Ga naar inhoud

diadan

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    11

  • Registratiedatum

  • Laatst bezocht

diadan's prestaties

Groentje

Groentje (2/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. diadan
    Ik ben blij dat het niet te wijten is aan malware of een virus, en ik heb ook 2 valabele alternatieven van jullie gekregen om mijn favorieten genoeglijk te gebruiken, wat ik nu reeds ten volle doe. Ik zou hier het onderwerp willen afsluiten, maar niet zonder jullie te bedanken voor zoveel inzet en volharding in zo'n korte tijd. Nog een prettig eindejaar toegewenst en het allerbeste voor 2010. Diadan.
  2. diadan
    Het probleem is niet opgelost. De cursor doet nog altijd vreemde sprongen in favorieten zoals voordien en enkel in favorieten, favorieten. Ik weet niet of ik iets verkeerd gedaan heb, want ik kreeg nogal vreemde berichten zoals: - new update available,downloaden waarop ik nee heb geantwoord. - NIRCMDC niet erkend als interne of externe opdracht, programma of batch. Ik vraag me af of ik niet eerst het verkeerd bestand heb ingesleept (logbestand ?). Na een nieuw kladbestand te hebben gemaakt is achteraf toch alles normaal verlopen. Hierna volgt het logbestand: ComboFix 09-12-26.04 - Danny 28/12/2009 17:28:28.2.4 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.3327.2814 [GMT 1:00] Gestart vanuit: c:\documents and settings\Danny\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Danny\Bureaublad\CFScript.txt AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6} AV: Telenet Security Pack 9.01 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: Telenet Security Pack 9.01 *disabled* {D4747503-0346-49EB-9262-997542F79BF4} . (((((((((((((((((((( Bestanden Gemaakt van 2009-11-28 to 2009-12-28 )))))))))))))))))))))))))))))) . 2009-12-26 19:53 . 2009-12-26 19:53 -------- d-----w- c:\documents and settings\Danny\Application Data\Malwarebytes 2009-12-26 19:53 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-26 19:53 . 2009-12-26 19:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-12-26 19:53 . 2009-12-26 19:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-26 19:53 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-26 16:05 . 2009-12-27 13:39 -------- d-----w- c:\documents and settings\Danny\Local Settings\Application Data\albelli photo book creator Extra 2009-12-26 15:57 . 2009-12-26 16:05 -------- d-----w- c:\documents and settings\All Users\Application Data\albelli photo book creator Extra 2009-12-26 15:57 . 2009-12-26 15:57 -------- d-----w- c:\program files\albelli photo book creator Extra 2009-12-26 09:37 . 2009-12-26 09:37 -------- d-----w- c:\program files\Trend Micro 2009-12-25 08:55 . 2009-12-25 08:58 -------- dc-h--w- c:\windows\ie8 2009-11-28 17:25 . 2009-12-27 08:53 -------- d-----w- c:\documents and settings\Danny\Application Data\Canon Easy-WebPrint EX . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-28 16:15 . 2009-01-16 16:08 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-12-28 16:15 . 2009-01-16 16:08 -------- d-----w- c:\program files\Spyware Doctor 2009-12-28 15:35 . 2008-04-15 12:00 89266 ----a-w- c:\windows\system32\perfc013.dat 2009-12-28 15:35 . 2008-04-15 12:00 506040 ----a-w- c:\windows\system32\perfh013.dat 2009-12-26 10:07 . 2009-01-11 19:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-12-22 14:48 . 2009-01-16 16:19 -------- d-----w- c:\documents and settings\Danny\Application Data\F-Secure 2009-12-22 13:08 . 2008-12-30 11:17 -------- d-----w- c:\program files\Telenet Security Pack 2009-12-22 13:07 . 2008-12-30 11:25 33920 ----a-w- c:\windows\system32\drivers\fsbts.sys 2009-12-22 12:59 . 2008-12-30 11:17 -------- d-----w- c:\documents and settings\All Users\Application Data\fssg 2009-12-22 12:58 . 2009-04-25 18:23 -------- d-----w- c:\documents and settings\Danny\Application Data\Skype 2009-12-22 08:58 . 2009-04-25 18:25 -------- d-----w- c:\documents and settings\Danny\Application Data\skypePM 2009-12-19 15:39 . 2009-01-04 09:11 -------- d-----w- c:\documents and settings\Danny\Application Data\ZoomBrowser EX 2009-12-19 15:36 . 2009-01-04 09:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ZoomBrowser 2009-12-19 08:24 . 2009-01-11 19:21 -------- d-----w- c:\program files\Google 2009-12-14 11:03 . 2008-12-30 16:08 -------- d-----w- c:\program files\Common Files\Adobe 2009-11-28 17:25 . 2009-01-02 13:19 -------- d-----w- c:\program files\Canon 2009-11-06 13:32 . 2009-11-06 13:32 -------- d-----w- c:\program files\FunnyGames 2009-11-06 13:32 . 2009-11-06 13:32 -------- d-----w- c:\documents and settings\Danny\Application Data\FunnyGames 2009-11-05 09:02 . 2009-01-16 11:41 -------- d-----w- c:\program files\Java 2009-11-05 08:58 . 