sers
-
Items
337 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door sers
-
-
Enige tijd geleden kreeg ik een Java runtime error op mijn desktop. Windows XP.
Het e.e.a. werd met uw hulp snel en goed opgelost.
Er was toen ook sprake dat een programma (Imesh) de reden kon zijn.
Deze werd toen verwijderd van mijn c schijf.
Nu heb ik weer een melding ontvangen en ben wat verder gaan zoeken.
Mijn externe F schijf staat vol met met programma's met het woord Imesh erin.
Deinstaleren lukt niet.
Ik heb ccleaner maar daarmee kan ik alleen programma's op mijn C schijf verwijderen.
Ik heb nog alle programma's die volgens uw adviezen (van enige tijd geleden)gebruikt werden om het probleem op te lossen.
Ik wil graag al die Imesh items verwijderen (Omdat ik denk dat dit de boosdoener is).
Ik gebruik i.e 7 firefox en google chrome (reden is dat ik een website onderhoud)
In firefox krijg ik altijd als "searchimesh.com" te zien als startpagina.
Wat moet ik doen?
Alvast bedankt voor uw hulp en mocht uw antwoord wat later komen......alle geluk en gezondheid voor 2012!
mvg
-
3 van de 4 testmails (de 4de is er niet) zeggen nu geen problemen meer te hebben en ontvingen de testmail in het juiste vakje.
Misschien komt het omdat ik die vinkjes heb weggehaald?
Anyway het lijkt me opgelost.
Bedankt voor uw inzet
mvg
-
Ja ik heb ooit (lang geleden) iets gedaan in de wizzard regels.
Ik heb nu bij alle vakjes het vinkje weggehaald. kijken wat er gebeurd.
Ik ga test berichten sturen en kom terug
mvg
-
Ik heb een testberichtje verstuurd
Nog een opmerkelijk item is het feit dat ik nu soms een pop up krijg getiteld <<fout in regels>>
met als inhoud
Regel voor voor ongewenste-email en met als fout: kan niet verplaatsen naar de map ongewenst
mvg
-
Het rare is dat ik vanavond iemand sprak die ik via mijn normale email een berichtje had gestuurd dat bericht ook als Spam werd ontvangen. Dat was voorheen nooit het geval bij die persoon. Dus ik denk dat het misschien wel bij mij zit?
---------- Post toegevoegd om 23:15 ---------- Vorige post was om 23:12 ----------
inzake uw opmerking over de foutmelding """""The requested URL /thanks.php was not found on this server" over de "bedanking". Mogelijk zit daar een verband met het probleem van de INbox en/of SPAMbox""""
Ja daar ben ik ook mee bezig om dat op te lossen maar als amateurtje is dat best moeilijk.
De berichten die via dat contactformulier verzonden worden worden wel allemaal ontvangen op de hotmail account van de vereniging
mvg
-
Ik gebruik MS outlook. Ik bouw en onderhou ook een website (www.hvhetslot.nl)
Daar zit een contact formulier in en als ik daar een bericht verstuur naar het emailadres van de vereniging (dat heb ik niet onder beheer maar iemand anders) komt dat binnen in de map ongewenste email in de hotmail account van de vereniging
-
Ik heb nog een probleempje en ik denk dat het komt door b.g. probleem wat opgelost is
Als ik van mijn computer een mailtje verstuur naar iemand dan komt dat af en toe in haar/zijn inbox als zg <ongewenste mail>> of <<spam>>
Kan ik daar wat aan doen?
Alvast bedankt voor uw antwoord
mvg
-
Dat is heel duidelijke taal
Bedankt!
-
Ok. ga ik doen!
Bedankt voor alle hulp.
Blijft alleen de vraag open of dit allemaal door Imesh komt. Ik begrijp het als jullie als forum daarop niet kunnen/willen antwoorden.
Nogmaals bedankt
mvg
-
Ik heb intussen Java deleted en installed maar alleen de versie 6 update 26.
Is dat ok?
Moet ik nu nog meer doen?
Nogmaals bedankt
mvg
---------- Post toegevoegd om 10:57 ---------- Vorige post was om 10:56 ----------
ok ik zal een nieuw HJT logje maken en sturen samen met MBAM log
mvg
---------- Post toegevoegd om 11:00 ---------- Vorige post was om 10:57 ----------
HJT Log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:58:11 AM, on 11/26/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Golden Tiger Casino - {75AABD81-2A24-404E-8389-067312F231D7} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://gocanaria.ath.cx:8000/kxhcm10.ocx
O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} (pmjpegaudio Class) - http://www.bartboos.com:88/JpegInst.cab
O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - Windows Live OneCare
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sers10.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqemea/downloads/msxml4.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://83.84.124.118:9999/activex/AMC.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://rivernile.microgaming.com/rivernile/FlashAX2.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google Inc. - (no file)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
--
End of file - 8814 bytes
MBAM log
Malwarebytes' Anti-Malware 1.51.2.1300
Databaseversie: 8245
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11/26/2011 10:35:06 AM
mbam-log-2011-11-26 (10-35-06).txt
Scantype: Snelle scan
Objecten gescand: 171240
Verstreken tijd: 5 minuut/minuten, 28 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
mvg
---------- Post toegevoegd om 11:01 ---------- Vorige post was om 11:00 ----------
HJT Log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:58:11 AM, on 11/26/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Golden Tiger Casino - {75AABD81-2A24-404E-8389-067312F231D7} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://gocanaria.ath.cx:8000/kxhcm10.ocx
O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} (pmjpegaudio Class) - http://www.bartboos.com:88/JpegInst.cab
O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - Windows Live OneCare
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sers10.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqemea/downloads/msxml4.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://83.84.124.118:9999/activex/AMC.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://rivernile.microgaming.com/rivernile/FlashAX2.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google Inc. - (no file)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
--
End of file - 8814 bytes
MBAM log
Malwarebytes' Anti-Malware 1.51.2.1300
Databaseversie: 8245
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11/26/2011 10:35:06 AM
mbam-log-2011-11-26 (10-35-06).txt
Scantype: Snelle scan
Objecten gescand: 171240
Verstreken tijd: 5 minuut/minuten, 28 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
mvg
---------- Post toegevoegd om 11:09 ---------- Vorige post was om 11:01 ----------
uw vraag:
Oplossing 2.
Hiervoor moeten we weten welk programma de fout heeft veroorzaakt.
Weet je nog wat je deed toen de foutmelding verscheen?
Ik heb eigelijk alleen Imesh geprobeerd te verwijderen omdat ik dacht dat het daardoor kwam.
De vraag is: Is dat ook zo?
mvg
-
Bedankt voor uw hulp.
Mbam, geupdated en gedraaid. 0 infected. zie log beneden. Ik neem aan dat ik dan niet nog een keer moet scannen?
Ik ga nu Java verwijderen en opnieuw instaleren.
Tenslotte nog een vraagje:
Dat iMesh programma was de boosdoener. If so dan zal ik er voortaan geen gebruik van maken.
Nogmaals bedankt
mvg
-
hier is het file
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:10:09 PM, on 11/25/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office\1043\wfxmsrvr.exe
C:\PROGRA~1\MICROS~2\Office\1043\OLFMOD32.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SearchCore for Browsers - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\SEARCH~1\BROWSE~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: DataMngr - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Golden Tiger Casino - {75AABD81-2A24-404E-8389-067312F231D7} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://gocanaria.ath.cx:8000/kxhcm10.ocx
O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} (pmjpegaudio Class) - http://www.bartboos.com:88/JpegInst.cab
O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - Windows Live OneCare
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sers10.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqemea/downloads/msxml4.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://83.84.124.118:9999/activex/AMC.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://rivernile.microgaming.com/rivernile/FlashAX2.cab
O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google Inc. - (no file)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
--
End of file - 9914 bytes
---------- Post toegevoegd om 23:12 ---------- Vorige post was om 23:11 ----------
-
Ps ik ben bang dat het komt door een downloadprgamma dat ik geinstallerd had en weer verwijder IMESH
-
Goede morgen
Ik kreeg ineens een melding en een berichtje op mijn desktop inzake runtime fatal error.
De tekst ervan staat beneden.
De vraag is: is dit ernstig? moet ik wat doen? Ik heb Antimalware laten lopen met 0 result en ook Avast geeft geen meldingen van foute bestanden.
