Ga naar inhoud

daverend

Lid
  • Items

    23
  • Registratiedatum

  • Laatst bezocht

daverend's prestaties

  1. Mijn broer heeft de stroom even ervan af moeten halen, waardoor mijn pc uitging en deze startte daarna helaas weer niet goed op. Wilt u deze topic alstublieft nog niet sluiten, want zodra mijn pc weer normaal start kan ik pas uw instructie uitvoeren. Dank u!
  2. Bedankt voor uw reactie! Ik heb geluk, de computer startte eindelijk weer eens gewoon op! Nu kan ik gaan uitvoeren wat u mij adviseerde. Hier heb ik morgenavond hoogstwaarschijnlijk de tijd voor. Ik zal het resultaat van de test daarna hier posten.
  3. Goedendag, Ik heb een Compaq uit 2006 met Windows XP en als ik mijn pc aan zet dan krijg ik wel het beginscherm van Compaq te zien,maar daarna start mijn pc niet meer verder op. Ik moest mijn pc lang aan laten staan om erop te kunnen blijven werken, maar na lange tijd wordt deze trager en moet ik ook wel eens updates doen voor mijn pc-beveiliging dus moet af en toe toch opnieuw starten. Soms doet hij ineens wel verder opstarten, maar meestal niet. Eerst dacht ik dat het batterij-tje die in de pc zit, leeg was waardoor de pc niet verder opstartte, maar deze is inmiddels vervangen en het probleem blijft nog steeds. Toen de pc de laatste keer wel verder opstartte, kon ik er niet goed op werken omdat deze steeds terugkerend na enkele minuten even een paar seconden bleef hangen. Dus wilde ik voor de zekerheid een virusscan doen. Deze scan bleef hangen bij 17%. Op dat moment was hij bezig de opstartsectie (Bios?) te scannen. Zou het met een defect in de bios te maken kunnen hebben? Of zijn er nog andere mogelijke problemen? B.v. defect in de harde schijf? Om deze vraag te stellen, maak ik momenteel tijdelijk gebruik van de laptop van een familielid. Maar zou graag zo snel mogelijk weer mijn eigen pc willen gebruiken. Kunt u mij inlichten over wat de oorzaak kan zijn en hoe ik dit dien op te lossen? Bij voorbaat dank. Vriendelijke groeten, D. Meuleberg
  4. Het probleem is opgelost. Heb na defogger en een reboot, AVG nogmaals laten scannen, hij geeft de 2 bestanden niet meer weer als zogenaamde bedreiging. Mijn dank is zeer groot!!!
  5. Als reactie op Maxstar: ik heb een aantal onderdelen van DVDVideoSoft geinstalleerd. Dit is wel al lang geleden, ik weet niet eens meer wanneer. (Ik heb van de meeste onderdelen al lang geen software-update meer heb uitgevoerd). Maar heb er eigenlijk nooit problemen mee gehad wat betreft detectie-meldingen van AVG. Kan dit misschien toch nu de veroorzaker zijn? Zo ja, hoe kan ik dat met zekerheid vaststellen? En is het noodzakelijk dit uit te schakelen/ te verwijderen? Want ik gebruik het programma op regelmatige basis.
  6. Bij het opstarten van Combofix geeft het de volgende melding weer: "ComboFix heeft vastgesteld dat de volgende real time scanner(s) actief zijn: antivirus: AVG update module" Toch heb ik voordat ik ComboFix opstartte, volgens de instructies op de betreffende website van bleepingcomputer.com, AVG uitgeschakeld via rechtermuisknop, vervolgens geklikt op: "Beveiliging door AVG uitschakelen". Als ik er nog eens op zou klikken staat er "Beveiliging door AVG inschakelen". Dus AVG is inderdaad uitgeschakeld. Maar wat moet ik dan nog meer doen om de update module uit te schakelen?
  7. Helaas geeft AVG na een nieuwe virusscan deze twee bestanden nog steeds weer. Het vreemde is ook, dat als ik naar de betreffende map ga waar deze bestanden in zouden moeten staan, ze niet te vinden zijn. En ik heb 'verborgen mappen weergeven' aan staan
  8. Zoek.exe Version 4.0.0.2 Updated 02-March-2013 Tool run by Administrator on za 02-03-2013 at 20:26:26,73. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\Explorer.EXE svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Desktop Tray Clock\DTClock.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\SilverCrest DMTS2017 Driver\KbClient_FD2.exe C:\Program Files\SilverCrest DMTS2017 Driver\MouClient_FD2.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\notepad.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Tijdelijke map 1 voor zoek.zip\zoek.exe ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-682003330-117609710-1606980848-500\Software\Microsoft\Internet Explorer\SearchScopes\{76CFD0CD-240B-4447-B616-94783628092D} deleted successfully HKEY_USERS\S-1-5-21-682003330-117609710-1606980848-500\Software\Microsoft\Internet Explorer\SearchScopes\{D565ACA0-4530-4596-9DF1-88146F4F0050} deleted successfully HKEY_USERS\S-1-5-21-682003330-117609710-1606980848-500\Software\Microsoft\Internet Explorer\SearchScopes\{ECE851C0-0209-4725-B086-94D050FCA641} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== FireFox Fix ====================== ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\i1nx5yu6.default user.js not found ---- Lines OneClickDownload removed from prefs.js ---- ---- Lines OneClickDownload modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_02-03-2013_2032_.backup ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\Nstavc2y.Default user.js not found ---- Lines OneClickDownload removed from prefs.js ---- user_pref("network.protocol-handler.warn-external.oneclickdownload", false); ---- Lines OneClickDownload modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_02-03-2013_2032_.backup ProfilePath: C:\Documents and Settings\Default User\Application Data\Mozilla\Firefox\Profiles\Nstavc2y.Default user.js not found ---- Lines OneClickDownload removed from prefs.js ---- user_pref("network.protocol-handler.warn-external.oneclickdownload", false); ---- Lines OneClickDownload modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_02-03-2013_2032_.backup ==== System Specs ====================== Windows: Windows XP Professional Service Pack 3 (Build 2600) Internet Explorer: 7.0.5730.13 Memory (RAM): 960 MB CPU Info: Intel® Pentium® D CPU 2.66GHz CPU Speed: 2603,0 MHz Sound Card: Realtek HD Audio rear output | Display Adapters: ATI RADEON XPRESS 200 Series | ATI RADEON XPRESS 200 Series | NetMeeting driver | RDPDD Chained DD Monitors: 1x; V201LZ201942MD20666 | V201LZ201942MD20666 | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek RTL8139/810x Family Fast Ethernet NIC CD / DVD Drives: 2x (E: | F: | ) E: TSSTcorpCDDVDW SH-222BB | F: IDE-DVD DROM6216 Ports: COM Ports NOT Present. LPT1 Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 97,7GB | D: 181,8GB | L: 1396,9GB Hard Disks - Free: C: 49,4GB | D: 173,6GB | L: 594,2GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 08/17/06 | HP-CPC - 8000617 Time Zone: West-Europa (standaardtijd) Motherboard *: Hewleet-Packard Asterope2 Sun Java version: 1.6.0_07 Country: Nederland Language: NLD ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp ==== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Documents and Settings\Administrator\Application Data ====== ====== C:\Documents and Settings\Administrator ====== ====== C: exe-files == 2013-02-28 23:31:05 0415AB744E0BE99287ABAFE434365346 1931088 ----a-w- C:\Documents and Settings\Administrator\Bureaublad\FixTDSS.exe === C: other files == 2013-03-01 17:44:55 833A32C63F92724611EDA5F6854F7B63 902863 ----a-w- C:\WINDOWS\Temp\avgdiag2\28525365-80a7-4816-8f7d-25387d22e720\out\28525365-80a7-4816-8f7d-25387d22e720[0cccbbfc-27ef-47d6-8256-d15067a3a010].zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="C:\Program Files\Desktop Tray Clock\DTClock.