2009-11-05 08:58 152576 ----a-w- c:\documents and settings\Danny\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-11-02 19:08 . 2009-06-05 15:50 -------- d-----w- c:\program files\myBabylon_English 2009-10-29 07:44 . 2008-04-15 12:00 916480 ------w- c:\windows\system32\wininet.dll 2009-10-21 05:40 . 2008-04-15 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2008-04-15 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2008-04-15 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:38 . 2008-04-15 12:00 270848 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2008-04-15 12:00 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:40 . 2008-04-15 12:00 150016 ----a-w- c:\windows\system32\rastls.dll 2009-10-11 03:17 . 2009-01-16 11:41 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-06 15:31 . 2009-05-19 17:49 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2009-10-03 07:48 . 2008-12-30 11:02 18160 ----a-w- c:\documents and settings\Danny\Local Settings\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((( SnapShot@2009-12-27_09.16.07 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-28 15:31 . 2009-12-28 15:31 16384 c:\windows\Temp\Perflib_Perfdata_49c.dat + 2008-04-15 12:00 . 2009-12-28 15:35 70556 c:\windows\system32\perfc009.dat - 2008-04-15 12:00 . 2009-12-27 08:24 70556 c:\windows\system32\perfc009.dat + 2008-04-15 12:00 . 2009-12-28 15:35 439484 c:\windows\system32\perfh009.dat - 2008-04-15 12:00 . 2009-12-27 08:24 439484 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2008-12-09 495616] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-11 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-07-16 16806400] "Six Engine"="c:\program files\ASUS\Six Engine\SixEngine.exe" [2008-07-04 5968384] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-11-19 1970176] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-11 13524992] "nwiz"="nwiz.exe" [2008-04-11 1630208] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-11 86016] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304] "F-Secure Manager"="c:\program files\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1603152] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech Desktop Messenger.lnk - c:\documents and settings\Danny\Mijn documenten\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-12-30 67128] Logitech SetPoint.lnk - c:\documents and settings\Danny\Mijn documenten\SetPoint\SetPoint.exe [2009-1-30 805392] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2008-05-02 01:42 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2007-09-10 23:43 67488 ----a-w- c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2004-04-15 10:00 155648 ----a-r- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2009-06-02 09:56 24264488 ----a-r- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-01-11 19:22 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2009-04-24 11:57 251240 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "TomTomHOMEService"=2 (0x2) "AdobeActiveFileMonitor6.0"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\Danny\\Mijn documenten\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [30/12/2008 12:25 33920] R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [30/12/2008 12:17 80000] R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [19/05/2009 18:49 207280] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Telenet Security Pack\HIPS\drivers\fshs.sys [30/12/2008 12:17 68064] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [30/12/2008 12:17 107104] S2 gupdate1c9d6c9f5bb8e90;Google Updateservice (gupdate1c9d6c9f5bb8e90);c:\program files\Google\Update\GoogleUpdate.exe [17/05/2009 9:31 133104] S2 hpiusb;HP PhotoSmart C5101A - S20;c:\windows\system32\drivers\USBSCAN.SYS [2/01/2009 15:09 15104] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Telenet Security Pack\ORSP Client\fsorsp.exe [30/12/2008 12:17 55936] S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [16/01/2009 17:08 358600] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Telenet Security Pack\Anti-Virus\win2k\fsfilter.sys [30/12/2008 12:17 39776] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Telenet Security Pack\Anti-Virus\win2k\fsrec.sys [30/12/2008 12:17 25184] S4 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24/04/2009 12:57 92008] --- Andere Services/Drivers In Geheugen --- *Deregistered* - PCTSDInjDriver32 . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ LSP: c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\documents and settings\Danny\Mijn documenten\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-12-28 17:33 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(760) c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll c:\program files\telenet security pack\hips\fshook32.dll - - - - - - - > 'lsass.exe'(816) c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL c:\program files\telenet security pack\hips\fshook32.dll - - - - - - - > 'explorer.exe'(2784) c:\documents and settings\Danny\Mijn documenten\SetPoint\lgscroll.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2009-12-28 17:34:10 ComboFix-quarantined-files.txt 2009-12-28 16:34 ComboFix2.txt 2009-12-27 09:17 Pre-Run: 270.047.453.184 bytes beschikbaar Post-Run: 270.279.225.344 bytes beschikbaar - - End Of File - - 569A7DB794C29089E546652A4FA2F63E