Alvast bedankt voor uw antwoord
A fatal error has been detected by the Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x7c919af2, pid=980, tid=1716
#
# JRE version: 6.0_29-b11
# Java VM: Java HotSpot Client VM (20.4-b02 mixed mode, sharing windows-x86 )
# Problematic frame:
# C [ntdll.dll+0x19af2]
#
# If you would like to submit a bug report, please visit:
# HotSpot Virtual Machine Error Reporting Page
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#
--------------- T H R E A D ---------------
Current thread (0x032dc400): JavaThread "AWT-Windows" daemon [_thread_in_native, id=1716, stack(0x00990000,0x00a90000)]
siginfo: ExceptionCode=0xc0000005, writing address 0x00000010
Registers:
EAX=0x00000000, EBX=0x00000000, ECX=0x00001384, EDX=0x0333c7c0
ESP=0x00a8fa6c, EBP=0x00a8fae0, ESI=0x0333c7b0, EDI=0x00000000
EIP=0x7c919af2, EFLAGS=0x00010246
Top of Stack: (sp=0x00a8fa6c)
0x00a8fa6c: 0333c7b0 0333c680 00000001 002e002c
0x00a8fa7c: 6d0c76d4 000404c8 0000982c 00a8fa78
0x00a8fa8c: 00000000 0000c053 00a8fa64 00000000
0x00a8fa9c: 00a8fb1c 7c809ad8 7c800c98 ffffffff
0x00a8faac: 7c800c90 7c804ed8 6d062a8c 6d062b18
0x00a8fabc: 6d102d8c 6d102d6c 6d102d70 6d06426c
0x00a8facc: 7e3ad312 0333c680 7e398b8c 00000000
0x00a8fadc: 00001384 00a8fb28 7c901046 0033c7b0
Instructions: (pc=0x7c919af2)
0x7c919ad2: 97 7c f6 d8 57 1b c0 f7 d0 25 e0 e1 97 7c 8b f8
0x7c919ae2: 8b 46 10 3b c3 89 45 fc 0f 84 9e 00 00 00 8b 06
0x7c919af2: ff 40 10 8b 45 fc 83 e0 01 89 45 e8 8b 06 ff 40
0x7c919b02: 14 f6 05 f0 02 fe 7f 01 0f 85 16 9d 02 00 39 5d
Register to memory mapping:
EAX=0x00000000 is an unknown value
EBX=0x00000000 is an unknown value
ECX=0x00001384 is an unknown value
EDX=0x0333c7c0 is an unknown value
ESP=0x00a8fa6c is pointing into the stack for thread: 0x032dc400
EBP=0x00a8fae0 is pointing into the stack for thread: 0x032dc400
ESI=0x0333c7b0 is an unknown value
EDI=0x00000000 is an unknown value
Stack: [0x00990000,0x00a90000], sp=0x00a8fa6c, free space=1022k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C [ntdll.dll+0x19af2] RtlpWaitForCriticalSection+0x5b
C [ntdll.dll+0x1046] RtlEnterCriticalSection+0x46
C [uSER32.dll+0x8734] GetDC+0x6d
C [uSER32.dll+0x8816] GetDC+0x14f
C [uSER32.dll+0x89cd] GetWindowLongW+0x127
C [uSER32.dll+0x8a10] DispatchMessageW+0xf
Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j sun.awt.windows.WToolkit.eventLoop()V+0
j sun.awt.windows.WToolkit.run()V+52
v ~StubRoutines::call_stub
--------------- P R O C E S S ---------------
Java Threads: ( => current thread )
0x02dc0400 JavaThread "Thread-3" daemon [_thread_in_native, id=2888, stack(0x03d30000,0x03d80000)]
0x032e4000 JavaThread "Thread-14" [_thread_blocked, id=2916, stack(0x03660000,0x036b0000)]
0x02db5c00 JavaThread "Timer-2" [_thread_blocked, id=3560, stack(0x03170000,0x031c0000)]
0x0333d000 JavaThread "thread applet-Sniklaas.class-1" [_thread_blocked, id=1532, stack(0x03700000,0x03750000)]
0x03330400 JavaThread "AWT-EventQueue-2" [_thread_in_native, id=3572, stack(0x039b0000,0x03a00000)]
0x03325c00 JavaThread "AWT-Shutdown" [_thread_blocked, id=3812, stack(0x03610000,0x03660000)]
0x0332c800 JavaThread "JVM[id=0]-Heartbeat" daemon [_thread_blocked, id=772, stack(0x03960000,0x039b0000)]
0x03317000 JavaThread "Browser Side Object Cleanup Thread" [_thread_blocked, id=3124, stack(0x03910000,0x03960000)]
0x03312c00 JavaThread "Windows Tray Icon Thread" [_thread_in_native, id=2352, stack(0x037a0000,0x037f0000)]
0x03310000 JavaThread "CacheCleanUpThread" daemon [_thread_blocked, id=676, stack(0x03750000,0x037a0000)]
0x032ea400 JavaThread "CacheMemoryCleanUpThread" daemon [_thread_blocked, id=1696, stack(0x03280000,0x032d0000)]
0x032e2c00 JavaThread "SysExecutionTheadCreator" daemon [_thread_blocked, id=2320, stack(0x036b0000,0x03700000)]
=>0x032dc400 JavaThread "AWT-Windows" daemon [_thread_in_native, id=1716, stack(0x00990000,0x00a90000)]
0x032d9800 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=2748, stack(0x03520000,0x03570000)]
0x032d4400 JavaThread "Java Plug-In Pipe Worker Thread (Client-Side)" daemon [_thread_in_native, id=2252, stack(0x034d0000,0x03520000)]
0x02dc4c00 JavaThread "Timer-0" [_thread_blocked, id=3072, stack(0x03230000,0x03280000)]
0x02d5d800 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=2504, stack(0x031e0000,0x03230000)]
0x02d41800 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=4040, stack(0x02fb0000,0x03000000)]
0x02d32c00 JavaThread "C1 CompilerThread0" daemon [_thread_blocked, id=3204, stack(0x02f60000,0x02fb0000)]
0x02d31400 JavaThread "Attach Listener" daemon [_thread_blocked, id=444, stack(0x02f10000,0x02f60000)]
0x02d30000 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=1648, stack(0x02ec0000,0x02f10000)]
0x02d2c800 JavaThread "Finalizer" daemon [_thread_blocked, id=1700, stack(0x02e70000,0x02ec0000)]
0x02d27c00 JavaThread "Reference Handler" daemon [_thread_blocked, id=1392, stack(0x02e20000,0x02e70000)]
0x00308000 JavaThread "main" [_thread_in_native, id=3116, stack(0x008e0000,0x00930000)]
Other Threads:
0x02cebc00 VMThread [stack: 0x02dd0000,0x02e20000] [id=1472]
0x02d55000 WatcherThread [stack: 0x03000000,0x03050000] [id=2500]
VM state:not at safepoint (normal execution)
VM Mutex/Monitor currently owned by a thread: None
Heap
def new generation total 4928K, used 1806K [0x229e0000, 0x22f30000, 0x27f30000)
eden space 4416K, 30% used [0x229e0000, 0x22b32530, 0x22e30000)
from space 512K, 88% used [0x22e30000, 0x22ea1558, 0x22eb0000)
to space 512K, 0% used [0x22eb0000, 0x22eb0000, 0x22f30000)
tenured generation total 10944K, used 1736K [0x27f30000, 0x289e0000, 0x329e0000)
the space 10944K, 15% used [0x27f30000, 0x280e2070, 0x280e2200, 0x289e0000)
compacting perm gen total 12288K, used 3114K [0x329e0000, 0x335e0000, 0x369e0000)
the space 12288K, 25% used [0x329e0000, 0x32ceabb8, 0x32ceac00, 0x335e0000)
ro space 10240K, 51% used [0x369e0000, 0x36f0d0b8, 0x36f0d200, 0x373e0000)
rw space 12288K, 54% used [0x373e0000, 0x37a79570, 0x37a79600, 0x37fe0000)
Code Cache [0x00af0000, 0x00be8000, 0x02af0000)
total_blobs=490 nmethods=272 adapters=154 free_code_cache=32541568 largest_free_block=0
Dynamic libraries:
0x00400000 - 0x00424000 C:\Program Files\Java\jre6\bin\java.exe
0x7c900000 - 0x7c9b8000 C:\WINDOWS\system32\ntdll.dll
0x7c7d0000 - 0x7c8d0000 C:\WINDOWS\system32\kernel32.dll
0x64d00000 - 0x64d34000 C:\Program Files\AVAST Software\Avast\snxhk.dll
0x77f40000 - 0x77feb000 C:\WINDOWS\system32\ADVAPI32.dll
0x77da0000 - 0x77e33000 C:\WINDOWS\system32\RPCRT4.dll
0x77f10000 - 0x77f21000 C:\WINDOWS\system32\Secur32.dll
0x7c340000 - 0x7c396000 C:\Program Files\Java\jre6\bin\msvcr71.dll
