Erwtje69
Lid-
Items
24 -
Registratiedatum
-
Laatst bezocht
Over Erwtje69
- Verjaardag 09-05-1959
Erwtje69's prestaties
-
Behalve dat dat venster voor systeemconfiguratie hier elke keer op het scherm staat bij het opstarten van deze pc ,is alle ok,Fake. Ook al staat er een vinkje bij :dit scherm de volgend keer niet meer tonen...of zo iets indien aard,toch komt het bij elke opstart te voorschijn,zelfs al is alles aangevinkt om mee op te starten. Dit is namelijk mijn tweede desktop computer die hier op mijn slaapkamer staat. De computer die dmv.uw hulp ,verleden week in orde is gebracht is nog altijd dik in orde,Fake. MVg.Erwtje69
-
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:20:25, on 2/03/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Mio Technology\MioSync\mioSync.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zita portaal | Nieuws | Entertainment | Lifestyle | Fun | Business R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\RunOnce: [Google Updater] C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: MioSync.lnk = C:\Program Files\Mio Technology\MioSync\mioSync.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.nl/downloads/BUM/BUM_WIN_IE_2/axofupld.cab O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.eu.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 8160 bytes
-
[OPGELOST] het venster hulprogramma voor systeemconfiguratie"
Erwtje69 reageerde op Erwtje69's topic in Archief Windows Algemeen
Ok ,Fake, heb alle punten overlopen en met succes uitgevoerd. Alles ziet er nog goed uit. Nogmaals bedankt voor uw hulp vanwege Erwtje69. Ps: U mag van mij deze discussie als :"opgelost" publiceren,hoor. Bye -
[OPGELOST] het venster hulprogramma voor systeemconfiguratie"
Erwtje69 reageerde op Erwtje69's topic in Archief Windows Algemeen
Ziet er tot nu toe allemaal goed uit,Fake. Hopelijk blijft deze computer zich nu een tijdje deftig gedragen,he. Alvast hartelijk dank voor al die spontane hulp. Eingelijk zou ik dat ook wel willen kunnen ,ik bedoel dat werken met combo-fix ,Hijackthis logjes ontleden,enz. Maar waar leer je nu zo iets ,he?? Geen idee van. U wel??? Enfin,nogmaal bedankt,hoor. Mvg.Erwtje69 -
[OPGELOST] het venster hulprogramma voor systeemconfiguratie"
Erwtje69 reageerde op Erwtje69's topic in Archief Windows Algemeen
Fake, ik heb ontdekt dat wanneer ik beide logjes elk appart op deze site post,dat dat geen problemen geeft. Wanneer ik ze beiden terzelfdertijd ,dus in één -en dezelfde post, hier post,ik steevast de melding :"de pagina kan niet weergegeven worden" ,krijg ,waarschijnlijk omdat de time -out telkens is verstreken,want het duurt een tijdje alvorens die pagina met die foutmelding op de proppen komt. Of is er hier een limiet ingesteld qua groote van geposte bestanden?? Alvast bedankt. Ben al blij dat het mij na drie of vier keer proberen te posten het mij uiteindelijk toch weer gelukt is. mvg.Erwtje69 -
[OPGELOST] het venster hulprogramma voor systeemconfiguratie"
Erwtje69 reageerde op Erwtje69's topic in Archief Windows Algemeen
ComboFix 09-02-21.01 - Erwtje 2009-02-24 13:21:49.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.2048.1503 [GMT 1:00] Gestart vanuit: c:\documents and settings\Erwtje\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Erwtje\Bureaublad\CFScript.txt AV: avast! antivirus 4.8.1335 [VPS 090223-0] *On-access scanning disabled* (Updated) AV: Trend Micro Internet Security *On-access scanning disabled* (Updated) FW: COMODO Firewall Pro *disabled* FW: Trend Micro Personal Firewall *disabled* * Nieuw herstelpunt werd aangemaakt FILE :: c:\windows\system32\{BDA126A1-7D91-4638-B52F-49D9E6F6F87E}.dat c:\windows\system32\3AA45Enp.exe c:\windows\Tasks\At1.job c:\windows\Tasks\At10.job c:\windows\Tasks\At11.job c:\windows\Tasks\At12.job c:\windows\Tasks\At13.job c:\windows\Tasks\At14.job c:\windows\Tasks\At15.job c:\windows\Tasks\At16.job c:\windows\Tasks\At17.job c:\windows\Tasks\At18.job c:\windows\Tasks\At19.job c:\windows\Tasks\At2.job c:\windows\Tasks\At20.job c:\windows\Tasks\At21.job c:\windows\Tasks\At22.job c:\windows\Tasks\At23.job c:\windows\Tasks\At24.job c:\windows\Tasks\At3.job c:\windows\Tasks\At4.job c:\windows\Tasks\At5.job c:\windows\Tasks\At6.job c:\windows\Tasks\At7.job c:\windows\Tasks\At8.job c:\windows\Tasks\At9.job c:\windows\wpd99.drv . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\RECYCLER(2) c:\recycler(2)\S-1-5-21-1004336348-583907252-839522115-1004(2)\INFO2 C:\RECYCLER(3) c:\recycler(3)\S-1-5-21-1004336348-583907252-839522115-1004(2)\INFO2 c:\windows\system32\{BDA126A1-7D91-4638-B52F-49D9E6F6F87E}.dat c:\windows\Tasks\At1.job c:\windows\Tasks\At10.job c:\windows\Tasks\At11.job c:\windows\Tasks\At12.job c:\windows\Tasks\At13.job c:\windows\Tasks\At14.job c:\windows\Tasks\At15.job c:\windows\Tasks\At16.job c:\windows\Tasks\At17.job c:\windows\Tasks\At18.job c:\windows\Tasks\At19.job c:\windows\Tasks\At2.job c:\windows\Tasks\At20.job c:\windows\Tasks\At21.job c:\windows\Tasks\At22.job c:\windows\Tasks\At23.job c:\windows\Tasks\At24.job c:\windows\Tasks\At3.job c:\windows\Tasks\At4.job c:\windows\Tasks\At5.job c:\windows\Tasks\At6.job c:\windows\Tasks\At7.job c:\windows\Tasks\At8.job c:\windows\Tasks\At9.job c:\windows\wpd99.drv . (((((((((((((((((((( Bestanden Gemaakt van 2009-01-24 to 2009-02-24 )))))))))))))))))))))))))))))) . 2009-02-23 21:33 . 2009-02-23 21:33 <DIR> d-------- c:\windows\system32\beidpp 2009-02-23 21:33 . 2009-02-23 21:33 <DIR> d-------- c:\program files\Uniblue 2009-02-23 21:33 . 2009-02-24 13:19 <DIR> d--hs---- c:\documents and settings\Erwtje\Onlangs geopend 2009-02-23 21:33 . 2009-02-23 21:33 <DIR> d-------- c:\documents and settings\Erwtje\Bluetooth Software 2009-02-23 16:14 . 2009-02-23 21:33 <DIR> d-------- c:\program files\Belgium Identity Card 2009-02-23 14:29 . 2009-02-23 21:33 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{38E672D5-1F19-4A24-BA49-04BE4A4DBCAE} 2009-02-22 18:19 . 2007-03-31 06:02 876,384 --a------ c:\windows\system32\drivers\btkrnl.sys 2009-02-22 18:19 . 2007-03-23 03:49 539,072 --a------ c:\windows\system32\drivers\btaudio.sys 2009-02-22 18:19 . 2007-03-23 03:50 149,123 --a------ c:\windows\system32\drivers\btwdndis.sys 2009-02-22 18:19 . 2007-03-31 06:02 55,352 --a------ c:\windows\system32\drivers\btwhid.sys 2009-02-22 18:19 . 2007-03-23 03:50 37,424 --a------ c:\windows\system32\drivers\btport.sys 2009-02-22 18:08 . 2007-03-23 03:50 106,557 -ra------ c:\windows\system32\btw_ci.dll 2009-02-22 18:08 . 2007-03-23 03:50 67,960 --a------ c:\windows\system32\drivers\btwusb.sys 2009-02-22 00:58 . 2009-02-22 00:58 <DIR> d-------- c:\program files\WIDCOMM 2009-02-21 16:42 . 2009-02-21 16:42 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\Ashampoo 2009-02-21 16:27 . 2009-02-21 16:27 103,424 --a------ c:\windows\system32\PowerUp3_nat.dll 2009-02-20 22:06 . 2009-02-20 22:07 <DIR> d-------- c:\program files\PDFCreator 2009-02-20 22:06 . 2001-10-28 17:42 116,224 --a------ c:\windows\system32\pdfcmnnt.dll 2009-02-20 21:50 . 2006-11-30 22:24 86,016 --a------ c:\windows\system32\custmon32.dll 2009-02-20 20:44 . 2009-02-20 20:44 <DIR> d--h----- c:\windows\system32\CanonMP Uninstaller Information 2009-02-20 20:43 . 2009-02-20 20:43 <DIR> d--h----- C:\CanonMP 2009-02-19 17:37 . 2009-02-19 17:37 <DIR> d--h----- c:\documents and settings\All Users\Application Data\CanonBJ 2009-02-18 21:14 . 2009-02-18 21:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\pdf995 2009-02-18 21:14 . 