Zjubie
Lid-
Items
29 -
Registratiedatum
-
Laatst bezocht
Zjubie's prestaties
-
Computer langzaam, en veel reclame
Zjubie reageerde op Zjubie's topic in Archief Bestrijding malware & virussen
Malwarebytes Anti-Malware 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.01.27.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Job :: JOB-HP [administrator] 27-1-2013 22:08:11 mbam-log-2013-01-27 (22-08-11).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 213332 Verstreken tijd: 4 minuut/minuten, 54 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:42:09, on 8-9-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file) O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\IPS\IPSBHO.DLL O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [browserChoice] "C:\Windows\System32\browserchoice.exe" /run O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~3\browse~1\22630~1.40\{16cdf~1\browse~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11383 bytes -
Computer langzaam, en veel reclame
Zjubie plaatste een topic in Archief Bestrijding malware & virussen
Heey iedereen, Ik heb wat programma's gedownload, maar er is veel rotzooi op de computer komen te staan. Dus ik vroeg me af of jullie me kunnen helpen om het eraf te halen Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:42:09, on 8-9-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file) O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\IPS\IPSBHO.DLL O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [browserChoice] "C:\Windows\System32\browserchoice.exe" /run O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~3\browse~1\22630~1.40\{16cdf~1\browse~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11383 bytes Alvast bedankt! -
Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Databaseversie: v2012.09.08.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Job :: JOB-HP [administrator] 8-9-2012 11:36:14 mbam-log-2012-09-08 (11-36-14).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 193803 Verstreken tijd: 2 minuut/minuten, 6 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:42:09, on 8-9-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file) O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\IPS\IPSBHO.DLL O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [browserChoice] "C:\Windows\System32\browserchoice.exe" /run O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~3\browse~1\22630~1.40\{16cdf~1\browse~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11383 bytes
-
Bedankt voor de snelle reactie, hier is het logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:03:07, on 7-9-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Job\Downloads\HijackThis.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file) O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.DLL O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing) O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~3\browse~1\22630~1.40\{16cdf~1\browse~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12060 bytes
-
Heeey, Ik ben waarschijnlijk de honderdste die met dit probleem komt, maar babylon heeft zich lekker ingenesteld in mn pc. Dus wil ik het graag weg hebben. Ik moet hier een HJT-logje voor hebben, maar kunnen jullie even de link van de download geven, dan zet ik het logje er op Alvast bedankt!
-
jah dat heb ik ook gedaan, volgende keer zal ik duidelijker zijn hhaah
-
Ik heb het gedownload
-
Je hebt de link voor xp gegeven. ik heb vista
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:38:36, on 4-9-2011 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.19088) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\WINDOWS\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\WINDOWS\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Users\Eigenaar\AppData\Local\Google\Update\1.3.21.65\GoogleCrashHandler.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Opera\Opera.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [GBMHome8Agent] C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Google Update] "C:\Users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [GBMHome8Agent] C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-4090497035-419787805-1109558852-1001\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Hidde') O4 - HKUS\S-1-5-21-4090497035-419787805-1109558852-1001\..\Run: [Google Update] "C:\Users\Hidde\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'Hidde') O4 - S-1-5-21-4090497035-419787805-1109558852-1001 Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Hidde') O4 - S-1-5-21-4090497035-419787805-1109558852-1001 User Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Hidde') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe -- End of file - 11387 bytes
-
Beste Allemaal! Ik heb een tijd geleden jullie hulp ook al ingeroepen, en dat werkte toen perfect. Het probleem is dat de computer een keer niet wilde opstarten, toen bood het aan om het probleem te zoeken. Hierdoor is het weer terug gegaan naar een checkpoint (hoe je het ook noemt) hoe de computer een half jaar geleden was. Er zijn kleine problemen met bepaalde programma's. Er zijn er weer een aantal bijgekomen, die ik met behulp van jullie laatst had verwijderd. Hopelijk kunnen jullie mij nogmaals helpen. Edit: Soms bij het opstarten van de computer krijg ik een blauw scherm met daarop dat er schadelijke bestanden zijn gevonden, en dan sluit ie automatisch af. Job Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:46:58, on 4-9-2011 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.19088) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\WINDOWS\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\WINDOWS\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Users\Eigenaar\AppData\Local\Google\Update\1.3.21.65\GoogleCrashHandler.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\tbuTor.dll R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\bh\BabylonToolbar.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\tbuTor.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\tbuTor.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarTlbr.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [babylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarsrv.exe" /md I O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [GBMHome8Agent] C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Google Update] "C:\Users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [GBMHome8Agent] C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-4090497035-419787805-1109558852-1001\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Hidde') O4 - HKUS\S-1-5-21-4090497035-419787805-1109558852-1001\..\Run: [Google Update] "C:\Users\Hidde\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'Hidde') O4 - S-1-5-21-4090497035-419787805-1109558852-1001 Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Hidde') O4 - S-1-5-21-4090497035-419787805-1109558852-1001 User Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Hidde') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe -- End of file - 12873 bytes Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Databaseversie: 7611 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.19088 4-9-2011 13:02:07 mbam-log-2011-09-04 (13-02-07).txt Scantype: Snelle scan Objecten gescand: 208690 Verstreken tijd: 9 minuut/minuten, 23 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd)
-
Wat bedoel je precies met manueel verwijderen? Ik zie nog een icoontje van whitesmoke op mijn bureaublad staan en in mn taakbalk onderin.
-
Whitesmoke is er nog steeds. En in welk stadium zitten we eigenlijk van het opruimen van de pc? Op de laptop zitten boxen ingebouwd. alleen die klinken zal ik maar zeggen hol. niet het geluid wat eruit hoort te komen. is dit op te lossen? ComboFix 11-06-06.01 - Eigenaar 06-06-2011 20:21:34.9.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3068.1099 [GMT 2:00] Gestart vanuit: c:\users\Eigenaar\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Eigenaar\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66} SP: Microsoft Security Essentials *Disabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . FILE :: "c:\program files\WhiteSmoke\WSEnrichment.exe" "c:\users\Eigenaar\AppData\Local\Temp\CFcatchme.sys" "c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch WhiteSmoke.lnk" "c:\windows\system32\qteryp.exe" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\SweetIM c:\program files\SweetIM\Messenger\ContentPackagesActivationHandler.exe c:\program files\SweetIM\Messenger\default.xml c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll c:\program files\SweetIM\Messenger\mgArchive.dll c:\program files\SweetIM\Messenger\mgcommon.dll c:\program files\SweetIM\Messenger\mgcommunication.dll c:\program files\SweetIM\Messenger\mgconfig.dll c:\program files\SweetIM\Messenger\mgFlashPlayer.dll c:\program files\SweetIM\Messenger\mghooking.dll c:\program files\SweetIM\Messenger\mgICQAuto.dll c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll c:\program files\SweetIM\Messenger\mglogger.dll c:\program files\SweetIM\Messenger\mgMediaPlayer.dll c:\program files\SweetIM\Messenger\mgMsnAuto.dll c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll c:\program files\SweetIM\Messenger\mgsimcommon.dll c:\program files\SweetIM\Messenger\mgSweetIM.dll c:\program files\SweetIM\Messenger\mgUpdateSupport.dll c:\program files\SweetIM\Messenger\mgxml_wrapper.dll c:\program files\SweetIM\Messenger\mgYahooAuto.dll c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll c:\program files\SweetIM\Messenger\msvcp71.dll c:\program files\SweetIM\Messenger\msvcr71.dll c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png c:\program files\SweetIM\Messenger\resources\images\GamesButton.png c:\program files\SweetIM\Messenger\resources\images\KeyboardButton.png c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png c:\program files\SweetIM\Messenger\resources\images\WinksButton.png c:\program files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll c:\program files\SweetIM\Messenger\SweetIM.exe c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png c:\program files\WhiteSmoke c:\program files\WhiteSmoke\buy.ico c:\program files\WhiteSmoke\ComVistaElevator.dll c:\program files\WhiteSmoke\FloatButtonWhiteApps.txt c:\program files\WhiteSmoke\FuncServer_WDC_x64.exe c:\program files\WhiteSmoke\HookDllOE.dll c:\program files\WhiteSmoke\HookDllOE64.dll c:\program files\WhiteSmoke\html\english\common\iepngfix\blank.gif c:\program files\WhiteSmoke\html\english\common\iepngfix\checkerboard.gif c:\program files\WhiteSmoke\html\english\common\iepngfix\helix.gif c:\program files\WhiteSmoke\html\english\common\iepngfix\iepngfix.htc c:\program files\WhiteSmoke\html\english\common\iepngfix\iepngfix.html c:\program files\WhiteSmoke\html\english\common\iepngfix\opacity.png c:\program files\WhiteSmoke\html\english\common\js\common.js c:\program files\WhiteSmoke\html\english\common\js\pngfix.js c:\program files\WhiteSmoke\html\english\common\js\prototype.js c:\program files\WhiteSmoke\html\english\common\js\xmlhttp.js c:\program files\WhiteSmoke\html\english\dictClientDic\dictionary.html c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\ajax-loader.