0x6d7f0000 - 0x6da9f000 C:\Program Files\Java\jre6\bin\client\jvm.dll
0x7e390000 - 0x7e421000 C:\WINDOWS\system32\USER32.dll
0x77e40000 - 0x77e89000 C:\WINDOWS\system32\GDI32.dll
0x76af0000 - 0x76b1e000 C:\WINDOWS\system32\WINMM.dll
0x76330000 - 0x7634d000 C:\WINDOWS\system32\IMM32.DLL
0x5d1a0000 - 0x5d1a7000 C:\WINDOWS\system32\serwvdrv.dll
0x5b4c0000 - 0x5b4c7000 C:\WINDOWS\system32\umdmxfrm.dll
0x6d7a0000 - 0x6d7ac000 C:\Program Files\Java\jre6\bin\verify.dll
0x6d320000 - 0x6d33f000 C:\Program Files\Java\jre6\bin\java.dll
0x6d000000 - 0x6d14c000 C:\Program Files\Java\jre6\bin\awt.dll
0x72f70000 - 0x72f96000 C:\WINDOWS\system32\WINSPOOL.DRV
0x77be0000 - 0x77c38000 C:\WINDOWS\system32\msvcrt.dll
0x774a0000 - 0x775de000 C:\WINDOWS\system32\ole32.dll
0x77390000 - 0x77493000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll
0x77e90000 - 0x77f06000 C:\WINDOWS\system32\SHLWAPI.dll
0x5b190000 - 0x5b1c8000 C:\WINDOWS\system32\uxtheme.dll
0x6d7e0000 - 0x6d7ef000 C:\Program Files\Java\jre6\bin\zip.dll
0x6d420000 - 0x6d426000 C:\Program Files\Java\jre6\bin\jp2native.dll
0x6d1d0000 - 0x6d1e3000 C:\Program Files\Java\jre6\bin\deploy.dll
0x77a40000 - 0x77ad6000 C:\WINDOWS\system32\CRYPT32.dll
0x77ae0000 - 0x77af2000 C:\WINDOWS\system32\MSASN1.dll
0x7c9c0000 - 0x7d1e2000 C:\WINDOWS\system32\SHELL32.dll
0x770e0000 - 0x7716b000 C:\WINDOWS\system32\OLEAUT32.dll
0x40ca0000 - 0x40d86000 C:\WINDOWS\system32\WININET.dll
0x03050000 - 0x03059000 C:\WINDOWS\system32\Normaliz.dll
0x456d0000 - 0x45803000 C:\WINDOWS\system32\urlmon.dll
0x41340000 - 0x4152b000 C:\WINDOWS\system32\iertutil.dll
0x6d6a0000 - 0x6d6e6000 C:\Program Files\Java\jre6\bin\regutils.dll
0x77bd0000 - 0x77bd8000 C:\WINDOWS\system32\VERSION.dll
0x6d600000 - 0x6d613000 C:\Program Files\Java\jre6\bin\net.dll
0x71a30000 - 0x71a47000 C:\WINDOWS\system32\WS2_32.dll
0x71a20000 - 0x71a28000 C:\WINDOWS\system32\WS2HELP.dll
0x6d620000 - 0x6d629000 C:\Program Files\Java\jre6\bin\nio.dll
0x746a0000 - 0x746ec000 C:\WINDOWS\system32\MSCTF.dll
0x75250000 - 0x7527e000 C:\WINDOWS\system32\msctfime.ime
0x6d230000 - 0x6d27f000 C:\Program Files\Java\jre6\bin\fontmanager.dll
0x719d0000 - 0x71a10000 C:\WINDOWS\System32\mswsock.dll
0x76ee0000 - 0x76f07000 C:\WINDOWS\system32\DNSAPI.dll
0x76d20000 - 0x76d39000 C:\WINDOWS\system32\iphlpapi.dll
0x76f70000 - 0x76f78000 C:\WINDOWS\System32\winrnr.dll
0x76f20000 - 0x76f4d000 C:\WINDOWS\system32\WLDAP32.dll
0x76f80000 - 0x76f86000 C:\WINDOWS\system32\rasadhlp.dll
0x61200000 - 0x61259000 C:\WINDOWS\system32\hnetcfg.dll
0x71a10000 - 0x71a18000 C:\WINDOWS\System32\wshtcpip.dll
0x6d1a0000 - 0x6d1c3000 C:\Program Files\Java\jre6\bin\dcpr.dll
0x68000000 - 0x68036000 C:\WINDOWS\system32\rsaenh.dll
0x76970000 - 0x76a25000 C:\WINDOWS\system32\USERENV.dll
0x6ff20000 - 0x6ff75000 C:\WINDOWS\system32\netapi32.dll
0x74db0000 - 0x74e1d000 C:\WINDOWS\system32\RICHED20.DLL
0x76bb0000 - 0x76bbb000 C:\WINDOWS\system32\PSAPI.DLL
VM Arguments:
jvm_args: -D__jvm_launched=3144973570 -Xbootclasspath/a:C:\PROGRA~1\Java\jre6\lib\deploy.jar;C:\PROGRA~1\Java\jre6\lib\javaws.jar;C:\PROGRA~1\Java\jre6\lib\plugin.jar -Dsun.awt.warmup=true
java_command: sun.plugin2.main.client.PluginMain write_pipe_name=jpi2_pid4092_pipe3,read_pipe_name=jpi2_pid4092_pipe2
Launcher Type: SUN_STANDARD
Environment Variables:
PATH=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\WINDOWS\system32\WindowsPowerShell\v1.0
USERNAME=Eigenaar
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
--------------- S Y S T E M ---------------
OS: Windows XP Build 2600 Service Pack 3
CPU:total 1 (1 cores per cpu, 1 threads per core) family 15 model 2 stepping 9, cmov, cx8, fxsr, mmx, sse, sse2
Memory: 4k page, physical 2619376k(1970952k free), swap 3999400k(3473080k free)
vm_info: Java HotSpot Client VM (20.4-b02) for windows-x86 JRE (1.6.0_29-b11), built on Oct 3 2011 01:01:08 by "java_re" with MS VC++ 7.1 (VS2003)
time: Thu Nov 24 13:21:10 2011
elapsed time: 466 seconds
-
ja dacht ik ook aan. denk dat ik dat maar doe.
Bedanklt voor de tip!
-
hallo allemaal
Nadat ik vorige week perfect door jullie geholpen ben inzake het oplossen van het Perflib_Perdata probleem
blijkt nu dat ik nog een (hopelijk klein) probleempje heb.
Ik heb avast als antispy program.
Als ik de computer opstart dan verschijnt het icoontje niet rechts onderin beeld
Als ik dan op het programma op mijn desktop klik staan er alle groene vinkjes en de tekst Uw systeem is volledig beveiligd en het icoontje rechtsonder in verschijnt dan.
Ik heb ook even gekeken via CCleaner in het start-up screen. daar staat Avast niet in
Wel heb ik nu avast webrep onder de I.e. toolbar. Die had ik nooit.
Ik heb via instelling de fabrieksinstelling ingeschakeld maar dat helpt ook
Heeft iemand een idee
bij voorbaat dank
---------- Post toegevoegd om 22:54 ---------- Vorige post was om 22:53 ----------
Het e.e.a is gebeurd (het niet verschijnen van het icoontje) nadat ik al die programma's gedraaid heb om het Perflib_Perdata probleem op te lossen
-
Alles dik in orde nu!
Hartelijk dank voor de hulp
mvg
-
daar ben ik weer. Bovenstaande instructies uitgevoerd. zie log files below.
Maar eerst het volgende. Nadat Combofix klaar was kam er een pop-up met """"kan het bestand c:\docume>>>\eige>>>\Del\locals>>>\Temp\log.txt niet vinden. Ja nee of annuleren. Ik heb maar op ja gedrukt en een leeg kladblok kwam op. De >>> staat voor een liggende S (Kan het ymbool niet vinden)
Verder Toen ik op internet kwam vroeg een pop-Up of ik I.E. Explorer als default browser wilde instellen. ook daar heb ik ja gezegd. Heb ik dat alles goed gedaan???
zie onder de log files:
3 files van combofix kwamen er op: MIsschien zit er een bij van een oudere datum?
1)
ComboFix 11-10-02.01 - Eigenaar 10/02/2011 12:55:21.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2558.2058 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Eigenaar.DELL\Bureaublad\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\QueryScan
c:\documents and settings\Eigenaar.DELL\Application Data\completescan
c:\documents and settings\Eigenaar.DELL\Application Data\install
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\z.xml
c:\program files\google\common\google updater\googleupdaterservice.exe
c:\program files\MPAccess
c:\program files\QueryScan
c:\program files\QueryScan\uninstall.exe
c:\windows\Downloaded Program Files\Install.inf
c:\windows\IsUn0413.exe
c:\windows\system32\comct332.ocx
c:\windows\system32\DC120fc7_32.dll
F:\autorun.inf
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MYWEBSEARCHSERVICE
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-09-02 to 2011-10-02 ))))))))))))))))))))))))))))))
.
.