2009-02-18 21:21 249,856 --a------ c:\windows\system32\pdfmona.dll 2009-02-18 21:14 . 2009-02-18 21:21 51,716 --a------ c:\windows\system32\pdf995mon.dll 2009-02-18 21:13 . 2009-02-20 21:09 <DIR> d-------- C:\pdf995 2009-02-15 18:07 . 2009-02-15 18:07 <DIR> d-------- c:\program files\Microsoft SQL Server Compact Edition 2009-02-15 16:03 . 2009-02-20 20:51 0 --a------ c:\windows\system32\PDFtypewriter 2009-02-15 14:26 . 2009-02-15 14:26 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\CTdeveloping 2009-02-15 14:26 . 2009-02-15 14:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\CTdeveloping 2009-02-14 17:25 . 2009-02-14 17:25 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2009-02-14 17:14 . 2009-02-20 21:59 <DIR> d-------- c:\program files\Capsoft 2009-02-14 16:10 . 2009-02-14 16:10 <DIR> d-------- C:\MIR 2009-02-14 14:44 . 2009-02-14 14:44 <DIR> d-------- c:\program files\Multiple Image Resizer .NET 2009-02-12 00:11 . 2008-05-02 14:30 465,920 --------- c:\windows\system32\imapi2fs.dll 2009-02-12 00:11 . 2008-05-02 14:30 465,920 -----c--- c:\windows\system32\dllcache\imapi2fs.dll 2009-02-12 00:11 . 2008-05-02 14:30 317,952 --------- c:\windows\system32\imapi2.dll 2009-02-12 00:11 . 2008-05-02 14:30 317,952 -----c--- c:\windows\system32\dllcache\imapi2.dll 2009-02-12 00:11 . 2008-05-02 11:49 62,976 -----c--- c:\windows\system32\dllcache\cdrom.sys 2009-02-12 00:10 . 2008-04-17 05:59 407,040 -----c--- c:\windows\system32\dllcache\netlogon.dll 2009-02-12 00:10 . 2008-04-17 05:59 344,576 -----c--- c:\windows\system32\dllcache\localspl.dll 2009-02-12 00:10 . 2008-04-17 05:59 176,128 -----c--- c:\windows\system32\dllcache\w32time.dll 2009-02-12 00:10 . 2008-04-17 05:59 134,144 -----c--- c:\windows\system32\dllcache\wkssvc.dll 2009-02-12 00:10 . 2008-05-05 12:07 132,608 -----c--- c:\windows\system32\dllcache\msv1_0.dll 2009-02-12 00:10 . 2008-04-17 05:59 113,664 -----c--- c:\windows\system32\dllcache\dsuiext.dll 2009-02-12 00:10 . 2008-04-17 05:59 68,096 -----c--- c:\windows\system32\dllcache\ntdsapi.dll 2009-02-12 00:07 . 2009-02-12 00:07 <DIR> d-------- c:\program files\Dir2File 2009-02-12 00:06 . 2004-12-09 08:17 61,440 --a------ c:\windows\ContextMenuExt.dll 2009-02-12 00:05 . 2007-07-10 20:27 40,960 --a------ c:\windows\system32\SSUBTMR6.DLL 2009-02-11 23:50 . 2007-10-07 11:27 10,752 --a------ c:\windows\system32\aamd532.dll 2009-02-07 18:04 . 2009-02-07 18:04 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\Kodak 2009-02-07 18:03 . 2009-02-07 18:03 <DIR> d-------- c:\program files\Kodak 2009-02-06 20:35 . 2009-02-06 20:35 <DIR> d-------- c:\program files\BatchPhoto 2009-02-04 23:16 . 2009-02-04 23:17 <DIR> d-------- c:\program files\Photobie 2009-02-02 13:31 . 2009-02-02 13:31 360,448 --a------ c:\windows\system32\beid35applayer.dll 2009-02-02 13:31 . 2009-02-02 13:31 86,016 --a------ c:\windows\system32\Belgium Identity Card PKCS11.dll 2009-02-02 13:31 . 2009-02-02 13:31 86,016 --a------ c:\windows\system32\beidpkcs11.dll 2009-02-02 13:31 . 2009-02-02 13:31 69,632 --a------ c:\windows\system32\beidCSPlib.dll 2009-02-02 13:30 . 2009-02-02 13:30 262,144 --a------ c:\windows\system32\beid35DlgsWin32.dll 2009-02-02 13:30 . 2009-02-02 13:30 192,512 --a------ c:\windows\system32\beid35cardlayer.dll 2009-02-02 13:30 . 2009-02-02 13:30 122,880 --a------ c:\windows\system32\beid35common.dll 2009-02-02 13:29 . 2009-02-02 13:29 200,704 --a------ c:\windows\system32\eidlib.dll 2009-02-02 13:29 . 2009-02-02 13:29 200,704 --a------ c:\windows\system32\beidlib.dll 2009-01-24 00:21 . 2009-01-24 00:21 <DIR> d-------- c:\program files\CDBurnerXP 2009-01-24 00:21 . 2009-01-24 00:21 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\Canneverbe_Limited . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-24 08:47 0 ----a-w c:\windows\system32\drivers\lvuvc.hs 2009-02-24 08:47 0 ----a-w c:\windows\system32\drivers\logiflt.iad 2009-02-23 21:56 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-02-23 20:33 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-02-23 15:13 33,536 ----a-w c:\windows\system32\drivers\a38usb.sys 2009-02-23 15:13 110,592 ----a-w c:\windows\system32\usbr38.dll 2009-02-23 13:32 --------- d-----w c:\documents and settings\Erwtje\Application Data\Uniblue 2009-02-21 15:26 --------- d-----w c:\program files\Ashampoo 2009-02-20 20:44 --------- d-----w c:\program files\PDFCreator Toolbar 2009-02-20 19:48 --------- d-----w c:\documents and settings\Erwtje\Application Data\Canon 2009-02-19 21:59 --------- d-----w c:\program files\Common Files\ScanSoft Shared 2009-02-19 21:57 --------- d-----w c:\program files\Canon 2009-02-18 20:31 --------- d-----w c:\documents and settings\Erwtje\Application Data\MSN6 2009-02-17 21:42 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-02-15 16:34 --------- d-----w c:\program files\Common Files\Symantec Shared 2009-02-15 16:32 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-02-15 15:09 --------- d-----w c:\program files\Common Files\Adobe 2009-02-14 17:20 --------- d-----w c:\documents and settings\All Users\Application Data\ACD Systems 2009-02-14 16:08 --------- d-----w c:\program files\Foxit Software 2009-02-14 13:44 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-11 23:08 --------- d-----w c:\program files\MSECache 2009-02-11 09:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-11 09:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-02-07 22:20 --------- d-----w c:\documents and settings\Erwtje\Application Data\XnView 2009-01-13 14:44 --------- d-----w c:\program files\CCleaner 2009-01-13 14:23 --------- d-----w c:\program files\PC Tune-Up 2009-01-05 22:33 3,751,995 ----a-w c:\windows\system32\GPhotos.scr 2008-12-29 18:58 --------- d-----w c:\documents and settings\Erwtje\Application Data\Malwarebytes 2008-12-29 18:58 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-20 23:03 826,368 ----a-w c:\windows\system32\wininet.dll 2008-07-27 20:53 47,360 ----a-w c:\documents and settings\Erwtje\Application Data\pcouffin.sys 2008-05-07 21:24 14,290 ----a-w c:\program files\settings.dat 2008-01-30 19:05 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLec.DAT 2008-01-30 19:05 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLds.DAT 2005-08-25 20:00 48,128 ----a-w c:\documents and settings\LocalService\cnmss Canon MP500 Series Printer (Local).dll 2005-08-25 20:00 48,128 ----a-w c:\documents and settings\Erwtje\cnmss Canon MP500 Series Printer (Local).dll 2008-04-19 20:14 67,696 ----a-w c:\program files\mozilla firefox\components\jar50.dll 2008-04-19 20:14 54,376 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll 2008-04-19 20:14 34,952 ----a-w c:\program files\mozilla firefox\components\myspell.dll 2008-04-19 20:14 46,720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll 2008-04-19 20:14 172,144 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll 2008-10-12 21:09 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008101220081013\index.dat . ((((((((((((((((((((((((((((( SnapShot@2009-02-23_21.50.22.15 ))))))))))))))))))))))))))))))))))))))))) . - 2009-02-23 20:40:02 60,760 ----a-w c:\windows\system32\perfc009.dat + 2009-02-24 08:52:17 60,760 ----a-w c:\windows\system32\perfc009.dat - 2009-02-23 20:40:02 79,912 ----a-w c:\windows\system32\perfc013.dat + 2009-02-24 08:52:17 79,912 ----a-w c:\windows\system32\perfc013.dat - 2009-02-23 20:40:02 400,600 ----a-w c:\windows\system32\perfh009.dat + 2009-02-24 08:52:17 400,600 ----a-w c:\windows\system32\perfh009.dat - 2009-02-23 20:40:02 465,120 ----a-w c:\windows\system32\perfh013.dat + 2009-02-24 08:52:17 465,120 ----a-w c:\windows\system32\perfh013.dat + 2009-02-24 08:47:59 16,384 ----atw c:\windows\temp\Perflib_Perfdata_618.