  3. diadan
    ComboFix 09-12-26.04 - Danny 27/12/2009 10:12:23.1.4 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.3327.2714 [GMT 1:00] Gestart vanuit: c:\documents and settings\Danny\Bureaublad\ComboFix.exe AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6} AV: Telenet Security Pack 9.01 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: Telenet Security Pack 9.01 *disabled* {D4747503-0346-49EB-9262-997542F79BF4} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe . (((((((((((((((((((( Bestanden Gemaakt van 2009-11-27 to 2009-12-27 )))))))))))))))))))))))))))))) . 2009-12-26 19:53 . 2009-12-26 19:53 -------- d-----w- c:\documents and settings\Danny\Application Data\Malwarebytes 2009-12-26 19:53 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-26 19:53 . 2009-12-26 19:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-12-26 19:53 . 2009-12-26 19:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-26 19:53 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-26 16:05 . 2009-12-26 16:16 -------- d-----w- c:\documents and settings\Danny\Local Settings\Application Data\albelli photo book creator Extra 2009-12-26 15:57 . 2009-12-26 16:05 -------- d-----w- c:\documents and settings\All Users\Application Data\albelli photo book creator Extra 2009-12-26 15:57 . 2009-12-26 15:57 -------- d-----w- c:\program files\albelli photo book creator Extra 2009-12-26 09:37 . 2009-12-26 09:37 -------- d-----w- c:\program files\Trend Micro 2009-12-25 08:55 . 2009-12-25 08:58 -------- dc-h--w- c:\windows\ie8 2009-11-28 17:25 . 2009-12-27 08:53 -------- d-----w- c:\documents and settings\Danny\Application Data\Canon Easy-WebPrint EX . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-27 09:08 . 2009-01-16 16:08 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-12-27 09:08 . 2009-01-16 16:08 -------- d-----w- c:\program files\Spyware Doctor 2009-12-27 08:24 . 2008-04-15 12:00 89266 ----a-w- c:\windows\system32\perfc013.dat 2009-12-27 08:24 . 2008-04-15 12:00 506040 ----a-w- c:\windows\system32\perfh013.dat 2009-12-26 10:07 . 2009-01-11 19:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-12-22 14:48 . 2009-01-16 16:19 -------- d-----w- c:\documents and settings\Danny\Application Data\F-Secure 2009-12-22 13:08 . 2008-12-30 11:17 -------- d-----w- c:\program files\Telenet Security Pack 2009-12-22 13:07 . 2008-12-30 11:25 33920 ----a-w- c:\windows\system32\drivers\fsbts.sys 2009-12-22 12:59 . 2008-12-30 11:17 -------- d-----w- c:\documents and settings\All Users\Application Data\fssg 2009-12-22 12:58 . 2009-04-25 18:23 -------- d-----w- c:\documents and settings\Danny\Application Data\Skype 2009-12-22 08:58 . 2009-04-25 18:25 -------- d-----w- c:\documents and settings\Danny\Application Data\skypePM 2009-12-19 15:39 . 2009-01-04 09:11 -------- d-----w- c:\documents and settings\Danny\Application Data\ZoomBrowser EX 2009-12-19 15:36 . 2009-01-04 09:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ZoomBrowser 2009-12-19 08:24 . 2009-01-11 19:21 -------- d-----w- c:\program files\Google 2009-12-14 11:03 . 2008-12-30 16:08 -------- d-----w- c:\program files\Common Files\Adobe 2009-11-28 17:25 . 2009-01-02 13:19 -------- d-----w- c:\program files\Canon 2009-11-06 13:32 . 2009-11-06 13:32 -------- d-----w- c:\program files\FunnyGames 2009-11-06 13:32 . 2009-11-06 13:32 -------- d-----w- c:\documents and settings\Danny\Application Data\FunnyGames 2009-11-05 09:02 . 2009-01-16 11:41 -------- d-----w- c:\program files\Java 2009-11-05 08:58 . 2009-11-05 08:58 152576 ----a-w- c:\documents and settings\Danny\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-11-02 19:08 . 2009-06-05 15:50 -------- d-----w- c:\program files\myBabylon_English 2009-10-29 07:44 . 2008-04-15 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2009-10-21 05:40 . 2008-04-15 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2008-04-15 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2008-04-15 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:38 . 2008-04-15 12:00 270848 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2008-04-15 12:00 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:40 . 