2011-10-01 08:13 . 2011-10-01 08:13 388096 ----a-r- c:\documents and settings\Eigenaar.DELL\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-09-30 18:37 . 2011-10-02 08:07 -------- d--h--r- c:\documents and settings\Eigenaar.DELL\Onlangs geopend
2011-09-28 09:22 . 2011-09-28 10:15 -------- d-----w- c:\program files\Cobian Backup 10
2011-09-27 10:04 . 2011-09-27 10:04 -------- d-----w- c:\program files\DIFX
2011-09-24 14:37 . 2011-09-24 14:37 -------- d-----w- c:\program files\Speccy
2011-09-18 10:35 . 2011-09-18 10:35 -------- dc----w- c:\documents and settings\All Users\Application Data\NCH Software
2011-09-18 10:33 . 2011-09-18 10:33 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\NCH Software
2011-09-18 08:55 . 2011-09-18 08:55 -------- dc----w- c:\documents and settings\All Users\Application Data\Socusoft
2011-09-12 20:53 . 2011-09-12 20:53 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\nl.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
2011-09-09 09:12 . 2011-09-09 09:12 602624 -c----w- c:\windows\system32\dllcache\crypt32.dll
2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2011-09-04 21:01 . 2011-09-04 21:01 20747 ----a-w- c:\windows\system32\drivers\AegisP.sys
2011-09-04 08:06 . 2011-09-04 08:06 0 ---ha-w- c:\documents and settings\Eigenaar.DELL\Local Settings\Application Data\BIT9.tmp
2011-09-03 13:04 . 2007-01-31 17:01 256000 ----a-r- c:\windows\system32\drivers\netr73.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-25 19:29 . 2011-05-19 09:06 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:12 . 2004-08-04 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 20:45 . 2010-08-14 15:28 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2010-08-14 15:28 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-02-23 21:39 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2010-08-14 15:28 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2010-08-14 15:28 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2010-08-14 15:28 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2010-08-14 15:28 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-09-06 20:36 . 2010-08-14 15:28 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-09-06 20:36 . 2010-08-14 15:28 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-06 20:33 . 2010-08-14 15:28 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-08-31 15:00 . 2010-08-07 18:12 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-15 13:29 . 2004-08-04 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-04 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
1999-05-03 14:01 . 1999-05-03 14:01 99840 ----a-w- c:\program files\Common Files\IRAABOUT.DLL
1998-12-08 23:53 . 1998-12-08 23:53 70144 ----a-w- c:\program files\Common Files\IRAMDMTR.DLL
1998-12-08 23:53 . 1998-12-08 23:53 48640 ----a-w- c:\program files\Common Files\IRALPTTR.DLL
1998-12-08 23:53 . 1998-12-08 23:53 31744 ----a-w- c:\program files\Common Files\IRAWEBTR.DLL
1998-12-08 23:53 . 1998-12-08 23:53 186368 ----a-w- c:\program files\Common Files\IRAREG.DLL
1998-12-08 23:53 . 1998-12-08 23:53 17920 ----a-w- c:\program files\Common Files\IRASRIAL.DLL
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-03-10 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver\LVCOMS.EXE" [2001-09-06 94208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-02-10 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-02-10 118784]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Poort voor Symantec Fax Starter Edition.lnk]
backup=c:\windows\pss\Poort voor Symantec Fax Starter Edition.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Reality Fusion GameCam SE.lnk]
backup=c:\windows\pss\Reality Fusion GameCam SE.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar.DELL^Menu Start^Programma's^Opstarten^hpqtra08.exe]
path=c:\documents and settings\Eigenaar.DELL\Menu Start\Programma's\Opstarten\hpqtra08.exe
backup=c:\windows\pss\hpqtra08.exeStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar.DELL^Menu Start^Programma's^Opstarten^Secunia PSI.lnk]
backup=c:\windows\pss\Secunia PSI.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2010-10-27 09:00 1015808 ----a-w- c:\program files\Ares\Ares.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2004-02-10 09:51 118784 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2008-03-25 20:27 49152 -c--a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-06-02 07:28 81920 ----a-w- c:\program files\Hp\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2004-02-10 09:55 155648 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
2003-12-06 00:12 102400 ----a-w- c:\program files\Common Files\Logitech\PDDriver\LVComS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
2008-07-21 15:16 169312 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]
2008-09-30 12:06 485208 ----a-w- c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2010-12-20 21:18 20480 ----a-w- c:\program files\Real\RealPlayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2011-03-10 22:04 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office\\1043\\WFXMSRVR.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\Hp\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\iMesh Applications\\MediaBar\\Datamngr\\ToolBar\\dtUser.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2/23/2011 11:39 PM 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8/14/2010 5:28 PM 320856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8/14/2010 5:28 PM 20568]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/20/2010 4:38 PM 136176]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [1/21/2008 11:56 AM 20160]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8/20/2010 4:38 PM 136176]
S3 netr73;Sitecom RT73 Wireless Driver for Vista;c:\windows\system32\drivers\netr73.sys [9/3/2011 3:04 PM 256000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Inhoud van de 'Gedeelde Taken' map
.
2011-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-20 14:38]
.
2011-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-20 14:38]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.nu.nl/
mSearch Bar = hxxp://www.google.com
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} - hxxp://gocanaria.ath.cx:8000/kxhcm10.ocx
DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} - hxxp://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://83.84.124.118:9999/activex/AMC.cab
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-10 - (no file)
AddRemove-PuzzelMatch Kleurboek 1-2-3 nr.1 - c:\windows\IsUn0413.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-10-02 13:13
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-1177238915-484061587-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'explorer.exe'(2488)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Maxtor\Sync\SyncServices.exe
.
**************************************************************************
.
Voltooingstijd: 2011-10-02 13:25:24 - machine werd herstart
ComboFix-quarantined-files.txt 2011-10-02 11:25
ComboFix2.txt 2010-08-08 10:25
.
Pre-Run: 37,192,286,208 bytes beschikbaar
Post-Run: 37,104,869,376 bytes beschikbaar
.
- - End Of File - - F286D03A71D870152913FDFD5EBB0E74
2)
2011-10-02 11:23:28 . 2011-10-02 11:23:28 662 -c--a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-PuzzelMatch Kleurboek 1-2-3 nr.1.reg.dat
2011-10-02 11:21:34 . 2011-10-02 11:21:34 159 -c--a-w- C:\Qoobox\Quarantine\Registry_backups\Toolbar-10.reg.dat
2011-10-02 11:13:49 . 2011-10-02 11:13:49 313 -c--a-w- C:\Qoobox\Quarantine\F\av2.zip
2011-10-02 11:13:45 . 2010-08-08 10:32:46 55 -c--a-w- C:\Qoobox\Quarantine\F\autorun.inf.vir
2011-10-02 11:05:50 . 2011-10-02 11:05:50 892 -c--a-w- C:\Qoobox\Quarantine\Registry_backups\Legacy_MYWEBSEARCHSERVICE.reg.dat
2011-10-02 11:05:23 . 2011-10-02 11:05:23 9,828 -c--a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2011-10-02 10:52:16 . 2011-10-02 10:52:16 51 -c--a-w- C:\Qoobox\Quarantine\catchme.log
2011-07-01 06:48:40 . 2011-07-02 10:24:56 80,770 ----a-w- C:\Qoobox\Quarantine\C\Program Files\QueryScan\uninstall.exe.vir
2011-06-20 20:10:25 . 2011-06-20 20:13:34 5,120 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\mru.xml.vir
2011-05-30 04:20:36 . 2011-05-30 04:20:36 45,048 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\w.xml.vir
2011-05-30 04:20:36 . 2011-05-30 04:20:36 4,760 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\x.xml.vir
2011-05-30 04:20:36 . 2011-05-30 04:20:36 13,264 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\y.xml.vir
2011-05-30 04:20:36 . 2011-05-30 04:20:36 12,784 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\z.xml.vir
2011-05-30 04:20:34 . 2011-05-30 04:20:34 116,328 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\t.xml.vir
2011-05-30 04:20:34 . 2011-05-30 04:20:34 23,936 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\u.xml.vir
2011-05-30 04:20:34 . 2011-05-30 04:20:34 31,376 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\v.xml.vir
2011-05-30 04:20:32 . 2011-05-30 04:20:32 203,952 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\s.xml.vir
2011-05-30 04:20:28 . 2011-05-30 04:20:28 45,656 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\r.xml.vir
2011-05-30 04:20:26 . 2011-05-30 04:20:26 101,376 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\p.xml.vir
2011-05-30 04:20:26 . 2011-05-30 04:20:26 6,712 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\q.xml.vir
2011-05-30 04:20:24 . 2011-05-30 04:20:24 38,048 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\n.xml.vir
2011-05-30 04:20:24 . 2011-05-30 04:20:24 43,024 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\o.xml.vir
2011-05-30 04:20:22 . 2011-05-30 04:20:22 109,664 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\m.xml.vir
2011-05-30 04:20:20 . 2011-05-30 04:20:20 38,776 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\k.xml.vir
2011-05-30 04:20:20 . 2011-05-30 04:20:20 78,400 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\l.xml.vir
2011-05-30 04:20:18 . 2011-05-30 04:20:18 58,272 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\h.xml.vir
2011-05-30 04:20:18 . 2011-05-30 04:20:18 51,728 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\i.xml.vir
2011-05-30 04:20:18 . 2011-05-30 04:20:18 36,216 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\J.xml.vir
2011-05-30 04:20:16 . 2011-05-30 04:20:16 83,136 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\g.xml.vir
2011-05-30 04:20:14 . 2011-05-30 04:20:14 115,448 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\e.xml.vir
2011-05-30 04:20:14 . 2011-05-30 04:20:14 70,088 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\f.xml.vir
2011-05-30 04:20:12 . 2011-05-30 04:20:12 107,272 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\d.xml.vir
2011-05-30 04:20:10 . 2011-05-30 04:20:10 176,896 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\c.xml.vir
2011-05-30 04:20:06 . 2011-05-30 04:20:06 161,632 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\b.xml.vir
2011-05-30 04:20:04 . 2011-05-30 04:20:04 141,592 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\a.xml.vir
2011-05-30 04:20:02 . 2011-05-30 04:20:02 38,584 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\1.xml.vir
2011-04-30 20:44:28 . 2011-04-30 21:17:17 6 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\completescan.vir
2011-04-30 20:40:33 . 2011-04-30 20:41:01 10 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\install.vir
2011-03-10 22:04:23 . 2011-03-10 22:04:23 182,768 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Google\Common\Google Updater\googleupdaterservice.exe.vir
2010-03-04 08:22:42 . 2010-03-04 08:22:42 462 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\Downloaded Program Files\Install.inf.vir
2008-02-09 16:56:10 . 1999-08-04 11:00:00 522,752 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\DC120fc7_32.dll.vir
2008-01-29 20:39:23 . 1998-11-13 12:08:20 308,224 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\IsUn0413.exe.vir
2008-01-18 16:02:21 . 1999-05-07 12:24:20 414,944 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\comct332.ocx.vir
3)
ComboFix 10-08-07.02 - Eigenaar 08/08/2010 12:10:43.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.510.325 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Eigenaar.DELL\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\Eigenaar.DELL\Mijn documenten\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Panda Security
c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2KRN_DATA
c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM
c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM2
c:\program files\Panda Security\ActiveScan 2.0\nanocache.fil2
c:\program files\Panda Security\ActiveScan 2.0\pav.sig
c:\program files\Panda Security\ActiveScan 2.0\pavvts.dat
c:\program files\Panda Security\ActiveScan 2.0\psnengav.nsc
c:\program files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF
c:\program files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF.ext
F:\autorun.inf
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-07-08 to 2010-08-08 ))))))))))))))))))))))))))))))
.