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288] "RocketDock"="c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-18 630784] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 49152] "COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2007-12-16 1115728] "avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-02-05 81000] "VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-07-11 122880] "UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2008-09-29 970808] "Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2002-10-11 98304] "nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2006-10-31 321088] "CTDVDDET"="c:\program files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160] "OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [2008-09-29 497008] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-04-01 568176] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\program files\DVD Region+CSS Free\DVDShell.dll" [2004-10-09 49152] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.MJPG"= pvmjpg30.dll "VIDC.PIM1"= pclepim1.dll "VIDC.ACDV"= ACDV.dll "msacm.l3codec"= l3codecp.acm "vidc.mjpx"= Pvmjpg30.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^NkbMonitor.exe.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ymetray.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^Canon IJ Status Monitor Canon MP500 Series Printer.lnk] path=c:\documents and settings\Erwtje\Menu Start\Programma's\Opstarten\Canon IJ Status Monitor Canon MP500 Series Printer.lnk backup=c:\windows\pss\Canon IJ Status Monitor Canon MP500 Series Printer.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^HDDlife.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^OpenOffice.org 2.1 .lnk] [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^RocketDock.lnk] backup=c:\windows\pss\RocketDock.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^Shrink Pic.lnk] backup=c:\windows\pss\Shrink Pic.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^TransBar.lnk] backup=c:\windows\pss\TransBar.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^UberIcon.lnk] backup=c:\windows\pss\UberIcon.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^Y'z Shadow.lnk] backup=c:\windows\pss\Y'z Shadow.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^Zita Nieuwsflash.lnk] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] --a------ 2005-07-14 15:09 57344 c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-06-12 02:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] --a------ 2008-03-20 17:42 217544 c:\program files\Alcohol Soft\Alcohol 52\AxCmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Probe] --a------ 2002-12-06 16:07 617984 c:\program files\ASUS\Probe\AsusProb.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid] --a------ 2009-02-02 13:32 2035712 c:\program files\Belgium Identity Card\beid35gui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray] --a------ 2007-09-10 11:08 258134 c:\program files\IVT Corporation\BlueSoleil\BtTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor] f:\digital imaging\\Unload\hpqcmon.exe [bU] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative MediaSource Go] -----c--- 2004-11-30 11:00 135168 c:\program files\Creative\MediaSource\Go\CTCMSGo.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] --a------ 2008-04-14 18:02 15360 c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent] --a------ 2006-11-13 17:34 1289000 c:\progra~1\MI3AA1~1\wcescomm.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTpatch] -ra------ 2002-10-30 10:40 28672 c:\windows\htpatch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] F:\iTunesHelper.exe [bU] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager] --a------ 2008-08-14 16:11 565008 c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] --a------ 2008-08-14 16:15 2407184 c:\program files\Logitech\QuickCam\Quickcam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MRC] --a------ 2007-09-20 10:16 2419200 c:\program files\PC Tune-Up\PCTuneUp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --------- 2008-04-14 18:03 1695232 c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --a------ 2007-10-18 11:34 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OE] --a------ 2008-09-29 14:08 497008 c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2] --a------ 2003-05-08 11:00 49152 c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCLEPCI] --a------ 2004-08-30 17:31 36864 c:\progra~1\Pinnacle\PPE\PPE.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFtypewriterPrinterMonitor] c:\program files\PDFtypewriter\Printer\PDFtypewriterMonitorStart.exe [bU] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PicoBackupOE] --a------ 2005-06-17 14:52 1129472 c:\program files\PicoBackupOE\PicoBackupAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-06-29 05:24 286720 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock] --a------ 2007-03-18 23:05 630784 c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon] f:\hp share-to-web\hpgs2wnd.exe [bU] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector] --------- 2005-07-28 08:32 94208 c:\program files\Common Files\Ulead Systems\AutoDetector\Monitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead Calendar Checker] --a--c--- 2005-08-22 09:10 69632 c:\program files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg] --------- 2000-05-11 01:00 90112 c:\windows\Updreg.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse] --a--c--- 2006-02-17 10:14 163840 c:\program files\A4TECH\Mouse\Amoumain.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper] --a------ 2005-08-07 23:10 16384 c:\windows\CTHELPER.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp] --a------ 2005-08-07 23:10 18944 c:\windows\system32\CTXFIHLP.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Realtime Audio Engine] --a------ 2008-06-23 16:43 70144 c:\windows\system32\mmrtkrnl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "usnjsvc"=3 (0x3) "rpcapd"=3 (0x3) "ose"=3 (0x3) "odserv"=3 (0x3) "MDM"=2 (0x2) "LVCOMSer"=2 (0x2) "iPod Service"=3 (0x3) "gusvc"=2 (0x2) "FirebirdServerMAGIXInstance"=3 (0x3) "BsHelpCS"=3 (0x3) "BlueSoleilCS"=2 (0x2) "Apple Mobile Device"=2 (0x2) "a2free"=2 (0x2) "StarWindServiceAE"=2 (0x2) "TapiSrv"=3 (0x3) "Schedule"=2 (0x2) "LVPrcSrv"=2 (0x2) "IDriverT"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\CCleaner\\ccleaner.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Piolet\\Piolet.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\ASUS\\AsusUpdate\\Update.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"= "c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"= "c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"= "c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"= "c:\\Program Files\\Outlook Express\\msimn.exe"= "c:\\Program Files\\Linksys Wireless-G PCI Wireless Network Monitor\\InvokeSvc2.exe"= "c:\\Program Files\\Windows Live\\Mail\\wlmail.exe"= "c:\\Program Files\\Windows Live\\Writer\\WindowsLiveWriter.exe"= "c:\\Program Files\\PrinterAnywhere\\paConsole.exe"= "c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"= "c:\\Program Files\\Opera\\opera.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\1 Click PC Fix\\1clickpcfix.