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\corner_bottom_left.png c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\corner_bottom_right.png c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\corner_top_left.png c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\corner_top_right.png c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\down_arrow.png c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\input_bg.png c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\input_bg_old.png c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\left_input.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\leftSide.png c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\leftSide2.png c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\loading_dictionary.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\right_input.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\rightSide.png c:\program files\WhiteSmoke\html\english\dictClientDic\img\Background\search_strip_bg3.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\Buttons\down_arrow.png c:\program files\WhiteSmoke\html\english\dictClientDic\img\Buttons\go_over.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\Buttons\go_press.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\Buttons\go_up.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\Buttons\humanTranslation_press.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\Buttons\humanTranslation_roll.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\Buttons\humanTranslation_up.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\Buttons\moreLang_press.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\Buttons\moreLang_roll.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\Buttons\moreLang_up.gif c:\program files\WhiteSmoke\html\english\dictClientDic\img\spacer.gif c:\program files\WhiteSmoke\html\english\dictClientDic\index.html c:\program files\WhiteSmoke\html\english\dictClientDic\js\common.js c:\program files\WhiteSmoke\html\english\dictClientDic\js\Contextmenu.js c:\program files\WhiteSmoke\html\english\dictClientDic\js\dictInterface.js c:\program files\WhiteSmoke\html\english\dictClientDic\js\jquery-1.4.2.min.js c:\program files\WhiteSmoke\html\english\dictClientDic\js\jquery.combobox.js c:\program files\WhiteSmoke\html\english\dictClientDic\js\jquery.js c:\program files\WhiteSmoke\html\english\dictClientDic\js\prototype.js c:\program files\WhiteSmoke\html\english\dictClientDic\js\transInterface.js c:\program files\WhiteSmoke\html\english\dictClientDic\js\xmlhttp.js c:\program files\WhiteSmoke\html\english\dictClientDic\style\combobox.css c:\program files\WhiteSmoke\html\english\dictClientDic\style\Contextmenu.css c:\program files\WhiteSmoke\html\english\dictClientDic\style\dictionary.css c:\program files\WhiteSmoke\html\english\dictClientDic\translator.html c:\program files\WhiteSmoke\html\english\floatingButton\blue-Q-rollover.gif c:\program files\WhiteSmoke\html\english\floatingButton\blue-rollover.gif c:\program files\WhiteSmoke\html\english\floatingButton\blue-X-rollover.gif c:\program files\WhiteSmoke\html\english\floatingButton\blue.gif c:\program files\WhiteSmoke\html\english\floatingButton\index.html c:\program files\WhiteSmoke\html\english\floatingButton\red&blue.gif c:\program files\WhiteSmoke\html\english\floatingButton\Thumbs.db c:\program files\WhiteSmoke\html\english\floatingButton_howto\img\Background\howto_bg.gif c:\program files\WhiteSmoke\html\english\floatingButton_howto\img\spacer.gif c:\program files\WhiteSmoke\html\english\floatingButton_howto\img\Thumbs.db c:\program files\WhiteSmoke\html\english\floatingButton_howto\index.html c:\program files\WhiteSmoke\html\english\floatingButton_howto\js\iepngfix\blank.gif c:\program files\WhiteSmoke\html\english\floatingButton_howto\js\iepngfix\checkerboard.gif c:\program files\WhiteSmoke\html\english\floatingButton_howto\js\iepngfix\helix.gif c:\program files\WhiteSmoke\html\english\floatingButton_howto\js\iepngfix\iepngfix.htc c:\program files\WhiteSmoke\html\english\floatingButton_howto\js\iepngfix\iepngfix.html c:\program files\WhiteSmoke\html\english\floatingButton_howto\js\iepngfix\opacity.png c:\program files\WhiteSmoke\html\english\floatingButton_howto\js\index.js c:\program files\WhiteSmoke\html\english\floatingButton_howto\style\style.css c:\program files\WhiteSmoke\html\english\gui\img\Background\ajax-loader.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\base_fade_px.png c:\program files\WhiteSmoke\html\english\gui\img\Background\blue.png c:\program files\WhiteSmoke\html\english\gui\img\Background\blue_bg_.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\blue_dark_bg.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\blue_dark_bg_.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\blue_top_bg_.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\bottom_grey_strip.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\buttons_tray_px.p_goldng c:\program files\WhiteSmoke\html\english\gui\img\Background\buttons_tray_px.png c:\program files\WhiteSmoke\html\english\gui\img\Background\caption_bar_re_down.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\caption_bar_re_over.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\caption_bar_re_up.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\caption_bottom_px.png c:\program files\WhiteSmoke\html\english\gui\img\Background\caption_px.png c:\program files\WhiteSmoke\html\english\gui\img\Background\caption_strip_right_corner.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\cascade.png c:\program files\WhiteSmoke\html\english\gui\img\Background\collapse.png c:\program files\WhiteSmoke\html\english\gui\img\Background\context_bl2.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\context_br2.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\context_dot.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\context_menu_bg.png c:\program files\WhiteSmoke\html\english\gui\img\Background\context_sub_menu_bg.png c:\program files\WhiteSmoke\html\english\gui\img\Background\context_submenu.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\context_submenu_dis.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\context_tl2.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\context_tr2.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\Copy of notice_right_top_bg.png c:\program files\WhiteSmoke\html\english\gui\img\Background\down_arrow.png c:\program files\WhiteSmoke\html\english\gui\img\Background\dpreloader.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\edit_footer_left.png c:\program files\WhiteSmoke\html\english\gui\img\Background\edit_footer_px.png c:\program files\WhiteSmoke\html\english\gui\img\Background\edit_footer_right.png c:\program files\WhiteSmoke\html\english\gui\img\Background\edit_header_left.png c:\program files\WhiteSmoke\html\english\gui\img\Background\edit_header_px.png c:\program files\WhiteSmoke\html\english\gui\img\Background\edit_header_right.png c:\program files\WhiteSmoke\html\english\gui\img\Background\edit_sidefade.png c:\program files\WhiteSmoke\html\english\gui\img\Background\feather.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\green.png c:\program files\WhiteSmoke\html\english\gui\img\Background\input_bg.png c:\program files\WhiteSmoke\html\english\gui\img\Background\inputline_fade_px.png c:\program files\WhiteSmoke\html\english\gui\img\Background\left_input.png c:\program files\WhiteSmoke\html\english\gui\img\Background\leftBottom3.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\leftSide.png c:\program files\WhiteSmoke\html\english\gui\img\Background\leftSide2.png c:\program files\WhiteSmoke\html\english\gui\img\Background\leftSide3.png c:\program files\WhiteSmoke\html\english\gui\img\Background\logo.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\logo.png c:\program files\WhiteSmoke\html\english\gui\img\Background\logo2.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\main_background.png c:\program files\WhiteSmoke\html\english\gui\img\Background\main_background_11.png c:\program files\WhiteSmoke\html\english\gui\img\Background\main_background_old.png c:\program files\WhiteSmoke\html\english\gui\img\Background\notice_checkbox_checked.png c:\program files\WhiteSmoke\html\english\gui\img\Background\notice_checkbox_unchecked.png c:\program files\WhiteSmoke\html\english\gui\img\Background\red.png c:\program files\WhiteSmoke\html\english\gui\img\Background\red2.png c:\program files\WhiteSmoke\html\english\gui\img\Background\resize_gripper.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\result_area_top_bg.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\right_input.png c:\program files\WhiteSmoke\html\english\gui\img\Background\rightBottom.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\rightSide.png c:\program files\WhiteSmoke\html\english\gui\img\Background\rightSide2.png c:\program files\WhiteSmoke\html\english\gui\img\Background\rightSide2_11.png c:\program files\WhiteSmoke\html\english\gui\img\Background\spacer.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\spacer_.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\strike_blue.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\strike_green.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\strike_green2.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\strike_purple.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\strike_red.