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="C:\Program Files\Desktop Tray Clock\DTClock.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="C:\Program Files\Desktop Tray Clock\DTClock.exe" [HKEY_USERS\S-1-5-21-682003330-117609710-1606980848-500\Software\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="C:\Program Files\Desktop Tray Clock\DTClock.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "KiesHelper"="C:\Program Files\Samsung\Kies\KiesHelper.exe /s" "KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" "KiesPDLR"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "Google Update"="C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="C:\Program Files\Desktop Tray Clock\DTClock.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="regsvr32 /s /n /i:u shell32" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="regsvr32 /s /n /i:u shell32" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="regsvr32 /s /n /i:u shell32" [HKEY_USERS\S-1-5-21-682003330-117609710-1606980848-500\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_110_Plugin.exe -update plugin" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="regsvr32 /s /n /i:u shell32" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" "Alcmtr"="ALCMTR.EXE" "ehTray"="C:\WINDOWS\ehome\ehtray.exe" "SkinClock"="C:\Program Files\Desktop Tray Clock\DTClock.exe" "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "SilverCrest PH 1012B"="C:\WINDOWS\Silvercrest PH 1012B.exe" "Launch SilverCrest DMTS2017-K"="C:\Program Files\SilverCrest DMTS2017 Driver\KbClient_FD2.exe" "Launch SilverCrest DMTS2017-M"="C:\Program Files\SilverCrest DMTS2017 Driver\MouClient_FD2.exe" "DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="C:\Program Files\Desktop Tray Clock\DTClock.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "KiesHelper"="C:\Program Files\Samsung\Kies\KiesHelper.exe /s" "KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" "KiesPDLR"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "Google Update"="C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_110_Plugin.exe -update plugin" ==== Startup Folders ====================== 2012-07-29 12:06:51 1007 ----a-w- C:\Documents and Settings\Administrator\Menu Start\Programma's\Opstarten\Wuala.lnk 2012-05-31 12:25:45 1815 ----a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk 2012-05-31 12:27:27 805 ----a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\HP Photosmart Premier Snelstart.lnk 2010-11-13 03:13:27 1725 ----a-r- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\RocketDock.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-682003330-117609710-1606980848-500Core.job --a------ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [21-09-2012 22:08] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-682003330-117609710-1606980848-500UA.job --a------ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [21-09-2012 22:08] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\i1nx5yu6.default - DivX Plus Web Player HTML5 lt;videogt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 - LavaFox V2-Blue - %ProfilePath%\extensions\djziggy@gmail.com - FT SleekDark - %ProfilePath%\extensions\{a21cd440-41d6-11e0-9207-0800200c9a66} - Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} - Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi - Stylish - %ProfilePath%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - FoxTab - %ProfilePath%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\Nstavc2y.Default - Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} AppDir: C:\Program Files\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\i1nx5yu6.default E0FF893763BA82BAABB869A351F0C455 - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update A3E477ACDA2C5A427E56FB075ADEB536 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll - Shockwave Flash 21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat 9013599B12923A45C029C34E8D2211AC - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll - Silverlight Plug-In A66A630E101E7B5CF0946F34935660CC - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in BA31D3FB803BBA92413D9D7D4E214D52 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.9 C41576CBD076B6895C20B465CDC26958 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.9 D8F8E45ACC404661CF0787F2A0888180 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.9 7B55FEF2BA47A2420BB49CD93320077A - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.9 D9F5A433758BC151850E53690D57663A - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.9 2FE95733EB36CD762EAE54BBE9D8B11C - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.9 8FD41344CB62DDB06E2A339F2C5F1947 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.6.9 15A40ADA2CFCC400348E37A40237337E - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM B3EFFE7C6EDBA9A754158B8EA2BF7BBA - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation BA31D3FB803BBA92413D9D7D4E214D52 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.9 C41576CBD076B6895C20B465CDC26958 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.9 D8F8E45ACC404661CF0787F2A0888180 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.9 7B55FEF2BA47A2420BB49CD93320077A - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.9 D9F5A433758BC151850E53690D57663A - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.9 2FE95733EB36CD762EAE54BBE9D8B11C - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.9 8FD41344CB62DDB06E2A339F2C5F1947 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.9 21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat E0BCE90537E4A41AF36D5BDD5963A09D - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat BF2AD333C79072EEBE5AE0D72670E64E - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12-12-2011 14:13] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Documents and Settings\Administrator\Application Data\DVDVideoSoft\dvsYoutubeDownload.crx[26-09-2012 18:56] AVG Safe Search - Administrator - Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Search Page"="http://downloads.phpnuke.org/nl/index.php?rvs=google" "Default_Search_URL"="http://www.google.nl" "Search Bar"="http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://downloads.phpnuke.org/nl/index.php?rvs=google" "Start Page"="http://downloads.phpnuke.org/nl/index.php?rvs=google" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.nl/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{76CFD0CD-240B-4447-B616-94783628092D}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{76CFD0CD-240B-4447-B616-94783628092D}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {C09ED1D4-B134-4F60-8B26-5E6FF788D1F7} Google Zoeken Url="http://www.google.nl/search?hl=nl&q={searchTerms}&meta=" ==== Silent Runners ====================== "Silent Runners.vbs", revision 69, Silent Runners - Adware? Disinfect, don't reformat! Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} SkinClock = C:\Program Files\Desktop Tray Clock\DTClock.exe [null data] Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [MS] KiesHelper = C:\Program Files\Samsung\Kies\KiesHelper.exe /s [null data] KiesTrayAgent = C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [samsung Electronics Co., Ltd.] KiesPDLR = C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [null data] Google Update = "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c [Google Inc.] HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\ {++} FlashPlayerUpdate = C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_110_Plugin.exe -update plugin [Adobe Systems Incorporated] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} RTHDCPL = RTHDCPL.EXE [Realtek Semiconductor Corp.] Alcmtr = ALCMTR.EXE [Realtek Semiconductor Corp.] ehTray = C:\WINDOWS\ehome\ehtray.exe [MS] SkinClock = C:\Program Files\Desktop Tray Clock\DTClock.exe [null data] NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe [Ahead Software Gmbh] StartCCC = "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [Advanced Micro Devices, Inc.] QuickTime Task = "C:\Program Files\QuickTime\QTTask.exe" -atboottime [Apple Inc.] iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe" [Apple Inc.] SilverCrest PH 1012B = C:\WINDOWS\Silvercrest PH 1012B.exe [null data] Launch SilverCrest DMTS2017-K = C:\Program Files\SilverCrest DMTS2017 Driver\KbClient_FD2.exe [siliten] Launch SilverCrest DMTS2017-M = C:\Program Files\SilverCrest DMTS2017 Driver\MouClient_FD2.exe [siliten] DivXUpdate = "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [null data] HP Software Update = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [Hewlett-Packard Development Company, L.P.] Adobe ARM = "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated] AVG_UI = "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY [AVG Technologies CZ, s.r.o.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {00011268-E188-40DF-A514-835FCD78B1BF}\(Default) = IE7Pro -> {HKLM.CLSID} = IE7Pro BHO \InProcServer32\(Default) = C:\Program Files\IEPro\iepro.dll [iE7Pro.com] {18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = AcroIEHelperStub -> {HKLM.CLSID} = Adobe PDF Link Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe Systems Incorporated] {326E768D-4182-46FD-9C16-1449A49795F4}\(Default) = Increase performance and video formats for your HTML5 <video> -> {HKLM.CLSID} = DivX Plus Web Player HTML5 <video> \InProcServer32\(Default) = C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [DivX, LLC] {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\(Default) = WormRadar.com IESiteBlocker.NavFilter -> {HKLM.CLSID} = AVG Safe Search \InProcServer32\(Default) = C:\Program Files\AVG\AVG2012\avgssie.dll [file not found] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM.CLSID} = SSVHelper Class \InProcServer32\(Default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [sun Microsystems, Inc.] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM.CLSID} = Windows Live Aanmelden - Help \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = SkypeIEPluginBHO -> {HKLM.CLSID} = Skype Browser Helper \InProcServer32\(Default) = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ 0WualaOverlayIcon1\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} -> {HKLM.CLSID} = WualaOverlayIcon 1 \InProcServer32\(Default) = C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [LaCie AG] 0WualaOverlayIcon2\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} -> {HKLM.CLSID} = WualaOverlayIcon 2 \InProcServer32\(Default) = C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [LaCie AG] 0WualaOverlayIcon3\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} -> {HKLM.CLSID} = WualaOverlayIcon 3 \InProcServer32\(Default) = C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [LaCie AG] 0WualaOverlayIcon4\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} -> {HKLM.CLSID} = WualaOverlayIcon 4 \InProcServer32\(Default) = C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [LaCie AG] 1EldosIconOverlay\(Default) = {20D9C431-26EC-4A8A-96B5-ECF7528E2F0A} -> {HKLM.CLSID} = 1EldosIconOverlay \InProcServer32\(Default) = C:\WINDOWS\system32\CbFsMntNtf3.dll [EldoS Corporation] EldosIconOverlay\(Default) = {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} -> {HKLM.CLSID} = VSMntNtfOverlayIcon Class \InProcServer32\(Default) = C:\WINDOWS\system32\CbFsMntNtf3.dll [EldoS Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {42071714-76d4-11d1-8b24-00a0c9068ff3} = Configuratiescherm-uitbreiding Beeldscherm-panning -> {HKLM.CLSID} = Configuratiescherm-uitbreiding Beeldscherm-panning \InProcServer32\(Default) = deskpan.dll [file not found] {88895560-9AA2-1069-930E-00AA0030EBC8} = HyperTerminal-pictogramuitbreiding -> {HKLM.CLSID} = HyperTerminal Icon Ext \InProcServer32\(Default) = C:\WINDOWS\system32\hticons.dll [Hilgraeve, Inc.] {8A56567E-A333-4843-B6E1-C3A262E41D8C} = HashTab Property Page -> {HKLM.CLSID} = HashPage Class \InProcServer32\(Default) = C:\Program Files\HashTab Shell Extension\HashTab32.dll [beeblebrox.org] {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} = UnlockerShellExtension -> {HKLM.CLSID} = UnlockerShellExtension \InProcServer32\(Default) = C:\Program Files\Unlocker\UnlockerCOM.dll [null data] {5E2121EE-0300-11D4-8D3B-444553540000} = Catalyst Context Menu extension -> {HKLM.CLSID} = SimpleShlExt Class \InProcServer32\(Default) = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [Advanced Micro Devices, Inc.] {0563DB41-F538-4B37-A92D-4659049B7766} = WLMD Message Handler -> {HKLM.CLSID} = CLSID_WLMCMimeFilter \InProcServer32\(Default) = C:\Program Files\Windows Live\Mail\mailcomm.dll [MS] {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} = iTunes -> {HKLM.CLSID} = iTunes \InProcServer32\(Default) = C:\Program Files\iTunes\iTunesMiniPlayer.dll [Apple Inc.] {23170F69-40C1-278A-1000-000100020000} = 7-Zip Shell Extension -> {HKLM.CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [igor Pavlov] {5FF49FE8-B332-4CB9-B102-FB6951629E55} = Virtual Storage Mount Notification -> {HKLM.CLSID} = Virtual Storage Mount Notification \InProcServer32\(Default) = C:\WINDOWS\system32\CbFsMntNtf3.dll [EldoS Corporation] {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = AVG Shell Extension -> {HKLM.CLSID} = AVG Shell Extension Class \InProcServer32\(Default) = C:\Program Files\AVG\AVG2013\avgse.dll [AVG Technologies CZ, s.r.o.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\ <<!>> {5FF49FE8-B332-4CB9-B102-FB6951629E55} = Virtual Storage Mount Notification -> {HKLM.CLSID} = Virtual Storage Mount Notification \InProcServer32\(Default) = C:\WINDOWS\system32\CbFsMntNtf3.dll [EldoS Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ EldosMountNotificator = {5FF49FE8-B332-4CB9-B102-FB6951629E55} -> {HKLM.CLSID} = Virtual Storage Mount Notification \InProcServer32\(Default) = C:\WINDOWS\system32\CbFsMntNtf3.dll [EldoS Corporation] HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\ <<!