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-29 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-11-29 20560] R2 dvdmrp;dvdmrp;c:\windows\system32\drivers\dvdmrp.sys [2005-08-03 5504] R3 Amps2prt;A4Tech PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [2006-05-09 13824] R3 BENDER;Pinnacle AV/DV2 Capture;c:\windows\system32\drivers\bender.sys [2006-11-20 200320] S2 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;f:\magix\Common\Database\bin\fbserver.exe --> f:\magix\Common\Database\bin\fbserver.exe [?] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [2006-03-24 33536] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512] --- Andere Services/Drivers In Geheugen --- *Deregistered* - ImapiService *Deregistered* - lanmanserver *Deregistered* - lanmanworkstation *Deregistered* - LmHosts *Deregistered* - mnmsrvc *Deregistered* - Netman *Deregistered* - Nla *Deregistered* - NMSAccessU *Deregistered* - nmservice *Deregistered* - PolicyAgent *Deregistered* - ProtectedStorage *Deregistered* - RasMan *Deregistered* - rpcapd *Deregistered* - RpcSs *Deregistered* - SamSs *Deregistered* - SCardSvr *Deregistered* - seclogon *Deregistered* - SENS *Deregistered* - SharedAccess *Deregistered* - ShellHWDetection *Deregistered* - SoundMAX Agent Service (default) *Deregistered* - Spooler *Deregistered* - srservice *Deregistered* - stisvc *Deregistered* - TapiSrv *Deregistered* - TermService *Deregistered* - Themes *Deregistered* - TrkWks *Deregistered* - Uniblue DiskRescue *Deregistered* - WebClient *Deregistered* - WinDefend *Deregistered* - winmgmt *Deregistered* - WMP54Gv4SVC *Deregistered* - wscsvc *Deregistered* - wuauserv *Deregistered* - WZCSVC [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static] msiexec /fums {3CBBEE47-C8F4-316A-92FF-ED7E3DFAE41E} /qb . Inhoud van de 'Gedeelde Taken' map 2008-12-23 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2008-12-05 c:\windows\Tasks\Norton Security Scan.job - c:\program files\Norton Security Scan\Nss.exe [2007-09-18 23:42] 2008-12-24 c:\windows\Tasks\RegistrySmart Scheduled Scan.job - c:\program files\RegistrySmart\RegistrySmart.exe [] 2008-12-24 c:\windows\Tasks\RegistrySmart Scheduled Scan.job - c:\program files\RegistrySmart [] 2009-02-23 c:\windows\Tasks\Uniblue DiskRescue 2009.job - c:\program files\Uniblue\DiskRescue\UBDiskRescue.exe [2008-09-10 16:22] 2007-02-18 c:\windows\Tasks\Uniblue SpyEraser.job - c:\program files\Uniblue\SpyEraser\SpyEraser.exe [] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.hln.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm Trusted Zone: microsoft.com\download.windowsupdate Trusted Zone: microsoft.com\support Trusted Zone: microsoft.com\www.update DPF: DirectAnimation Java Classes DPF: Microsoft XML Parser for Java FF - ProfilePath - . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-24 13:23:56 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-1004336348-583907252-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{557B07D3-7DB1-3FD4-A397-E353685CF813}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "iakiachldgmohicgdc"=hex:6b,61,6e,6e,6e,6e,70,63,69,61,70,6c,67,6e,61,6f,6e,6f, 62,68,66,68,00,00 "haaiodhdphjaomoe"=hex:6b,61,6e,6e,6d,6e,69,6e,61,68,6e,70,64,70,69,65,6e,6d, 6f,62,67,66,00,00 [HKEY_USERS\S-1-5-21-1004336348-583907252-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B96E5DFF-D769-C338-7EE4-EFA8663D62F2}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,9f,6c,aa,c8,f4, 7a,a9,94,c8,28,51,af,b0,29,a3,98,13,30,66,8d,37,c5,87,12,e2,63,26,f1,3f,c8,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,9f,65,67,08,bf, 1a,28,ab,71,3b,04,66,8b,46,0d,96,6a,7e,ff,0c,f8,1c,6f,4a,6a,9c,d6,61,af,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,07,db,6a,2a,c5, 7c,10,3f,25,da,ec,7e,55,20,c9,26,ab,88,e2,cf,19,41,cf,20,ff,7c,85,e0,43,d4,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,06,18,9f,85,43, 97,d3,4c,3e,1e,9e,e0,57,5a,93,61,2f,03,b3,0e,c9,a1,51,44,86,8c,21,01,be,91,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,79,97,17,f6,e8, 92,06,6d,cd,44,cd,b9,a6,33,6c,cd,88,b3,8a,7d,02,c1,b7,f2,f5,1d,4d,73,a8,13,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,70,06,92,03,05, a5,73,54,b0,18,ed,a7,3f,8d,37,a4,e2,44,3a,dc,6a,12,4e,fc,df,20,58,62,78,6b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,84,e2,96,ee,db, c7,3b,db,31,77,e1,ba,b1,f8,68,02,c7,ca,df,bb,ee,01,ae,50,fb,a7,78,e6,12,2f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,9a,30,dc,4d,18, 06,d5,d5,83,6c,56,8b,a0,85,96,ab,d4,24,bf,1f,10,f4,1e,50,01,3a,48,fc,e8,04,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,b2,91,df,47,ba, 16,02,d4,51,fa,6e,91,28,9e,14,cc,b6,57,c0,ad,f5,d2,31,3b,f6,0f,4e,58,98,5b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "f5f62a6129303efb32fbe080bb27835b"=hex:37,a4,aa,c3,a6,15,56,0a,f7,63,8b,20,59, 8e,b4,a2,b1,cd,45,5a,a8,c4,f8,b9,85,08,f9,99,21,eb,9f,48,3d,ce,ea,26,2d,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,60,76,76,6d,5a, a8,6e,d3,e3,0e,66,d5,eb,bc,2f,6b,cb,c4,4b,9a,c8,6a,1b,13,2a,b7,cc,b5,b9,7f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,60,7f,0a,df,65, ed,ae,ce,fa,ea,66,7f,d4,3b,6b,70,10,31,34,90,a9,42,80,7d,6c,43,2d,1e,aa,22,\ [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\Settings] @DACL=(02 0012) @Denied: (Full) (Everyone) "Data"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00, 00,00,79,52,33,1c,d4,b0,80,42,b2,a5,ee,9f,d0,f1,a1,e7,04,00,00,00,04,00,00,\ . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(744) c:\windows\system32\Ati2evxx.dll . Voltooingstijd: 2009-02-24 13:25:43 ComboFix-quarantined-files.txt 2009-02-24 12:25:41 ComboFix2.txt 2009-02-23 21:28:59 ComboFix3.txt 2009-02-23 20:51:35 ComboFix4.txt 2009-02-23 17:43:24 ComboFix5.txt 2009-02-24 12:21:19 Pre-Run: 220.624.482.304 bytes beschikbaar Post-Run: 220,602,757,120 bytes beschikbaar Current=6 Default=6 Failed=5 LastKnownGood=7 Sets=1,2,3,4,5,6,7 561 --- E O F --- 2009-02-19 20:49:11 -
[OPGELOST] het venster hulprogramma voor systeemconfiguratie"
Erwtje69 reageerde op Erwtje69's topic in Archief Windows Algemeen
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:36:55, on 24/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe C:\Program Files\Comodo\Firewall\cmdagent.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\WinPcap\rpcapd.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\PROGRA~1\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\explorer.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\Windows Live\Messenger\HTC.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: (no name) - -{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - (no file) O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.0.6.5.cab O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager_dev/plugin/IEGetPlugin.ocx O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/e/38.09/f-6tcHDGwoY/uploader2.cab O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - https://www.microsoft.com/resources/virtuallabs/ActiveX/VMRCActiveXClient1.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.nl/downloads/BUM/BUM_WIN_IE_2/axofupld.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1218922213856&h=1228216423e2b904dbf135487519793c/&filename=jinstall-6u7-windows-i586-jc.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/nl/TSEasyInstallX.CAB O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - F:\MAGIX\Common\Database\bin\fbserver.exe (file missing) O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Uniblue DiskRescue - Uniblue - C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe -- End of file - 12424 bytes -