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\summaryline_apply_down.png c:\program files\WhiteSmoke\html\english\gui\img\Background\summaryline_apply_roll.png c:\program files\WhiteSmoke\html\english\gui\img\Background\summaryline_apply_up.png c:\program files\WhiteSmoke\html\english\gui\img\Background\summaryline_check_down.png c:\program files\WhiteSmoke\html\english\gui\img\Background\summaryline_check_roll.png c:\program files\WhiteSmoke\html\english\gui\img\Background\summaryline_check_up.png c:\program files\WhiteSmoke\html\english\gui\img\Background\summaryline_left_corner.png c:\program files\WhiteSmoke\html\english\gui\img\Background\summaryline_px.png c:\program files\WhiteSmoke\html\english\gui\img\Background\summaryline_right_corner.png c:\program files\WhiteSmoke\html\english\gui\img\Background\ticket.png c:\program files\WhiteSmoke\html\english\gui\img\Background\top_grey_strip.gif c:\program files\WhiteSmoke\html\english\gui\img\Background\topButtonsLeft.png c:\program files\WhiteSmoke\html\english\gui\img\Background\topButtonsLeft__.png c:\program files\WhiteSmoke\html\english\gui\img\Background\topButtonsLeft_from_home.png c:\program files\WhiteSmoke\html\english\gui\img\Background\topButtonsRight.png c:\program files\WhiteSmoke\html\english\gui\img\Background\topRightBorder.png c:\program files\WhiteSmoke\html\english\gui\img\Background\wslogo.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\blue.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\bottom_right_corner.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\buttons_tray_px.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\caption_bar_re_down.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\caption_bar_re_over.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\caption_bar_re_up.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\caption_bottom_px.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\caption_px.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\caption_strip_right_corner.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\get-full.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\get-full3.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\green.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\help_down.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\help_roll.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\help_up.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\left_input.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\logo.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\logo.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\logo2.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\main_background.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_dictionary_down.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_dictionary_on.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_dictionary_roll.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_dictionary_up.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_templates_down.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_templates_on.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_templates_roll.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_templates_up.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_toolkit_down.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_toolkit_on.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_toolkit_roll.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_toolkit_up.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_translator_down.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_translator_on.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_translator_roll.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_translator_up.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_tutorials_down.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_tutorials_on.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_tutorials_roll.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_tutorials_up.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_writer_down.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_writer_on.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_writer_roll.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\menuline_writer_up.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\red.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\red2.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\right_input.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\sitting_down.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\sitting_roll.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\sitting_up.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\smallclosebutton.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\store_down.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\store_roll.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\store_up.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\summaryline_apply_down.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\summaryline_apply_roll.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\summaryline_apply_up.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\summaryline_check_down.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\summaryline_check_roll.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\summaryline_check_up.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\summaryline_px.png c:\program files\WhiteSmoke\html\english\gui\img\Buttons\x.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\x.jpg c:\program files\WhiteSmoke\html\english\gui\img\Buttons\x_hover.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\x_hover_old.gif c:\program files\WhiteSmoke\html\english\gui\img\Buttons\x_old.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\blue.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\bottom_right_corner.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\buttons_tray_px.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\caption_bar_close_down.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\caption_bar_close_over.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\caption_bar_close_up.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\caption_bar_max_down.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\caption_bar_max_over.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\caption_bar_max_up.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\caption_bar_re_down.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\caption_bar_re_over.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\caption_bar_re_up.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\caption_bottom_px.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\caption_px.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\caption_px_11.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\green.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\left_input.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\leftCaptionCorner.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\leftCaptionCorner2.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\logo.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\logo_1.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\logo3.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\logologo2_11.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\main_background.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_dictionary_down.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_dictionary_on.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_dictionary_roll.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_dictionary_up.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_templates_down.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_templates_on.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_templates_roll.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_templates_up.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_toolkit_down.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_toolkit_on.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_toolkit_roll.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_toolkit_up.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_translator_down.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_translator_on.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_translator_roll.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_translator_up.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_tutorials_down.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_tutorials_on.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_tutorials_roll.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_tutorials_up.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_writer_down.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_writer_on.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_writer_roll.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\menuline_writer_up.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\red.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\red2.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\right_input.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\rightCaptionCorner.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\rightCaptionCorner.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\rightCaptionCorner2.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\rightCaptionCorner3.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\rightCaptionCorner3_11.gif c:\program files\WhiteSmoke\html\english\gui\img\captionbar\store_down.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\store_roll.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\store_up.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\summaryline_apply_down.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\summaryline_apply_roll.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\summaryline_apply_up.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\summaryline_check_down.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\summaryline_check_roll.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\summaryline_check_up.png c:\program files\WhiteSmoke\html\english\gui\img\captionbar\summaryline_px.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\addto_disabled.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\addto_hover.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\addto_up.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\definition_disabled.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\definition_hover.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\definition_up.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\enrichment_disabled.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\enrichment_hover.