>> BootExecute = autocheck autochk *|pgdfgsvc C 1 [sysinternals - www.sysinternals.com]|C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart [AVG Technologies CZ, s.r.o.] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ <<!>> AtiExtEvent\DLLName = Ati2evxx.dll [ATI Technologies Inc.] HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\ <<!>> linkscanner\CLSID = {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -> {HKLM.CLSID} = XPLPPFilter Class \InProcServer32\(Default) = C:\Program Files\AVG\AVG2012\avgpp.dll [file not found] <<!>> livecall\CLSID = {828030A1-22C1-4009-854F-8E305202313F} -> {HKLM.CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL [MS] <<!>> msnim\CLSID = {828030A1-22C1-4009-854F-8E305202313F} -> {HKLM.CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL [MS] <<!>> skype-ie-addon-data\CLSID = {91774881-D725-4E58-B298-07617B9B86A8} -> {HKLM.CLSID} = Skype IE add-on Pluggable Protocol \InProcServer32\(Default) = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.] <<!>> skype4com\CLSID = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -> {HKLM.CLSID} = IEProtocolHandler Class \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL [skype Technologies] <<!>> wlmailhtml\CLSID = {03C514A3-1EFB-4856-9F99-10D7BE1653C0} -> {HKLM.CLSID} = Windows Live Mail HTML Asynchronous Pluggable Protocol Handler \InProcServer32\(Default) = C:\Program Files\Windows Live\Mail\mailcomm.dll [MS] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM.CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [igor Pavlov] AVG Shell Extension\(Default) = {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} -> {HKLM.CLSID} = AVG Shell Extension Class \InProcServer32\(Default) = C:\Program Files\AVG\AVG2013\avgse.dll [AVG Technologies CZ, s.r.o.] HKLM\SOFTWARE\Classes\*\shellex\PropertySheetHandlers\ HashTab\(Default) = {8A56567E-A333-4843-B6E1-C3A262E41D8C} -> {HKLM.CLSID} = HashPage Class \InProcServer32\(Default) = C:\Program Files\HashTab Shell Extension\HashTab32.dll [beeblebrox.org] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM.CLSID} = MBAMShlExt Class \InProcServer32\(Default) = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation] UnlockerShellExtension\(Default) = {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} -> {HKLM.CLSID} = UnlockerShellExtension \InProcServer32\(Default) = C:\Program Files\Unlocker\UnlockerCOM.dll [null data] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM.CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [igor Pavlov] HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM.CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [igor Pavlov] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ ACE\(Default) = {5E2121EE-0300-11D4-8D3B-444553540000} -> {HKLM.CLSID} = SimpleShlExt Class \InProcServer32\(Default) = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [Advanced Micro Devices, Inc.] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info -> {HKLM.CLSID} = PDF Shell Extension \InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ AVG Shell Extension\(Default) = {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} -> {HKLM.CLSID} = AVG Shell Extension Class \InProcServer32\(Default) = C:\Program Files\AVG\AVG2013\avgse.dll [AVG Technologies CZ, s.r.o.] MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM.CLSID} = MBAMShlExt Class \InProcServer32\(Default) = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation] UnlockerShellExtension\(Default) = {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} -> {HKLM.CLSID} = UnlockerShellExtension \InProcServer32\(Default) = C:\Program Files\Unlocker\UnlockerCOM.dll [null data] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoUserNameInStartMenu = (REG_DWORD) dword:0x00000001 {unrecognized setting} NoSaveSettings = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|Desktop| Don't save settings at exit} NoRecentDocsMenu = (REG_DWORD) dword:0x00000001 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoRemoteRecursiveEvents = (REG_DWORD) dword:0x00000001 {unrecognized setting} NoRecentDocsMenu = (REG_DWORD) dword:0x00000001 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ InstallVisualStyle = (REG_EXPAND_SZ) C:\WINDOWS\Resources\Themes\Inspirat\Inspirat.msstyles {unrecognized setting} InstallTheme = (REG_EXPAND_SZ) C:\WINDOWS\Resources\Themes\Ultimate.theme {unrecognized setting} NoInternetOpenWith = (REG_DWORD) dword:0x00000001 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ Wallpaper = %APPDATA%\Mozilla\Firefox\Bureaubladachtergrond.bmp Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Bureaubladachtergrond.bmp Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ EHomeMusicDropTarget\ Provider = Media Center InvokeProgID = EHomeDropTarget.EHomeMusicDropTarget InvokeVerb = play HKLM\SOFTWARE\Classes\EHomeDropTarget.EHomeMusicDropTarget\shell\play\DropTarget\CLSID = {ED87EFF3-FF22-404E-B2BD-BC3841BDCB2C} -> {HKLM.CLSID} = EHomeMusicDropTarget Class \InProcServer32\(Default) = C:\WINDOWS\eHome\ehdrop.dll [MS] EHomePhotosHandler\ Provider = Media Center InvokeProgID = EHomeDropTarget.EHomePhotosHandler InvokeVerb = play HKLM\SOFTWARE\Classes\EHomeDropTarget.EHomePhotosHandler\shell\play\DropTarget\CLSID = {4b7601c1-d292-4902-89f4-583a5ce0c535} -> {HKLM.CLSID} = EHomePhotosHandler Class \InProcServer32\(Default) = C:\WINDOWS\eHome\ehdrop.dll [MS] EHomeVideoDropTarget\ Provider = Media Center InvokeProgID = EHomeDropTarget.EHomeVideoDropTarget InvokeVerb = play HKLM\SOFTWARE\Classes\EHomeDropTarget.EHomeVideoDropTarget\shell\play\DropTarget\CLSID = {A48E70A4-8E15-4465-9D85-CCE9E63F8AAB} -> {HKLM.CLSID} = EHomeVideoDropTarget Class \InProcServer32\(Default) = C:\WINDOWS\eHome\ehdrop.dll [MS] EHomeVideosHandler\ Provider = Media Center InvokeProgID = EHomeDropTarget.EHomeVideosHandler InvokeVerb = play HKLM\SOFTWARE\Classes\EHomeDropTarget.EHomeVideosHandler\shell\play\DropTarget\CLSID = {4f61ec50-acef-4ae7-b4c6-b19bddc0f745} -> {HKLM.CLSID} = EHomeVideosHandler Class \InProcServer32\(Default) = C:\WINDOWS\eHome\ehdrop.dll [MS] HPAutoplayExpress\ Provider = HP Photosmart Express-software InvokeProgID = HpqUnApl.Autoplay InvokeVerb = Express HKLM\SOFTWARE\Classes\HpqUnApl.Autoplay\shell\Express\DropTarget\CLSID = {57FA3F08-E36E-4820-9CC4-122D46114993} -> {HKLM.CLSID} = (no title provided) \LocalServer32\(Default) = C:\Program Files\HP\Digital Imaging\Unload\HpqUnApl.exe [Hewlett-Packard] HPUnloadAutoplay\ Provider = HP Photosmart Overbrengen-software InvokeProgID = HpqUnApl.Autoplay InvokeVerb = Play HKLM\SOFTWARE\Classes\HpqUnApl.Autoplay\shell\Play\DropTarget\CLSID = {E1A1C814-FD09-4c9d-BB4A-0394B836A1F0} -> {HKLM.CLSID} = (no title provided) \LocalServer32\(Default) = C:\Program Files\HP\Digital Imaging\Unload\HpqUnApl.exe [Hewlett-Packard] iTunesBurnCDOnArrival\ Provider = iTunes InvokeProgID = iTunes.BurnCD InvokeVerb = burn HKLM\SOFTWARE\Classes\iTunes.BurnCD\shell\burn\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayBurn "%L" [Apple Inc.] iTunesImportSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ImportSongsOnCD InvokeVerb = import