Ga naar inhoud

Quiache

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    8

  • Registratiedatum

  • Laatst bezocht

Over Quiache

  • Verjaardag 23-07-1993

Quiache's prestaties

Groentje

Groentje (2/14)

  • Eerste post
  • Gespreksstarter
  • Week één klaar
  • Een maand later
  • Een jaar binnen

Recente badges

0

Reputatie

  1. Quiache
    Ik zoek wel zelf even verder, in ieder geval, bedankt voor alle hulp !!
  2. Quiache
    Ik dacht dat alles weer vlot werkte van msn? Zelf ondervind ik toch geen problemen meer,en die services.exe kon ik ondertussen ook verwijderen. Die family safety liet ik installeren samen met msn,het is een nieuwe functie, moet ze nog eens uittesten. Ken jij misschien nog mensen voor dat typprobleem die misschien een oplossing hebben?
  3. Quiache
    Okee, heb alles gedaan. Maar heb je een oplossing voor mijn typ-probleem? Dat zou fijn zijn . Combofix-log: ComboFix 08-03-21.1 - Louis 2008-03-22 11:39:56.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.370 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Louis.COMPUTER.000\Bureaublad\ComboFix.exe WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((( Bestanden Gemaakt van 2008-02-22 to 2008-03-22 )))))))))))))))))))))))))))))) . 2008-03-22 11:39 . 2008-03-22 11:39 3,631 --a--c--- C:\31.tmp 2008-03-22 11:16 . 2008-03-22 11:16 <DIR> d-------- C:\WINDOWS\LastGood 2008-03-21 23:34 . 2008-03-22 11:39 <DIR> dr-h----- C:\Documents and Settings\Louis.COMPUTER.000\Onlangs geopend 2008-03-21 22:40 . 2008-03-21 22:40 3,631 --a--c--- C:\155.tmp 2008-03-21 22:38 . 2008-03-21 22:38 3,631 --a--c--- C:\154.tmp 2008-03-21 22:10 . 2008-03-21 22:10 <DIR> dr-h-c--- C:\Documents and Settings\kurt.COMPUTER\Onlangs geopend 2008-03-21 16:39 . 2007-10-17 13:53 43,816 --a------ C:\WINDOWS\system32\drivers\fssfltr.sys 2008-03-21 16:34 . 2008-03-21 16:34 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-03-21 16:30 . 2008-03-21 16:30 <DIR> d-------- C:\Program Files\Windows Live Favorites 2008-03-21 16:02 . 2008-03-21 16:39 <DIR> d-------- C:\Program Files\Windows Live 2008-03-21 16:02 . 2008-03-21 16:14 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-03-21 16:01 . 2008-03-21 16:01 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller 2008-03-21 14:59 . 2008-03-21 14:59 <DIR> d-------- C:\WINDOWS\ERUNT 2008-03-15 23:05 . 2008-03-15 23:05 9,296 --a------ C:\WINDOWS\system32\bhlnwl.exe 2008-03-12 20:35 . 2008-03-12 20:35 <DIR> d-------- C:\Program Files\Yahoo! 2008-03-09 20:48 . 2008-03-09 20:48 <DIR> d-------- C:\Program Files\Microsoft Silverlight 2008-03-09 16:57 . 2006-03-24 05:40 49,152 --a------ C:\WINDOWS\system32\SET10.tmp 2008-03-09 16:48 . 2008-03-09 17:03 <DIR> d-------- C:\WINDOWS\system32\nl-nl . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-22 10:10 --------- dc----w C:\Documents and Settings\Louis.COMPUTER.000\Application Data\AVG7 2008-03-21 20:32 --------- dc----w C:\Documents and Settings\kurt.COMPUTER\Application Data\AVG7 2008-03-21 15:31 --------- d-----w C:\Program Files\Windows Live Toolbar 2008-03-19 18:04 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion 2008-03-13 20:10 --------- dc----w C:\Documents and Settings\Louis.COMPUTER.000\Application Data\LimeWire 2008-03-12 19:35 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2008-02-28 18:23 --------- dc----w C:\Documents and Settings\kurt.COMPUTER\Application Data\Apple Computer 2008-02-20 16:03 --------- d-----w C:\Program Files\Mindscape 2008-02-19 20:16 --------- dc----w C:\Documents and Settings\Louis.COMPUTER.000\Application Data\Apple Computer 2008-02-17 08:53 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-06 21:01 --------- d-----w C:\Program Files\Image-Line 2008-02-06 15:33 737,280 ----a-w C:\WINDOWS\iun6002.exe 2008-02-06 15:33 --------- d-----w C:\Program Files\Replay Converter 2008-02-04 11:04 --------- d-----w C:\Program Files\iPod 2008-02-04 11:02 --------- d-----w C:\Program Files\QuickTime 2008-01-20 12:58 72,192 ----a-w C:\WINDOWS\cadkasdeinst01e.exe 2007-11-11 17:24 1,062 ----a-w C:\Program Files\uninstal.log 2007-10-04 09:32 2,515,576 ------w C:\WINDOWS\inf\SET46.tmp 2007-10-04 09:32 2,515,576 ------w C:\WINDOWS\inf\SET42.tmp 2007-02-10 09:34 33,664 -c--a-w C:\Documents and Settings\kurt\Application Data\GDIPFONTCACHEV1.DAT 2006-12-30 14:54 33,664 -c--a-w C:\Documents and Settings\Louis.COMPUTER.000\Application Data\GDIPFONTCACHEV1.DAT 2001-11-23 12:08 712,704 -c----w C:\WINDOWS\inf\OTHER\audio3d.dll 2007-03-09 08:12 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll . ((((((((((((((((((((((((((((( snapshot@2008-03-21_15.52.27,60 ))))))))))))))))))))))))))))))))))))))))) . + 2008-03-21 15:35:27 125,472 ----a-r C:\WINDOWS\Installer\{9B51E404-E3E2-45EB-9956-8D164A6108BC}\WLXPhotoGalleryIcon.exe + 2008-03-21 15:15:02 29,926 ----a-r C:\WINDOWS\Installer\{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}\MsblIco.Exe + 2008-03-21 15:27:10 86,746 ----a-r C:\WINDOWS\Installer\{DB8DEC88-4D53-4A3A-964A-D22509D27455}\wlmail.exe + 2007-04-16 20:44:20 271,224 ----a-w C:\WINDOWS\LastGood\system32\mucltui.dll + 2007-04-16 20:44:18 208,248 ----a-w C:\WINDOWS\LastGood\system32\muweb.dll + 2004-07-14 23:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1140\_aspnet_isapi.dll + 2004-07-14 22:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1140\_CORPerfMonExt.dll + 2004-07-14 22:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1140\_fusion.dll + 2004-07-14 22:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1140\_mscorjit.dll + 2003-02-20 17:09:18 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1140\_mscorsn.dll + 2003-02-21 02:42:22 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1140\_msvcr71.dll + 2004-07-14 22:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1140\_PerfCounter.dll + 2007-10-17 12:53:16 43,816 -c--a-w C:\WINDOWS\system32\DRVSTORE\fssfltr_FB301EB9307D2FAB641A9804E59C568C22487732\fssfltr.sys - 2007-04-16 20:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll + 2007-07-30 18:19:10 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll - 2007-04-16 20:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll + 2007-07-30 18:19:04 207,736 ----a-w C:\WINDOWS\system32\muweb.dll - 2008-02-17 20:05:08 66,516 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-03-21 15:44:31 66,776 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-02-17 20:05:08 86,592 ----a-w C:\WINDOWS\system32\perfc013.dat + 2008-03-21 15:44:31 86,902 ----a-w C:\WINDOWS\system32\perfc013.dat - 2008-02-17 20:05:08 452,136 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-03-21 15:44:31 452,396 ----a-w C:\WINDOWS\system32\perfh009.dat - 2008-02-17 20:05:08 522,964 ----a-w C:\WINDOWS\system32\perfh013.dat + 2008-03-21 15:44:31 523,258 ----a-w C:\WINDOWS\system32\perfh013.dat + 2006-10-24 11:30:20 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll - 2007-01-19 10:53:04 51,056 ----a-w C:\WINDOWS\system32\sirenacm.dll + 2007-10-18 10:31:46 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll - 2006-09-25 16:58:48 14,640 ------w C:\WINDOWS\system32\spmsg.dll + 2006-10-16 15:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll - 2006-09-25 16:58:48 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe + 2006-10-16 15:10:58 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe + 2006-10-24 11:30:06 716,288 ------w C:\WINDOWS\system32\WindowsCodecs.dll + 2006-10-24 11:29:50 352,256 ------w C:\WINDOWS\system32\WindowsCodecsExt.dll + 2006-10-24 11:30:00 276,992 ------w C:\WINDOWS\system32\WMPhoto.dll + 2005-09-22 22:48:08 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll + 2005-09-22 22:48:08 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll + 2005-09-22 22:48:06 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll + 2007-10-23 16:49:24 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] 2007-10-17 13:53 57384 --a------ C:\Program Files\Windows Live\Family Safety\fssbho.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{DF4E7A0C-E233-4906-B4C1-A404356541FF}"= C:\Program Files\Video ActiveX Access\iesbpl.dll [ ] [HKEY_CLASSES_ROOT\clsid\{df4e7a0c-e233-4906-b4c1-a404356541ff}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ] "OM_Monitor"="F:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2006-05-16 16:51 57344] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-06-21 19:50 172032] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2005-01-12 13:54 241664] "C-Media Mixer"="Mixer.exe" [2002-10-15 18:00 1818624 C:\WINDOWS\mixer.exe] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-20 08:48 579072] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 09:03 110592 C:\WINDOWS\system32\bthprops.cpl] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "OM_Monitor"="F:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2006-05-16 16:50 40960] "Adobe Photo Downloader"="F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 10:09 63712] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024] "iTunesHelper"="F:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048] "Adobe Reader Speed Launcher"="F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "SDFix"="F:\SDFix\RunThis.bat /second" [ ] "fssui"="C:\Program Files\Windows Live\Family Safety\fssui.exe" [2007-10-17 13:53 243240] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-24 13:55 219136] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf] avgwlntf.dll 2007-03-31 09:29 9216 C:\WINDOWS\system32\avgwlntf.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Internet Explorer\\iexplore.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\Common Files\\PocketSoft\\RTPatch\\AutoRTP\\artpschd.exe"= "F:\\Program Files\\Steam\\SteamApps\\louissnauwaert\\condition zero\\hl.exe"= "F:\\Program Files\\Steam\\SteamApps\\louissnauwaert\\counter-strike\\hl.exe"= "F:\\Program Files\\LimeWire\\LimeWire.exe"= "F:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"= "F:\\Program Files\\Wolfenstein - Enemy Territory\\ETDED.exe"= "F:\\Program Files\\Xfire\\xfire.exe"= "F:\\Program Files\\Hamachi\\hamachi.exe"= "F:\\Program Files\\Steam\\SteamApps\\louissnauwaert\\dedicated server\\hlds.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"= "F:\\Program Files\\Steam\\Steam.exe"= "F:\\Program Files\\iTunes\\iTunes.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R2 fssfltr;FssFltr;C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2007-10-17 13:53] R2 fsssvc;Windows Live OneCare Family Safety;"C:\Program Files\Windows Live\Family Safety\fsssvc.exe" [2007-10-17 13:53] R3 genmcmn;Genius NetScroll Optical Mouse Driver;C:\WINDOWS\system32\DRIVERS\gmfiltr.sys [2001-09-21 15:58] R3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0);C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2003-06-27 04:08] S2 NMSSvc;Intel® NMS;C:\WINDOWS\System32\NMSSvc.exe [2002-03-04 10:35] S2 X4HSX32;X4HSX32;C:\Program Files\EXEtender\X4HSX32.Sys [] S3 mdxgthkn;mdxgthkn;C:\DOCUME~1\ADMINI~1.COM\LOCALS~1\Temp\mdxgthkn.sys [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \Shell\AutoRun\command - E:\Teaser.EXE . Inhoud van de 'Gedeelde Taken' map "2008-03-21 22:00:00 C:\WINDOWS\Tasks\AC2171A49036EB64.job" - c:\docume~1\admini~1.com\applic~1\defaul~1\TRAYFLAWSKIP.exe "2008-02-28 13:57:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2008-03-22 10:14:06 C:\WINDOWS\Tasks\Controleren op updates voor Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-22 11:43:19 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2008-03-22 11:44:20 ComboFix-quarantined-files.txt 2008-03-22 10:43:58 ComboFix2.txt 2008-03-21 21:45:26 ComboFix3.txt 2008-03-21 14:52:58 . 2008-03-21 22:42:25 --- E O F --- HJT-log : Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 11:47:46, on 22/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\Mixer.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\QuickTime\QTTask.exe F:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Live\Family Safety\fssui.