[OPGELOST] het venster hulprogramma voor systeemconfiguratie"
Erwtje69 reageerde op Erwtje69's topic in Archief Windows Algemeen
Dat is geen probleem voor mij,Fake. Hopelijk kan jij het oplossen .Doe maar rustig aan hoor. Heb nog een desktop met xp home servicepack 3 en een Dell laptop met vista premium erop in geval van nood. Nog een goed nacht toegewenst vanwege, Mvg .erwtje69 -
[OPGELOST] het venster hulprogramma voor systeemconfiguratie"
Erwtje69 reageerde op Erwtje69's topic in Archief Windows Algemeen
Ik snap hier echt niks meer van,he Fake. telkens ik hier het combofix logje wilde publiceren ,ging de webbrowser zo traag dat ik telkens de volgende foutmelding kreeg:"de pagina kan niet weergegeven worden."Ik mocht doen wat ik wilde ik geraakte niet meer op deze discussie,wel op de website,maar het geplakte logje draaide telkens uit op een foutmelding.Nu blijkt dat het hier ettelijke keren toch gepost is??? Nu kan ik niet meer volgen,zulle.Erzit hier ergens een serieuze trojan of zo verscholen volgens mij.Nu is ook plotseling mijn werkbalk dubbel zo groot geworden zonder dat ik ook maar iets gewijzigd heb?? Help!! -
[OPGELOST] het venster hulprogramma voor systeemconfiguratie"
Erwtje69 reageerde op Erwtje69's topic in Archief Windows Algemeen
Amaai,dat verliep hier niet van een leien dakje ,Fake.Ik kon zelfs geen verbinding meer maken hier op deze website.Ik kon wel het logje plakken maar tijdens het doorsturen kreeg ik telkens:"kan de pagina niet weergeven???????? Hopelijk is het nu gelukt MVG.Erwtje69 ComboFix 09-02-21.01 - Erwtje 2009-02-23 21:47:42.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.2048.1501 [GMT 1:00] Gestart vanuit: c:\documents and settings\Erwtje\Bureaublad\ComboFix.exe AV: avast! antivirus 4.8.1335 [VPS 090223-0] *On-access scanning disabled* (Updated) AV: Trend Micro Internet Security *On-access scanning disabled* (Updated) FW: COMODO Firewall Pro *disabled* FW: Trend Micro Personal Firewall *disabled* . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Erwtje\Application Data\inst.exe c:\windows\system32\tmp.reg L:\Autorun.inf . (((((((((((((((((((( Bestanden Gemaakt van 2009-01-23 to 2009-02-23 )))))))))))))))))))))))))))))) . 2009-02-23 21:33 . 2009-02-23 21:33 <DIR> d-------- c:\windows\system32\beidpp 2009-02-23 21:33 . 2009-02-23 21:33 <DIR> d-------- c:\program files\Uniblue 2009-02-23 21:33 . 2009-02-23 21:33 <DIR> d--hs---- c:\documents and settings\Erwtje\Onlangs geopend 2009-02-23 21:33 . 2009-02-23 21:33 <DIR> d-------- c:\documents and settings\Erwtje\Bluetooth Software 2009-02-23 21:27 . 2009-02-23 21:33 <DIR> d--hs---- C:\RECYCLER(3) 2009-02-23 21:17 . 2009-02-23 21:33 <DIR> d-------- C:\RECYCLER(2) 2009-02-23 16:14 . 2009-02-23 21:33 <DIR> d-------- c:\program files\Belgium Identity Card 2009-02-23 14:29 . 2009-02-23 21:33 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{38E672D5-1F19-4A24-BA49-04BE4A4DBCAE} 2009-02-22 18:19 . 2007-03-31 06:02 876,384 --a------ c:\windows\system32\drivers\btkrnl.sys 2009-02-22 18:19 . 2007-03-23 03:49 539,072 --a------ c:\windows\system32\drivers\btaudio.sys 2009-02-22 18:19 . 2007-03-23 03:50 149,123 --a------ c:\windows\system32\drivers\btwdndis.sys 2009-02-22 18:19 . 2007-03-31 06:02 55,352 --a------ c:\windows\system32\drivers\btwhid.sys 2009-02-22 18:19 . 2007-03-23 03:50 37,424 --a------ c:\windows\system32\drivers\btport.sys 2009-02-22 18:08 . 2007-03-23 03:50 106,557 -ra------ c:\windows\system32\btw_ci.dll 2009-02-22 18:08 . 2007-03-23 03:50 67,960 --a------ c:\windows\system32\drivers\btwusb.sys 2009-02-22 00:58 . 2009-02-22 00:58 <DIR> d-------- c:\program files\WIDCOMM 2009-02-21 16:42 . 2009-02-21 16:42 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\Ashampoo 2009-02-21 16:27 . 2009-02-21 16:27 103,424 --a------ c:\windows\system32\PowerUp3_nat.dll 2009-02-20 22:06 . 2009-02-20 22:07 <DIR> d-------- c:\program files\PDFCreator 2009-02-20 22:06 . 2001-10-28 17:42 116,224 --a------ c:\windows\system32\pdfcmnnt.dll 2009-02-20 21:50 . 2006-11-30 22:24 86,016 --a------ c:\windows\system32\custmon32.dll 2009-02-20 20:44 . 2009-02-20 20:44 <DIR> d--h----- c:\windows\system32\CanonMP Uninstaller Information 2009-02-20 20:43 . 2009-02-20 20:43 <DIR> d--h----- C:\CanonMP 2009-02-19 17:37 . 2009-02-19 17:37 <DIR> d--h----- c:\documents and settings\All Users\Application Data\CanonBJ 2009-02-18 21:14 . 2009-02-18 21:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\pdf995 2009-02-18 21:14 . 2009-02-18 21:21 249,856 --a------ c:\windows\system32\pdfmona.dll 2009-02-18 21:14 . 2009-02-18 21:21 51,716 --a------ c:\windows\system32\pdf995mon.dll 2009-02-18 21:14 . 2009-02-18 21:21 25 --a------ c:\windows\wpd99.drv 2009-02-18 21:13 . 2009-02-20 21:09 <DIR> d-------- C:\pdf995 2009-02-15 18:07 . 2009-02-15 18:07 <DIR> d-------- c:\program files\Microsoft SQL Server Compact Edition 2009-02-15 17:05 . 2009-02-15 17:05 126 --a------ c:\windows\system32\{BDA126A1-7D91-4638-B52F-49D9E6F6F87E}.dat 2009-02-15 16:03 . 2009-02-20 20:51 0 --a------ c:\windows\system32\PDFtypewriter 2009-02-15 14:26 . 2009-02-15 14:26 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\CTdeveloping 2009-02-15 14:26 . 2009-02-15 14:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\CTdeveloping 2009-02-14 17:25 . 2009-02-14 17:25 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2009-02-14 17:14 . 2009-02-20 21:59 <DIR> d-------- c:\program files\Capsoft 2009-02-14 16:10 . 2009-02-14 16:10 <DIR> d-------- C:\MIR 2009-02-14 14:44 . 2009-02-14 14:44 <DIR> d-------- c:\program files\Multiple Image Resizer .NET 2009-02-12 00:11 . 2008-05-02 14:30 465,920 --------- c:\windows\system32\imapi2fs.dll 2009-02-12 00:11 . 2008-05-02 14:30 465,920 -----c--- c:\windows\system32\dllcache\imapi2fs.dll 2009-02-12 00:11 . 2008-05-02 14:30 317,952 --------- c:\windows\system32\imapi2.dll 2009-02-12 00:11 . 2008-05-02 14:30 317,952 -----c--- c:\windows\system32\dllcache\imapi2.dll 2009-02-12 00:11 . 2008-05-02 11:49 62,976 -----c--- c:\windows\system32\dllcache\cdrom.sys 2009-02-12 00:10 . 2008-04-17 05:59 407,040 -----c--- c:\windows\system32\dllcache\netlogon.dll 2009-02-12 00:10 . 2008-04-17 05:59 344,576 -----c--- c:\windows\system32\dllcache\localspl.dll 2009-02-12 00:10 . 2008-04-17 05:59 176,128 -----c--- c:\windows\system32\dllcache\w32time.dll 2009-02-12 00:10 . 2008-04-17 05:59 134,144 -----c--- c:\windows\system32\dllcache\wkssvc.dll 2009-02-12 00:10 . 2008-05-05 12:07 132,608 -----c--- c:\windows\system32\dllcache\msv1_0.dll 2009-02-12 00:10 . 2008-04-17 05:59 113,664 -----c--- c:\windows\system32\dllcache\dsuiext.dll 2009-02-12 00:10 . 2008-04-17 05:59 68,096 -----c--- c:\windows\system32\dllcache\ntdsapi.dll 2009-02-12 00:07 . 2009-02-12 00:07 <DIR> d-------- c:\program files\Dir2File 2009-02-12 00:06 . 2004-12-09 08:17 61,440 --a------ c:\windows\ContextMenuExt.dll 2009-02-12 00:05 . 2007-07-10 20:27 40,960 --a------ c:\windows\system32\SSUBTMR6.DLL 2009-02-11 23:50 . 2007-10-07 11:27 10,752 --a------ c:\windows\system32\aamd532.dll 2009-02-07 18:04 . 2009-02-07 18:04 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\Kodak 2009-02-07 18:03 . 2009-02-07 18:03 <DIR> d-------- c:\program files\Kodak 2009-02-06 20:35 . 2009-02-06 20:35 <DIR> d-------- c:\program files\BatchPhoto 2009-02-04 23:16 . 