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\enrichment_up.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\explanation_disabled.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\explanation_hover.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\explanation_up.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\grammarexpclosebutton.gif c:\program files\WhiteSmoke\html\english\gui\img\grammar\howto_disabled.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\howto_hover.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\howto_up.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\search_disabled.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\search_hover.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\search_up.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\thesaurus_disabled.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\thesaurus_hover.png c:\program files\WhiteSmoke\html\english\gui\img\grammar\thesaurus_up.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\closedy2.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\content-review4.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\dot.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\down-content.gif c:\program files\WhiteSmoke\html\english\gui\img\review-section\down.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\grade1.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\grade2.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\grade3.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\grade4.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\grade5.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\li-content.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\opencq8.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\report.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\score1.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\score2.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\score3.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\score4.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\score5.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\shadow.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\shadow2.png c:\program files\WhiteSmoke\html\english\gui\img\review-section\shdow.gif c:\program files\WhiteSmoke\html\english\gui\img\review-section\shdow_good.gif c:\program files\WhiteSmoke\html\english\gui\img\screens\button_no_down.png c:\program files\WhiteSmoke\html\english\gui\img\screens\button_no_up.png c:\program files\WhiteSmoke\html\english\gui\img\screens\button_yes_down.png c:\program files\WhiteSmoke\html\english\gui\img\screens\button_yes_up.png c:\program files\WhiteSmoke\html\english\gui\img\screens\caption_bar_close_over.gif c:\program files\WhiteSmoke\html\english\gui\img\screens\ico_analyze.gif c:\program files\WhiteSmoke\html\english\gui\img\screens\ico_complete.gif c:\program files\WhiteSmoke\html\english\gui\img\screens\ico_connection.gif c:\program files\WhiteSmoke\html\english\gui\img\screens\ico_expired.gif c:\program files\WhiteSmoke\html\english\gui\img\screens\loading_window.gif c:\program files\WhiteSmoke\html\english\gui\img\screens\loading_window.swf c:\program files\WhiteSmoke\html\english\gui\img\screens\myWelcome.png c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_bg.png c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_bg_bottom.png c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_bg_gold.png c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_bg_old.png c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_bg_top.png c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_captionbar_press.gif c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_captionbar_up.gif c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_getitnow_press.gif c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_getitnow_up.gif c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_ok_press.gif c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_ok_press.png c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_ok_up.gif c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_ok_up.png c:\program files\WhiteSmoke\html\english\gui\img\screens\screen_ok_up_11.png c:\program files\WhiteSmoke\html\english\gui\img\screens\welcomeClose_down.png c:\program files\WhiteSmoke\html\english\gui\img\screens\welcomeClose_over.png c:\program files\WhiteSmoke\html\english\gui\img\screens\welcomeClose_up.png c:\program files\WhiteSmoke\html\english\gui\img\screens\welcomeGo_down.png c:\program files\WhiteSmoke\html\english\gui\img\screens\welcomeGo_over.png c:\program files\WhiteSmoke\html\english\gui\img\screens\welcomeGo_up.png c:\program files\WhiteSmoke\html\english\gui\img\spacer.gif c:\program files\WhiteSmoke\html\english\gui\index.html c:\program files\WhiteSmoke\html\english\gui\js\appInterface.js c:\program files\WhiteSmoke\html\english\gui\js\builder.pack.js c:\program files\WhiteSmoke\html\english\gui\js\common.js c:\program files\WhiteSmoke\html\english\gui\js\Contextmenu.js c:\program files\WhiteSmoke\html\english\gui\js\controls.pack.js c:\program files\WhiteSmoke\html\english\gui\js\dictionaryContextMenu.class.js c:\program files\WhiteSmoke\html\english\gui\js\dragdrop.pack.js c:\program files\WhiteSmoke\html\english\gui\js\effects.pack.js c:\program files\WhiteSmoke\html\english\gui\js\enrichmentContextMenu.class.js c:\program files\WhiteSmoke\html\english\gui\js\enrichmentsContextMenu.class.js c:\program files\WhiteSmoke\html\english\gui\js\final.js c:\program files\WhiteSmoke\html\english\gui\js\gmonitor.js c:\program files\WhiteSmoke\html\english\gui\js\grammarCache.class.js c:\program files\WhiteSmoke\html\english\gui\js\grammarContextMenu.class.js c:\program files\WhiteSmoke\html\english\gui\js\iepngfix\blank.gif c:\program files\WhiteSmoke\html\english\gui\js\iepngfix\checkerboard.gif c:\program files\WhiteSmoke\html\english\gui\js\iepngfix\helix.gif c:\program files\WhiteSmoke\html\english\gui\js\iepngfix\iepngfix.htc c:\program files\WhiteSmoke\html\english\gui\js\iepngfix\iepngfix.html c:\program files\WhiteSmoke\html\english\gui\js\iepngfix\opacity.png c:\program files\WhiteSmoke\html\english\gui\js\iframeTest.js c:\program files\WhiteSmoke\html\english\gui\js\jqModal.js c:\program files\WhiteSmoke\html\english\gui\js\jquery-1.2.6.pack.NotUSED.js c:\program files\WhiteSmoke\html\english\gui\js\jquery-1.3.2.js c:\program files\WhiteSmoke\html\english\gui\js\jquery-1.3.2.min.js c:\program files\WhiteSmoke\html\english\gui\js\jquery.ba-throttle-debounce.js c:\program files\WhiteSmoke\html\english\gui\js\jquery.jeegoocontext.min.js c:\program files\WhiteSmoke\html\english\gui\js\monitor.js c:\program files\WhiteSmoke\html\english\gui\js\NonPackedVersion\builder.js c:\program files\WhiteSmoke\html\english\gui\js\NonPackedVersion\controls.js c:\program files\WhiteSmoke\html\english\gui\js\NonPackedVersion\dragdrop.js c:\program files\WhiteSmoke\html\english\gui\js\NonPackedVersion\effects.js c:\program files\WhiteSmoke\html\english\gui\js\NonPackedVersion\prototype.js c:\program files\WhiteSmoke\html\english\gui\js\NonPackedVersion\slider.js c:\program files\WhiteSmoke\html\english\gui\js\NonPackedVersion\sound.js c:\program files\WhiteSmoke\html\english\gui\js\prototype.pack.js c:\program files\WhiteSmoke\html\english\gui\js\scriptaculous.js c:\program files\WhiteSmoke\html\english\gui\js\slider.pack.js c:\program files\WhiteSmoke\html\english\gui\js\sound.pack.js c:\program files\WhiteSmoke\html\english\gui\js\spellingContextMenu.class.js c:\program files\WhiteSmoke\html\english\gui\js\summary.js c:\program files\WhiteSmoke\html\english\gui\js\supersleight.js c:\program files\WhiteSmoke\html\english\gui\js\switchcontent.js c:\program files\WhiteSmoke\html\english\gui\js\tooltip.js c:\program files\WhiteSmoke\html\english\gui\js\unittest.js c:\program files\WhiteSmoke\html\english\gui\js\ws_content_manager.js c:\program files\WhiteSmoke\html\english\gui\js\ws_functions.js c:\program files\WhiteSmoke\html\english\gui\js\ws_links.js c:\program files\WhiteSmoke\html\english\gui\js\x.gif c:\program files\WhiteSmoke\html\english\gui\js\xmlhttp.js c:\program files\WhiteSmoke\html\english\gui\js\ypSlideOutMenus.js c:\program files\WhiteSmoke\html\english\gui\js\ypSlideOutMenusContext.js c:\program files\WhiteSmoke\html\english\gui\style\combobox.css c:\program files\WhiteSmoke\html\english\gui\style\Contextmenu.css c:\program files\WhiteSmoke\html\english\gui\style\dictionary.css c:\program files\WhiteSmoke\html\english\gui\style\enrichment.css c:\program files\WhiteSmoke\html\english\gui\style\enrichments.css c:\program files\WhiteSmoke\html\english\gui\style\grammar.css c:\program files\WhiteSmoke\html\english\gui\style\iframeTest.css c:\program files\WhiteSmoke\html\english\gui\style\indexnew.css c:\program files\WhiteSmoke\html\english\gui\style\jeegoo.css c:\program files\WhiteSmoke\html\english\gui\style\jqModal.css c:\program files\WhiteSmoke\html\english\gui\style\screens.css c:\program files\WhiteSmoke\html\english\gui\style\spelling.css c:\program files\WhiteSmoke\html\english\registration\img\banner.gif c:\program files\WhiteSmoke\html\english\registration\img\banner.png c:\program files\WhiteSmoke\html\english\registration\img\captionbar\caption_bar_close_down.gif c:\program files\WhiteSmoke\html\english\registration\img\captionbar\caption_bar_close_up.gif c:\program files\WhiteSmoke\html\english\registration\img\captionbar\caption_bar_close_up_over.gif c:\program files\WhiteSmoke\html\english\registration\img\continue_button_click.gif c:\program files\WhiteSmoke\html\english\registration\img\continue_button_over.gif c:\program files\WhiteSmoke\html\english\registration\img\continue_button_up.gif c:\program files\WhiteSmoke\html\english\registration\img\down.gif c:\program files\WhiteSmoke\html\english\registration\img\down.png c:\program files\WhiteSmoke\html\english\registration\img\f2.gif c:\program files\WhiteSmoke\html\english\registration\index.html c:\program files\WhiteSmoke\html\english\registration\js\regInterface.js c:\program files\WhiteSmoke\html\english\registration\style\registration.css c:\program files\WhiteSmoke\html\english\settings\css\index.css c:\program files\WhiteSmoke\html\english\settings\img\Background\logo.png c:\program files\WhiteSmoke\html\english\settings\img\Background\main_bg.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\cancel_disabled.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\cancel_down.