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Louis.COMPUTER.000\Bureaublad\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [OM_Monitor] F:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sDFix] F:\SDFix\RunThis.bat /second O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [OM_Monitor] F:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - Add to Windows Live Favorites O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O16 - DPF: Dexia Netbanking - Net Banking - R.I.P. O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emilesnauwaertdebeste.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - www.9lives.be | 9lives O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1142026486500 O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - file://E:\Setup\tsccinst.cab O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://express.foto.com/activeX/newUploadFotoCom.CAB O16 - DPF: {8E7E8EAE-71FF-11D3-B4D2-0060086460F0} (ElementMisterCash1 Class) - http://pay.banxafe.be/cab/ElementMisterCash.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {AE775D48-49AA-11D1-8F1C-00C04FB67063} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v5/ticker.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.7) - http://gameadvisor.futuremark.com/global/msc37.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?312 O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) - http://fdl.msn.com/public/investor/v13/ticker.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 11435 bytes
  4. Quiache
    Moest ff weg:) Maar ik heb wel een ander probleem,als ik de "v" typ bijvoorbeeld,komt er altyd een ' achter staan en als ik "c" typ komt er " achter staan, en bij de tekens komen er bij elk teken een letter achter? Combofixé log:ComboFix 08-03-21.1 - Louis 2008-03-21 22:40:55.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.411 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Louis.COMPUTER.000\Bureaublad\ComboFix.exe * Nieuw herstelpunt werd aangemaakt WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((( Bestanden Gemaakt van 2008-02-21 to 2008-03-21 )))))))))))))))))))))))))))))) . 2008-03-21 22:40 . 2008-03-21 22:40 3,631 --a--c--- C:\155.tmp 2008-03-21 22:38 . 2008-03-21 22:38 3,631 --a--c--- C:\154.tmp 2008-03-21 22:10 . 2008-03-21 22:10 <DIR> dr-h-c--- C:\Documents and Settings\kurt.COMPUTER\Onlangs geopend 2008-03-21 16:41 . 2008-03-21 22:39 <DIR> dr-h----- C:\Documents and Settings\Louis.COMPUTER.000\Onlangs geopend 2008-03-21 16:39 . 2007-10-17 13:53 43,816 --a------ C:\WINDOWS\system32\drivers\fssfltr.sys 2008-03-21 16:34 . 2008-03-21 16:34 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-03-21 16:30 . 2008-03-21 16:30 <DIR> d-------- C:\Program Files\Windows Live Favorites 2008-03-21 16:16 . 2008-03-21 16:37 <DIR> d-------- C:\WINDOWS\LastGood 2008-03-21 16:02 . 2008-03-21 16:39 <DIR> d-------- C:\Program Files\Windows Live 2008-03-21 16:02 . 2008-03-21 16:14 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-03-21 16:01 . 2008-03-21 16:01 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller 2008-03-21 14:59 . 2008-03-21 14:59 <DIR> d-------- C:\WINDOWS\ERUNT 2008-03-15 23:05 . 2008-03-15 23:05 9,296 --a------ C:\WINDOWS\system32\bhlnwl.exe 2008-03-12 20:35 . 2008-03-12 20:35 <DIR> d-------- C:\Program Files\Yahoo! 2008-03-09 20:48 . 2008-03-09 20:48 <DIR> d-------- C:\Program Files\Microsoft Silverlight 2008-03-09 16:57 . 2006-03-24 05:40 49,152 --a------ C:\WINDOWS\system32\SET10.tmp 2008-03-09 16:48 . 2008-03-09 17:03 <DIR> d-------- C:\WINDOWS\system32\nl-nl . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-21 21:23 --------- dc----w C:\Documents and Settings\Louis.COMPUTER.000\Application Data\AVG7 2008-03-21 20:32 --------- dc----w C:\Documents and Settings\kurt.COMPUTER\Application Data\AVG7 2008-03-21 15:31 --------- d-----w C:\Program Files\Windows Live Toolbar 2008-03-19 18:04 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion 2008-03-13 20:10 --------- dc----w C:\Documents and Settings\Louis.COMPUTER.000\Application Data\LimeWire 2008-03-12 19:35 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2008-02-28 18:23 --------- dc----w C:\Documents and Settings\kurt.COMPUTER\Application Data\Apple Computer 2008-02-20 16:03 --------- d-----w C:\Program Files\Mindscape 2008-02-19 20:16 --------- dc----w C:\Documents and Settings\Louis.COMPUTER.000\Application Data\Apple Computer 2008-02-17 08:53 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-06 21:01 --------- d-----w C:\Program Files\Image-Line 2008-02-06 15:33 737,280 ----a-w C:\WINDOWS\iun6002.exe 2008-02-06 15:33 --------- d-----w C:\Program Files\Replay Converter 2008-02-04 11:04 --------- d-----w C:\Program Files\iPod 2008-02-04 11:02 --------- d-----w C:\Program Files\QuickTime 2008-01-20 12:58 72,192 ----a-w C:\WINDOWS\cadkasdeinst01e.exe 2007-11-11 17:24 1,062 ----a-w C:\Program Files\uninstal.log 2007-10-04 09:32 2,515,576 ------w C:\WINDOWS\inf\SET46.tmp 2007-10-04 09:32 2,515,576 ------w C:\WINDOWS\inf\SET42.tmp 2007-02-10 09:34 33,664 -c--a-w C:\Documents and Settings\kurt\Application Data\GDIPFONTCACHEV1.DAT 2006-12-30 14:54 33,664 -c--a-w C:\Documents and Settings\Louis.COMPUTER.000\Application Data\GDIPFONTCACHEV1.DAT 2001-11-23 12:08 712,704 -c----w C:\WINDOWS\inf\OTHER\audio3d.dll 2007-03-09 08:12 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll . ((((((((((((((((((((((((((((( snapshot@2008-03-21_15.52.27,60 ))))))))))))))))))))))))))))))))))))))))) . + 2008-03-21 15:35:27 125,472 ----a-r C:\WINDOWS\Installer\{9B51E404-E3E2-45EB-9956-8D164A6108BC}\WLXPhotoGalleryIcon.exe + 2008-03-21 15:15:02 29,926 ----a-r C:\WINDOWS\Installer\{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}\MsblIco.Exe + 2008-03-21 15:27:10 86,746 ----a-r C:\WINDOWS\Installer\{DB8DEC88-4D53-4A3A-964A-D22509D27455}\wlmail.exe + 2006-11-29 12:06:18 3,426,072 ----a-w C:\WINDOWS\LastGood\system32\d3dx9_32.dll + 2007-10-17 12:53:16 43,816 -c--a-w C:\WINDOWS\system32\DRVSTORE\fssfltr_FB301EB9307D2FAB641A9804E59C568C22487732\fssfltr.sys - 2008-02-17 20:05:08 66,516 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-03-21 15:44:31 66,776 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-02-17 20:05:08 86,592 ----a-w C:\WINDOWS\system32\perfc013.dat + 2008-03-21 15:44:31 86,902 ----a-w C:\WINDOWS\system32\perfc013.dat - 2008-02-17 20:05:08 452,136 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-03-21 15:44:31 452,396 ----a-w C:\WINDOWS\system32\perfh009.dat - 2008-02-17 20:05:08 522,964 ----a-w C:\WINDOWS\system32\perfh013.dat + 2008-03-21 15:44:31 523,258 ----a-w C:\WINDOWS\system32\perfh013.dat + 2006-10-24 11:30:20 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll - 2007-01-19 10:53:04 51,056 ----a-w C:\WINDOWS\system32\sirenacm.dll + 2007-10-18 10:31:46 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll - 2006-09-25 16:58:48 14,640 ------w C:\WINDOWS\system32\spmsg.dll + 2006-10-16 15:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll - 2006-09-25 16:58:48 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe + 2006-10-16 15:10:58 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe + 2006-10-24 11:30:06 716,288 ------w C:\WINDOWS\system32\WindowsCodecs.dll + 2006-10-24 11:29:50 352,256 ------w C:\WINDOWS\system32\WindowsCodecsExt.dll + 2006-10-24 11:30:00 276,992 ------w C:\WINDOWS\system32\WMPhoto.dll + 2005-09-22 22:48:08 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll + 2005-09-22 22:48:08 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll + 2005-09-22 22:48:06 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll + 2007-10-23 16:49:24 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] 2007-10-17 13:53 57384 --a------ C:\Program Files\Windows Live\Family Safety\fssbho.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{DF4E7A0C-E233-4906-B4C1-A404356541FF}"= C:\Program Files\Video ActiveX Access\iesbpl.dll [ ] [HKEY_CLASSES_ROOT\clsid\{df4e7a0c-e233-4906-b4c1-a404356541ff}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ] "OM_Monitor"="F:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2006-05-16 16:51 57344] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-06-21 19:50 172032] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2005-01-12 13:54 241664] "C-Media Mixer"="Mixer.exe" [2002-10-15 18:00 1818624 C:\WINDOWS\mixer.exe] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-20 08:48 579072] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 09:03 110592 C:\WINDOWS\system32\bthprops.cpl] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "OM_Monitor"="F:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2006-05-16 16:50 40960] "Adobe Photo Downloader"="F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 10:09 63712] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024] "iTunesHelper"="F:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048] "Adobe Reader Speed Launcher"="F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "SDFix"="F:\SDFix\RunThis.bat /second" [ ] "fssui"="C:\Program Files\Windows Live\Family Safety\fssui.exe" [2007-10-17 13:53 243240] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-24 13:55 219136] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf] avgwlntf.dll 2007-03-31 09:29 9216 C:\WINDOWS\system32\avgwlntf.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Internet Explorer\\iexplore.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\Common Files\\PocketSoft\\RTPatch\\AutoRTP\\artpschd.exe"= "F:\\Program Files\\Steam\\SteamApps\\louissnauwaert\\condition zero\\hl.exe"= "F:\\Program Files\\Steam\\SteamApps\\louissnauwaert\\counter-strike\\hl.exe"= "F:\\Program Files\\LimeWire\\LimeWire.exe"= "F:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"= "F:\\Program Files\\Wolfenstein - Enemy Territory\\ETDED.exe"= "F:\\Program Files\\Xfire\\xfire.exe"= "F:\\Program Files\\Hamachi\\hamachi.exe"= "F:\\Program Files\\Steam\\SteamApps\\louissnauwaert\\dedicated server\\hlds.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"= "F:\\Program Files\\Steam\\Steam.exe"= "F:\\Program Files\\iTunes\\iTunes.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R2 fssfltr;FssFltr;C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2007-10-17 13:53] R2 fsssvc;Windows Live OneCare Family Safety;"C:\Program Files\Windows Live\Family Safety\fsssvc.exe" [2007-10-17 13:53] R2 NMSSvc;Intel® NMS;C:\WINDOWS\System32\NMSSvc.exe [2002-03-04 10:35] R3 genmcmn;Genius NetScroll Optical Mouse Driver;C:\WINDOWS\system32\DRIVERS\gmfiltr.sys [2001-09-21 15:58] R3 NMSCFG;NIC Management Service Configuration Driver;C:\WINDOWS\system32\drivers\NMSCFG.SYS [2002-03-04 10:35] R3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0);C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2003-06-27 04:08] S2 X4HSX32;X4HSX32;C:\Program Files\EXEtender\X4HSX32.Sys [] S3 mdxgthkn;mdxgthkn;C:\DOCUME~1\ADMINI~1.COM\LOCALS~1\Temp\mdxgthkn.sys [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \Shell\AutoRun\command - E:\Teaser.EXE *Newly Created Service* - FSSFLTR *Newly Created Service* - FSSSVC *Newly Created Service* - NMSCFG *Newly Created Service* - USNJSVC *Newly Created Service* - WLSETUPSVC . Inhoud van de 'Gedeelde Taken' map "2008-03-21 21:00:00 C:\WINDOWS\Tasks\AC2171A49036EB64.job" - c:\docume~1\admini~1.com\applic~1\defaul~1\TRAYFLAWSKIP.exe "2008-02-28 13:57:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2008-03-21 21:14:01 C:\WINDOWS\Tasks\Controleren op updates voor Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-21 22:44:25 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2008-03-21 22:45:25 ComboFix-quarantined-files.txt 2008-03-21 21:45:10 ComboFix2.txt 2008-03-21 14:52:58 . 2008-03-21 08:52:15 --- E O F --- HJT-log: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 22:52:02, on 21/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\NMSSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Live\installer\WLSetupSvc.