Ga naar inhoud

Jurgen Vermeersch

Lid
  • Items

    7
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door Jurgen Vermeersch

  1. onze computer werkt idd al heel wat sneller. Bedankt in ieder geval. Voorlopig kunnen wij met een geruster hart werken op onze pc. Wat doe ik met hijackthis en combofix, laat ik die programma's staan of mag ik ze verwijderen?
  2. Ik hoop dat het deze keer beter is. ssssSorry voor de vergissing. ComboFix 10-09-03.02 - HP_Eigenaar 05/09/2010 20:40:33.3.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.200 [GMT 2:00] Gestart vanuit: c:\documents and settings\HP_Eigenaar\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\HP_Eigenaar\Bureaublad\CFScript.txt AV: McAfee Antivirus en antispyware *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} FILE :: "c:\windows\system32\drivers\ctredrv.sys" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Family Toolbar c:\program files\Family Toolbar\about.gif c:\program files\Family Toolbar\about.html c:\program files\Family Toolbar\active.html c:\program files\Family Toolbar\addPhotos.gif c:\program files\Family Toolbar\alerts.gif c:\program files\Family Toolbar\anniversary.gif c:\program files\Family Toolbar\AR.gif c:\program files\Family Toolbar\banner.html c:\program files\Family Toolbar\basis.xml c:\program files\Family Toolbar\BG.gif c:\program files\Family Toolbar\birthday.gif c:\program files\Family Toolbar\buyFamilyGifts.gif c:\program files\Family Toolbar\calendar.gif c:\program files\Family Toolbar\chat.html c:\program files\Family Toolbar\clearhist.exe c:\program files\Family Toolbar\clearSearchHistory.gif c:\program files\Family Toolbar\collage.gif c:\program files\Family Toolbar\createFamilySite.gif c:\program files\Family Toolbar\CS.gif c:\program files\Family Toolbar\DA.gif c:\program files\Family Toolbar\dbghelp.dll c:\program files\Family Toolbar\DE.gif c:\program files\Family Toolbar\EL.gif c:\program files\Family Toolbar\EN.gif c:\program files\Family Toolbar\ES.gif c:\program files\Family Toolbar\Family_Toolbar.dll c:\program files\Family Toolbar\family_toolbar.xpi c:\program files\Family Toolbar\familyTree.gif c:\program files\Family Toolbar\femaleOnline.gif c:\program files\Family Toolbar\femaleOnlineAway.gif c:\program files\Family Toolbar\FI.gif c:\program files\Family Toolbar\FR.gif c:\program files\Family Toolbar\HE.gif c:\program files\Family Toolbar\HR.gif c:\program files\Family Toolbar\HU.gif c:\program files\Family Toolbar\icons.bmp c:\program files\Family Toolbar\inboxOff.gif c:\program files\Family Toolbar\inboxOn.gif c:\program files\Family Toolbar\info.txt c:\program files\Family Toolbar\inviteFamily.gif c:\program files\Family Toolbar\IT.gif c:\program files\Family Toolbar\logoff.gif c:\program files\Family Toolbar\logOnToMH.gif c:\program files\Family Toolbar\LT.gif c:\program files\Family Toolbar\maleOnline.gif c:\program files\Family Toolbar\maleOnlineAway.gif c:\program files\Family Toolbar\MHlogo.gif c:\program files\Family Toolbar\morph.gif c:\program files\Family Toolbar\NL.gif c:\program files\Family Toolbar\NO.gif c:\program files\Family Toolbar\off.exe c:\program files\Family Toolbar\online.gif c:\program files\Family Toolbar\PB.gif c:\program files\Family Toolbar\photos.gif c:\program files\Family Toolbar\PL.gif c:\program files\Family Toolbar\privacy.gif c:\program files\Family Toolbar\PT.gif c:\program files\Family Toolbar\reload.gif c:\program files\Family Toolbar\RO.gif c:\program files\Family Toolbar\RU.gif c:\program files\Family Toolbar\search.gif c:\program files\Family Toolbar\site.gif c:\program files\Family Toolbar\sites.gif c:\program files\Family Toolbar\SK.gif c:\program files\Family Toolbar\SR.gif c:\program files\Family Toolbar\stub.xml c:\program files\Family Toolbar\SV.gif c:\program files\Family Toolbar\tagPeople.gif c:\program files\Family Toolbar\TB_AR.gif c:\program files\Family Toolbar\TB_BG.gif c:\program files\Family Toolbar\TB_CS.gif c:\program files\Family Toolbar\TB_DA.gif c:\program files\Family Toolbar\TB_DE.gif c:\program files\Family Toolbar\TB_EL.gif c:\program files\Family Toolbar\TB_EN.gif c:\program files\Family Toolbar\TB_ES.gif c:\program files\Family Toolbar\TB_FI.gif c:\program files\Family Toolbar\TB_FR.gif c:\program files\Family Toolbar\TB_HE.gif c:\program files\Family Toolbar\TB_HR.gif c:\program files\Family Toolbar\TB_HU.gif c:\program files\Family Toolbar\TB_IT.gif c:\program files\Family Toolbar\TB_LT.gif c:\program files\Family Toolbar\TB_NL.gif c:\program files\Family Toolbar\TB_NO.gif c:\program files\Family Toolbar\TB_PB.gif c:\program files\Family Toolbar\TB_PL.gif c:\program files\Family Toolbar\TB_PT.gif c:\program files\Family Toolbar\TB_RO.gif c:\program files\Family Toolbar\TB_RU.gif c:\program files\Family Toolbar\TB_SK.gif c:\program files\Family Toolbar\TB_SR.gif c:\program files\Family Toolbar\TB_SV.gif c:\program files\Family Toolbar\TB_TR.gif c:\program files\Family Toolbar\TB_UK.gif c:\program files\Family Toolbar\tbhelper.dll c:\program files\Family Toolbar\tbs_include_script_000391.js c:\program files\Family Toolbar\tbs_include_script_000733.js c:\program files\Family Toolbar\tbs_include_script_000784.js c:\program files\Family Toolbar\tbs_include_script_001134.js c:\program files\Family Toolbar\tbs_include_script_002287.js c:\program files\Family Toolbar\tbs_include_script_002346.js c:\program files\Family Toolbar\tbs_include_script_002789.js c:\program files\Family Toolbar\tbs_include_script_002833.js c:\program files\Family Toolbar\tbs_include_script_003080.js c:\program files\Family Toolbar\tbs_include_script_003083.js c:\program files\Family Toolbar\tbs_include_script_004456.js c:\program files\Family Toolbar\tbs_include_script_004711.js c:\program files\Family Toolbar\tbs_include_script_004823.js c:\program files\Family Toolbar\tbs_include_script_004824.js c:\program files\Family Toolbar\tbs_include_script_005792.js c:\program files\Family Toolbar\tbs_include_script_006838.js c:\program files\Family Toolbar\tbs_include_script_007158.js c:\program files\Family Toolbar\tbs_include_script_007564.js c:\program files\Family Toolbar\tbs_include_script_007690.js c:\program files\Family Toolbar\tbs_include_script_007803.js c:\program files\Family Toolbar\tbs_include_script_008357.js c:\program files\Family Toolbar\tbs_include_script_008502.js c:\program files\Family Toolbar\tbs_include_script_009578.js c:\program files\Family Toolbar\tbs_include_script_009807.js c:\program files\Family Toolbar\tbs_include_script_011492.js c:\program files\Family Toolbar\tbs_include_script_011550.js c:\program files\Family Toolbar\tbs_include_script_011614.js c:\program files\Family Toolbar\tbs_include_script_011637.js