2008-04-15 12:00 150016 ----a-w- c:\windows\system32\rastls.dll 2009-10-11 03:17 . 2009-01-16 11:41 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-06 15:31 . 2009-05-19 17:49 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2009-10-03 07:48 . 2008-12-30 11:02 18160 ----a-w- c:\documents and settings\Danny\Local Settings\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyB0.dll" [2009-11-02 2166296] [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}] 2009-11-02 19:08 2166296 ----a-w- c:\program files\myBabylon_English\tbmyB0.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyB0.dll" [2009-11-02 2166296] [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\program files\myBabylon_English\tbmyB0.dll" [2009-11-02 2166296] [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2008-12-09 495616] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-11 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-07-16 16806400] "Six Engine"="c:\program files\ASUS\Six Engine\SixEngine.exe" [2008-07-04 5968384] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-11-19 1970176] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-11 13524992] "nwiz"="nwiz.exe" [2008-04-11 1630208] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-11 86016] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304] "F-Secure Manager"="c:\program files\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1603152] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech Desktop Messenger.lnk - c:\documents and settings\Danny\Mijn documenten\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-12-30 67128] Logitech SetPoint.lnk - c:\documents and settings\Danny\Mijn documenten\SetPoint\SetPoint.exe [2009-1-30 805392] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2008-05-02 01:42 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2007-09-10 23:43 67488 ----a-w- c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2004-04-15 10:00 155648 ----a-r- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2009-06-02 09:56 24264488 ----a-r- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-01-11 19:22 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2009-04-24 11:57 251240 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "TomTomHOMEService"=2 (0x2) "AdobeActiveFileMonitor6.0"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\Danny\\Mijn documenten\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [30/12/2008 12:25 33920] R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [30/12/2008 12:17 80000] R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [19/05/2009 18:49 207280] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Telenet Security Pack\HIPS\drivers\fshs.sys [30/12/2008 12:17 68064] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [30/12/2008 12:17 107104] S2 gupdate1c9d6c9f5bb8e90;Google Updateservice (gupdate1c9d6c9f5bb8e90);c:\program files\Google\Update\GoogleUpdate.exe [17/05/2009 9:31 133104] S2 hpiusb;HP PhotoSmart C5101A - S20;c:\windows\system32\drivers\USBSCAN.SYS [2/01/2009 15:09 15104] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Telenet Security Pack\ORSP Client\fsorsp.exe [30/12/2008 12:17 55936] S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [16/01/2009 17:08 358600] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Telenet Security Pack\Anti-Virus\win2k\fsfilter.sys [30/12/2008 12:17 39776] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Telenet Security Pack\Anti-Virus\win2k\fsrec.sys [30/12/2008 12:17 25184] S4 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24/04/2009 12:57 92008] --- Andere Services/Drivers In Geheugen --- *Deregistered* - PCTSDInjDriver32 . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ LSP: c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\documents and settings\Danny\Mijn documenten\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-12-27 10:16 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(760) c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll c:\program files\telenet security pack\hips\fshook32.dll - - - - - - - > 'lsass.exe'(816) c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL c:\program files\telenet security pack\hips\fshook32.dll . Voltooingstijd: 2009-12-27 10:17:12 ComboFix-quarantined-files.txt 2009-12-27 09:17 Pre-Run: 269.785.182.208 bytes beschikbaar Post-Run: 270.322.438.144 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect - - End Of File - - 4886E5CAEA7D96FBC8A87777B8CE06F1
  4. diadan