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\cancel_over.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\cancel_up.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\save_disabled.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\save_down.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\save_over.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\save_up.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_connection_disabled.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_connection_off.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_connection_on.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_content_disabled.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_content_off.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_content_on.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_general_disabled.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_general_off.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_general_on.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_info_disabled.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_info_off.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_info_on.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_shortcut_disabled.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_shortcut_off.png c:\program files\WhiteSmoke\html\english\settings\img\Buttons\tab_shortcut_on.png c:\program files\WhiteSmoke\html\english\settings\img\captionbar\caption_bar_close_down.gif c:\program files\WhiteSmoke\html\english\settings\img\captionbar\caption_bar_close_over.gif c:\program files\WhiteSmoke\html\english\settings\img\captionbar\caption_bar_close_up.gif c:\program files\WhiteSmoke\html\english\settings\index.html c:\program files\WhiteSmoke\html\english\settings\js\iepngfix\blank.gif c:\program files\WhiteSmoke\html\english\settings\js\iepngfix\checkerboard.gif c:\program files\WhiteSmoke\html\english\settings\js\iepngfix\helix.gif c:\program files\WhiteSmoke\html\english\settings\js\iepngfix\iepngfix.htc c:\program files\WhiteSmoke\html\english\settings\js\iepngfix\iepngfix.html c:\program files\WhiteSmoke\html\english\settings\js\iepngfix\opacity.png c:\program files\WhiteSmoke\html\english\settings\js\settingsInterface.js c:\program files\WhiteSmoke\html\english\templates\dtree.css c:\program files\WhiteSmoke\html\english\templates\dtree.js c:\program files\WhiteSmoke\html\english\templates\General\Apologies\ApologyInnappropriateBehavior.html c:\program files\WhiteSmoke\html\english\templates\General\Apologies\ApologyUnjustBehavior.html c:\program files\WhiteSmoke\html\english\templates\General\Community Work\ResignationFromVoluntaryPosition.html c:\program files\WhiteSmoke\html\english\templates\General\Condolences\LetterOfCondolence.html c:\program files\WhiteSmoke\html\english\templates\General\Cover Letters\CoverLetter.html c:\program files\WhiteSmoke\html\english\templates\General\Cover Letters\GrantCoverSheet.html c:\program files\WhiteSmoke\html\english\templates\General\Family\FamilyNewsUpdate.html c:\program files\WhiteSmoke\html\english\templates\General\Finance\AgreementToCompromiseDebt.html c:\program files\WhiteSmoke\html\english\templates\General\Finance\BankError.html c:\program files\WhiteSmoke\html\english\templates\General\Finance\DebtValidation.html c:\program files\WhiteSmoke\html\english\templates\General\Finance\InvestigationOfBillingInquiry.html c:\program files\WhiteSmoke\html\english\templates\General\Finance\LetterOfCreditGeneral.html c:\program files\WhiteSmoke\html\english\templates\General\Finance\LetterOfCreditIrrevocable.html c:\program files\WhiteSmoke\html\english\templates\General\Finance\LetterOfCreditRevolving.html c:\program files\WhiteSmoke\html\english\templates\General\Finance\LetterOfDispute.html c:\program files\WhiteSmoke\html\english\templates\General\Finance\RemovalOfInadequateInformation.html c:\program files\WhiteSmoke\html\english\templates\General\Finance\ReplyToApplicationForCredit.html c:\program files\WhiteSmoke\html\english\templates\General\Finance\RequestForIncreaseOfCreditLimit.html c:\program files\WhiteSmoke\html\english\templates\General\Finance\ReturningUnsignedCheck.html c:\program files\WhiteSmoke\html\english\templates\General\Finance\UnauthorizedCreditInquiry.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\AChristmasWish.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\ArrivalOfChristmas.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\BlessingsAtChristmas.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\ChristmasGreetings.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\ChristmasGreetingsMessage.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\ChristmasGreetingsToASpouse.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\ChristmasGreetingsToWorkers.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\ChristmasWishes.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\HappyChristmasGreeting.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\InTheStillOfTheNightChristmasGreeting.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\JoyousOccasion.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\LovePeaceAndJoy.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\MerryChristmasAndHappyNewYear.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Christmas\MerryChristmasToFamily.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Graduation\CongratulationsOnYourGraduation.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Graduation\CongratulationsToTheGraduate.html c:\program files\WhiteSmoke\html\english\templates\General\Greetings\Graduation\YouHaveGraduated.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employee Manual\EmployeePerformanceReviewAndPlanningSessions.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employee Manual\EmploymentApplications.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employee Manual\HealthRelatedIssues.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employee Manual\NewEmployeeOrientation.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employee Manual\TerminationOfEmployment.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employee Manual\TuitionReimbursementPolicy.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employee Reference Letters\EmploymentReferenceLetter.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employee Reference Letters\JobReferenceLetter.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employee Reference Letters\LetterOfReference.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employee Reference Letters\ReferenceLetterByAcquaintance.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employee Reference Letters\RequestForEmployeeReferenceLetter.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employee Reference Letters\VerificationOfEmploymentLetter.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employment Requests\Letter Requesting Pay Raise.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employment Requests\Refusal of Resquest For Raise.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employment Requests\Request for Leave of Absence.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employment Requests\Request for Letter of Reference.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employment Requests\Request for Meeting Regarding Pay Raise.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employment Requests\Request for Paid or Unpaid Leave.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employment Requests\Request For Salary Increase.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Employment Requests\Request to Schedule an Interview.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Dismissal and Rejection\Acknowledgment of Job Application.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Dismissal and Rejection\Confirmation of Job Dismissal.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Dismissal and Rejection\Final Warning Before Dismissal.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Dismissal and Rejection\Job Rejection Letter.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Dismissal and Rejection\Job Rejection Letter2.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Dismissal and Rejection\Rejection of Job Offer.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Employment Letters\Employment Letter.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Employment Letters\Introduction of New Employee.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Employment Letters\Letter for Assistant Professor.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Employment Letters\LetterForTenureTrackAssociateProfessor.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Employment Letters\Offer of Employment.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Employment Letters\Request for Employment Test.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Job Acceptance\Accept or Decline Job Offer.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Job Acceptance\Job Acceptance Letter 2.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Job Acceptance\Job Acceptance Letter.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Job Acceptance\Job Offer Acceptance.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Thank You Letters\Thank You Letter After Interview.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Thank You Letters\Thank You to Applicant for Testing.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Resignation Letters\Acceptance of Employee's Resignation.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Resignation Letters\Employee Termination Notice.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Hiring and Termination\Resignation Letters\Job Resignation Letter.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Personnel Office\Notice of Decision to Reprimand.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Cover Letter Auditor Development Program.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Job Application Letter.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Job Search Cover Letter - Disabled Citizens.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Job Search Cover Letter - Software Employment.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Law Internship Cover Letter.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Resume Cover Letter.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Resume Cover Letter2.