c:\program files\Family Toolbar\tbs_include_script_012671.js c:\program files\Family Toolbar\tbs_include_script_013916.js c:\program files\Family Toolbar\tbs_include_script_014484.js c:\program files\Family Toolbar\tbs_include_script_014583.js c:\program files\Family Toolbar\tbs_include_script_014799.js c:\program files\Family Toolbar\tbs_include_script_015508.js c:\program files\Family Toolbar\tbs_include_script_015800.js c:\program files\Family Toolbar\tbs_include_script_016179.js c:\program files\Family Toolbar\tbs_include_script_016289.js c:\program files\Family Toolbar\tbs_include_script_016678.js c:\program files\Family Toolbar\tbs_include_script_017022.js c:\program files\Family Toolbar\tbs_include_script_017427.js c:\program files\Family Toolbar\tbs_include_script_018243.js c:\program files\Family Toolbar\tbs_include_script_018279.js c:\program files\Family Toolbar\tbs_include_script_018505.js c:\program files\Family Toolbar\tbs_include_script_020098.js c:\program files\Family Toolbar\tbs_include_script_020109.js c:\program files\Family Toolbar\tbs_include_script_020129.js c:\program files\Family Toolbar\tbs_include_script_020859.js c:\program files\Family Toolbar\tbs_include_script_022495.js c:\program files\Family Toolbar\tbs_include_script_023942.js c:\program files\Family Toolbar\tbs_include_script_025757.js c:\program files\Family Toolbar\tbs_include_script_025787.js c:\program files\Family Toolbar\tbs_include_script_026799.js c:\program files\Family Toolbar\tbs_include_script_026954.js c:\program files\Family Toolbar\tbs_include_script_027482.js c:\program files\Family Toolbar\tbs_include_script_027696.js c:\program files\Family Toolbar\tbs_include_script_028246.js c:\program files\Family Toolbar\tbs_include_script_028279.js c:\program files\Family Toolbar\tbs_include_script_029390.js c:\program files\Family Toolbar\tbs_include_script_030206.js c:\program files\Family Toolbar\tbs_include_script_030277.js c:\program files\Family Toolbar\tbs_include_script_030359.js c:\program files\Family Toolbar\tbs_include_script_030760.js c:\program files\Family Toolbar\tbs_include_script_030814.js c:\program files\Family Toolbar\tbs_include_script_031331.js c:\program files\Family Toolbar\tbs_include_script_031332.js c:\program files\Family Toolbar\tbs_include_script_031711.js c:\program files\Family Toolbar\tbs_include_script_032188.js c:\program files\Family Toolbar\tbs_include_script_032423.js c:\program files\Family Toolbar\tbs_include_script_032495.js c:\program files\Family Toolbar\tellAFriend.gif c:\program files\Family Toolbar\toolbarSetting.gif c:\program files\Family Toolbar\TR.gif c:\program files\Family Toolbar\UK.gif c:\program files\Family Toolbar\uninstall.exe c:\program files\Family Toolbar\uninstall.gif c:\program files\Family Toolbar\update.exe c:\program files\Family Toolbar\updateToolbar.gif c:\program files\Family Toolbar\userSite.gif c:\program files\Family Toolbar\version.txt c:\program files\Family Toolbar\whatsNew.gif . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_CTREDRV.SYS -------\Service_ctredrv.sys (((((((((((((((((((( Bestanden Gemaakt van 2010-08-05 to 2010-09-05 )))))))))))))))))))))))))))))) . 2010-09-05 14:48 . 2010-09-05 14:48 -------- d-----w- c:\program files\CodeStuff 2010-09-04 14:42 . 2010-09-05 14:55 -------- d--h--r- c:\documents and settings\HP_Eigenaar\Onlangs geopend 2010-09-03 18:32 . 2010-09-03 18:32 -------- d-----w- c:\documents and settings\HP_Eigenaar\Application Data\Malwarebytes 2010-09-03 18:32 . 2010-09-03 18:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-09-03 18:31 . 2010-09-04 12:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-03 17:44 . 2010-09-03 18:23 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-09-03 14:59 . 2010-09-03 14:59 -------- d-----w- c:\program files\Trend Micro . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-05 16:16 . 2010-09-05 16:16 388096 ----a-r- c:\documents and settings\HP_Eigenaar\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-09-03 21:22 . 2010-05-12 13:28 -------- d-----w- c:\program files\CCleaner 2010-09-03 18:25 . 2005-04-06 00:09 -------- d-----w- c:\program files\Common Files\Java 2010-09-03 18:23 . 2005-04-06 00:09 -------- d-----w- c:\program files\Java 2010-09-03 17:44 . 2010-09-03 17:44 503808 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-750684b8-n\msvcp71.dll 2010-09-03 17:44 . 2010-09-03 17:44 499712 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-750684b8-n\jmc.dll 2010-09-03 17:44 . 2010-09-03 17:44 348160 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-750684b8-n\msvcr71.dll 2010-09-03 17:44 . 2010-09-03 17:44 61440 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ab06e10-n\decora-sse.dll 2010-09-03 17:44 . 2010-09-03 17:44 12800 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ab06e10-n\decora-d3d.dll 2010-08-16 14:01 . 2009-10-21 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-08-05 05:40 . 2010-01-07 16:30 -------- d-----w- c:\program files\McAfee.com 2010-08-04 13:24 . 2010-01-07 16:30 -------- d-----w- c:\program files\McAfee 2010-08-04 13:23 . 2010-01-07 16:30 -------- d-----w- c:\program files\Common Files\McAfee 2010-06-30 12:33 . 2005-07-27 19:21 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:27 . 2005-07-27 19:21 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2005-07-27 19:21 1852032 ----a-w- c:\windows\system32\win32k.sys 2010-06-23 06:24 . 2010-06-23 06:24 501936 ----a-w- c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtb4E.tmp.exe 2010-06-21 15:27 . 2005-07-27 19:21 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2005-07-27 19:20 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2005-07-27 19:20 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 07:43 . 2005-07-27 19:20 1172480 ----a-w- c:\windows\system32\msxml3.dll 2005-10-12 14:04 . 2005-10-12 14:04 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-06-02 5451536] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-23 39408] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "Family Tree Builder Update"="c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2009-11-02 222736] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-06-24 1193848] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-09-29 4603904] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2008-4-17 2326528] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Acrobat Assistant.lnk] backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk] backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk] backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk] backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^HP_Eigenaar^Menu Start^Programma's^Opstarten^runit_32.lnk] path=c:\documents and settings\HP_Eigenaar\Menu Start\Programma's\Opstarten\runit_32.lnk backup=c:\windows\pss\runit_32.