2009-02-04 23:17 <DIR> d-------- c:\program files\Photobie 2009-02-02 13:31 . 2009-02-02 13:31 360,448 --a------ c:\windows\system32\beid35applayer.dll 2009-02-02 13:31 . 2009-02-02 13:31 86,016 --a------ c:\windows\system32\Belgium Identity Card PKCS11.dll 2009-02-02 13:31 . 2009-02-02 13:31 86,016 --a------ c:\windows\system32\beidpkcs11.dll 2009-02-02 13:31 . 2009-02-02 13:31 69,632 --a------ c:\windows\system32\beidCSPlib.dll 2009-02-02 13:30 . 2009-02-02 13:30 262,144 --a------ c:\windows\system32\beid35DlgsWin32.dll 2009-02-02 13:30 . 2009-02-02 13:30 192,512 --a------ c:\windows\system32\beid35cardlayer.dll 2009-02-02 13:30 . 2009-02-02 13:30 122,880 --a------ c:\windows\system32\beid35common.dll 2009-02-02 13:29 . 2009-02-02 13:29 200,704 --a------ c:\windows\system32\eidlib.dll 2009-02-02 13:29 . 2009-02-02 13:29 200,704 --a------ c:\windows\system32\beidlib.dll 2009-01-24 00:21 . 2009-01-24 00:21 <DIR> d-------- c:\program files\CDBurnerXP 2009-01-24 00:21 . 2009-01-24 00:21 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\Canneverbe_Limited . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-23 20:35 0 ----a-w c:\windows\system32\drivers\lvuvc.hs 2009-02-23 20:35 0 ----a-w c:\windows\system32\drivers\logiflt.iad 2009-02-23 20:33 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-02-23 17:37 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-02-23 15:13 33,536 ----a-w c:\windows\system32\drivers\a38usb.sys 2009-02-23 15:13 110,592 ----a-w c:\windows\system32\usbr38.dll 2009-02-23 13:32 --------- d-----w c:\documents and settings\Erwtje\Application Data\Uniblue 2009-02-21 15:26 --------- d-----w c:\program files\Ashampoo 2009-02-20 20:44 --------- d-----w c:\program files\PDFCreator Toolbar 2009-02-20 19:48 --------- d-----w c:\documents and settings\Erwtje\Application Data\Canon 2009-02-19 21:59 --------- d-----w c:\program files\Common Files\ScanSoft Shared 2009-02-19 21:57 --------- d-----w c:\program files\Canon 2009-02-18 20:31 --------- d-----w c:\documents and settings\Erwtje\Application Data\MSN6 2009-02-17 21:42 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-02-15 16:34 --------- d-----w c:\program files\Common Files\Symantec Shared 2009-02-15 16:32 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-02-15 15:09 --------- d-----w c:\program files\Common Files\Adobe 2009-02-14 17:20 --------- d-----w c:\documents and settings\All Users\Application Data\ACD Systems 2009-02-14 16:08 --------- d-----w c:\program files\Foxit Software 2009-02-14 13:44 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-11 23:08 --------- d-----w c:\program files\MSECache 2009-02-11 09:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-11 09:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-02-07 22:20 --------- d-----w c:\documents and settings\Erwtje\Application Data\XnView 2009-01-13 14:44 --------- d-----w c:\program files\CCleaner 2009-01-13 14:23 --------- d-----w c:\program files\PC Tune-Up 2009-01-05 22:33 3,751,995 ----a-w c:\windows\system32\GPhotos.scr 2008-12-29 18:58 --------- d-----w c:\documents and settings\Erwtje\Application Data\Malwarebytes 2008-12-29 18:58 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-23 21:21 --------- d-----w c:\program files\Apple Software Update 2008-12-20 23:03 826,368 ----a-w c:\windows\system32\wininet.dll 2008-07-27 20:53 47,360 ----a-w c:\documents and settings\Erwtje\Application Data\pcouffin.sys 2008-05-07 21:24 14,290 ----a-w c:\program files\settings.dat 2008-01-30 19:05 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLec.DAT 2008-01-30 19:05 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLds.DAT 2005-08-25 20:00 48,128 ----a-w c:\documents and settings\LocalService\cnmss Canon MP500 Series Printer (Local).dll 2005-08-25 20:00 48,128 ----a-w c:\documents and settings\Erwtje\cnmss Canon MP500 Series Printer (Local).dll 2008-04-19 20:14 67,696 ----a-w c:\program files\mozilla firefox\components\jar50.dll 2008-04-19 20:14 54,376 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll 2008-04-19 20:14 34,952 ----a-w c:\program files\mozilla firefox\components\myspell.dll 2008-04-19 20:14 46,720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll 2008-04-19 20:14 172,144 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll 2008-10-12 21:09 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008101220081013\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288] "RocketDock"="c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-18 630784] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 49152] "COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2007-12-16 1115728] "avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-02-05 81000] "VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-07-11 122880] "UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2008-09-29 970808] "Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2002-10-11 98304] "nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2006-10-31 321088] "CTDVDDET"="c:\program files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160] "OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [2008-09-29 497008] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-04-01 568176] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\program files\DVD Region+CSS Free\DVDShell.dll" [2004-10-09 49152] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.MJPG"= pvmjpg30.dll "VIDC.PIM1"= pclepim1.dll "VIDC.ACDV"= ACDV.dll "msacm.l3codec"= l3codecp.acm "vidc.mjpx"= Pvmjpg30.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^NkbMonitor.exe.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ymetray.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^Canon IJ Status Monitor Canon MP500 Series Printer.lnk] path=c:\documents and settings\Erwtje\Menu Start\Programma's\Opstarten\Canon IJ Status Monitor Canon MP500 Series Printer.lnk backup=c:\windows\pss\Canon IJ Status Monitor Canon MP500 Series Printer.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^HDDlife.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^OpenOffice.org 2.1 .lnk] [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^RocketDock.lnk] backup=c:\windows\pss\RocketDock.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^Shrink Pic.lnk] backup=c:\windows\pss\Shrink Pic.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^TransBar.lnk] backup=c:\windows\pss\TransBar.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^UberIcon.lnk] backup=c:\windows\pss\UberIcon.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^Y'z Shadow.lnk] backup=c:\windows\pss\Y'z Shadow.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^Zita Nieuwsflash.lnk] HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistrySmart HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009 HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpyEraser HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinVNC HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] --a------ 2005-07-14 15:09 57344 c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-06-12 02:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] --a------ 2008-03-20 17:42 217544 c:\program files\Alcohol Soft\Alcohol 52\AxCmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Probe] --a------ 2002-12-06 16:07 617984 c:\program files\ASUS\Probe\AsusProb.