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\Mixer.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\QuickTime\QTTask.exe F:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Live\Family Safety\fssui.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Louis.COMPUTER.000\Bureaublad\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [OM_Monitor] F:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sDFix] F:\SDFix\RunThis.bat /second O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [OM_Monitor] F:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - Add to Windows Live Favorites O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O16 - DPF: Dexia Netbanking - Net Banking - R.I.P. O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emilesnauwaertdebeste.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - www.9lives.be | 9lives O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1142026486500 O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - file://E:\Setup\tsccinst.cab O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://express.foto.com/activeX/newUploadFotoCom.CAB O16 - DPF: {8E7E8EAE-71FF-11D3-B4D2-0060086460F0} (ElementMisterCash1 Class) - http://pay.banxafe.be/cab/ElementMisterCash.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {AE775D48-49AA-11D1-8F1C-00C04FB67063} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v5/ticker.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.7) - http://gameadvisor.futuremark.com/global/msc37.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?312 O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) - http://fdl.msn.com/public/investor/v13/ticker.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 11556 bytes
  5. Quiache
    Heb alles (correct) uitgevoerd denk ik . Combofix log: ComboFix 08-03-20.5 - Louis 2008-03-21 15:48:40.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.438 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Louis.COMPUTER.000\Bureaublad\ComboFix.exe * Nieuw herstelpunt werd aangemaakt WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316 C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\FindIt.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\FindItHot.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\findithotxp.png C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\finditxp.png C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\Highlight.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\HighlightHot.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\highlighthotxp.png C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\highlightxp.png C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\logo.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\logoxp.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\Reference.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\ReferenceHot.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\referencehotxp.png C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\referencexp.png C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\screensaver.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\Screensavers0.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\Weather.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\weatherhotxp.png C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\buttons\weatherxp.png C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\contexts\error.xml C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\contexts\related.xml C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\contexts\Travel.xml C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\Games\images\active\Games0.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\images\walertXP.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\Movies\images\active\Movies0.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\SimpleUpdate\ProductMessagingConfig.xml C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\SimpleUpdate\ProductMessagingConfig.xml.backup C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\SimpleUpdate\SimpleUpdateConfig.xml C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\SimpleUpdate\SimpleUpdateConfig.xml.backup C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\SimpleUpdate\TimerManagerConfig.xml C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\SimpleUpdate\TimerManagerConfig.xml.backup C:\Documents and Settings\All Users.WINDOWS\Application Data\Starware316\U01BD397A.exe C:\Documents and Settings\kurt\Application Data\Starware316 C:\Documents and Settings\kurt\Application Data\Starware316\BrowserSearch\BrowserSearch.xml C:\Documents and Settings\kurt\Application Data\Starware316\BrowserSearch\BrowserSearch.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\Configurator\Configurator.xml C:\Documents and Settings\kurt\Application Data\Starware316\Configurator\Configurator.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\ErrorSearch\ErrorSearchOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\ErrorSearch\ErrorSearchOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\Games\GamesOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\Games\GamesOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\Layouts\ToolbarLayout.xml C:\Documents and Settings\kurt\Application Data\Starware316\Layouts\ToolbarLayout.