-02-10 19:09 564064 ----a-w- c:\program files\googleupdatesetup.exe 2009-12-24 17:55 . 2009-12-24 17:55 3357024 ----a-w- c:\program files\ccsetup227.exe 2009-12-09 13:09 . 2009-12-09 13:08 5359048 ----a-w- c:\program files\FoxitReader31_enu_Setup_091125.exe 2009-12-07 21:40 . 2009-12-07 21:40 544 ----a-w- c:\program files\Snelkoppeling naar ccsetup226.lnk 2009-12-07 21:40 . 2009-12-07 21:40 3326576 ----a-w- c:\program files\ccsetup226.exe 2009-12-03 11:16 . 2009-12-03 11:16 4045528 ----a-w- c:\program files\mbam-setup.exe 2009-12-03 11:01 . 2009-12-03 11:01 812344 ----a-w- c:\program files\HijackThisInstaller.exe 2009-12-03 11:00 . 2009-12-03 11:00 401720 ----a-w- c:\program files\HijackThis.exe 2009-02-23 10:39 . 2009-02-23 10:19 1234120 -c--a-w- c:\program files\Winrar3.80.exe 2009-02-19 19:05 . 2009-02-19 19:05 9506496 -c--a-w- c:\program files\YouSendItAcrobatPluginSetup1_0_0.exe 2009-02-17 18:34 . 2009-02-17 18:34 21878064 -c--a-w- c:\program files\QuickTimeInstaller.exe 2009-02-11 20:38 . 2009-02-11 20:38 4865408 -c--a-w- c:\program files\Silverlight.2.0.exe 2008-11-20 09:58 . 2008-11-20 09:58 11485056 -c--a-w- c:\program files\winamp5541_full_all.exe 2008-10-21 15:22 . 2008-10-21 15:22 527 -c--a-w- c:\program files\Snelkoppeling naar agsetup.lnk 2008-10-21 12:10 . 2008-10-21 12:10 1665325 -c--a-w- c:\program files\agsetup.exe 2008-08-08 09:47 . 2008-08-08 09:46 1945800 -c--a-w- c:\program files\PPVIEWER.EXE 2008-07-19 13:08 . 2008-07-19 13:08 467968 -c--a-w- c:\program files\ZoekWekkerDesktopSetup.msi 2008-06-03 13:07 . 2008-06-03 13:06 68244328 -c--a-w- c:\program files\PCveilig.exe 2008-05-30 08:53 . 2008-02-06 13:22 25827912 -c--a-w- c:\program files\wmp11-windowsxp-x86-nl-nl.exe 2008-05-29 09:21 . 2008-05-29 09:21 5754289 -c--a-w- c:\program files\DigiLeenSetup_v1.1.00.0025.exe 2008-04-07 10:10 . 2008-04-07 10:10 59782440 -c--a-w- c:\program files\iTunesSetup.exe 2007-12-12 17:35 . 2007-12-12 17:35 2402832 -c--a-w- c:\program files\WLinstaller.exe 2007-07-20 20:10 . 2007-07-20 20:09 4507040 -c--a-w- c:\program files\AlexAdvancedPlusIndicatorpackSetup.exe 2007-07-16 12:09 . 2007-07-16 15:34 22278 -c--a-w- c:\program files\20070716_0600_GFS_120912.grb 2007-07-16 12:04 . 2007-07-15 19:00 2692662 -c--a-w- c:\program files\install_UGRIB.exe 2007-07-16 10:54 . 2007-07-16 10:54 5320856 -c--a-w- c:\program files\ps2pdf995.exe 2007-07-16 10:52 . 2007-07-16 10:52 2572952 -c--a-w- c:\program files\pdf995s.exe 2007-07-10 10:43 . 2007-07-10 10:43 19302104 -c--a-w- c:\program files\AlexAdvancedPlusSetup.exe 2007-05-14 10:57 . 2007-05-14 10:56 22456888 -c--a-w- c:\program files\AdbeRdr80_nl_NL.exe 2007-05-02 14:51 . 2007-05-02 14:50 3838056 -c--a-w- c:\program files\msgrplus.exe 2008-09-19 06:26 . 2007-03-18 17:37 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-12-08 975360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-20 68856] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264] "Windows Registry Repair Pro"="c:\program files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe" [2005-09-08 1363968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATSwpNav"="c:\program files\Fingerprint Sensor\ATSwpNav -run" [X] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "NECHotkey"="mHotkey.exe" [2006-01-11 548864] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656] "nwiz"="nwiz.exe" [2005-08-02 1519616] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-08 57344] "RTHDCPL"="RTHDCPL.EXE" [2005-06-29 14720000] "OmniPass"="c:\apps\Softex\OmniPass\scureapp.exe" [2005-08-12 1859584] "Ulead AutoDetector v2"="c:\program files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112] "PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-05-11 127118] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-19 29744] "eFax 4.2"="c:\program files\eFax Messenger 4.2\J2GDllCmd.exe" [2006-07-14 107008] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-17 202256] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952] "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-05-27 1287120] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] d:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ eFax 4.2.lnk - c:\program files\eFax Messenger 4.2\J2GTray.exe [2007-5-2 612352] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina] 2005-08-12 16:01 49152 ----a-w- c:\apps\Softex\OmniPass\OPXPGina.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\GRIB.US\\Ugrib.exe"= "c:\\Program Files\\Common Files\\InstallShield\\UpdateService\\agent.exe"= R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [24-11-2009 10:52 218592] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13-8-2010 11:56 165456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13-8-2010 11:56 17744] R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [24-11-2009 10:53 198608] R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [10-5-2010 22:11 366840] S2 gupdate1c9abb1bbf3ed3a;Google Updateservice (gupdate1c9abb1bbf3ed3a);c:\program files\Google\Update\GoogleUpdate.exe [23-3-2009 14:20 133104] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [18-3-2007 19:37 29744] S3 hitmanpro3;Hitman Pro 3 Support Driver;c:\windows\system32\drivers\hitmanpro3.sys [1-7-2008 8:13 3328] --- Andere Services/Drivers In Geheugen --- *Deregistered* - PCTSDInjDriver32 . Inhoud van de 'Gedeelde Taken' map 2010-08-13 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-27 08:02] 2010-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-23 12:19] 2010-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-23 12:19] 2010-08-13 c:\windows\Tasks\Master CD_DVD Creator.job - c:\apps\SMP\MCDCHECK.EXE [2005-11-08 14:26] 2010-08-13 c:\windows\Tasks\PC instellen.job - c:\apps\SMP\PCSETUP.EXE [2005-11-17 09:03] 2010-08-13 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-779791498-3118289738-2137124882-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2010-08-13 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-779791498-3118289738-2137124882-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2010-08-13 c:\windows\Tasks\Uitgebreide garantie.job - c:\apps\SMP\PBCARNOT.EXE [2005-11-09 12:55] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.omroep.nl/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader4.cab FF - ProfilePath - d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Mozilla\Firefox\Profiles\d53xk6w4.default\ FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query= FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - component: c:\program files\Spyware Doctor\BDT\FireFox\platform\WINNT_x86-msvc\components\libheuristic.dll FF - component: d:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll FF - component: d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Mozilla\Firefox\Profiles\d53xk6w4.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - component: d:\documents and settings\Dhr. A. Kuijvenhoven\Application Data\Mozilla\Firefox\Profiles\d53xk6w4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); . - - - - ORPHANS VERWIJDERD - - - - WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\program files\AskBarDis\bar\bin\askBar.dll AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-13 23:11 Windows 5.1.2600 Service Pack 3 NTFS detected NTDLL code modification: ZwClose scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-779791498-3118289738-2137124882-1006\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(584) c:\apps\Softex\OmniPass\opxpgina.dll c:\windows\system32\MPR.dll - - - - - - - > 'explorer.exe'(2676) c:\apps\Softex\OmniPass\SCUREDLL.dll c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\MPR.dll c:\windows\system32\WS2_32.dll c:\windows\system32\WS2HELP.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll d:\docume~1\DHRA~1.KUI\LOCALS~1\Temp\catchme.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\apps\HIDSERVICE\HIDSERVICE.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\apps\Softex\OmniPass\Omniserv.exe c:\program files\Spyware Doctor\pctsSvc.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\apps\Powercinema\Kernel\TV\CLSched.exe c:\apps\Softex\OmniPass\OPXPApp.exe c:\windows\mHotkey.exe c:\windows\system32\RUNDLL32.EXE c:\windows\RTHDCPL.EXE c:\program files\Fingerprint Sensor\ATSwpNav.exe . ************************************************************************** . Voltooingstijd: 2010-08-13 23:11:47 - machine werd herstart ComboFix-quarantined-files.txt 2010-08-13 21:11 ComboFix2.txt 2009-12-04 11:03 Pre-Run: 13.800.787.968 bytes beschikbaar Post-Run: 15.133.655.040 bytes beschikbaar - - End Of File - - D6886CA33972948B0FD3676BB8116FA4 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:24:23, on 16-8-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Apps\Softex\OmniPass\Omniserv.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\WINDOWS\mHotkey.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Apps\Softex\OmniPass\scureapp.exe C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Fingerprint Sensor\ATSwpNav.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\APPS\SMP\SmpSys.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\eFax Messenger 4.2\J2GTray.exe C:\WINDOWS\explorer.exe C:\Apps\Softex\OmniPass\OPXPApp.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Home | Omroep.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: MSTBR - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - C:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MSTBR - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - C:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [eFax 4.2] "C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe" /R O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKCU\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe O4 - Global Startup: eFax 4.2.lnk = C:\Program Files\eFax Messenger 4.2\J2GTray.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\nl.htm O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1172652532359 O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader4.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate1c9abb1bbf3ed3a) (gupdate1c9abb1bbf3ed3a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 11461 bytes
  14. Nog even een aanvulling: internet zelf werkt nu snel, maar de website van mijn bank wordt nog steeds afgebroken met een runtime error. Wat is dat eigenlijk?
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.