HKLM\SOFTWARE\Classes\iTunes.ImportSongsOnCD\shell\import\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayImportSongs "%L" [Apple Inc.] iTunesPlaySongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.PlaySongsOnCD InvokeVerb = play HKLM\SOFTWARE\Classes\iTunes.PlaySongsOnCD\shell\play\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /playCD "%L" [Apple Inc.] iTunesShowSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ShowSongsOnCD InvokeVerb = showsongs HKLM\SOFTWARE\Classes\iTunes.ShowSongsOnCD\shell\showsongs\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayShowSongs "%L" [Apple Inc.] MSWPDShellNamespaceHandler\ Provider = @%SystemRoot%\System32\WPDShextRes.dll,-501 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = -> {HKLM.CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\WINDOWS\system32\WPDShextAutoplay.exe [MS] VLCPlayCDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.CDAudio InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file cdda://%1 [the VideoLAN Team] VLCPlayDVDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [the VideoLAN Team] VLCPlayDVDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.DVDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file dvd://%1 [the VideoLAN Team] VLCPlayMusicFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [the VideoLAN Team] VLCPlaySVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.SVCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.SVCDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file vcd://%1 [the VideoLAN Team] VLCPlayVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.VCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.VCDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file vcd://%1 [the VideoLAN Team] VLCPlayVideoFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [the VideoLAN Team] Startup items in "Administrator" & "All Users" startup folders: --------------------------------------------------------------- C:\Documents and Settings\Administrator\Menu Start\Programma's\Opstarten {++} Wuala -> shortcut to: C:\Documents and Settings\Administrator\Application Data\Wuala\Roaming\Wuala.exe -silent [LaCie] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten {++} HP Digital Imaging Monitor -> shortcut to: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [Hewlett-Packard Development Company, L.P.] HP Photosmart Premier Snelstart -> shortcut to: C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe -s [null data] RocketDock -> shortcut to: C:\Program Files\RocketDock\RocketDock.exe [null data] Enabled Scheduled Tasks: {++} ------------------------ GoogleUpdateTaskUserS-1-5-21-682003330-117609710-1606980848-500Core -> launches: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskUserS-1-5-21-682003330-117609710-1606980848-500UA -> launches: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] SmartDefrag -> launches: C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe /Schedule [iObit] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000002\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000003\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000004\LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll [Apple Inc.] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {000002A3-84FE-43F1-B958-F2C3CA804F1A}\ ButtonText = IE7Pro Grab and Drag MenuText = IE7Pro Grab and Drag CLSIDExtension = {CD275D4E-791A-4993-9D4D-6A071EDD2709} -> {HKLM.CLSID} = IE7Pro GrabDragBtn \InProcServer32\(Default) = C:\Program Files\IEPro\iepro.dll [iE7Pro.com] {0026439F-A980-4F18-8C95-4F1CBBF9C1D8}\ ButtonText = IE7Pro Preferences MenuText = IE7Pro Preferences CLSIDExtension = {B119EB0C-C021-46CF-85B0-34A760E0D5FE} -> {HKLM.CLSID} = IE7Pro ToolsExt \InProcServer32\(Default) = C:\Program Files\IEPro\iepro.dll [iE7Pro.com] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ MenuText = Sun Java Console CLSIDExtension = {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} -> {HKCU.CLSID} = Java Plug-in 1.6.0_07 \InProcServer32\(Default) = C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [sun Microsystems, Inc.] -> {HKLM.CLSID} = Java Plug-in 1.6.0_07 \InProcServer32\(Default) = C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll [sun Microsystems, Inc.] {898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ ButtonText = Skype Click to Call MenuText = Skype Click to Call CLSIDExtension = {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -> {HKLM.CLSID} = Skype Browser Helper \InProcServer32\(Default) = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.] {8B2D996F-B7D1-4961-A929-414D9CF5BA7B}\ ButtonText = MS-KB MenuText = MS-KB Exec = Microsoft Support [file not found] {E2E2DD38-D088-4134-82B7-F2BA38496583}\ MenuText = @xpsp3res.dll,-20001 Exec = %windir%\Network Diagnostic\xpnetdiag.exe [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Ati HotKey Poller, Ati HotKey Poller, C:\WINDOWS\system32\Ati2evxx.exe [ATI Technologies Inc.] AVG WatchDog, avgwd, "C:\Program Files\AVG\AVG2013\avgwdsvc.exe" [AVG Technologies CZ, s.r.o.] Bonjour-service, Bonjour Service, "C:\Program Files\Bonjour\mDNSResponder.exe" [Apple Inc.] iPod-service, iPod Service, "C:\Program Files\iPod\bin\iPodService.exe" [Apple Inc.] Media Center Extender Service, McrdSvc, C:\WINDOWS\ehome\mcrdsvc.exe [MS] Media Center Receiver Service, ehRecvr, C:\WINDOWS\eHome\ehRecvr.exe [MS] Media Center Scheduler-service, ehSched, C:\WINDOWS\eHome\ehSched.exe [MS] Mobiel Apple apparaat, Apple Mobile Device, "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [Apple Inc.] User Profile Hive Cleanup, UPHClean, C:\Program Files\UPHClean\uphclean.exe [MS] Windows Presentation Foundation Font Cache 3.0.0.0, FontCache3.0.0.0, C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [MS] Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ HP Standard TCP/IP Port\Driver = HpTcpMon.dll [Hewlett Packard] PCL hpz3l054\Driver = hpz3l054.dll [Hewlett-Packard Company] ==== Empty IE Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\i1nx5yu6.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found After Reboot ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat" deleted "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
  9. Ik heb op 01 maart j.l. een virusscan gedaan met AVG 2013. Hier kwamen 5 (volgens AVG) geïnfecteerde bestanden uit naar voren, waarvan ik bij 2 bestanden mijn twijfels heb of ik deze zomaar kan verwijderen of dat dit gevolgen zal hebben voor de werking van mijn pc met Windows xp. Het gaat om de volgende meldingen: "";"atapi.sys, koppelpunt import HAL.dll READ_PORT_UCHAR -> spgm.sys +0x2040, C:\WINDOWS\system32\drivers\spgm.sys";"Geïnfecteerd" "";"atapi.sys, koppelpunt import HAL.dll READ_PORT_BUFFER_USHORT -> spgm.sys +0x213C, C:\WINDOWS\system32\drivers\spgm.sys";"Geïnfecteerd" Via Google heb ik zelf al op een forum vernomen, hiervoor mijn pc eens te scannen met FixTDSS.exe. Dit heb ik gedaan, daarna mijn pc opnieuw opgestart en nogmaals gescand met AVG 2013. Hieruit bleek dat de betreffende geïnfecteerde bestanden nog steeds op mijn pc staan. Dus dit hielp niet. Wat te doen? Bij voorbaat hartelijk dank. Met vriendelijke groet, David.