    Malwarebytes' Anti-Malware 1.42 Database versie: 3435 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 26/12/2009 21:02:36 mbam-log-2009-12-26 (21-02-36).txt Scan type: Snelle Scan Objecten gescand: 115537 Verstreken tijd: 7 minute(s), 15 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:10:57, on 26/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ASUS\Six Engine\SixEngine.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Telenet Security Pack\Common\FSM32.EXE C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Documents and Settings\Danny\Mijn documenten\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Documents and Settings\Danny\Mijn documenten\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE C:\Program Files\Telenet Security Pack\Anti-Virus\FSGK32.EXE C:\Program Files\Telenet Security Pack\Common\FSHDLL32.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe C:\Program Files\Telenet Security Pack\ORSP Client\fsorsp.exe C:\Program Files\Telenet Security Pack\Anti-Virus\fssm32.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Telenet Security Pack\Anti-Virus\fsav32.exe C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\Program Files\Microsoft Office\Office\1033\msoffice.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB0.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB0.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Security Pack\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Documents and Settings\Danny\Mijn documenten\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Documents and Settings\Danny\Mijn documenten\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Documents and Settings\Danny\Mijn documenten\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\ORSP Client\fsorsp.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updateservice (gupdate1c9d6c9f5bb8e90) (gupdate1c9d6c9f5bb8e90) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 10154 bytes
  5. diadan
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:40:59, on 26/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ASUS\Six Engine\SixEngine.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Telenet Security Pack\Common\FSM32.EXE C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Documents and Settings\Danny\Mijn documenten\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Documents and Settings\Danny\Mijn documenten\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE C:\Program Files\Telenet Security Pack\Anti-Virus\FSGK32.EXE C:\Program Files\Telenet Security Pack\Common\FSHDLL32.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe C:\Program Files\Telenet Security Pack\ORSP Client\fsorsp.exe C:\Program Files\Telenet Security Pack\Anti-Virus\fssm32.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Telenet Security Pack\Anti-Virus\fsav32.exe C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB0.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB0.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Security Pack\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Documents and Settings\Danny\Mijn documenten\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Documents and Settings\Danny\Mijn documenten\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Documents and Settings\Danny\Mijn documenten\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\ORSP Client\fsorsp.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updateservice (gupdate1c9d6c9f5bb8e90) (gupdate1c9d6c9f5bb8e90) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 9910 bytes
  6. diadan
    Hallo Angel, Ik heb internet explorer geherinstalleerd, maar het euvel is niet verholpen, ik denk dat er nog een ander angeltje onder het gras zit. Wat de oorzaak hiervan is blijft voor mij een raadsel. Toch geen virus hoop ik. De 2 alternatieven die je voorstelt zijn voor mij wel OK. Het is zoals je zelf zegt een beetje wennen. Angel vriendelijk bedankt voor de hulp. Prettige feesten voor jou en het ganse pc-hulpforum. Diadan
  7. diadan
    Hallo Angel, Nee hier verloopt alles normaal. Diadan
  8. diadan
    Wanneer ik de muis gebruik om in favorieten (internet) een keuze te maken is de cursus oncontroleerbaar. Op het internet en andere toepassingen heb ik geen problemen met de muis. Weet iemand raad?
  9. diadan
    Bedankt kweezie wabbit, alles is nu perfect weer leesbaar ! Angel ik heb spijtig genoeg nog geen tijd gehad om Iconoid uit te proberen maar ik zal het zeker doen. Alvast bedankt iedereen.
  10. diadan
    Heb ik gedaan, maar ik heb niets gevonden dat het probleem(pje) oplost. In ieder geval bedankt voor de reactie.
  11. diadan
    De achtergrond van mijn bureaublad is zeer bleek (eigen foto) en toch zijn de ondertitels van de ikoontjes in wit met schaduw of onleesbaar. Hoe kan ik dat veranderen bv zwart ?
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.