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\Manager\ManagerOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\Manager\ManagerOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\Movies\MoviesOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\Movies\MoviesOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\Reference\ReferenceOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\Reference\ReferenceOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\RelatedSearch\RelatedSearchOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\RelatedSearch\RelatedSearchOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\Screensavers\ScreensaversOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\Screensavers\ScreensaversOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\SearchAssistPlus\SearchAssistPlusOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\SearchAssistPlus\SearchAssistPlusOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\SearchMatch\SearchMatchOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\SearchMatch\SearchMatchOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\Toolbar\TBProductsOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\Toolbar\TBProductsOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\ToolbarLogo\ToolbarLogoOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\ToolbarLogo\ToolbarLogoOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\ToolbarSearch\ToolbarSearchOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\ToolbarSearch\ToolbarSearchOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\TravelSearch\TravelSearchOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\TravelSearch\TravelSearchOptions.xml.backup C:\Documents and Settings\kurt\Application Data\Starware316\Weather\AlertArchive.xml C:\Documents and Settings\kurt\Application Data\Starware316\Weather\WeatherOptions.xml C:\Documents and Settings\kurt\Application Data\Starware316\Weather\WeatherOptions.xml.backup C:\Program Files\inetget2 C:\Program Files\PopsMedia Site Adviser C:\Program Files\spycrush 3.2 C:\Program Files\spycrush 3.2\ignored.lst C:\Program Files\spycrush 3.2\sd.ini C:\WINDOWS\system32\f3PSSavr.scr . (((((((((((((((((((( Bestanden Gemaakt van 2008-02-21 to 2008-03-21 )))))))))))))))))))))))))))))) . 2008-03-21 14:59 . 2008-03-21 14:59 <DIR> d-------- C:\WINDOWS\ERUNT 2008-03-21 14:27 . 2008-03-21 15:12 <DIR> dr-h-c--- C:\Documents and Settings\kurt.COMPUTER\Onlangs geopend 2008-03-20 22:48 . 2008-03-21 15:43 <DIR> dr-h----- C:\Documents and Settings\Louis.COMPUTER.000\Onlangs geopend 2008-03-15 23:05 . 2008-03-15 23:05 9,296 --a------ C:\WINDOWS\system32\bhlnwl.exe 2008-03-12 20:35 . 2008-03-12 20:35 <DIR> d-------- C:\Program Files\Yahoo! 2008-03-09 20:48 . 2008-03-09 20:48 <DIR> d-------- C:\Program Files\Microsoft Silverlight 2008-03-09 16:57 . 2006-03-24 05:40 49,152 --a------ C:\WINDOWS\system32\SET10.tmp 2008-03-09 16:48 . 2008-03-09 17:03 <DIR> d-------- C:\WINDOWS\system32\nl-nl . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-21 12:58 --------- dc----w C:\Documents and Settings\kurt.COMPUTER\Application Data\AVG7 2008-03-21 12:51 --------- dc----w C:\Documents and Settings\Louis.COMPUTER.000\Application Data\AVG7 2008-03-19 18:04 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion 2008-03-13 20:10 --------- dc----w C:\Documents and Settings\Louis.COMPUTER.000\Application Data\LimeWire 2008-03-12 19:35 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2008-02-28 18:23 --------- dc----w C:\Documents and Settings\kurt.COMPUTER\Application Data\Apple Computer 2008-02-20 16:03 --------- d-----w C:\Program Files\Mindscape 2008-02-19 20:16 --------- dc----w C:\Documents and Settings\Louis.COMPUTER.000\Application Data\Apple Computer 2008-02-17 08:53 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-06 21:01 --------- d-----w C:\Program Files\Image-Line 2008-02-06 15:33 737,280 ----a-w C:\WINDOWS\iun6002.exe 2008-02-06 15:33 --------- d-----w C:\Program Files\Replay Converter 2008-02-04 11:04 --------- d-----w C:\Program Files\iPod 2008-02-04 11:02 --------- d-----w C:\Program Files\QuickTime 2008-01-20 12:58 72,192 ----a-w C:\WINDOWS\cadkasdeinst01e.exe 2007-11-11 17:24 1,062 ----a-w C:\Program Files\uninstal.log 2007-10-04 09:32 2,515,576 ------w C:\WINDOWS\inf\SET46.tmp 2007-10-04 09:32 2,515,576 ------w C:\WINDOWS\inf\SET42.tmp 2007-02-10 09:34 33,664 -c--a-w C:\Documents and Settings\kurt\Application Data\GDIPFONTCACHEV1.DAT 2006-12-30 14:54 33,664 -c--a-w C:\Documents and Settings\Louis.COMPUTER.000\Application Data\GDIPFONTCACHEV1.DAT 2001-11-23 12:08 712,704 -c----w C:\WINDOWS\inf\OTHER\audio3d.dll 2007-03-09 08:12 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{DF4E7A0C-E233-4906-B4C1-A404356541FF}"= C:\Program Files\Video ActiveX Access\iesbpl.dll [ ] [HKEY_CLASSES_ROOT\clsid\{df4e7a0c-e233-4906-b4c1-a404356541ff}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="~C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ] "OM_Monitor"="F:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2006-05-16 16:51 57344] "Comrade.exe"="C:\Program Files\GameSpy\Comrade\Comrade.exe" [2007-05-27 03:19 36864] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-06-21 19:50 172032] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2005-01-12 13:54 241664] "C-Media Mixer"="Mixer.exe" [2002-10-15 18:00 1818624 C:\WINDOWS\mixer.exe] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-20 08:48 579072] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 09:03 110592 C:\WINDOWS\system32\bthprops.cpl] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "OM_Monitor"="F:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2006-05-16 16:50 40960] "Adobe Photo Downloader"="F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 10:09 63712] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024] "iTunesHelper"="F:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048] "Adobe Reader Speed Launcher"="F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "SDFix"="F:\SDFix\RunThis.bat /second" [ ] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-24 13:55 219136] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf] avgwlntf.dll 2007-03-31 09:29 9216 C:\WINDOWS\system32\avgwlntf.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Internet Explorer\\iexplore.