2010-08-08 08:19 . 2010-08-08 09:54 -------- d--h--r- c:\documents and settings\Eigenaar.DELL\Onlangs geopend
2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Malwarebytes
2010-08-07 18:12 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-07 18:12 . 2010-08-07 18:12 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-07 18:12 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-07 13:17 . 2010-08-07 13:17 -------- d-----w- c:\documents and settings\LocalService\Application Data\Avira
2010-08-07 12:06 . 2010-08-07 12:06 -------- d-----r- c:\documents and settings\LocalService\Favorieten
2010-08-07 09:59 . 2010-08-07 09:59 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Avira
2010-08-07 09:53 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-08-07 09:53 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-08-07 09:53 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-08-07 09:53 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-08-07 09:53 . 2010-08-07 09:53 -------- dc----w- c:\documents and settings\All Users\Application Data\Avira
2010-08-07 09:53 . 2010-08-07 09:53 -------- d-----w- c:\program files\Avira
2010-08-07 09:12 . 2010-08-07 09:12 -------- d-----w- c:\program files\Trend Micro
2010-08-06 09:17 . 2010-08-06 09:17 -------- d-----w- c:\program files\Uniblue
2010-08-06 08:51 . 2010-08-06 08:51 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Agics
2010-08-04 14:03 . 2010-08-04 14:03 -------- d-----w- c:\windows\system32\wbem\Repository
2010-08-03 09:27 . 2010-08-04 14:02 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-07-29 22:31 . 2010-07-29 22:31 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Local Settings\Application Data\IsolatedStorage
2010-07-13 21:09 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-07 09:12 . 2010-08-07 09:12 388096 ----a-r- c:\documents and settings\Eigenaar.DELL\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-06 09:28 . 2008-08-18 08:22 -------- d-----w- c:\program files\CCleaner
2010-08-06 09:17 . 2009-08-14 21:28 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Uniblue
2010-08-05 13:31 . 2010-08-05 13:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcp71.dll
2010-08-05 13:31 . 2010-08-05 13:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\jmc.dll
2010-08-05 13:31 . 2010-08-05 13:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcr71.dll
2010-08-05 13:31 . 2010-08-05 13:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-sse.dll
2010-08-05 13:31 . 2010-08-05 13:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-d3d.dll
2010-08-04 14:02 . 2009-06-27 20:28 -------- d-----w- c:\program files\Free Offers from Freeze.com
2010-07-29 09:32 . 2009-08-28 22:22 -------- d-----w- c:\program files\Defraggler
2010-07-16 22:30 . 2010-07-16 22:30 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_hellboy.0200f4406079039e4f9f4fd4269c6144.dll
2010-07-16 22:30 . 2010-07-16 22:30 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_hellboy.2389dbbb7a92af30b5bb4e62701f18a5.dll
2010-07-16 22:28 . 2010-07-16 22:28 626688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jan_2010.114da6697b16a4308920de3f00df9d11.dll
2010-07-16 22:27 . 2010-07-16 22:27 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jan_2010.6ce545b01335b0127c2a55cc392a24e6.dll
2010-07-16 22:15 . 2010-07-16 22:15 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jan_2010.d3c0a2c195757b5887793e496479436f.dll
2010-07-16 22:15 . 2010-07-16 22:15 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_jan_2010.734d2ae11536c3d1a34ecdb91aaab798.dll
2010-07-16 11:38 . 2010-07-16 11:38 1298432 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_fairdrivebonus.c758372be753af44acdea3ddd4c0b015.dll
2010-07-16 11:37 . 2010-07-16 11:37 1306624 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_greenbonus.6150c13bb168b4b80750f08a02e28a9e.dll
2010-07-16 11:27 . 2010-07-16 11:27 1011712 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_july_2010.934131b7e2f15e0deb06b4e317c6c108.dll
2010-07-16 11:27 . 2010-07-16 11:27 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_july_2010.9c1607d40a53de9ef91918fa73cf99d0.dll
2010-07-16 11:27 . 2010-07-16 11:27 696320 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_july_2010.23b0661a6bd3570a6d2da1750a0085ca.dll
2010-07-16 11:27 . 2010-07-16 11:27 1286144 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\d\dragonladybonus.2ddbbf43b6d3b001ca5ad84e9dc4e54d.dll
2010-07-16 11:27 . 2010-07-16 11:27 2052096 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_july_2010.9f48110b234a40c3be22491a86bde221.dll
2010-07-16 11:27 . 2010-07-16 11:27 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_july_2010.3e886f3e2ac4872e018f5e377cc83ee6.dll
2010-07-16 11:06 . 2010-07-16 11:06 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010.efc83f7d6106f6f7311664ff1b2b2a32.dll
2010-07-16 11:06 . 2010-07-16 11:06 897024 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglecollectbonus.596cdc646662e46fb224ad69f0d29c52.dll
2010-07-16 11:02 . 2010-07-16 11:02 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010_ts2.010d658f2ae9013a31869ea2a90f670a.dll
2010-07-16 11:02 . 2010-07-16 11:02 1253376 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglebonus.1a195cb4fbfbdacf89c6d27c99a6de3d.dll
2010-07-16 11:01 . 2010-07-16 11:01 1273856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\progressivepickxofybonus_gao_may_2010_ts2.3570ad65954894854a4b31a8a356f0d8.dll
2010-07-16 11:00 . 2010-07-16 11:00 1654784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010.e60a82cb58fa330160e763dfeb0216d7.dll
2010-07-16 10:55 . 2010-07-16 10:55 962560 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickuntilbonus_gao_may_2010.51a9dc144ac371f77832e6c933f17727.dll
2010-07-16 10:54 . 2010-07-16 10:54 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010_ts2.0452ecc824ce8f16f726aeca77ff7172.dll
2010-07-16 10:52 . 2010-07-16 10:52 647168 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jun_2010.d455e3e6fd646b2b4ff2d1415e18a526.dll
2010-07-16 10:44 . 2010-07-16 10:44 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010.2405f0d3d8c04e05ae817cdad30d69ce.dll
2010-07-16 10:44 . 2010-07-16 10:44 2023424 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010_ts2.f8d4d9cfbfb83922a1dd69fdf7c205ec.dll
2010-07-16 10:33 . 2010-07-16 10:33 1691648 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_jun_2010.e94e166b3e5fdfc627184eb59be56c08.dll
2010-07-16 10:33 . 2010-07-16 10:33 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jun_2010.a30d1768b69cfafa9177550a249e5143.dll
2010-07-16 10:33 . 2010-07-16 10:33 905216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\soccerbonus.e748cc00ac46bd91666eb47f10b5b6e5.dll
2010-07-16 10:29 . 2010-07-16 10:29 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jun_2010.671a4e67b9b7512fd028318bbf42d763.dll
2010-07-16 10:20 . 2010-07-16 10:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_may_2010.327983cc45ba0730f50c5a42b7bffc26.dll
2010-07-16 10:20 . 2010-07-16 10:20 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_hellboy.ee1c177b2b367dc15184591e57db5798.dll
2010-07-15 21:23 . 2010-07-15 21:23 1650688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_mar_2010.011b7c042032e11252156706d78b5e83.dll
2010-07-15 21:22 . 2010-07-15 21:22 708608 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_mar_2010.00e558dbf98f160d236f0e738de93c37.dll
2010-07-15 21:20 . 2010-07-15 21:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_mar_2010.e5e91d49a18e4440b5a76ddd6446140c.dll
2010-07-15 21:19 . 2010-07-15 21:19 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_mar_2010.05a7fd71980574f91eb4c1420f71b1f7.dll
2010-07-11 11:13 . 2008-02-11 14:36 -------- dc----w- c:\documents and settings\All Users\Application Data\MGS
2010-07-11 11:09 . 2010-07-11 11:09 225552 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\videopokersuite1.e45a40be28c5bc5514b9e806f30cdc6f.dll
2010-07-11 11:09 . 2010-07-11 11:09 536576 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldplugin.a5e08942278dbb53df46a8a9523a445b.dll
2010-07-11 11:09 . 2010-07-11 11:09 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll
2010-07-11 11:08 . 2010-07-11 11:08 602112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldplugin.f7a40649bbd758b8f99cf67e1769d71c.dll
2010-07-11 11:08 . 2010-07-11 11:08 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll
2010-07-11 11:01 . 2010-07-11 11:01 372736 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_threereelslottour.56771e0804a357b382c833fa1cc8338b.dll
2010-07-11 11:00 . 2010-07-11 11:00 212992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_type_3reelnormal1_2.a6fd3910e9b23c299d2e5b44aaea7530.dll
2010-07-11 10:59 . 2010-07-11 10:59 307300 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjackplugin.0b33c40e992b0cec60ff557d251457d2.dll
2010-07-11 10:59 . 2010-07-11 10:59 335976 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvtabletournamentlobby.fc620794b1b18938b640573c722b3922.dll
2010-07-11 10:58 . 2010-07-11 10:58 311398 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjacktourxxx.96f2985eb296e0eeb1592aacd45d6e4c.dll