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^HP_Eigenaar^Menu Start^Programma's^Opstarten^YouTube Uploader.lnk] path=c:\documents and settings\HP_Eigenaar\Menu Start\Programma's\Opstarten\YouTube Uploader.lnk backup=c:\windows\pss\YouTube Uploader.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton] 2005-04-06 00:36 159744 ----a-w- c:\progra~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd] 2005-02-18 20:32 2754560 ----a-w- c:\windows\ALCWZRD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2009-08-13 14:51 177440 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Belgacom] 2008-05-29 09:18 202016 ----a-r- c:\program files\Belgacom\bin\sprtcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Home Theater SchSvr] 2004-11-05 05:26 106496 ----a-w- c:\program files\Common Files\InterVideo\SchSvr\SchSvr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] 2004-05-12 14:18 241664 ----a-w- c:\program files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06] 2004-06-07 18:47 659456 ----a-w- c:\windows\system32\hphmon06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06] 2004-06-07 18:53 49152 ----a-w- c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] 1998-05-07 16:04 52736 ----a-w- c:\windows\system\hpsysdrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2004-06-16 11:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2004-08-09 04:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-11-12 15:33 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] 2005-02-02 15:44 61440 ----a-w- c:\hp\KBD\kbd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher] 2004-10-14 21:54 253952 ----a-w- c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2004-09-29 20:23 4603904 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2004-09-29 20:23 921600 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] 2004-04-14 20:43 233472 ----a-w- c:\windows\SMINST\Recguard.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkoppeling naar eigenschappenvenster voor High Definition Audio] 2004-03-17 21:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] 2005-10-26 14:17 159744 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] 2005-02-21 20:49 90112 ----a-w- c:\windows\SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-08-23 06:50 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINREMOTE] 2004-11-05 06:44 192512 ----a-w- c:\program files\InterVideo\Common\Bin\WinRemote.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\HP_Eigenaar\\Mijn documenten\\Mijn muziek\\iTunes\\iTunes Music\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"= "c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"= R1 mchInjDrv;madCodeHook DLL injection driver;c:\windows\system32\drivers\mchInjDrv.sys [5/11/2007 21:14 2560] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [4/08/2010 13:45 82952] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [9/10/2007 14:13 38144] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [7/01/2010 18:34 93320] R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [4/08/2010 13:45 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [4/08/2010 13:45 271480] R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [4/08/2010 13:46 188136] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [4/08/2010 13:45 141792] R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [29/05/2008 11:18 202016] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [4/08/2010 13:45 55456] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [4/08/2010 13:45 312616] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [4/08/2010 13:45 88480] R3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [6/04/2005 2:14 24544] R3 PRISM_A00;Wireless PCI 802.11b/g adapter WN4201B Driver;c:\windows\system32\drivers\PCTELSAP.SYS [6/04/2005 2:14 306560] R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [28/12/2007 16:02 287232] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29/01/2010 18:34 135664] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [4/08/2010 13:45 88480] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [4/08/2010 13:45 83496] S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [9/04/2008 12:52 21376] S3 z530bus;Sony Ericsson Z530 Driver driver (WDM);c:\windows\system32\drivers\z530bus.sys [20/05/2007 10:33 58288] S3 z530mdfl;Sony Ericsson Z530 USB WMC Modem Filter;c:\windows\system32\drivers\z530mdfl.sys [20/05/2007 10:33 8336] S3 z530mdm;Sony Ericsson Z530 USB WMC Modem Driver;c:\windows\system32\drivers\z530mdm.sys [20/05/2007 10:33 94064] S3 z530mgmt;Sony Ericsson Z530 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\z530mgmt.sys [20/05/2007 10:33 85408] S3 z530obex;Sony Ericsson Z530 USB WMC OBEX Interface;c:\windows\system32\drivers\z530obex.sys [20/05/2007 10:33 83344] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [22/10/2007 20:20 685816] --- Andere Services/Drivers In Geheugen --- *Deregistered* - mfeavfk01 . Inhoud van de 'Gedeelde Taken' map 2010-09-03 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 16:34] 2010-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 16:34] 2009-07-24 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] 2010-06-11 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2010-09-05 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2010-09-05 c:\windows\Tasks\User_Feed_Synchronization-{0D61D223-5287-4411-BF58-7D7CA29E715B}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop mStart Page = hxxp://search.myheritage.com mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Transfer by Image Converter 2 - c:\program files\Sony\Image Converter 2\menu.htm IE: Zoeken op eBay - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-05 21:00 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140211900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(3516) c:\windows\TEMP\logishrd\LVPrcInj01.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\windows\system32\HPZipm12.exe c:\windows\system32\SearchIndexer.exe c:\program files\Common Files\McAfee\SystemCore\mcshield.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe . ************************************************************************** . Voltooingstijd: 2010-09-05 21:13:14 - machine werd herstart ComboFix-quarantined-files.txt 2010-09-05 19:13 ComboFix2.txt 2010-09-05 15:59 ComboFix3.txt 2010-09-04 14:22 Pre-Run: 183.561.826.304 bytes beschikbaar Post-Run: 183.555.817.472 bytes beschikbaar - - End Of File - - 687422FC34E7F4A7C43B1CBF5050C0A7