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\Common Files\\PocketSoft\\RTPatch\\AutoRTP\\artpschd.exe"= "F:\\Program Files\\Steam\\SteamApps\\louissnauwaert\\condition zero\\hl.exe"= "F:\\Program Files\\Steam\\SteamApps\\louissnauwaert\\counter-strike\\hl.exe"= "F:\\Program Files\\LimeWire\\LimeWire.exe"= "F:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"= "F:\\Program Files\\Wolfenstein - Enemy Territory\\ETDED.exe"= "F:\\Program Files\\Xfire\\xfire.exe"= "F:\\Program Files\\Hamachi\\hamachi.exe"= "F:\\Program Files\\Steam\\SteamApps\\louissnauwaert\\dedicated server\\hlds.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"= "F:\\Program Files\\Steam\\Steam.exe"= "F:\\Program Files\\iTunes\\iTunes.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R2 NMSSvc;Intel® NMS;C:\WINDOWS\System32\NMSSvc.exe [2002-03-04 10:35] R3 genmcmn;Genius NetScroll Optical Mouse Driver;C:\WINDOWS\system32\DRIVERS\gmfiltr.sys [2001-09-21 15:58] R3 NMSCFG;NIC Management Service Configuration Driver;C:\WINDOWS\system32\drivers\NMSCFG.SYS [2002-03-04 10:35] R3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0);C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2003-06-27 04:08] S2 X4HSX32;X4HSX32;C:\Program Files\EXEtender\X4HSX32.Sys [] S3 mdxgthkn;mdxgthkn;C:\DOCUME~1\ADMINI~1.COM\LOCALS~1\Temp\mdxgthkn.sys [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \Shell\AutoRun\command - E:\Teaser.EXE *Newly Created Service* - NMSCFG . Inhoud van de 'Gedeelde Taken' map "2008-03-21 13:00:00 C:\WINDOWS\Tasks\AC2171A49036EB64.job" - c:\docume~1\admini~1.com\applic~1\defaul~1\TRAYFLAWSKIP.exe "2008-02-28 13:57:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-21 15:51:56 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2008-03-21 15:52:57 ComboFix-quarantined-files.txt 2008-03-21 14:52:36 . 2008-03-21 08:52:15 --- E O F --- HJT-log : Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 15:54:50, on 21/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\NMSSvc.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\Mixer.exe F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\QuickTime\QTTask.exe F:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Louis.COMPUTER.000\Bureaublad\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [OM_Monitor] F:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sDFix] F:\SDFix\RunThis.bat /second O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [OM_Monitor] F:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O16 - DPF: Dexia Netbanking - Net Banking - R.I.P. O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emilesnauwaertdebeste.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - www.9lives.be | 9lives O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1142026486500 O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - file://E:\Setup\tsccinst.cab O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://express.foto.com/activeX/newUploadFotoCom.CAB O16 - DPF: {8E7E8EAE-71FF-11D3-B4D2-0060086460F0} (ElementMisterCash1 Class) - http://pay.banxafe.be/cab/ElementMisterCash.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {AE775D48-49AA-11D1-8F1C-00C04FB67063} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v5/ticker.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.7) - http://gameadvisor.futuremark.com/global/msc37.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?312 O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) - http://fdl.msn.com/public/investor/v13/ticker.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Messenger USN Journal Reader service voor Gedeelde mappen (usnjsvc) - Unknown owner - C:\Program Files\MSN Messenger\usnsvc.exe (file missing) -- End of file - 10656 bytes BEDANKT!
  6. Quiache
    Bedankt, heb daarnet eventjes je vorige goede raad opnieuw gedaan op een andere acount op mijn computer en het is mij gelukt om services.exe te verwijderen, BEDAnkt ; Mijn HJT-log nu : Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 15:42:31, on 21/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\NMSSvc.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\Mixer.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\QuickTime\QTTask.exe F:\Program Files\iTunes\iTunesHelper.exe F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Louis.COMPUTER.000\Bureaublad\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Starware - R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing) R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\LOUISC~1.000\LOCALS~1\Temp\services.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [OM_Monitor] F:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sDFix] F:\SDFix\RunThis.bat /second O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [OM_Monitor] F:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O16 - DPF: Dexia Netbanking - Net Banking - R.I.P. O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emilesnauwaertdebeste.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - www.9lives.be | 9lives O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1142026486500 O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - file://E:\Setup\tsccinst.cab O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://express.foto.com/activeX/newUploadFotoCom.CAB O16 - DPF: {8E7E8EAE-71FF-11D3-B4D2-0060086460F0} (ElementMisterCash1 Class) - http://pay.banxafe.be/cab/ElementMisterCash.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {AE775D48-49AA-11D1-8F1C-00C04FB67063} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v5/ticker.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.7) - http://gameadvisor.futuremark.com/global/msc37.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?312 O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) - http://fdl.msn.com/public/investor/v13/ticker.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Messenger USN Journal Reader service voor Gedeelde mappen (usnjsvc) - Unknown owner - C:\Program Files\MSN Messenger\usnsvc.exe (file missing) -- End of file - 11676 bytes Ga nu dat combofix doen:) Alvast bedankt.