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid] --a------ 2009-02-02 13:32 2035712 c:\program files\Belgium Identity Card\beid35gui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray] --a------ 2007-09-10 11:08 258134 c:\program files\IVT Corporation\BlueSoleil\BtTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor] f:\digital imaging\\Unload\hpqcmon.exe [bU] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative MediaSource Go] -----c--- 2004-11-30 11:00 135168 c:\program files\Creative\MediaSource\Go\CTCMSGo.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] --a------ 2008-04-14 18:02 15360 c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent] --a------ 2006-11-13 17:34 1289000 c:\progra~1\MI3AA1~1\wcescomm.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTpatch] -ra------ 2002-10-30 10:40 28672 c:\windows\htpatch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] F:\iTunesHelper.exe [bU] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager] --a------ 2008-08-14 16:11 565008 c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] --a------ 2008-08-14 16:15 2407184 c:\program files\Logitech\QuickCam\Quickcam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MRC] --a------ 2007-09-20 10:16 2419200 c:\program files\PC Tune-Up\PCTuneUp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --------- 2008-04-14 18:03 1695232 c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --a------ 2007-10-18 11:34 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OE] --a------ 2008-09-29 14:08 497008 c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2] --a------ 2003-05-08 11:00 49152 c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCLEPCI] --a------ 2004-08-30 17:31 36864 c:\progra~1\Pinnacle\PPE\PPE.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFtypewriterPrinterMonitor] c:\program files\PDFtypewriter\Printer\PDFtypewriterMonitorStart.exe [bU] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PicoBackupOE] --a------ 2005-06-17 14:52 1129472 c:\program files\PicoBackupOE\PicoBackupAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-06-29 05:24 286720 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock] --a------ 2007-03-18 23:05 630784 c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon] f:\hp share-to-web\hpgs2wnd.exe [bU] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector] --------- 2005-07-28 08:32 94208 c:\program files\Common Files\Ulead Systems\AutoDetector\Monitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead Calendar Checker] --a--c--- 2005-08-22 09:10 69632 c:\program files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg] --------- 2000-05-11 01:00 90112 c:\windows\Updreg.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse] --a--c--- 2006-02-17 10:14 163840 c:\program files\A4TECH\Mouse\Amoumain.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper] --a------ 2005-08-07 23:10 16384 c:\windows\CTHELPER.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp] --a------ 2005-08-07 23:10 18944 c:\windows\system32\CTXFIHLP.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Realtime Audio Engine] --a------ 2008-06-23 16:43 70144 c:\windows\system32\mmrtkrnl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "usnjsvc"=3 (0x3) "rpcapd"=3 (0x3) "ose"=3 (0x3) "odserv"=3 (0x3) "MDM"=2 (0x2) "LVCOMSer"=2 (0x2) "iPod Service"=3 (0x3) "gusvc"=2 (0x2) "FirebirdServerMAGIXInstance"=3 (0x3) "BsHelpCS"=3 (0x3) "BlueSoleilCS"=2 (0x2) "Apple Mobile Device"=2 (0x2) "a2free"=2 (0x2) "StarWindServiceAE"=2 (0x2) "TapiSrv"=3 (0x3) "Schedule"=2 (0x2) "LVPrcSrv"=2 (0x2) "IDriverT"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\CCleaner\\ccleaner.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Piolet\\Piolet.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\ASUS\\AsusUpdate\\Update.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"= "c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"= "c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"= "c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"= "c:\\Program Files\\Outlook Express\\msimn.exe"= "c:\\Program Files\\Linksys Wireless-G PCI Wireless Network Monitor\\InvokeSvc2.exe"= "c:\\Program Files\\Windows Live\\Mail\\wlmail.exe"= "c:\\Program Files\\Windows Live\\Writer\\WindowsLiveWriter.exe"= "c:\\Program Files\\PrinterAnywhere\\paConsole.exe"= "c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"= "c:\\Program Files\\Opera\\opera.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\1 Click PC Fix\\1clickpcfix.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-29 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-11-29 20560] R2 dvdmrp;dvdmrp;c:\windows\system32\drivers\dvdmrp.sys [2005-08-03 5504] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [2006-03-24 33536] R3 Amps2prt;A4Tech PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [2006-05-09 13824] R3 BENDER;Pinnacle AV/DV2 Capture;c:\windows\system32\drivers\bender.sys [2006-11-20 200320] S2 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;f:\magix\Common\Database\bin\fbserver.exe --> f:\magix\Common\Database\bin\fbserver.exe [?] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512] --- Andere Services/Drivers In Geheugen --- *Deregistered* - ImapiService *Deregistered* - lanmanserver *Deregistered* - lanmanworkstation *Deregistered* - LmHosts *Deregistered* - mnmsrvc *Deregistered* - Netman *Deregistered* - Nla *Deregistered* - NMSAccessU *Deregistered* - nmservice *Deregistered* - PolicyAgent *Deregistered* - ProtectedStorage *Deregistered* - RasMan *Deregistered* - rpcapd *Deregistered* - RpcSs *Deregistered* - SamSs *Deregistered* - SCardSvr *Deregistered* - seclogon *Deregistered* - SENS *Deregistered* - SharedAccess *Deregistered* - ShellHWDetection *Deregistered* - SoundMAX Agent Service (default) *Deregistered* - Spooler *Deregistered* - srservice *Deregistered* - stisvc *Deregistered* - TapiSrv *Deregistered* - TermService *Deregistered* - Themes *Deregistered* - TrkWks *Deregistered* - Uniblue DiskRescue *Deregistered* - WebClient *Deregistered* - WinDefend *Deregistered* - winmgmt *Deregistered* - WMP54Gv4SVC *Deregistered* - wscsvc *Deregistered* - wuauserv *Deregistered* - WZCSVC [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L] \Shell\AutoRun\command - L:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\M] \Shell\AutoRun\command - M:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{33ff8e03-1f8d-11dd-9071-0011675a9d92}] \Shell\AutoRun\command - H:\ClickMe.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static] msiexec /fums {3CBBEE47-C8F4-316A-92FF-ED7E3DFAE41E} /qb . Inhoud van de 'Gedeelde Taken' map 2008-12-23 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2008-12-24 c:\windows\Tasks\At1.job - c:\windows\system32\3AA45Enp.exe [] 2008-10-11 c:\windows\Tasks\At10.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-23 c:\windows\Tasks\At11.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-23 c:\windows\Tasks\At12.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-23 c:\windows\Tasks\At13.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-23 c:\windows\Tasks\At14.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-25 c:\windows\Tasks\At15.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-25 c:\windows\Tasks\At16.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-25 c:\windows\Tasks\At17.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-25 c:\windows\Tasks\At18.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-24 c:\windows\Tasks\At19.