  3. I k hoop geen fouten te hebben gemaakt. Bdankt voor het geduld en de nodige uitleg. Wel heb ik de indruk dat onze computer al wat sneller werkt. dank je ann iedereen Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:06:58, on 5/09/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Logitech\Logitech Vid\vid.exe C:\Program Files\NETGEAR\WG111v3\WG111v3.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search Marketing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search Marketing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100804134606.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm O8 - Extra context menu item: Zoeken op eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172780490234 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://virusscanner.telenet.be/fscax.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -- End of file - 13101 bytes ComboFix 10-09-03.02 - HP_Eigenaar 05/09/2010 17:21:18.2.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.137 [GMT 2:00] Gestart vanuit: c:\documents and settings\HP_Eigenaar\Bureaublad\ComboFix.exe AV: McAfee Antivirus en antispyware *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\TEMP\logishrd\LVPrcInj01.dll . (((((((((((((((((((( Bestanden Gemaakt van 2010-08-05 to 2010-09-05 )))))))))))))))))))))))))))))) . 2010-09-03 18:32 . 2010-09-03 18:32 -------- d-----w- c:\documents and settings\HP_Eigenaar\Application Data\Malwarebytes 2010-09-03 18:32 . 2010-09-03 18:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-05 14:48 . 2010-09-05 14:48 -------- d-----w- c:\program files\CodeStuff 2010-09-04 12:50 . 2010-09-03 18:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-03 21:22 . 2010-05-12 13:28 -------- d-----w- c:\program files\CCleaner 2010-09-03 18:25 . 2005-04-06 00:09 -------- d-----w- c:\program files\Common Files\Java 2010-09-03 18:23 . 2010-09-03 17:44 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-09-03 18:23 . 2005-04-06 00:09 -------- d-----w- c:\program files\Java 2010-09-03 17:44 . 2010-09-03 17:44 503808 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-750684b8-n\msvcp71.dll 2010-09-03 17:44 . 2010-09-03 17:44 499712 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-750684b8-n\jmc.dll 2010-09-03 17:44 . 2010-09-03 17:44 348160 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-750684b8-n\msvcr71.dll 2010-09-03 17:44 . 2010-09-03 17:44 61440 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ab06e10-n\decora-sse.dll 2010-09-03 17:44 . 2010-09-03 17:44 12800 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ab06e10-n\decora-d3d.dll 2010-09-03 17:35 . 2010-05-14 07:54 -------- d-----w- c:\program files\Family Toolbar 2010-09-03 14:59 . 2010-09-03 14:59 -------- d-----w- c:\program files\Trend Micro 2010-08-16 14:01 . 2009-10-21 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-08-05 05:40 . 2010-01-07 16:30 -------- d-----w- c:\program files\McAfee.com 2010-08-04 13:24 . 2010-01-07 16:30 -------- d-----w- c:\program files\McAfee 2010-08-04 13:23 . 2010-01-07 16:30 -------- d-----w- c:\program files\Common Files\McAfee 2010-06-30 12:33 . 2005-07-27 19:21 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:27 . 2005-07-27 19:21 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2005-07-27 19:21 1852032 ----a-w- c:\windows\system32\win32k.sys 2010-06-23 06:24 . 2010-06-23 06:24 501936 ----a-w- c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtb4E.tmp.exe 2010-06-21 15:27 . 2005-07-27 19:21 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2005-07-27 19:20 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 07:43 . 2005-07-27 19:20 1172480 ----a-w- c:\windows\system32\msxml3.dll 2005-10-12 14:04 . 2005-10-12 14:04 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-06-02 5451536] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "Family Tree Builder Update"="c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2009-11-02 222736] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-06-24 1193848] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-09-29 4603904] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2008-4-17 2326528] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Acrobat Assistant.lnk] backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk] backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk] backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk] backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^HP_Eigenaar^Menu Start^Programma's^Opstarten^runit_32.lnk] path=c:\documents and settings\HP_Eigenaar\Menu Start\Programma's\Opstarten\runit_32.lnk backup=c:\windows\pss\runit_32.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^HP_Eigenaar^Menu Start^Programma's^Opstarten^YouTube Uploader.lnk] path=c:\documents and settings\HP_Eigenaar\Menu Start\Programma's\Opstarten\YouTube Uploader.lnk backup=c:\windows\pss\YouTube Uploader.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton] 2005-04-06 00:36 159744 ----a-w- c:\progra~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-02-21 20:49 69632 ----a-w- c:\windows\ALCMTR.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd] 2005-02-18 20:32 2754560 ----a-w- c:\windows\ALCWZRD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2009-08-13 14:51 177440 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Belgacom] 2008-05-29 09:18 202016 ----a-r- c:\program files\Belgacom\bin\sprtcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Home Theater SchSvr] 2004-11-05 05:26 106496 ----a-w- c:\program files\Common Files\InterVideo\SchSvr\SchSvr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] 2004-05-12 14:18 241664 ----a-w- c:\program files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06] 2004-06-07 18:47 659456 ----a-w- c:\windows\system32\hphmon06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06] 2004-06-07 18:53 49152 ----a-w- c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] 1998-05-07 16:04 52736 ----a-w- c:\windows\system\hpsysdrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2004-06-16 11:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2004-08-09 04:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-11-12 15:33 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] 2005-02-02 15:44 61440 ----a-w- c:\hp\KBD\kbd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher] 2004-10-14 21:54 253952 ----a-w- c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2004-09-29 20:23 4603904 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2004-09-29 20:23 921600 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] 2004-04-14 20:43 233472 ----a-w- c:\windows\SMINST\Recguard.