  10. Hoe moet ik dan zo'n schermafbeelding maken? Is er geen andere optie dan een herstelpunt, want misschien ben ik anders dingen kwijt die ik daarna heb gedownload...of niet?
  11. Beste, Sinds een paar weken heb ik de software + driver-installatie software cd-roms geïnstalleerd op mijn pc van een Voip-telefoon van Silvercrest. Een dag of 2 later heb ik schijfopruiming gedaan met CCleaner en daarna AVG Virussoftware mijn computer laten scannen, wat ik regelmatig doe. Er waren een paar bestanden gevonden die mogelijk een gevaar zouden vormen voor mijn pc. Deze heb ik dus verwijderd. Op een gegeven ogenblik kreeg ik een foutmelding in beeld. Namelijk: "Silvercrest PH1012B.exe werd vernietigd. Gelieve het bestand opnieuw te installeren." Naar alle waarschijnlijkheid, heb ik door het virusprogramma te laten scannen mogelijk dit bestand wat nodig is om de Voip-telefoon te kunnen gebruiken, verwijderd. Dus heb ik natuurlijk alle software helemaal verwijderd en alles opnieuw geïnstalleerd. De telefoon werkt prima. Toch krijg ik nog steeds de foutmelding in mijn scherm telkens als ik de computer opnieuw opstart. Hoe krijg ik dat verwijderd en opgelost? Heb ik daar Killbox voor nodig of kan het ook op een minder rigoureuze manier? Ik heb overigens ook een Silvercrest toetsenbord en muis. Deze werken naar behoren. Zou het misschien ook hiermee te maken kunnen hebben? Graag uitleg en evt. stappenplan. Bij voorbaat dank voor al uw moeite. Met vriendelijke groet, D.M.
  12. Ik had vanmiddag een heel aantal programma's lopen op de pc. Toen bleef hij hangen. Nadat ik ctrl-alt-del intoetste kreeg ik een foutmelding dat hij de taskmanager niet eens meer kon opstarten. Dus heb pc handmatig uit moeten zetten. Toen ik hem weer opstartte kreeg ik een zwart scherm met verschillende opstartmogelijkheden, te weten in 'veilige modus', 'laatst bekende juiste configuratie' etc. Al deze opties (incl. de extra opties onder F8) werken geen van alle. Hij blijft opnieuw opstarten nadat het windows-logo 2 seconden in beeld komt. Als ik het 'opnieuw opstarten' uitschakel bij de F8 optie, krijg ik het gevreesde blauwe scherm met onderaan de technische info: ***STOP: 0x00000024 (0x00190203, 0x857CA008, 0xC0000102, 0x00000000) Wat moet ik nu doen???? Op internet staat iets beschreven over checkdisk (CHKDSK/F) maar dit kan ik niet toepassen aangezien ik niet meer in Windows XP kom en hij steeds opnieuw opstart en heb geen mogelijkheid meer tegenwoordig om in DOS te komen op mijn PC. Ik heb trouwens geen installatie-cdROM bijgeleverd gekregen toen ik deze pc nieuw gekocht heb. En ik heb ook nog iets gelezen over knoppix, is dat een optie? En hoe moet dat dan? Ik ben op pc-technisch gebied een leek, dus in begrijpelijke termen uitleggen svp. Bij voorbaat hartelijk dank. Ik hoop snel reactie van u te mogen ontvangen. Gr David
  13. Ik heb laatst het Antimalware Doctor virus op pc met Windows XP gehad en met succes met jullie hulp verwijderd. Het geval is nu dat i-Tunes bij opstarten de volgende melding geeft: "De registerinstellingen die door de iTunes-stuurprogramma's worden gebruikt voor het importeren en branden van cd's en dvd's ontbreken. Mogelijk hebt u andere software voor het branden van cd's geinstalleerd." (Dit is niet het geval!) "Installeer iTunes opnieuw." Als ik op "ok" druk start iTunes gewoon op en werkt (behalve bovenstaand onderdeel) verder wel alles. Als ik vervolgens naar updates zoek om het probleem op te lossen, krijg ik de mogelijkheid om versie 9.2.1 te downloaden. Als ik daarna de nieuwe setup wil doen, lijkt het erop dat iTunes VOLLEDIG opnieuw geinstalleerd gaat worden. Ik heb geen optie om alleen een update te doen en mijn bestaande iTunes inclusief de muziekafspeellijsten indeling te behouden. Dus heb de installatie afgebroken, met als gevolg dat ik geen nieuwe versie heb en bij opstarten van iTunes de bovenstaande melding blijft terug komen. Wil iemand mij helpen om hier iets aan te doen?? Bij voorbaat dank
  14. c:\documents and settings\Compaq_Eigenaar\Local Settings\Application Data\miclfjkwh Dit bestand is niet te vinden. (Heb verborgen mappen weergegeven). Als ik met 'Zoeken' probeer geeft deze ook geen resultaten weer. Wat nu? Moet ik Combofix en HJT weer verwijderen van mijn pc? U heeft nog geen antwoord gegeven op mijn vraag of ik er goed aan doe om een programma als bv. Rootkit Revealer om de zoveel tijd mijn pc te laten scannen. Ik ben u nogmaals zeer dankbaar voor uw hulp en medewerking!! (PS. Olivier1991: je kunt beter een nieuwe eigen topic aanmaken. De medewerkers van deze site helpen je dan verder). EDIT : eigen topic aangemaakt voor Olivier1991 !