2010-07-11 10:43 . 2010-07-11 10:43 188416 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptleaderboard.4146c172bd98dcfce86f1098fd229eb4.dll
2010-07-11 10:42 . 2010-07-11 10:42 94208 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\l\lua51host.461d2601d0d39d2e2d5cd4a02a2b3087.dll
2010-07-11 10:42 . 2010-07-11 10:42 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunetransition.cdb6c11f100d3a3cb0c0550c21b277e4.dll
2010-07-11 10:41 . 2010-07-11 10:41 1568768 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune.b328b57943682e2d7fd4847916ff9b2b.dll
2010-07-11 10:41 . 2010-07-11 10:41 913680 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp.1f8183fa66e67576038aca6f8bbaa5aa.dll
2010-07-11 10:40 . 2010-07-11 10:40 1232896 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_gspider.770d41ad6c8d6246716f0968e4501795.dll
2010-07-11 10:39 . 2010-07-11 10:39 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_septgao_09.7dc488ed3eadaa7b6b5d08dbca4c71cf.dll
2010-07-11 10:39 . 2010-07-11 10:39 1236992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_spiderbonus.c6f7df06987955caf77bb513ebf7e5b5.dll
2010-07-11 10:36 . 2010-07-11 10:36 1609728 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_tggg.1a1d0cf38dbf32cac78a651320f71d98.dll
2010-07-11 10:36 . 2010-07-11 10:36 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunexxx.88b69b79191872d92329d1cfa9817586.dll
2010-07-11 10:36 . 2010-07-11 10:36 376832 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptadvancedslots.c25cbc913a8fbff25d5ff4436d66df8a.dll
2010-07-11 10:35 . 2010-07-11 10:35 1478656 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_wealthspa.1d6c52060a19ffc8e8529c6648d8f610.dll
2010-07-11 10:35 . 2010-07-11 10:35 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp2.46a4643f83fb4fee5edbd7b72ebf781d.dll
2010-07-11 10:35 . 2010-07-11 10:35 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_crankbonus.79fd1aae910e128f743d90232d089b3b.dll
2010-07-11 10:34 . 2010-07-11 10:34 1638400 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_summerholiday.246c971e5683180dd3d0e381fb6d8651.dll
2010-07-11 10:34 . 2010-07-11 10:34 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1.a5649140bdbd3a1f7c08b381be6f0a22.dll
2010-07-11 10:33 . 2010-07-11 10:33 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_octgao_09.27dbd220adee9f16140622d34764fadb.dll
2010-07-11 10:33 . 2010-07-11 10:33 1626112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_flightzone.120e06d45a565cdc8a97a294773b7eb8.dll
2010-07-11 10:31 . 2010-07-11 10:31 246032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\powerpokersuite1_nl.4b954e6e9e7bfe3947a12889040c706e.dll
2010-07-11 10:28 . 2010-07-11 10:28 65536 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\void.df7f7ef643b2f9803f9738f1b85d08e7.dll
2010-07-11 10:27 . 2010-07-11 10:27 471040 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\menucore.165da379d8a0adee611c449ba3662532.dll
2010-07-10 17:04 . 2009-09-04 21:07 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdw.DAT
2010-07-10 17:03 . 2009-09-04 20:47 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT
2010-06-28 20:15 . 2009-12-20 13:15 -------- d-----w- c:\program files\EUcasino
2010-06-24 21:10 . 2010-06-24 21:08 -------- d-----w- c:\program files\RadioBar
2010-06-24 21:08 . 2010-06-24 21:08 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\RadioBar
2010-06-23 14:31 . 2004-08-04 12:00 86022 ----a-w- c:\windows\system32\perfc013.dat
2010-06-23 14:31 . 2004-08-04 12:00 498912 ----a-w- c:\windows\system32\perfh013.dat
2010-06-14 14:31 . 2008-01-18 14:09 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-01 17:37 . 2010-05-12 08:14 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-24 08:31 . 2010-05-24 08:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcp71.dll
2010-05-24 08:31 . 2010-05-24 08:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\jmc.dll
2010-05-24 08:31 . 2010-05-24 08:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcr71.dll
2010-05-24 08:31 . 2010-05-24 08:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-sse.dll
2010-05-24 08:31 . 2010-05-24 08:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-d3d.dll
2010-05-12 12:22 . 2010-05-12 12:22 393216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\f\flyingwitchbonus.178abae7811f3ce106a1068e2f8e83aa.dll
2010-05-12 12:22 . 2010-05-12 12:22 352256 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\spinningwandbonus.71b441eaf88d72b917384cc517583ca7.dll
2010-05-12 12:13 . 2010-05-12 12:13 1171456 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_stonebonus.884fe3f012cc21e9f4b94beccb344fe5.dll
2010-05-12 12:11 . 2010-05-12 12:11 1204224 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bathbonus.eaf1477312e7ecb9b1c7aa0a26e6ac61.dll
2010-05-12 12:03 . 2010-05-12 12:03 1142784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bodywaxbonus.86b2e4bb4c8e68cbf84cdb6310c39218.dll
2010-05-12 12:01 . 2010-05-12 12:01 1290240 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_smoothiebonus.779ec9c8439f59a40852d4a998367c4f.dll
2010-05-12 12:01 . 2010-05-12 12:01 827392 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\playerinstantiatedchoosebonus.ceb25d7dda7b0effc207d3dec6e30288.dll
2010-05-12 12:01 . 2010-05-12 12:01 1196032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_massagebonus.0e575cb178075b87da73199c7e3bdcc1.dll
2010-05-12 11:39 . 2010-05-12 11:39 499984 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\greatgalaxycasinobonus.55dde164a6c32cf7a5be1bb8e3746043.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-08-08_09.24.58 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-08 09:40 . 2010-08-08 09:40 16384 c:\windows\Temp\Perflib_Perfdata_6b0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Sitecom Wireless Utility.lnk - c:\program files\Sitecom\Sitecom Wireless Network USB Adapter Turbo G WL-172\Installer\WLANUTL.EXE [2010-3-31 913408]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Poort voor Symantec Fax Starter Edition.lnk]
backup=c:\windows\pss\Poort voor Symantec Fax Starter Edition.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar.DELL^Menu Start^Programma's^Opstarten^Secunia PSI.lnk]
backup=c:\windows\pss\Secunia PSI.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2003-04-06 22:07 114688 -c--a-w- c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2008-03-25 20:27 49152 -c--a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-03-13 08:34 81920 ----a-w- c:\program files\Hp\Digital Imaging\bin\HpqSRmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2003-04-06 22:19 155648 ----a-w- c:\windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
2003-12-06 00:12 102400 ----a-w- c:\program files\Common Files\Logitech\PDDriver\LVComS.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
2008-07-21 15:16 169312 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]
2008-09-30 12:06 485208 ----a-w- c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2007-03-04 16:06 673280 ----a-w- c:\program files\K-Lite Codec Pack\Real\mpclauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office\\1043\\WFXMSRVR.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgpc01.exe"=
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8/7/2010 11:53 AM 135336]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [1/21/2008 11:56 AM 20160]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.nu.nl/
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} - hxxp://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://83.84.124.118:9999/activex/AMC.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2010-08-08 12:19
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_USERS\S-1-5-21-1177238915-484061587-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'winlogon.exe'(656)
c:\windows\system32\NTMARTA.DLL
.
Voltooingstijd: 2010-08-08 12:25:19
ComboFix-quarantined-files.txt 2010-08-08 10:25
ComboFix2.txt 2010-08-08 09:30
Pre-Run: 53,177,044,992 bytes beschikbaar
Post-Run: 53,187,727,360 bytes beschikbaar
- - End Of File - - 1CC087BCCF9A9AEF8DB9BE617CC23E59
HijckThis
ComboFix 10-08-07.02 - Eigenaar 08/08/2010 12:10:43.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.510.325 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Eigenaar.DELL\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\Eigenaar.DELL\Mijn documenten\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Panda Security
c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2KRN_DATA
c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM
c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM2
c:\program files\Panda Security\ActiveScan 2.0\nanocache.fil2
c:\program files\Panda Security\ActiveScan 2.0\pav.sig
c:\program files\Panda Security\ActiveScan 2.0\pavvts.dat
c:\program files\Panda Security\ActiveScan 2.0\psnengav.nsc
c:\program files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF
c:\program files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF.ext
F:\autorun.inf
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-07-08 to 2010-08-08 ))))))))))))))))))))))))))))))
.