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkoppeling naar eigenschappenvenster voor High Definition Audio] 2004-03-17 21:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] 2005-10-26 14:17 159744 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] 2005-02-21 20:49 90112 ----a-w- c:\windows\SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-08-23 06:50 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINREMOTE] 2004-11-05 06:44 192512 ----a-w- c:\program files\InterVideo\Common\Bin\WinRemote.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\HP_Eigenaar\\Mijn documenten\\Mijn muziek\\iTunes\\iTunes Music\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"= "c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"= R1 mchInjDrv;madCodeHook DLL injection driver;c:\windows\system32\drivers\mchInjDrv.sys [5/11/2007 21:14 2560] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [4/08/2010 13:45 82952] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [9/10/2007 14:13 38144] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [7/01/2010 18:34 93320] R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [4/08/2010 13:45 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [4/08/2010 13:45 271480] R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [4/08/2010 13:46 188136] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [4/08/2010 13:45 141792] R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [29/05/2008 11:18 202016] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [4/08/2010 13:45 55456] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [4/08/2010 13:45 312616] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [4/08/2010 13:45 88480] R3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [6/04/2005 2:14 24544] R3 PRISM_A00;Wireless PCI 802.11b/g adapter WN4201B Driver;c:\windows\system32\drivers\PCTELSAP.SYS [6/04/2005 2:14 306560] R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [28/12/2007 16:02 287232] S1 ctredrv.sys;ctredrv.sys;\??\c:\windows\system32\drivers\ctredrv.sys --> c:\windows\system32\drivers\ctredrv.sys [?] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29/01/2010 18:34 135664] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [4/08/2010 13:45 88480] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [4/08/2010 13:45 83496] S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [9/04/2008 12:52 21376] S3 z530bus;Sony Ericsson Z530 Driver driver (WDM);c:\windows\system32\drivers\z530bus.sys [20/05/2007 10:33 58288] S3 z530mdfl;Sony Ericsson Z530 USB WMC Modem Filter;c:\windows\system32\drivers\z530mdfl.sys [20/05/2007 10:33 8336] S3 z530mdm;Sony Ericsson Z530 USB WMC Modem Driver;c:\windows\system32\drivers\z530mdm.sys [20/05/2007 10:33 94064] S3 z530mgmt;Sony Ericsson Z530 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\z530mgmt.sys [20/05/2007 10:33 85408] S3 z530obex;Sony Ericsson Z530 USB WMC OBEX Interface;c:\windows\system32\drivers\z530obex.sys [20/05/2007 10:33 83344] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [22/10/2007 20:20 685816] --- Andere Services/Drivers In Geheugen --- *Deregistered* - mfeavfk01 . Inhoud van de 'Gedeelde Taken' map 2010-09-03 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 16:34] 2010-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 16:34] 2009-07-24 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] 2010-06-11 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2010-09-05 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2010-09-05 c:\windows\Tasks\User_Feed_Synchronization-{0D61D223-5287-4411-BF58-7D7CA29E715B}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop mStart Page = hxxp://search.myheritage.com mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Transfer by Image Converter 2 - c:\program files\Sony\Image Converter 2\menu.htm IE: Zoeken op eBay - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-05 17:39 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140211900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(3996) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\windows\system32\HPZipm12.exe c:\windows\system32\SearchIndexer.exe c:\program files\Common Files\McAfee\SystemCore\mcshield.exe c:\program files\Canon\CAL\CALMAIN.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe . ************************************************************************** . Voltooingstijd: 2010-09-05 17:59:00 - machine werd herstart ComboFix-quarantined-files.txt 2010-09-05 15:58 ComboFix2.txt 2010-09-04 14:22 Pre-Run: 183.603.560.448 bytes beschikbaar Post-Run: 183.603.957.760 bytes beschikbaar - - End Of File - - 84560C3355C8FD9C63721EA90692C900 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:06:58, on 5/09/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Logitech\Logitech Vid\vid.exe C:\Program Files\NETGEAR\WG111v3\WG111v3.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search Marketing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search Marketing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100804134606.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm O8 - Extra context menu item: Zoeken op eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172780490234 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://virusscanner.telenet.be/fscax.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -- End of file - 13101 bytes
  4. Sorry voor het lange wachten, maar deze voormiddag moest ik werken. Sinds 13.10 ben ik bezig om dit af te werken, maar tegen dat alle virus en spamscanners op non actief stonden plus dat bij uw eerste link ik melding kreeg van "bestand is corrupt" ben ik zelf op internet gaan zoeken naar Combofix. Gezien onze computer traat werkt....... ComboFix 10-09-03.02 - HP_Eigenaar 04/09/2010 15:49:42.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.105 [GMT 2:00] Gestart vanuit: c:\documents and settings\HP_Eigenaar\Bureaublad\ComboFix.exe AV: McAfee Antivirus en antispyware *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} * Aanwezig AV is actief . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\HP_Eigenaar\first.main c:\documents and settings\HP_Eigenaar\Menu Start\Programma's\Videos.url c:\documents and settings\HP_Eigenaar\txekfkqj.exe c:\documents and settings\HP_Eigenaar\wef.log c:\documents and settings\HP_Eigenaar\zizcwpxf.exe c:\documents and settings\HP_Eigenaar\zytuhxkt.exe c:\program files\_wef_ c:\program files\_wef_\DataBase.sav c:\program files\_wef_\first.main c:\program files\_wef_\Program.sav c:\program files\_wef_\unins000.dat c:\program files\_wef_\wef.log c:\program files\IEToolbar c:\program files\WinPCap c:\program files\WinPCap\rpcapd.exe c:\windows\system32\3587205518.dat c:\windows\system32\drivers\npf.sys c:\windows\system32\Microsoft\backup.ftp c:\windows\system32\Microsoft\backup.tftp c:\windows\system32\Packet.dll c:\windows\system32\pthreadVC.dll c:\windows\system32\WanPacket.dll c:\windows\system32\wpcap.dll D:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NPF -------\Service_npf (((((((((((((((((((( Bestanden Gemaakt van 2010-08-04 to 2010-09-04 )))))))))))))))))))))))))))))) . 