  15. ComboFix 10-07-21.01 - Compaq_Eigenaar 22-07-2010 3:22.2.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.959.439 [GMT 2:00] Gestart vanuit: c:\documents and settings\Compaq_Eigenaar\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Compaq_Eigenaar\Bureaublad\CFScript.txt AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} FILE :: "c:\documents and settings\Compaq_Eigenaar\Local Settings\Application Data\miclfjkwh" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Ask.com c:\program files\Ask.com\btn_search.png c:\program files\Ask.com\limewire_logo.png . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_ewznc (((((((((((((((((((( Bestanden Gemaakt van 2010-06-22 to 2010-07-22 )))))))))))))))))))))))))))))) . 2010-07-22 01:07 . 2010-07-22 01:07 -------- d--h--r- c:\documents and settings\Compaq_Eigenaar\Onlangs geopend 2010-07-20 22:46 . 2010-07-20 22:46 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\TeamViewer 2010-07-20 22:46 . 2010-07-20 22:46 -------- d-----w- c:\program files\TeamViewer 2010-07-20 07:49 . 2010-07-20 07:49 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\ProgSense 2010-07-20 07:37 . 2010-07-20 07:37 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\GrabPro 2010-07-19 19:26 . 2010-07-19 19:55 -------- d-----w- c:\program files\1-Click YouTube Downloader 2010-07-19 14:23 . 2010-07-19 14:23 -------- d-----w- c:\program files\Trend Micro 2010-07-19 13:38 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-07-19 13:38 . 2010-07-19 15:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-07-19 13:38 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-07-18 21:01 . 2010-07-19 11:36 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Local Settings\Application Data\miclfjkwh 2010-07-18 16:09 . 2010-07-18 16:09 12536 ----a-w- c:\windows\system32\avgrsstx.dll 2010-07-15 10:58 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe 2010-07-12 00:56 . 2010-07-12 00:56 322352 ----a-w- c:\program files\utorrent.exe 2010-07-11 23:13 . 2010-07-11 23:13 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\All Free YouTube Downloader 2010-07-11 17:54 . 2010-07-11 17:54 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\All Free MP3 Cutter 2010-07-11 17:53 . 2005-05-18 09:52 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll 2010-07-11 17:53 . 2005-05-17 10:37 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll 2010-07-11 17:53 . 2005-04-25 11:01 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll 2010-07-11 17:53 . 2005-04-25 11:01 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll 2010-07-11 17:53 . 2005-04-15 10:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll 2010-07-11 17:53 . 2005-04-04 15:21 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll 2010-07-11 17:53 . 2005-03-29 05:57 2084864 ----a-w- c:\windows\system32\NCTAudioDesign2.dll 2010-07-11 17:53 . 2005-03-28 13:54 479232 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll 2010-07-11 17:53 . 2005-03-28 13:52 417792 ----a-w- c:\windows\system32\NCTTextToAudio2.dll 2010-07-11 17:53 . 2005-02-24 09:51 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll 2010-07-11 17:53 . 2004-11-04 11:31 835584 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll 2010-07-11 17:53 . 2010-07-11 17:53 -------- d-----w- c:\program files\All Free MP3 Cutter 2010-07-11 09:54 . 2010-07-11 09:54 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\Malwarebytes 2010-07-11 09:54 . 2010-07-11 09:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-07-09 12:45 . 2010-07-09 12:45 -------- d-----w- c:\program files\Common Files\Adobe 2010-07-05 18:02 . 2010-07-05 18:02 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-07-05 18:02 . 2010-07-15 14:19 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\skypePM 2010-07-05 18:01 . 2010-07-15 15:30 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\Skype 2010-07-05 18:00 . 2010-07-05 18:00 -------- d-----w- c:\program files\Common Files\Skype 2010-07-05 18:00 . 2010-07-05 18:01 -------- d-----r- c:\program files\Skype 2010-07-05 18:00 . 2010-07-05 18:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-21 17:01 . 2007-03-19 20:58 -------- d--h--w- c:\documents and settings\Compaq_Eigenaar\Application Data\uTorrent 2010-07-19 18:41 . 2007-03-22 03:56 -------- d--h--w- c:\documents and settings\Compaq_Eigenaar\Application Data\ImgBurn 2010-07-18 23:21 . 2010-06-11 21:37 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\LimeWire 2010-07-18 16:09 . 2008-06-18 07:42 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-07-18 16:09 . 2008-06-18 07:42 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-07-12 09:13 . 2007-10-21 22:16 -------- d-----w- c:\program files\MagicISO 2010-07-11 23:39 . 2009-08-25 22:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Screentime 2010-07-11 23:38 . 2007-03-19 21:43 -------- d-----w- c:\program files\Yahoo! 2010-07-11 23:36 . 2006-06-29 08:11 -------- d-----w- c:\program files\Common Files\InstallShield 2010-07-11 23:36 . 2006-06-29 08:15 -------- d-----w- c:\program files\Common Files\Sonic Shared 2010-07-11 23:30 . 2007-01-01 22:00 -------- d-----w- c:\program files\SoundSpectrum 2010-06-11 21:36 . 2006-11-30 22:54 -------- d-----w- c:\program files\LimeWire 2010-06-04 17:24 . 2009-11-22 22:01 -------- d-----w- c:\program files\Microsoft Silverlight 2010-06-03 07:01 . 2007-02-23 07:22 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-06-02 17:51 . 2010-06-02 17:51 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2010-06-02 17:51 . 2008-06-18 07:41 -------- d-----w- c:\program files\AVG 2010-05-12 09:21 . 2009-10-03 00:40 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-05-04 17:21 . 2004-08-03 21:00 832512 ----a-w- c:\windows\system32\wininet.dll 2010-05-04 17:21 . 2009-07-24 23:25 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-05-04 17:21 . 2004-08-03 21:00 17408 ----a-w- c:\windows\system32\corpol.dll 2010-05-02 08:10 . 2004-08-03 21:00 1851392 ----a-w- c:\windows\system32\win32k.sys 2007-09-09 14:46 . 2007-09-09 14:46 1740 -c--a-w- c:\program files\WinZip.lnk 2007-08-08 09:11 . 2007-08-08 09:11 1612 -c--a-w- c:\program files\QuickTime Player.lnk 2007-07-18 06:26 . 2007-07-18 06:26 1487 -c--a-w- c:\program files\DivX Movies.lnk 2007-07-18 06:26 . 2007-07-18 06:26 803 -c--a-w- c:\program files\DivX Player.lnk 2007-07-18 06:26 . 2007-07-18 06:26 814 -c--a-w- c:\program files\DivX Converter.lnk 2007-05-14 20:11 . 2007-05-14 20:11 1049 -c--a-w- c:\program files\Octoshape Streaming Services.lnk 2007-03-27 19:55 . 2007-03-27 19:55 9187 -c--a-w- c:\program files\bin2iso.zip 2007-03-25 21:50 . 2007-03-25 21:50 44823560 -c--a-w- c:\program files\TDA2-retail-2.1.9.90-install_EN.exe 2007-03-21 17:51 . 