2010-08-08 08:19 . 2010-08-08 09:54 -------- d--h--r- c:\documents and settings\Eigenaar.DELL\Onlangs geopend
2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Malwarebytes
2010-08-07 18:12 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-07 18:12 . 2010-08-07 18:12 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-07 18:12 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-07 13:17 . 2010-08-07 13:17 -------- d-----w- c:\documents and settings\LocalService\Application Data\Avira
2010-08-07 12:06 . 2010-08-07 12:06 -------- d-----r- c:\documents and settings\LocalService\Favorieten
2010-08-07 09:59 . 2010-08-07 09:59 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Avira
2010-08-07 09:53 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-08-07 09:53 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-08-07 09:53 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-08-07 09:53 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-08-07 09:53 . 2010-08-07 09:53 -------- dc----w- c:\documents and settings\All Users\Application Data\Avira
2010-08-07 09:53 . 2010-08-07 09:53 -------- d-----w- c:\program files\Avira
2010-08-07 09:12 . 2010-08-07 09:12 -------- d-----w- c:\program files\Trend Micro
2010-08-06 09:17 . 2010-08-06 09:17 -------- d-----w- c:\program files\Uniblue
2010-08-06 08:51 . 2010-08-06 08:51 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Agics
2010-08-04 14:03 . 2010-08-04 14:03 -------- d-----w- c:\windows\system32\wbem\Repository
2010-08-03 09:27 . 2010-08-04 14:02 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-07-29 22:31 . 2010-07-29 22:31 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Local Settings\Application Data\IsolatedStorage
2010-07-13 21:09 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-07 09:12 . 2010-08-07 09:12 388096 ----a-r- c:\documents and settings\Eigenaar.DELL\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-06 09:28 . 2008-08-18 08:22 -------- d-----w- c:\program files\CCleaner
2010-08-06 09:17 . 2009-08-14 21:28 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Uniblue
2010-08-05 13:31 . 2010-08-05 13:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcp71.dll
2010-08-05 13:31 . 2010-08-05 13:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\jmc.dll
2010-08-05 13:31 . 2010-08-05 13:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcr71.dll
2010-08-05 13:31 . 2010-08-05 13:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-sse.dll
2010-08-05 13:31 . 2010-08-05 13:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-d3d.dll
2010-08-04 14:02 . 2009-06-27 20:28 -------- d-----w- c:\program files\Free Offers from Freeze.com
2010-07-29 09:32 . 2009-08-28 22:22 -------- d-----w- c:\program files\Defraggler
2010-07-16 22:30 . 2010-07-16 22:30 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_hellboy.0200f4406079039e4f9f4fd4269c6144.dll
2010-07-16 22:30 . 2010-07-16 22:30 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_hellboy.2389dbbb7a92af30b5bb4e62701f18a5.dll
2010-07-16 22:28 . 2010-07-16 22:28 626688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jan_2010.114da6697b16a4308920de3f00df9d11.dll
2010-07-16 22:27 . 2010-07-16 22:27 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jan_2010.6ce545b01335b0127c2a55cc392a24e6.dll
2010-07-16 22:15 . 2010-07-16 22:15 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jan_2010.d3c0a2c195757b5887793e496479436f.dll
2010-07-16 22:15 . 2010-07-16 22:15 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_jan_2010.734d2ae11536c3d1a34ecdb91aaab798.dll
2010-07-16 11:38 . 2010-07-16 11:38 1298432 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_fairdrivebonus.c758372be753af44acdea3ddd4c0b015.dll
2010-07-16 11:37 . 2010-07-16 11:37 1306624 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_greenbonus.6150c13bb168b4b80750f08a02e28a9e.dll
2010-07-16 11:27 . 2010-07-16 11:27 1011712 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_july_2010.934131b7e2f15e0deb06b4e317c6c108.dll
2010-07-16 11:27 . 2010-07-16 11:27 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_july_2010.9c1607d40a53de9ef91918fa73cf99d0.dll
2010-07-16 11:27 . 2010-07-16 11:27 696320 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_july_2010.23b0661a6bd3570a6d2da1750a0085ca.dll
2010-07-16 11:27 . 2010-07-16 11:27 1286144 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\d\dragonladybonus.2ddbbf43b6d3b001ca5ad84e9dc4e54d.dll
2010-07-16 11:27 . 2010-07-16 11:27 2052096 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_july_2010.9f48110b234a40c3be22491a86bde221.dll
2010-07-16 11:27 . 2010-07-16 11:27 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_july_2010.3e886f3e2ac4872e018f5e377cc83ee6.dll
2010-07-16 11:06 . 2010-07-16 11:06 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010.efc83f7d6106f6f7311664ff1b2b2a32.dll
2010-07-16 11:06 . 2010-07-16 11:06 897024 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglecollectbonus.596cdc646662e46fb224ad69f0d29c52.dll
2010-07-16 11:02 . 2010-07-16 11:02 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010_ts2.010d658f2ae9013a31869ea2a90f670a.dll
2010-07-16 11:02 . 2010-07-16 11:02 1253376 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglebonus.1a195cb4fbfbdacf89c6d27c99a6de3d.dll
2010-07-16 11:01 . 2010-07-16 11:01 1273856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\progressivepickxofybonus_gao_may_2010_ts2.3570ad65954894854a4b31a8a356f0d8.dll
2010-07-16 11:00 . 2010-07-16 11:00 1654784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010.e60a82cb58fa330160e763dfeb0216d7.dll
2010-07-16 10:55 . 2010-07-16 10:55 962560 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickuntilbonus_gao_may_2010.51a9dc144ac371f77832e6c933f17727.dll
2010-07-16 10:54 . 2010-07-16 10:54 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010_ts2.0452ecc824ce8f16f726aeca77ff7172.dll
2010-07-16 10:52 . 2010-07-16 10:52 647168 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jun_2010.d455e3e6fd646b2b4ff2d1415e18a526.dll
2010-07-16 10:44 . 2010-07-16 10:44 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010.2405f0d3d8c04e05ae817cdad30d69ce.dll
2010-07-16 10:44 . 2010-07-16 10:44 2023424 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010_ts2.f8d4d9cfbfb83922a1dd69fdf7c205ec.dll
2010-07-16 10:33 . 2010-07-16 10:33 1691648 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_jun_2010.e94e166b3e5fdfc627184eb59be56c08.dll
2010-07-16 10:33 . 2010-07-16 10:33 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jun_2010.a30d1768b69cfafa9177550a249e5143.dll
2010-07-16 10:33 . 2010-07-16 10:33 905216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\soccerbonus.e748cc00ac46bd91666eb47f10b5b6e5.dll
2010-07-16 10:29 . 2010-07-16 10:29 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jun_2010.671a4e67b9b7512fd028318bbf42d763.dll
2010-07-16 10:20 . 2010-07-16 10:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_may_2010.327983cc45ba0730f50c5a42b7bffc26.dll
2010-07-16 10:20 . 2010-07-16 10:20 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_hellboy.ee1c177b2b367dc15184591e57db5798.dll
2010-07-15 21:23 . 2010-07-15 21:23 1650688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_mar_2010.011b7c042032e11252156706d78b5e83.dll
2010-07-15 21:22 . 2010-07-15 21:22 708608 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_mar_2010.00e558dbf98f160d236f0e738de93c37.dll
2010-07-15 21:20 . 2010-07-15 21:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_mar_2010.e5e91d49a18e4440b5a76ddd6446140c.dll
2010-07-15 21:19 . 2010-07-15 21:19 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_mar_2010.05a7fd71980574f91eb4c1420f71b1f7.dll
2010-07-11 11:13 . 2008-02-11 14:36 -------- dc----w- c:\documents and settings\All Users\Application Data\MGS
2010-07-11 11:09 . 2010-07-11 11:09 225552 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\videopokersuite1.e45a40be28c5bc5514b9e806f30cdc6f.dll
2010-07-11 11:09 . 2010-07-11 11:09 536576 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldplugin.a5e08942278dbb53df46a8a9523a445b.dll
2010-07-11 11:09 . 2010-07-11 11:09 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll
2010-07-11 11:08 . 2010-07-11 11:08 602112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldplugin.f7a40649bbd758b8f99cf67e1769d71c.dll
2010-07-11 11:08 . 2010-07-11 11:08 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll
2010-07-11 11:01 . 2010-07-11 11:01 372736 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_threereelslottour.56771e0804a357b382c833fa1cc8338b.dll
2010-07-11 11:00 . 2010-07-11 11:00 212992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_type_3reelnormal1_2.a6fd3910e9b23c299d2e5b44aaea7530.dll
2010-07-11 10:59 . 2010-07-11 10:59 307300 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjackplugin.0b33c40e992b0cec60ff557d251457d2.dll
2010-07-11 10:59 . 2010-07-11 10:59 335976 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvtabletournamentlobby.fc620794b1b18938b640573c722b3922.dll
2010-07-11 10:58 . 2010-07-11 10:58 311398 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjacktourxxx.96f2985eb296e0eeb1592aacd45d6e4c.dll
2010-07-11 10:43 . 2010-07-11 10:43 188416 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptleaderboard.4146c172bd98dcfce86f1098fd229eb4.dll
2010-07-11 10:42 . 2010-07-11 10:42 94208 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\l\lua51host.461d2601d0d39d2e2d5cd4a02a2b3087.dll
2010-07-11 10:42 . 2010-07-11 10:42 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunetransition.cdb6c11f100d3a3cb0c0550c21b277e4.dll
2010-07-11 10:41 . 2010-07-11 10:41 1568768 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune.b328b57943682e2d7fd4847916ff9b2b.dll
2010-07-11 10:41 . 2010-07-11 10:41 913680 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp.1f8183fa66e67576038aca6f8bbaa5aa.dll
2010-07-11 10:40 . 2010-07-11 10:40 1232896 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_gspider.770d41ad6c8d6246716f0968e4501795.dll
2010-07-11 10:39 . 2010-07-11 10:39 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_septgao_09.7dc488ed3eadaa7b6b5d08dbca4c71cf.dll
2010-07-11 10:39 . 2010-07-11 10:39 1236992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_spiderbonus.c6f7df06987955caf77bb513ebf7e5b5.dll
2010-07-11 10:36 . 2010-07-11 10:36 1609728 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_tggg.1a1d0cf38dbf32cac78a651320f71d98.dll
2010-07-11 10:36 . 2010-07-11 10:36 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunexxx.88b69b79191872d92329d1cfa9817586.dll
2010-07-11 10:36 . 2010-07-11 10:36 376832 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptadvancedslots.c25cbc913a8fbff25d5ff4436d66df8a.dll
2010-07-11 10:35 . 2010-07-11 10:35 1478656 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_wealthspa.1d6c52060a19ffc8e8529c6648d8f610.dll
2010-07-11 10:35 . 2010-07-11 10:35 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp2.46a4643f83fb4fee5edbd7b72ebf781d.dll