2010-09-03 21:23 . 2010-09-03 21:23 -------- d--h--r- c:\documents and settings\HP_Eigenaar\Onlangs geopend 2010-09-03 18:32 . 2010-09-03 18:32 -------- d-----w- c:\documents and settings\HP_Eigenaar\Application Data\Malwarebytes 2010-09-03 18:32 . 2010-09-03 18:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-09-03 18:31 . 2010-09-04 12:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-03 17:44 . 2010-09-03 18:23 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-09-03 14:59 . 2010-09-03 14:59 -------- d-----w- c:\program files\Trend Micro . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-03 21:22 . 2010-05-12 13:28 -------- d-----w- c:\program files\CCleaner 2010-09-03 18:25 . 2005-04-06 00:09 -------- d-----w- c:\program files\Common Files\Java 2010-09-03 18:23 . 2005-04-06 00:09 -------- d-----w- c:\program files\Java 2010-09-03 17:44 . 2010-09-03 17:44 503808 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-750684b8-n\msvcp71.dll 2010-09-03 17:44 . 2010-09-03 17:44 499712 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-750684b8-n\jmc.dll 2010-09-03 17:44 . 2010-09-03 17:44 348160 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-750684b8-n\msvcr71.dll 2010-09-03 17:44 . 2010-09-03 17:44 61440 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ab06e10-n\decora-sse.dll 2010-09-03 17:44 . 2010-09-03 17:44 12800 ----a-w- c:\documents and settings\HP_Eigenaar\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ab06e10-n\decora-d3d.dll 2010-09-03 17:35 . 2010-05-14 07:54 -------- d-----w- c:\program files\Family Toolbar 2010-08-16 14:01 . 2009-10-21 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-08-05 05:40 . 2010-01-07 16:30 -------- d-----w- c:\program files\McAfee.com 2010-08-04 13:24 . 2010-01-07 16:30 -------- d-----w- c:\program files\McAfee 2010-08-04 13:23 . 2010-01-07 16:30 -------- d-----w- c:\program files\Common Files\McAfee 2010-06-30 12:33 . 2005-07-27 19:21 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:27 . 2005-07-27 19:21 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2005-07-27 19:21 1852032 ----a-w- c:\windows\system32\win32k.sys 2010-06-23 06:24 . 2010-06-23 06:24 501936 ----a-w- c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtb4E.tmp.exe 2010-06-21 15:27 . 2005-07-27 19:21 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2005-07-27 19:20 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2005-07-27 19:20 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 07:43 . 2005-07-27 19:20 1172480 ----a-w- c:\windows\system32\msxml3.dll 2005-10-12 14:04 . 2005-10-12 14:04 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-23 39408] "Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-06-02 5451536] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-09-29 4603904] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600] "Family Tree Builder Update"="c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2009-11-02 222736] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-06-24 1193848] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-23 39408] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2008-4-17 2326528] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Acrobat Assistant.lnk] backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk] backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk] backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk] backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^HP_Eigenaar^Menu Start^Programma's^Opstarten^runit_32.lnk] path=c:\documents and settings\HP_Eigenaar\Menu Start\Programma's\Opstarten\runit_32.lnk backup=c:\windows\pss\runit_32.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^HP_Eigenaar^Menu Start^Programma's^Opstarten^YouTube Uploader.lnk] path=c:\documents and settings\HP_Eigenaar\Menu Start\Programma's\Opstarten\YouTube Uploader.lnk backup=c:\windows\pss\YouTube Uploader.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdwareProMFCT HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton] 2005-04-06 00:36 159744 ----a-w- c:\progra~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-02-21 20:49 69632 ----a-w- c:\windows\ALCMTR.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd] 2005-02-18 20:32 2754560 ----a-w- c:\windows\ALCWZRD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2009-08-13 14:51 177440 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Belgacom] 2008-05-29 09:18 202016 ----a-r- c:\program files\Belgacom\bin\sprtcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Home Theater SchSvr] 2004-11-05 05:26 106496 ----a-w- c:\program files\Common Files\InterVideo\SchSvr\SchSvr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] 2004-05-12 14:18 241664 ----a-w- c:\program files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06] 2004-06-07 18:47 659456 ----a-w- c:\windows\system32\hphmon06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06] 2004-06-07 18:53 49152 ----a-w- c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] 1998-05-07 16:04 52736 ----a-w- c:\windows\system\hpsysdrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2004-06-16 11:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2004-08-09 04:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-11-12 15:33 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] 2005-02-02 15:44 61440 ----a-w- c:\hp\KBD\kbd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher] 2004-10-14 21:54 253952 ----a-w- c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2004-09-29 20:23 4603904 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2004-09-29 20:23 921600 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] 2004-04-14 20:43 233472 ----a-w- c:\windows\SMINST\Recguard.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkoppeling naar eigenschappenvenster voor High Definition Audio] 2004-03-17 21:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] 2005-10-26 14:17 159744 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] 2005-02-21 20:49 90112 ----a-w- c:\windows\SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-08-23 06:50 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINREMOTE] 2004-11-05 06:44 192512 ----a-w- c:\program files\InterVideo\Common\Bin\WinRemote.