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Letters of Recommendation\Letter of Recommendation.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Accounting Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Administrative Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Banking Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Customer Service Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Database and Application Developer Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\End User Trainer and Instructional Designer Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Engineering Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Freelance Marcom Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\General CV Format.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Graphic Designer Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Healthcare Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Internship Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Java Developer Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Management Resume 2.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Management Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Marketing Administrator Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Marketing Director Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Marketing Manager Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Medical Essay Residency Experience.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Medical Resume - Physician.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Medical Resume Partnership in General Practice.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\PowerPoint Designer Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Product Delivery Engineer Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Sales Representative Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Software QA Engineer Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Technical Publication Manager Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Technical Writer.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Web Developer Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Web Maintainer Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Literary\Advertising\Advertising Commitment Form.html c:\program files\WhiteSmoke\html\english\templates\General\Literary\Advertising\Art Advertising Flyer.html c:\program files\WhiteSmoke\html\english\templates\General\Literary\Advertising\Request for Advertising Rate.html c:\program files\WhiteSmoke\html\english\templates\General\Literary\Advertising\Subscriber Letter News Service.html c:\program files\WhiteSmoke\html\english\templates\General\Literary\Legal\Assignment of Literary Property.html c:\program files\WhiteSmoke\html\english\templates\General\Literary\Promotions\Comments to Author Regarding Book.html c:\program files\WhiteSmoke\html\english\templates\General\Literary\Promotions\Introduction of Novel.html c:\program files\WhiteSmoke\html\english\templates\General\Literary\Promotions\Letter of Interest to Magazine.html c:\program files\WhiteSmoke\html\english\templates\General\Literary\Promotions\Letter of Recommendation.html c:\program files\WhiteSmoke\html\english\templates\General\Literary\Promotions\Magazine Review.html c:\program files\WhiteSmoke\html\english\templates\General\Literary\Promotions\Promotional Letter Antique Shop.html c:\program files\WhiteSmoke\html\english\templates\General\Literary\Resumes\Actor Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Personal Matters\Career Change.html c:\program files\WhiteSmoke\html\english\templates\General\Personal Matters\Letter to a Friend Regarding Change of Job.html c:\program files\WhiteSmoke\html\english\templates\General\Personal Matters\Sale of Automobile or Other Motor Vehicle.html c:\program files\WhiteSmoke\html\english\templates\General\Personal Matters\Upset Regarding Loss of Job.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Admissions Essays\Admissions Essay for Entrance to Theater Institute.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Admissions Essays\Essay - Describe Events.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Admissions Essays\Graduate School Literary Essay.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Careers\Career Letter for Accounting Position.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Careers\Career Letter in Journalism.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Personal Correspondence\Compliment Student on Graduation.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Personal Correspondence\Congratulations to High School Graduate.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Personal Correspondence\Personal Letter of Recommendation.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Personal Correspondence\Request for Financial Assistance from Parents.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Resumes\Resume for After-School Job.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Resumes\Student Resume Automotive Service Industry.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Resumes\Student Resume Forestry.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Resumes\Student Resume Wildlife.html c:\program files\WhiteSmoke\html\english\templates\General\Students\Resumes\Student Resume.html c:\program files\WhiteSmoke\html\english\templates\General\Students\University Correspondence\Appreciation of Scholarship.html c:\program files\WhiteSmoke\html\english\templates\General\Students\University Correspondence\Request for Reference.html c:\program files\WhiteSmoke\html\english\templates\General\Students\University Correspondence\Request for University Application Material.html c:\program files\WhiteSmoke\html\english\templates\General\Thank You\Letter Thanking Coworker for Support.html c:\program files\WhiteSmoke\html\english\templates\General\Thank You\Message of Thanks.html c:\program files\WhiteSmoke\html\english\templates\General\Thank You\Thank You Staff for Emotional Support.html c:\program files\WhiteSmoke\html\english\templates\General\Well Wishes\Letter of Congratulations.html c:\program files\WhiteSmoke\html\english\templates\General\Well Wishes\Welcome New Tenants.html c:\program files\WhiteSmoke\html\english\templates\General\Well Wishes\Wishes for Speedy Recovery.html c:\program files\WhiteSmoke\html\english\templates\images\jspDrag.gif c:\program files\WhiteSmoke\html\english\templates\images\jspVerticalBar.gif c:\program files\WhiteSmoke\html\english\templates\img\apply_over.png c:\program files\WhiteSmoke\html\english\templates\img\apply_press.png c:\program files\WhiteSmoke\html\english\templates\img\apply_up.png c:\program files\WhiteSmoke\html\english\templates\img\atart_arrow.jpg c:\program files\WhiteSmoke\html\english\templates\img\base.gif c:\program files\WhiteSmoke\html\english\templates\img\borders.png c:\program files\WhiteSmoke\html\english\templates\img\borders_good.png c:\program files\WhiteSmoke\html\english\templates\img\borders2.png c:\program files\WhiteSmoke\html\english\templates\img\borders3.png c:\program files\WhiteSmoke\html\english\templates\img\bullet.gif c:\program files\WhiteSmoke\html\english\templates\img\cd.gif c:\program files\WhiteSmoke\html\english\templates\img\close.png c:\program files\WhiteSmoke\html\english\templates\img\close2.png c:\program files\WhiteSmoke\html\english\templates\img\dirClose.png c:\program files\WhiteSmoke\html\english\templates\img\dirOpen.png c:\program files\WhiteSmoke\html\english\templates\img\empty - Copy.gif c:\program files\WhiteSmoke\html\english\templates\img\empty.gif c:\program files\WhiteSmoke\html\english\templates\img\empty2.gif c:\program files\WhiteSmoke\html\english\templates\img\folder.gif c:\program files\WhiteSmoke\html\english\templates\img\folderopen.gif c:\program files\WhiteSmoke\html\english\templates\img\globe.gif c:\program files\WhiteSmoke\html\english\templates\img\img\base.gif c:\program files\WhiteSmoke\html\english\templates\img\img\cd.gif c:\program files\WhiteSmoke\html\english\templates\img\img\empty.gif c:\program files\WhiteSmoke\html\english\templates\img\img\folder.gif c:\program files\WhiteSmoke\html\english\templates\img\img\folderopen.gif c:\program files\WhiteSmoke\html\english\templates\img\img\globe.gif c:\program files\WhiteSmoke\html\english\templates\img\img\imgfolder.gif c:\program files\WhiteSmoke\html\english\templates\img\img\join.gif c:\program files\WhiteSmoke\html\english\templates\img\img\joinbottom.gif c:\program files\WhiteSmoke\html\english\templates\img\img\line.gif c:\program files\WhiteSmoke\html\english\templates\img\img\minus.gif c:\program files\WhiteSmoke\html\english\templates\img\img\minusbottom.gif c:\program files\WhiteSmoke\html\english\templates\img\img\musicfolder.gif c:\program files\WhiteSmoke\html\english\templates\img\img\nolines_minus.gif c:\program files\WhiteSmoke\html\english\templates\img\img\nolines_plus.gif c:\program files\WhiteSmoke\html\english\templates\img\img\page.gif c:\program files\WhiteSmoke\html\english\templates\img\img\plus.gif c:\program files\WhiteSmoke\html\english\templates\img\img\plusbottom.gif c:\program files\WhiteSmoke\html\english\templates\img\img\question.gif c:\program files\WhiteSmoke\html\english\templates\img\img\trash.gif c:\program files\WhiteSmoke\html\english\templates\img\imgfolder.gif c:\program files\WhiteSmoke\html\english\templates\img\join.gif c:\program files\WhiteSmoke\html\english\templates\img\joinbottom.gif c:\program files\WhiteSmoke\html\english\templates\img\jspDrag.gif c:\program files\WhiteSmoke\html\english\templates\img\jspVerticalBar.gif c:\program files\WhiteSmoke\html\english\templates\img\line.gif c:\program files\WhiteSmoke\html\english\templates\img\minus.gif c:\program files\WhiteSmoke\html\english\templates\img\minusbottom.gif c:\program files\WhiteSmoke\html\english\templates\img\musicfolder.gif c:\program files\WhiteSmoke\html\english\templates\img\myEmpty.png c:\program files\WhiteSmoke\html\english\templates\img\neg_bullet.png c:\program files\WhiteSmoke\html\english\templates\img\nolines_minus.gif c:\program files\WhiteSmoke\html\english\templates\img\nolines_plus.gif c:\program files\WhiteSmoke\html\english\templates\img\open.png c:\program files\WhiteSmoke\html\english\templates\img\open2 - Copy.png c:\program files\WhiteSmoke\html\english\templates\img\open2.png c:\program files\WhiteSmoke\html\english\templates\img\p7t_minus.gif c:\program files\WhiteSmoke\html\english\templates\img\p7t_plus.gif c:\program