2010-07-11 10:35 . 2010-07-11 10:35 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_crankbonus.79fd1aae910e128f743d90232d089b3b.dll
2010-07-11 10:34 . 2010-07-11 10:34 1638400 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_summerholiday.246c971e5683180dd3d0e381fb6d8651.dll
2010-07-11 10:34 . 2010-07-11 10:34 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1.a5649140bdbd3a1f7c08b381be6f0a22.dll
2010-07-11 10:33 . 2010-07-11 10:33 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_octgao_09.27dbd220adee9f16140622d34764fadb.dll
2010-07-11 10:33 . 2010-07-11 10:33 1626112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_flightzone.120e06d45a565cdc8a97a294773b7eb8.dll
2010-07-11 10:31 . 2010-07-11 10:31 246032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\powerpokersuite1_nl.4b954e6e9e7bfe3947a12889040c706e.dll
2010-07-11 10:28 . 2010-07-11 10:28 65536 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\void.df7f7ef643b2f9803f9738f1b85d08e7.dll
2010-07-11 10:27 . 2010-07-11 10:27 471040 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\menucore.165da379d8a0adee611c449ba3662532.dll
2010-07-10 17:04 . 2009-09-04 21:07 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdw.DAT
2010-07-10 17:03 . 2009-09-04 20:47 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT
2010-06-28 20:15 . 2009-12-20 13:15 -------- d-----w- c:\program files\EUcasino
2010-06-24 21:10 . 2010-06-24 21:08 -------- d-----w- c:\program files\RadioBar
2010-06-24 21:08 . 2010-06-24 21:08 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\RadioBar
2010-06-23 14:31 . 2004-08-04 12:00 86022 ----a-w- c:\windows\system32\perfc013.dat
2010-06-23 14:31 . 2004-08-04 12:00 498912 ----a-w- c:\windows\system32\perfh013.dat
2010-06-14 14:31 . 2008-01-18 14:09 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-01 17:37 . 2010-05-12 08:14 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-24 08:31 . 2010-05-24 08:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcp71.dll
2010-05-24 08:31 . 2010-05-24 08:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\jmc.dll
2010-05-24 08:31 . 2010-05-24 08:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcr71.dll
2010-05-24 08:31 . 2010-05-24 08:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-sse.dll
2010-05-24 08:31 . 2010-05-24 08:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-d3d.dll
2010-05-12 12:22 . 2010-05-12 12:22 393216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\f\flyingwitchbonus.178abae7811f3ce106a1068e2f8e83aa.dll
2010-05-12 12:22 . 2010-05-12 12:22 352256 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\spinningwandbonus.71b441eaf88d72b917384cc517583ca7.dll
2010-05-12 12:13 . 2010-05-12 12:13 1171456 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_stonebonus.884fe3f012cc21e9f4b94beccb344fe5.dll
2010-05-12 12:11 . 2010-05-12 12:11 1204224 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bathbonus.eaf1477312e7ecb9b1c7aa0a26e6ac61.dll
2010-05-12 12:03 . 2010-05-12 12:03 1142784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bodywaxbonus.86b2e4bb4c8e68cbf84cdb6310c39218.dll
2010-05-12 12:01 . 2010-05-12 12:01 1290240 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_smoothiebonus.779ec9c8439f59a40852d4a998367c4f.dll
2010-05-12 12:01 . 2010-05-12 12:01 827392 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\playerinstantiatedchoosebonus.ceb25d7dda7b0effc207d3dec6e30288.dll
2010-05-12 12:01 . 2010-05-12 12:01 1196032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_massagebonus.0e575cb178075b87da73199c7e3bdcc1.dll
2010-05-12 11:39 . 2010-05-12 11:39 499984 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\greatgalaxycasinobonus.55dde164a6c32cf7a5be1bb8e3746043.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-08-08_09.24.58 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-08 09:40 . 2010-08-08 09:40 16384 c:\windows\Temp\Perflib_Perfdata_6b0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Sitecom Wireless Utility.lnk - c:\program files\Sitecom\Sitecom Wireless Network USB Adapter Turbo G WL-172\Installer\WLANUTL.EXE [2010-3-31 913408]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Poort voor Symantec Fax Starter Edition.lnk]
backup=c:\windows\pss\Poort voor Symantec Fax Starter Edition.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar.DELL^Menu Start^Programma's^Opstarten^Secunia PSI.lnk]
backup=c:\windows\pss\Secunia PSI.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2003-04-06 22:07 114688 -c--a-w- c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2008-03-25 20:27 49152 -c--a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-03-13 08:34 81920 ----a-w- c:\program files\Hp\Digital Imaging\bin\HpqSRmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2003-04-06 22:19 155648 ----a-w- c:\windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
2003-12-06 00:12 102400 ----a-w- c:\program files\Common Files\Logitech\PDDriver\LVComS.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
2008-07-21 15:16 169312 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]
2008-09-30 12:06 485208 ----a-w- c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2007-03-04 16:06 673280 ----a-w- c:\program files\K-Lite Codec Pack\Real\mpclauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office\\1043\\WFXMSRVR.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgpc01.exe"=
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8/7/2010 11:53 AM 135336]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [1/21/2008 11:56 AM 20160]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.nu.nl/
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} - hxxp://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://83.84.124.118:9999/activex/AMC.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2010-08-08 12:19
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_USERS\S-1-5-21-1177238915-484061587-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'winlogon.exe'(656)
c:\windows\system32\NTMARTA.DLL
.
Voltooingstijd: 2010-08-08 12:25:19
ComboFix-quarantined-files.txt 2010-08-08 10:25
ComboFix2.txt 2010-08-08 09:30
Pre-Run: 53,177,044,992 bytes beschikbaar
Post-Run: 53,187,727,360 bytes beschikbaar
- - End Of File - - 1CC087BCCF9A9AEF8DB9BE617CC23E59
---------- Post toegevoegd om 13:45 ---------- Vorige post was om 13:43 ----------
Ik doe verder nog maar even niets tot ik van u verdere instructies krijg
alvast bedankt!
-
hier is het log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:15:01 AM, on 10/1/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Babylon Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Golden Tiger Casino - {75AABD81-2A24-404E-8389-067312F231D7} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://gocanaria.ath.cx:8000/kxhcm10.ocx
O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} (pmjpegaudio Class) - http://www.bartboos.com:88/JpegInst.cab
O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - Windows Live OneCare
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sers10.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqemea/downloads/msxml4.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://83.84.124.118:9999/activex/AMC.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://rivernile.microgaming.com/rivernile/FlashAX2.cab
O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
--
End of file - 9992 bytes
-
Ja dat heb ik gedaan tot alles helemaal schoon was. Daarna weer geprobeerd om te copy-en en nu geeft hij aan dat Perflib_Perdata_78 in gebruik is door een ander programma.
De getallen worden anders dat is het enige
-
heel duiidelijk! Bedankt ga ik doen
Een vraagje nog
Als ik kijk naar Performance LOgs and Alert dan staat er OPSTART TYPE HANDMATIG en Aanmelden als Netwerkservice.
Moet ik nadat ik het bovenstaande heb gedaan dit weer terug zetten zoals het nu is
alvast bedankt
---------- Post toegevoegd om 14:28 ---------- Vorige post was om 14:25 ----------
Nu ik er nog eens naar kijk denk ik dat hij al gestopt was omdat ik alleen de optie starten en allen starten en vernieuwen open heb staan. Stoppen is niet aanklikbaar
Dus wat nu te doen
-
hallo,
Ik heb een probleempje met het copieren van alle windows programma naar mijn externe schijf (backup)
Als ik op het mapje windows druk en het wil copieeren naar mijn F schijf (extern) stop het proces en verschijnt er een pop-up dat Perflib_Perdata_220 in gebruik is door een ander programma. Ik heb het al eerder gedan en toen kwam de pop-up met Perflib_Perdata_174
Ik heb het hele systeem uitgebreid gescanned met Avast en Anti Malware (malwarebyte's)
Ik heb het geprobeerd met Avast uitgeschakeld. Ook niets.
Alle programma's )zover ik weet) waren gesloten
Wie kan me helpen
Alvast bedankt
---------- Post toegevoegd om 10:32 ---------- Vorige post was om 10:30 ----------
Ik heb ook nog geprobeerd om via het Windows zoekprogramma's Perflib_Perdata_220 op te zoeken maar zonder resultaat
-
Ja beste Jean-Pierre, Het probleem is opgelost en....misteries zullen er altijd blijven.
Had vanmorgen nog een klein probleempje met mijn Sitecom wireless router. Hoe dat is ontstaan is ook een misterie maar het was simpel om dat op te lossen: uninstalled oude programma, van de site van Sitecom een nieuwe driver geladen (is tegenwoordig geschikt voor alle Sitecoms!) en het liep gesmeerd!
Voordat ik afsluit als OPGELOST zou ik je nogmaals hartelijk willen bedanken voor de getoonde intresse en hulp
Bedankt!
Groeten
-
Ik heb ook nog even iets kleins gedaan met Moviemaker (werk ik wel af en toe mee) en heb de indruk dat dit zeker sneller werkt maar of het in verhouding staat met de uitbreiding van 2x 1GB weet ik eigelijk niet.
Java runtime error
in Archief Windows Algemeen
Geplaatst:
Hieronder het logfile.
Echter nergens in het log het woord imesh te vinden. Wel de naam van de externe schijf (Maxtor)
Op die externe schijf (F) staan dus al die imesh files/programma's. Hoe kan ik bv via CCleaner op de F schijf komen?
log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:58:34 AM, on 12/30/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Eigenaar.DELL\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Eigenaar.DELL\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Golden Tiger Casino - {75AABD81-2A24-404E-8389-067312F231D7} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://gocanaria.ath.cx:8000/kxhcm10.ocx
O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} (pmjpegaudio Class) - http://www.bartboos.com:88/JpegInst.cab
O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sers10.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqemea/downloads/msxml4.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://83.84.124.118:9999/activex/AMC.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://rivernile.microgaming.com/rivernile/FlashAX2.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
--
End of file - 9074 bytes