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\HP_Eigenaar\\Mijn documenten\\Mijn muziek\\iTunes\\iTunes Music\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"= "c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"= R1 mchInjDrv;madCodeHook DLL injection driver;c:\windows\system32\drivers\mchInjDrv.sys [5/11/2007 21:14 2560] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [4/08/2010 13:45 82952] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [9/10/2007 14:13 38144] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [7/01/2010 18:34 93320] R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [4/08/2010 13:45 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [4/08/2010 13:45 271480] R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [4/08/2010 13:46 188136] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [4/08/2010 13:45 141792] R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [29/05/2008 11:18 202016] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [4/08/2010 13:45 55456] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [4/08/2010 13:45 312616] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [4/08/2010 13:45 88480] R3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [6/04/2005 2:14 24544] R3 PRISM_A00;Wireless PCI 802.11b/g adapter WN4201B Driver;c:\windows\system32\drivers\PCTELSAP.SYS [6/04/2005 2:14 306560] R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [28/12/2007 16:02 287232] S1 ctredrv.sys;ctredrv.sys;\??\c:\windows\system32\drivers\ctredrv.sys --> c:\windows\system32\drivers\ctredrv.sys [?] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29/01/2010 18:34 135664] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [4/08/2010 13:45 88480] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [4/08/2010 13:45 83496] S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [9/04/2008 12:52 21376] S3 z530bus;Sony Ericsson Z530 Driver driver (WDM);c:\windows\system32\drivers\z530bus.sys [20/05/2007 10:33 58288] S3 z530mdfl;Sony Ericsson Z530 USB WMC Modem Filter;c:\windows\system32\drivers\z530mdfl.sys [20/05/2007 10:33 8336] S3 z530mdm;Sony Ericsson Z530 USB WMC Modem Driver;c:\windows\system32\drivers\z530mdm.sys [20/05/2007 10:33 94064] S3 z530mgmt;Sony Ericsson Z530 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\z530mgmt.sys [20/05/2007 10:33 85408] S3 z530obex;Sony Ericsson Z530 USB WMC OBEX Interface;c:\windows\system32\drivers\z530obex.sys [20/05/2007 10:33 83344] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [22/10/2007 20:20 685816] --- Andere Services/Drivers In Geheugen --- *Deregistered* - mfeavfk01 . Inhoud van de 'Gedeelde Taken' map 2010-09-03 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 16:34] 2010-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 16:34] 2009-07-24 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] 2010-06-11 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-03-17 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2010-09-04 c:\windows\Tasks\User_Feed_Synchronization-{0D61D223-5287-4411-BF58-7D7CA29E715B}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop mStart Page = hxxp://search.myheritage.com mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Transfer by Image Converter 2 - c:\program files\Sony\Image Converter 2\menu.htm IE: Zoeken op eBay - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html . . ------- Bestandsassociaties ------- . . - - - - ORPHANS VERWIJDERD - - - - WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file) WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - c:\program files\Family Toolbar\tbcore3.dll HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe MSConfigStartUp-AdobeVersionCue - c:\program files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe MSConfigStartUp-AVG8_TRAY - c:\progra~1\AVG\AVG8\avgtray.exe MSConfigStartUp-eBayToolbar - c:\program files\eBay\eBay Toolbar2\eBayTBDaemon.exe MSConfigStartUp-Google Update - c:\documents and settings\HP_Eigenaar\Local Settings\Application Data\Google\Update\1.1.17.0\GoogleUpdate.exe MSConfigStartUp-LBTWiz - (no file) MSConfigStartUp-LogitechQuickCamRibbon - c:\program files\Logitech\QuickCam\Quickcam.exe MSConfigStartUp-SpeedTouch USB Diagnostics - c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.6.0_01\bin\jusched.exe MSConfigStartUp-Symantec NetDriver Monitor - c:\progra~1\SYMNET~1\SNDMon.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-04 16:06 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140211900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(1836) c:\windows\TEMP\logishrd\LVPrcInj01.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\windows\system32\HPZipm12.exe c:\windows\system32\SearchIndexer.exe c:\program files\Common Files\McAfee\SystemCore\mcshield.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Voltooingstijd: 2010-09-04 16:22:51 - machine werd herstart ComboFix-quarantined-files.txt 2010-09-04 14:22 Pre-Run: 183.721.529.344 bytes beschikbaar Post-Run: 183.604.158.464 bytes beschikbaar - - End Of File - - FD73B47523DD313A957C43E2334AF3A7
  5. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4536 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 3/09/2010 22:39:21 mbam-log-2010-09-03 (22-39-21).txt Scantype: Snelle scan Objecten gescand: 163947 Verstreken tijd: 18 minuut/minuten, 9 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 5 Registerwaarden geïnfecteerd: 2 Registerdata geïnfecteerd: 2 Mappen geïnfecteerd: 5 Bestanden geïnfecteerd: 18 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Carlson (Trojan.Dialer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Carlson (Trojan.Dialer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\runit (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\runit (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\skynetlvmypyly (Rootkit.TDSS) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rlist (Malware.Trace) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\myid (Malware.Trace) -> Quarantined and deleted successfully. Registerdata geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Mappen geïnfecteerd: C:\Program Files\Common Files\Carlson (Trojan.Dialer) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\runit (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\WinAble (Trojan.Adloader) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\Program Files\IEToolbar\Bullseye Tool Bar\basis.xml (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\date2.html (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\icons.bmp (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\info.txt (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.crc (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\lwpopper.html (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\popper3.html (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\popup1.html (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\popup2.html (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\uninstall.exe (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\version.txt (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\your_logo.png (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\runit\config.txt (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Start\carlton (Trojan.Dialer) -> Quarantined and deleted successfully. C:\WINDOWS\system32\MSVolume.