files\WhiteSmoke\html\english\templates\img\page.gif c:\program files\WhiteSmoke\html\english\templates\img\plus.gif c:\program files\WhiteSmoke\html\english\templates\img\plus_bullet.png c:\program files\WhiteSmoke\html\english\templates\img\plusbottom.gif c:\program files\WhiteSmoke\html\english\templates\img\question.gif c:\program files\WhiteSmoke\html\english\templates\img\top_close.png c:\program files\WhiteSmoke\html\english\templates\img\top_open.png c:\program files\WhiteSmoke\html\english\templates\img\trash.gif c:\program files\WhiteSmoke\html\english\templates\index.html c:\program files\WhiteSmoke\html\english\templates\js\jquery-1.4.2.min.js c:\program files\WhiteSmoke\html\english\templates\js\jquery.jscrollpane.min.js c:\program files\WhiteSmoke\html\english\templates\js\jquery.mousewheel.js c:\program files\WhiteSmoke\html\english\templates\js\switchcontent.js c:\program files\WhiteSmoke\html\english\templates\js\templatesInterface.js c:\program files\WhiteSmoke\html\english\templates\menu.htm c:\program files\WhiteSmoke\html\english\templates\objects\ebook_js.js c:\program files\WhiteSmoke\html\english\templates\objects\flashobject.js c:\program files\WhiteSmoke\html\english\templates\objects\mcl.css c:\program files\WhiteSmoke\html\english\templates\objects\navigation.js c:\program files\WhiteSmoke\html\english\templates\objects\p7tm\p7t_minus.gif c:\program files\WhiteSmoke\html\english\templates\objects\p7tm\p7t_plus.gif c:\program files\WhiteSmoke\html\english\templates\objects\p7tm\p7tmbasic.css c:\program files\WhiteSmoke\html\english\templates\objects\p7tm\p7tmscripts.js c:\program files\WhiteSmoke\html\english\templates\objects\parseURL.js c:\program files\WhiteSmoke\html\english\templates\objects\utils.js c:\program files\WhiteSmoke\html\english\templates\objects\wm_cookies.js c:\program files\WhiteSmoke\html\english\templates\start.html c:\program files\WhiteSmoke\html\english\templates\style\jquery.jscrollpane.css c:\program files\WhiteSmoke\html\english\templates\style\style.css c:\program files\WhiteSmoke\html\english\templates\style\templates.css c:\program files\WhiteSmoke\html\english\userGuide\css\jquery.jscrollpane.css c:\program files\WhiteSmoke\html\english\userGuide\css\style - Copy.css c:\program files\WhiteSmoke\html\english\userGuide\css\style.css c:\program files\WhiteSmoke\html\english\userGuide\faq.html c:\program files\WhiteSmoke\html\english\userGuide\images\arr.png c:\program files\WhiteSmoke\html\english\userGuide\images\arr2.gif c:\program files\WhiteSmoke\html\english\userGuide\images\bg-good.png c:\program files\WhiteSmoke\html\english\userGuide\images\bg - Copy.png c:\program files\WhiteSmoke\html\english\userGuide\images\bg.png c:\program files\WhiteSmoke\html\english\userGuide\images\boxBlackFix.png c:\program files\WhiteSmoke\html\english\userGuide\images\buttons.png c:\program files\WhiteSmoke\html\english\userGuide\images\ConfiguringWhiteSmoke.png c:\program files\WhiteSmoke\html\english\userGuide\images\correctionssuggestions.png c:\program files\WhiteSmoke\html\english\userGuide\images\dictionaryTab.png c:\program files\WhiteSmoke\html\english\userGuide\images\faq.png c:\program files\WhiteSmoke\html\english\userGuide\images\i.gif c:\program files\WhiteSmoke\html\english\userGuide\images\I.png c:\program files\WhiteSmoke\html\english\userGuide\images\jspDrag.gif c:\program files\WhiteSmoke\html\english\userGuide\images\jspVerticalBar.gif c:\program files\WhiteSmoke\html\english\userGuide\images\nav.jpg c:\program files\WhiteSmoke\html\english\userGuide\images\otk.png c:\program files\WhiteSmoke\html\english\userGuide\images\t.gif c:\program files\WhiteSmoke\html\english\userGuide\images\TheRight-clickMenu.png c:\program files\WhiteSmoke\html\english\userGuide\images\TheTemplatesTab.png c:\program files\WhiteSmoke\html\english\userGuide\images\translatorTab.png c:\program files\WhiteSmoke\html\english\userGuide\images\WhiteSmokeEmailCheck.png c:\program files\WhiteSmoke\html\english\userGuide\images\WhiteSmokeOverview.png c:\program files\WhiteSmoke\html\english\userGuide\images\WriterTab.png c:\program files\WhiteSmoke\html\english\userGuide\js\jquery-1.4.2.min.js c:\program files\WhiteSmoke\html\english\userGuide\js\jquery.jscrollpane.min.js c:\program files\WhiteSmoke\html\english\userGuide\js\jquery.min.js c:\program files\WhiteSmoke\html\english\userGuide\js\jquery.mousewheel.js c:\program files\WhiteSmoke\html\english\userGuide\js\userGuide.js c:\program files\WhiteSmoke\html\english\userGuide\troubleshooting.html c:\program files\WhiteSmoke\html\english\userGuide\userGuide.html c:\program files\WhiteSmoke\Microsoft.VC80.CRT.manifest c:\program files\WhiteSmoke\msvcp80.dll c:\program files\WhiteSmoke\msvcr80.dll c:\program files\WhiteSmoke\NotifierWhiteApps.txt c:\program files\WhiteSmoke\osmax.ocx c:\program files\WhiteSmoke\osmax64.ocx c:\program files\WhiteSmoke\secman.dll c:\program files\WhiteSmoke\secman64.dll c:\program files\WhiteSmoke\settings.ini c:\program files\WhiteSmoke\TCCons.dll c:\program files\WhiteSmoke\TCCons_x64.dll c:\program files\WhiteSmoke\Uninst.exe c:\program files\WhiteSmoke\WCapture.dll c:\program files\WhiteSmoke\WCapture_x64.dll c:\program files\WhiteSmoke\WCaptureX.dll c:\program files\WhiteSmoke\WCaptureX_x64.dll c:\program files\WhiteSmoke\WCustom.dll c:\program files\WhiteSmoke\WCustom_x64.dll c:\program files\WhiteSmoke\WhiteSmokeRegistration.exe c:\program files\WhiteSmoke\WHook.dll c:\program files\WhiteSmoke\WHook_x64.dll c:\program files\WhiteSmoke\Writer.ico c:\program files\WhiteSmoke\WSDictHookDll.dll c:\program files\WhiteSmoke\WSEngine.dll c:\program files\WhiteSmoke\WSEnrichment.exe c:\program files\WhiteSmoke\WSLogger.exe c:\program files\WhiteSmoke\WSMouseHook.dll c:\program files\WhiteSmoke\WSTray64.exe c:\programdata\SweetIM c:\programdata\SweetIM\Messenger\conf\adapter.xml c:\programdata\SweetIM\Messenger\conf\autoupdate.xml c:\programdata\SweetIM\Messenger\conf\contentpackages.xml c:\programdata\SweetIM\Messenger\conf\logger.xml c:\programdata\SweetIM\Messenger\conf\messages.xml c:\programdata\SweetIM\Messenger\conf\sweetim.xml c:\programdata\SweetIM\Messenger\conf\sweetimapp.xml c:\programdata\SweetIM\Messenger\conf\users\main_user_config.xml c:\programdata\SweetIM\Messenger\data\Bars\Default\bar.html c:\programdata\SweetIM\Messenger\data\Bars\Default\bar.js c:\programdata\SweetIM\Messenger\data\Bars\Default\bar.swf c:\programdata\SweetIM\Messenger\data\contentdb\cache_indx.dat c:\programdata\SweetIM\Messenger\data\contentdb\installcontentvalidation.xml c:\programdata\SweetIM\Messenger\data\packages\FailDialog\activationFail.htm c:\programdata\SweetIM\Messenger\data\packages\FailDialog\close_but.gif c:\programdata\SweetIM\Messenger\data\packages\FailDialog\failure_dialog_BG.jpg c:\windows\system32\config\systemprofile\AppData\Roaming\KB897623.exe c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch WhiteSmoke.lnk c:\windows\system32\qteryp.exe c:\windows\system32\znwujjau.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_CFCATCHME -------\Service_CFcatchme -------\Service_yuclwxci -------\Service_qteryp . . (((((((((((((((((((( Bestanden Gemaakt van 2011-05-06 to 2011-06-06 )))))))))))))))))))))))))))))) . . 2011-06-06 18:36 . 2011-06-06 18:42 -------- d-----w- c:\users\Eigenaar\AppData\Local\temp 2011-06-06 18:36 . 2011-06-06 18:36 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2011-06-06 18:36 . 2011-06-06 18:36 -------- d-----w- c:\users\Hidde\AppData\Local\temp 2011-06-06 18:36 . 2011-06-06 18:36 -------- d-----w- c:\users\Gast\AppData\Local\temp 2011-06-06 18:36 . 2011-06-06 18:36 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-06-06 14:10 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6110A3AF-A83F-47CD-8840-381B7B3F87FF}\mpengine.dll 2011-06-03 13:26 . 2011-06-03 13:26 -------- d-----w- c:\users\Default\Tracing 2011-05-23 18:07 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-23 18:07 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-23 18:07 . 2011-06-01 11:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-05-23 18:03 . 2011-05-23 18:03 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\Malwarebytes 2011-05-23 18:03 . 2011-05-23 18:03 -------- d-----w- c:\programdata\Malwarebytes 2011-05-23 15:03 . 2011-05-23 15:03 388096 ----a-r- c:\users\Eigenaar\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-05-23 15:03 . 2011-05-23 15:03 -------- d-----w- c:\program files\Trend Micro . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-30 17:07 . 2011-01-29 13:51 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2011-05-30 17:06 . 2011-01-29 13:51 268952 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-05-30 17:06 . 2011-01-29 13:51 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr 2011-05-30 17:06 . 2011-01-29 13:51 268952 ----a-w- c:\windows\system32\PnkBstrB.ex0 2011-05-09 20:46 . 2010-08-20 09:18 6962000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-03-10 16:12 . 2011-04-15 14:22 1136640 ----a-w- c:\windows\system32\mfc42.dll 2011-03-10 16:12 . 2011-04-15 14:22 1161728 ----a-w- c:\windows\system32\mfc42u.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-02-26 2289664] "AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2010-08-24 2356088] "EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240] "GBMHome8Agent"="c:\program files\Genie-Soft\GBMHome8\GBMAgent.exe" [2008-09-11 189056] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-14 13535776] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-14 92704] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-27 442467] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-06-25 468264] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032] "OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288] "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-10-08 47904] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160] "GBMHome8Agent"="c:\program files\Genie-Soft\GBMHome8\GBMAgent.exe" [2008-09-11 189056] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-02-26 2289664] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe" [2010-08-20 232912] . c:\users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\users\Hidde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-9-30 503808] OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ scandisk.lnk - c:\windows\system32\rundll32.exe [2006-11-2 44544] scanxdiskbk86.dll [2009-6-10 589824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4090497035-419787805-1109558852-1000] "EnableNotificationsRef"=dword:00000001 . R1 MpKsl05309e8f;MpKsl05309e8f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F10D784-6A7B-4ACC-8D2F-4AF106041706}\MpKsl05309e8f.sys [x] R1 MpKsl46055f2f;MpKsl46055f2f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A8D584CC-047C-40AE-9237-1979C84F8B89}\MpKsl46055f2f.sys [x] R1 MpKsl64ae66d0;MpKsl64ae66d0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{72659B81-90CD-43A1-B7FD-75921B6A6A1C}\MpKsl64ae66d0.sys [x] R1 MpKsle820e8eb;MpKsle820e8eb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2980EAB4-4D47-48EF-BB55-F3C88126527E}\MpKsle820e8eb.sys [x] R1 MpKslf3456a10;MpKslf3456a10;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{38A4DCE2-C663-4AC7-8550-A91951CBF21F}\MpKslf3456a10.