2007-03-21 17:51 765 -c--a-w- c:\program files\dvdXsoft DVD Ripper.lnk 2007-03-06 17:36 . 2007-03-06 17:36 2726335 -c--a-w- c:\program files\XstreamRadio_3.02a.exe 2007-02-18 00:10 . 2007-02-18 00:10 1932 -c--a-w- c:\program files\HP Documentviewer.lnk 2007-02-18 00:08 . 2007-02-18 00:08 1012 -c--a-w- c:\program files\HP Solution Center.lnk 2007-02-13 17:41 . 2007-02-13 17:41 212849 -c--a-w- c:\program files\hijackthis.zip 2007-01-16 11:32 . 2007-01-16 11:32 1748 -c--a-w- c:\program files\Adobe Reader 7.0.lnk 2006-11-26 02:36 . 2006-11-25 20:49 1585 -c--a-w- c:\program files\@Home Help.lnk 2006-06-29 08:33 . 2006-11-25 20:38 1877 -c--a-w- c:\program files\Te downloaden spellen.lnk 2006-06-29 08:30 . 2006-06-29 08:30 2018 -c--a-w- c:\program files\Help en ondersteuning.lnk 2006-06-29 08:25 . 2006-11-25 20:38 731 -c--a-w- c:\program files\Wizard softwareherstel.lnk 2006-06-29 08:18 . 2006-11-25 20:38 905 -c--a-w- c:\program files\RealPlayer.lnk . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "DataCardMonitor"="c:\program files\Internet Manager\DataCardMonitor.exe" [2009-08-29 249856] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-18 2065760] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Ralink Wireless Utility.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Ralink Wireless Utility.lnk backup=c:\windows\pss\Ralink Wireless Utility.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WTGU.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\WTGU.lnk backup=c:\windows\pss\WTGU.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Compaq_Eigenaar^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk] path=c:\documents and settings\Compaq_Eigenaar\Menu Start\Programma's\Opstarten\LimeWire On Startup.lnk backup=c:\windows\pss\LimeWire On Startup.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2007-05-08 15:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp] 2006-02-15 13:34 249856 ----a-w- c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2007-09-07 14:55 267064 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ] 2005-02-10 15:00 1937408 ------w- c:\program files\Ahead\Nero BackItUp\NBJ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] 2006-02-24 17:46 147456 ----a-w- c:\program files\CyberLink\PowerCinema\PCMService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2007-06-29 04:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] 2005-07-22 13:14 237568 ----a-w- c:\windows\SMINST\Recguard.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder] 2004-12-13 17:23 663552 ----a-w- c:\windows\CREATOR\Remind_XP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2006-03-08 04:54 16010240 ----a-w- c:\windows\RTHDCPL.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2006-06-29 08:18 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Apple Mobile Device"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"= "c:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\Windows Media Player\\wmplayer.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Octoshape Streaming Services\\Compaq_Eigenaar\\OctoshapeClient.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaws.exe"= "c:\\Program Files\\AVG\\AVG9\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\utorrent.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [18-6-2008 9:42 216400] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [18-6-2008 9:42 243024] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2-6-2010 19:53 921952] R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [18-7-2010 18:09 308136] R2 AWISp50;AWISp50 NDIS Protocol Driver;c:\windows\system32\drivers\AWISp50.sys [15-3-2006 16:35 17664] R2 WUSB54GSCSVC;WUSB54GSCSVC;c:\program files\Compact Wireless-G USB Network Adapter with SpeedBooster\WLService.exe [27-8-2009 23:03 53307] S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 18:19 13592] S3 Camdrv30;Philips ToUcam XS;c:\windows\system32\drivers\camdrv30.sys [15-9-2007 11:51 171264] S3 STFSD;STFSD;\??\c:\program files\@Home\Playz Player\STFSD.SYS --> c:\program files\@Home\Playz Player\STFSD.SYS [?] . Inhoud van de 'Gedeelde Taken' map 2010-07-22 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 16:20] . . ------- Bijkomende Scan ------- . uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=63&bd=PRESARIO&pf=desktop uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=63&bd=PRESARIO&pf=desktop mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=63&bd=PRESARIO&pf=desktop uInternet Settings,ProxyOverride = <local> uSearchURL,(Default) = hxxp://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR IE: {{7A0815F1-6B65-4e3a-B198-709807B4042A} - {1EC035CE-090E-4AF7-B6DF-AD11C2F0F9C9} - c:\program files\XstreamRadio 3.02\RadioHelper.dll Trusted Zone: rtl.nl\www DPF: {D6BBBC13-56A9-4E62-92AC-4DBEF6CCB38B} - hxxp://playz.project.streamtech.nl/clientdownloads/SFAutoInstall.CAB FF - ProfilePath - c:\documents and settings\Compaq_Eigenaar\Application Data\Mozilla\Firefox\Profiles\a008op1l.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.blackl.com/ FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\documents and settings\Compaq_Eigenaar\Application Data\Mozilla\plugins\npoctoshape.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Octoshape Streaming Services\Compaq_Eigenaar\octoprogram-L03-NMS0806110_SUA_000\npoctoshape.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-07-22 03:35 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run DataCardMonitor = c:\program files\Internet Manager\DataCardMonitor.exe?t=c:\windo????????x+=?rogram files\Internet Manager\?TMP=c:\docume????????????rogram files\Internet Manager\DataCardMonitor.exe?genaar?USE????F?L?0?=?0?=?ments and Settings\Compaq_Eigenaar?windir=C:\WIN scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(640) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3488) c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe c:\program files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Motive\McciCMService.exe c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe c:\windows\system32\HPZipm12.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\AVG\AVG9\avgnsx.exe c:\program files\Compact Wireless-G USB Network Adapter with SpeedBooster\WUSB54GSC.exe c:\program files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\program files\AVG\AVG9\avgchsvx.exe c:\program files\AVG\AVG9\avgrsx.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Voltooingstijd: 2010-07-22 03:47:23 - machine werd herstart ComboFix-quarantined-files.txt 2010-07-22 01:47 ComboFix2.txt 2010-07-21 18:10 Pre-Run: 104.014.262.272 bytes beschikbaar Post-Run: 104.006.131.712 bytes beschikbaar - - End Of File - - 6AF880CCDAC2AA0C1E7B6DF645095630
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.