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\SKYNETcxnsswuy.dat (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\WINDOWS\system32\SKYNETthosrqrw.dat (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\WINDOWS\hosts (Trojan.Agent) -> Quarantined and deleted successfully. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4536 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 3/09/2010 22:39:21 mbam-log-2010-09-03 (22-39-21).txt Scantype: Snelle scan Objecten gescand: 163947 Verstreken tijd: 18 minuut/minuten, 9 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 5 Registerwaarden geïnfecteerd: 2 Registerdata geïnfecteerd: 2 Mappen geïnfecteerd: 5 Bestanden geïnfecteerd: 18 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Carlson (Trojan.Dialer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Carlson (Trojan.Dialer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\runit (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\runit (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\skynetlvmypyly (Rootkit.TDSS) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rlist (Malware.Trace) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\myid (Malware.Trace) -> Quarantined and deleted successfully. Registerdata geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Mappen geïnfecteerd: C:\Program Files\Common Files\Carlson (Trojan.Dialer) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\runit (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\WinAble (Trojan.Adloader) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\Program Files\IEToolbar\Bullseye Tool Bar\basis.xml (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\date2.html (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\icons.bmp (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\info.txt (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.crc (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\lwpopper.html (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\popper3.html (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\popup1.html (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\popup2.html (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\uninstall.exe (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\version.txt (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\IEToolbar\Bullseye Tool Bar\your_logo.png (Adware.BullseyeToolbar) -> Quarantined and deleted successfully. C:\Program Files\runit\config.txt (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Start\carlton (Trojan.Dialer) -> Quarantined and deleted successfully. C:\WINDOWS\system32\MSVolume.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\SKYNETcxnsswuy.dat (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\WINDOWS\system32\SKYNETthosrqrw.dat (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\WINDOWS\hosts (Trojan.Agent) -> Quarantined and deleted successfully. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:12:27, on 3/09/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Logitech\Logitech Vid\vid.exe C:\Program Files\NETGEAR\WG111v3\WG111v3.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search Marketing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search Marketing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100804134606.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user') O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm O8 - Extra context menu item: Zoeken op eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172780490234 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://virusscanner.telenet.be/fscax.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -- End of file - 14067 bytes Bij de vorige scan heb ik 2 zaken niet kunnen terugvinden , nl :023 Service boonty games unknown user c:\programme fil...... en 023- servuce smart card scardsvrmdm...... Iedereen alvast dank voor de hulp ---------- Post toegevoegd om 21:19 ---------- Vorige post was om 21:16 ---------- sorry, maar ben op gebied van computers een sukkel. ik doe wel mijn best wanneer iemand mij iets stap voor stap uitlegt, maar voor de rest.....?????
  6. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:15:20, on 3/09/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Logitech\Logitech Vid\vid.exe C:\Program Files\NETGEAR\WG111v3\WG111v3.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search Marketing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search Marketing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: (no name) - EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll R3 - URLSearchHook: MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll O2 - BHO: MHTBPos00 - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Family Toolbar\tbcore3.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100804134606.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file) O3 - Toolbar: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - (no file) O3 - Toolbar: (no name) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - (no file) O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file) O3 - Toolbar: (no name) - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user') O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm O8 - Extra context menu item: Zoeken op eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172780490234 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://virusscanner.telenet.be/fscax.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing) O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Smart Card SCardSvrMDM (SCardSvrMDM) - Unknown owner - C:\WINDOWS\system32\adsntb.exe (file missing) O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -- End of file - 15486 bytes
  7. Onze computer werkt bijzonder snel op onze zenuwen omdat hij heeeeel traag werkt.Het is een HP van ongeveer 4 jaar oud. Ligt dit aan onze computer zelf of zouden we te maken hebben met virussen of zo? Kunnen jullie ons daarbij advies geven? Dank
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.