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-05-29 39984] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368] R3 NETw5v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824] S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456] S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-04-25 361808] S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-02-07 193840] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-01-24 52736] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-07-08 96856] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-05-14 43552] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-02-26 12:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2011-06-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090497035-419787805-1109558852-1000Core.job - c:\users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-18 18:12] . 2011-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090497035-419787805-1109558852-1000UA.job - c:\users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-18 18:12] . 2011-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090497035-419787805-1109558852-1001Core.job - c:\users\Hidde\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 19:19] . 2011-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090497035-419787805-1109558852-1001UA.job - c:\users\Hidde\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 19:19] . 2011-06-06 c:\windows\Tasks\User_Feed_Synchronization-{9CDAFF32-6F1E-4083-BB31-875ED51CB42E}.job - c:\windows\system32\msfeedssync.exe [2011-04-15 04:43] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ mStart Page = hxxp://home.sweetim.com uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 213.46.228.196 62.179.104.196 FF - ProfilePath - c:\users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\e0xdhxtb.default\ FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} FF - Ext: SwiftTabs: {5F4EC95A-FFA8-11DE-898C-667D55D89593} - %profile%\extensions\{5F4EC95A-FFA8-11DE-898C-667D55D89593} FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com FF - Ext: TVU Web Player: firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com FF - Ext: Vuze Remote Community Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-WhiteSmoke - c:\program files\WhiteSmoke\Uninst.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-06-06 20:40 Windows 6.0.6001 Service Pack 1 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(2744) c:\program files\WinSCP\DragExt.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Microsoft Security Essentials\MsMpEng.exe c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe c:\windows\system32\WLANExt.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe c:\windows\system32\PnkBstrA.exe c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe c:\program files\Hewlett-Packard\Shared\HpqToaster.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe . ************************************************************************** . Voltooingstijd: 2011-06-06 20:50:58 - machine werd herstart ComboFix-quarantined-files.txt 2011-06-06 18:50 ComboFix2.txt 2011-06-03 14:08 ComboFix3.txt 2011-05-31 10:29 ComboFix4.txt 2011-05-30 16:18 ComboFix5.txt 2011-06-06 18:19 . Pre-Run: 94.424.825.856 bytes beschikbaar Post-Run: 94.951.337.984 bytes beschikbaar . - - End Of File - - 83DB680D2944F57ED7B720FC51315022 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:52:49, on 6-6-2011 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.19048) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Windows\system32\wuauclt.exe C:\Windows\Explorer.exe C:\Windows\system32\notepad.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [GBMHome8Agent] C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [GBMHome8Agent] C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEEM') O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe -update activex (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe -update activex (User 'Default user') O4 - .DEFAULT User Startup: scandisk.lnk = ? (User 'Default user') O4 - .DEFAULT User Startup: scanxdiskbk86.dll (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe -- End of file - 8988 bytes
-
ja is weer prima. bedankt!
-
Malwarebytes' Anti-Malware 1.51.0.1200 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 6784 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 06-06-2011 10:11:34 mbam-log-2011-06-06 (10-11-34).txt Scantype: Snelle scan Objecten gescand: 166065 Verstreken tijd: 7 minuut/minuten, 54 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 6 Registerwaarden geïnfecteerd: 2 Registerdata geïnfecteerd: 2 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 9 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\10DPP6O2VE (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\wnxmal (Rogue.SecuritySuite) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\ZE18MW23GY (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Fci (Rootkit.Agent) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\Software\Microsoft\idln2 (Malware.Trace) -> Value: idln2 -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\bk (Malware.Trace) -> Value: bk -> Quarantined and deleted successfully. Registerdata geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully. Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\documents and settings\boudewijn\local settings\Temp\0.6392573924603935.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully. c:\documents and settings\boudewijn\local settings\Temp\Akp.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. c:\documents and settings\boudewijn\local settings\Temp\Akq.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. c:\documents and settings\boudewijn\local settings\Temp\Akr.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. c:\documents and settings\boudewijn\local settings\Temp\8593997.exe (Spyware.Wemon) -> Quarantined and deleted successfully. c:\WINDOWS\Temp\1317812375exe. 1836 (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\Temp\1382531056exe. 1836 (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\Temp\1583526854exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\userinitxx.exe (Trojan.Agent) -> Quarantined and deleted successfully. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:14:13, on 06-06-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\HipServ Desktop Applications\HipServAgent\HipServAgent.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\NOTEPAD.EXE Z:\Boudewijn\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hyves R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [GBMHome8Agent] "C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [HipServ Agent] C:\Program Files\HipServ Desktop Applications\HipServAgent\HipServAgent.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [Z-schijf] net use z: \\192.168.0.50\GedeeldeBestanden /user:gast gast09 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {37066585-F2BD-4F2E-A6C6-F2CB64EEE826} (AEP SSL Tunnel Client ActiveX Control) - https://telewerken.jumbosupermarkten.nl/webapp/psvpns/VPNInstall.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5E8EFF83-53F9-4FC6-A3C6-70797FD1367D}: NameServer = 213.46.228.196,62.179.104.196 O17 - HKLM\System\CS1\Services\Tcpip\..\{5E8EFF83-53F9-4FC6-A3C6-70797FD1367D}: NameServer = 213.46.228.196,62.179.104.196 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: Microsoft Antimalware Service (MsMpSvc) - Unknown owner - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (file missing) O23 - Service: AEP SSL Tunnel Helper Service (NetillaVPNService) - AEP Networks, Inc. - C:\Program Files\AEP\SSLTunnel\NVPNs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 8052 bytes
-
Heey iedereen, Via dumpert.nl werd ik naar een verkeerde site gestuurd en daarna is het internet heel langzaam geworden. misschien probleem.. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:53:38, on 05-06-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\HipServ Desktop Applications\HipServAgent\HipServAgent.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe z:\Boudewijn\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hyves R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6522 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: LW Plus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim2.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O2 - BHO: LW Plus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim2.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: LW Plus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim2.dll O4 - HKLM\..\Run: [GBMHome8Agent] "C:\Program Files\Genie-Soft\GBMHome8\GBMAgent.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [HipServ Agent] C:\Program Files\HipServ Desktop Applications\HipServAgent\HipServAgent.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [Z-schijf] net use z: \\192.168.0.50\GedeeldeBestanden /user:gast gast09 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {37066585-F2BD-4F2E-A6C6-F2CB64EEE826} (AEP SSL Tunnel Client ActiveX Control) - https://telewerken.jumbosupermarkten.nl/webapp/psvpns/VPNInstall.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5E8EFF83-53F9-4FC6-A3C6-70797FD1367D}: NameServer = 213.46.228.196,62.179.104.196 O17 - HKLM\System\CS1\Services\Tcpip\..\{5E8EFF83-53F9-4FC6-A3C6-70797FD1367D}: NameServer = 213.46.228.196,62.179.104.196 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: Microsoft Antimalware Service (MsMpSvc) - Unknown owner - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (file missing) O23 - Service: AEP SSL Tunnel Helper Service (NetillaVPNService) - AEP Networks, Inc. - C:\Program Files\AEP\SSLTunnel\NVPNs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 8557 bytes
OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!