  7. Quiache
    Heb alles gedaan, maar wanneer ik de pc heropstarte, starte het tooltje niet opnieuw en kreeg ik geen melding met Finshed. Ook moest ik op niets meer drukken en het is niet bewaart is Report.txt. Wel heb ik iets niews op mijn bureaublad, misschien is dit hetzelfde met een andere naam? Namelijk Catchme.log? Catchme.log: catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-21 15:00:54 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden files ... IPC error: 2 Het systeem kan het opgegeven bestand niet vinden. scan completed successfully hidden files: 0 HJT log: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 15:12:39, on 21/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\NMSSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\Mixer.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\QuickTime\QTTask.exe F:\Program Files\iTunes\iTunesHelper.exe F:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe C:\Documents and Settings\kurt.COMPUTER\Bureaublad\HiJackThis_v2.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Starware - R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\LOUISC~1.000\LOCALS~1\Temp\services.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [OM_Monitor] F:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sDFix] F:\SDFix\RunThis.bat /second O4 - HKLM\..\Run: [Flash Media] C:\DOCUME~1\LOUISC~1.000\LOCALS~1\Temp\services.exe O4 - HKCU\..\Run: [OM_Monitor] F:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe O4 - HKCU\..\Run: [Picasa Media Detector] F:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O16 - DPF: Dexia Netbanking - Net Banking - R.I.P. O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emilesnauwaertdebeste.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - www.9lives.be | 9lives O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1142026486500 O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - file://E:\Setup\tsccinst.cab O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://express.foto.com/activeX/newUploadFotoCom.CAB O16 - DPF: {8E7E8EAE-71FF-11D3-B4D2-0060086460F0} (ElementMisterCash1 Class) - http://pay.banxafe.be/cab/ElementMisterCash.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {AE775D48-49AA-11D1-8F1C-00C04FB67063} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v5/ticker.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.7) - http://gameadvisor.futuremark.com/global/msc37.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?312 O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) - http://fdl.msn.com/public/investor/v13/ticker.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Messenger USN Journal Reader service voor Gedeelde mappen (usnjsvc) - Unknown owner - C:\Program Files\MSN Messenger\usnsvc.exe (file missing) -- End of file - 11118 bytes
  8. Quiache
    Sinds kort zit ik met een msn virus, namelijk services.exe Ik heb al enkele logjes bekeken , maar geraak er niet veel wijser van . Maar dat is niet mijn enigste probleem. Soms als ik mij afmeld start mijn computer opnieuw op en hij is ook veel trager dan vroeger, ik ben er vast en zeker van overtuigd dat ik met onnodige dingen op mijn pc sta. Graag zou ik eerst mijn msn virus weg krijgen , en als het mogelijk is , zou ik dan graag ook mijn pc weer optimaal krijgen; Hier alvast een hijackthis logje: (lekker lang :S) Dankje. Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 13:25:12, on 21/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\Mixer.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\QuickTime\QTTask.exe F:\Program Files\iTunes\iTunesHelper.exe F:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe C:\PROGRA~1\Grisoft\AVG7\avgwa.dat C:\Program Files\Mozilla Firefox\firefox.exe F:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Documents and Settings\kurt.COMPUTER\Bureaublad\HiJackThis_v2.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Starware - R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\LOUISC~1.000\LOCALS~1\Temp\services.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing) O2 - BHO: (no name) - {CDE8EAB9-CEF3-4885-B12F-26960A25C800} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing) O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing) O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [OM_Monitor] F:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Flash Media] C:\DOCUME~1\LOUISC~1.000\LOCALS~1\Temp\services.exe O4 - HKCU\..\Run: [OM_Monitor] F:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe O4 - HKCU\..\Run: [Picasa Media Detector] F:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O16 - DPF: Dexia Netbanking - Net Banking - R.I.P. O16 - DPF: RaptisoftGameLoader - http://www.raptisoft.com/webgames/raptisoftgameloader.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emilesnauwaertdebeste.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - www.9lives.be | 9lives O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1142026486500 O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - file://E:\Setup\tsccinst.cab O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://express.foto.com/activeX/newUploadFotoCom.CAB O16 - DPF: {8E7E8EAE-71FF-11D3-B4D2-0060086460F0} (ElementMisterCash1 Class) - http://pay.banxafe.be/cab/ElementMisterCash.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {AE775D48-49AA-11D1-8F1C-00C04FB67063} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v5/ticker.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.7) - http://gameadvisor.futuremark.com/global/msc37.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?312 O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) - http://fdl.msn.com/public/investor/v13/ticker.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab O18 - Protocol: bw+0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw+0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw-0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw-0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw00 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw00s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw10 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw10s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw20 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw20s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw30 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw30s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw40 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw40s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw50 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw50s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw60 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw60s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw70 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw70s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw80 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw80s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw90 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw90s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwa0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwa0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwb0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwb0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwc0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwc0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwd0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwd0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwe0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwe0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwf0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwf0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwg0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwg0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwh0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwh0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwi0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwi0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwj0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwj0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwk0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwk0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwl0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwl0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwm0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwm0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwn0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwn0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwo0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwo0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwp0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwp0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwq0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwq0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwr0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwr0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bws0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bws0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwt0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwt0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwu0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwu0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwv0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwv0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bww0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bww0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwx0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwx0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwy0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwy0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwz0 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwz0s - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: offline-8876480 - {86383B70-83B7-4914-9804-DFEC9C2653C4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: biographers - {e7aff349-39e1-4a96-a13d-24983440b44a} - C:\WINDOWS\system32\xikor.dll (file missing) O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Messenger USN Journal Reader service voor Gedeelde mappen (usnjsvc) - Unknown owner - C:\Program Files\MSN Messenger\usnsvc.exe (file missing) -- End of file - 25510 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.