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-25 c:\windows\Tasks\At2.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-24 c:\windows\Tasks\At20.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-24 c:\windows\Tasks\At21.job - c:\windows\system32\3AA45Enp.exe [] 2009-02-17 c:\windows\Tasks\At22.job - c:\windows\system32\3AA45Enp.exe [] 2009-02-17 c:\windows\Tasks\At23.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-24 c:\windows\Tasks\At24.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-25 c:\windows\Tasks\At3.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-24 c:\windows\Tasks\At4.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-24 c:\windows\Tasks\At5.job - c:\windows\system32\3AA45Enp.exe [] 2008-09-06 c:\windows\Tasks\At6.job - c:\windows\system32\3AA45Enp.exe [] 2008-09-06 c:\windows\Tasks\At7.job - c:\windows\system32\3AA45Enp.exe [] 2008-09-06 c:\windows\Tasks\At8.job - c:\windows\system32\3AA45Enp.exe [] 2008-10-11 c:\windows\Tasks\At9.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-05 c:\windows\Tasks\Norton Security Scan.job - c:\program files\Norton Security Scan\Nss.exe [2007-09-18 23:42] 2008-12-24 c:\windows\Tasks\RegistrySmart Scheduled Scan.job - c:\program files\RegistrySmart\RegistrySmart.exe [] 2008-12-24 c:\windows\Tasks\RegistrySmart Scheduled Scan.job - c:\program files\RegistrySmart [] 2009-02-23 c:\windows\Tasks\Uniblue DiskRescue 2009.job - c:\program files\Uniblue\DiskRescue\UBDiskRescue.exe [2008-09-10 16:22] 2007-02-18 c:\windows\Tasks\Uniblue SpyEraser.job - c:\program files\Uniblue\SpyEraser\SpyEraser.exe [] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.hln.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm Trusted Zone: microsoft.com\download.windowsupdate Trusted Zone: microsoft.com\support Trusted Zone: microsoft.com\www.update DPF: DirectAnimation Java Classes DPF: Microsoft XML Parser for Java FF - ProfilePath - . . ------- Bestandsassociaties ------- . regfile\shell\edit\command=%SystemRoot%\system32\NOTEPAD.EXE %1 . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-23 21:49:46 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-1004336348-583907252-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{557B07D3-7DB1-3FD4-A397-E353685CF813}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "iakiachldgmohicgdc"=hex:6b,61,6e,6e,6e,6e,70,63,69,61,70,6c,67,6e,61,6f,6e,6f, 62,68,66,68,00,00 "haaiodhdphjaomoe"=hex:6b,61,6e,6e,6d,6e,69,6e,61,68,6e,70,64,70,69,65,6e,6d, 6f,62,67,66,00,00 [HKEY_USERS\S-1-5-21-1004336348-583907252-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B96E5DFF-D769-C338-7EE4-EFA8663D62F2}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,9f,6c,aa,c8,f4, 7a,a9,94,c8,28,51,af,b0,29,a3,98,13,30,66,8d,37,c5,87,12,e2,63,26,f1,3f,c8,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,9f,65,67,08,bf, 1a,28,ab,71,3b,04,66,8b,46,0d,96,6a,7e,ff,0c,f8,1c,6f,4a,6a,9c,d6,61,af,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,07,db,6a,2a,c5, 7c,10,3f,25,da,ec,7e,55,20,c9,26,ab,88,e2,cf,19,41,cf,20,ff,7c,85,e0,43,d4,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,06,18,9f,85,43, 97,d3,4c,3e,1e,9e,e0,57,5a,93,61,2f,03,b3,0e,c9,a1,51,44,86,8c,21,01,be,91,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,79,97,17,f6,e8, 92,06,6d,cd,44,cd,b9,a6,33,6c,cd,88,b3,8a,7d,02,c1,b7,f2,f5,1d,4d,73,a8,13,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,70,06,92,03,05, a5,73,54,b0,18,ed,a7,3f,8d,37,a4,e2,44,3a,dc,6a,12,4e,fc,df,20,58,62,78,6b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,84,e2,96,ee,db, c7,3b,db,31,77,e1,ba,b1,f8,68,02,c7,ca,df,bb,ee,01,ae,50,fb,a7,78,e6,12,2f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,9a,30,dc,4d,18, 06,d5,d5,83,6c,56,8b,a0,85,96,ab,d4,24,bf,1f,10,f4,1e,50,01,3a,48,fc,e8,04,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,b2,91,df,47,ba, 16,02,d4,51,fa,6e,91,28,9e,14,cc,b6,57,c0,ad,f5,d2,31,3b,f6,0f,4e,58,98,5b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "f5f62a6129303efb32fbe080bb27835b"=hex:37,a4,aa,c3,a6,15,56,0a,f7,63,8b,20,59, 8e,b4,a2,b1,cd,45,5a,a8,c4,f8,b9,85,08,f9,99,21,eb,9f,48,3d,ce,ea,26,2d,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,60,76,76,6d,5a, a8,6e,d3,e3,0e,66,d5,eb,bc,2f,6b,cb,c4,4b,9a,c8,6a,1b,13,2a,b7,cc,b5,b9,7f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,60,7f,0a,df,65, ed,ae,ce,fa,ea,66,7f,d4,3b,6b,70,10,31,34,90,a9,42,80,7d,6c,43,2d,1e,aa,22,\ [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\Settings] @DACL=(02 0012) @Denied: (Full) (Everyone) "Data"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00, 00,00,79,52,33,1c,d4,b0,80,42,b2,a5,ee,9f,d0,f1,a1,e7,04,00,00,00,04,00,00,\ . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(744) c:\windows\system32\Ati2evxx.dll . Voltooingstijd: 2009-02-23 21:51:34 ComboFix-quarantined-files.txt 2009-02-23 20:51:31 ComboFix2.txt 2009-02-23 17:43:24 ComboFix3.txt 2007-05-22 19:46:20 Pre-Run: 220,685,168,640 bytes beschikbaar Post-Run: 220,614,356,992 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn Current=6 Default=6 Failed=5 LastKnownGood=7 Sets=1,2,3,4,5,6,7 570 --- E O F --- 2009-02-19 20:49:11 -
[OPGELOST] het venster hulprogramma voor systeemconfiguratie"
Erwtje69 reageerde op Erwtje69's topic in Archief Windows Algemeen
ComboFix 09-02-21.01 - Erwtje 2009-02-23 18:39:51.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.2048.1403 [GMT 1:00] Gestart vanuit: m:\mijn setup's\ComboFix.exe AV: avast! antivirus 4.8.1335 [VPS 090223-0] *On-access scanning disabled* (Updated) AV: Trend Micro Internet Security *On-access scanning disabled* (Updated) FW: COMODO Firewall Pro *disabled* FW: Trend Micro Personal Firewall *disabled* * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Erwtje\Application Data\inst.exe c:\windows\system32\tmp.reg L:\Autorun.inf M:\Autorun.inf . (((((((((((((((((((( Bestanden Gemaakt van 2009-01-23 to 2009-02-23 )))))))))))))))))))))))))))))) . 2009-02-23 16:14 . 2009-02-23 16:14 <DIR> d-------- c:\windows\system32\beidpp 2009-02-23 16:14 . 2009-02-23 16:14 <DIR> d-------- c:\program files\Belgium Identity Card 2009-02-23 15:55 . 2009-02-23 17:33 <DIR> d--hs---- c:\documents and settings\Erwtje\Onlangs geopend 2009-02-23 14:29 . 2009-02-23 14:29 <DIR> d-------- c:\program files\Uniblue 2009-02-23 14:29 . 2009-02-23 14:29 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{38E672D5-1F19-4A24-BA49-04BE4A4DBCAE} 2009-02-22 18:32 . 2009-02-22 18:32 <DIR> d-------- c:\documents and settings\Erwtje\Bluetooth Software 2009-02-22 18:19 . 2007-03-31 06:02 876,384 --a------ c:\windows\system32\drivers\btkrnl.sys 2009-02-22 18:19 . 2007-03-23 03:49 539,072 --a------ c:\windows\system32\drivers\btaudio.sys 2009-02-22 18:19 . 2007-03-23 03:50 149,123 --a------ c:\windows\system32\drivers\btwdndis.sys 2009-02-22 18:19 . 2007-03-31 06:02 55,352 --a------ c:\windows\system32\drivers\btwhid.sys 2009-02-22 18:19 . 2007-03-23 03:50 37,424 --a------ c:\windows\system32\drivers\btport.sys 2009-02-22 18:08 . 2007-03-23 03:50 106,557 -ra------ c:\windows\system32\btw_ci.dll 2009-02-22 18:08 . 2007-03-23 03:50 67,960 --a------ c:\windows\system32\drivers\btwusb.sys 2009-02-22 00:58 . 2009-02-22 00:58 <DIR> d-------- c:\program files\WIDCOMM 2009-02-21 16:42 . 2009-02-21 16:42 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\Ashampoo 2009-02-21 16:27 . 2009-02-21 16:27 103,424 --a------ c:\windows\system32\PowerUp3_nat.dll 2009-02-20 22:06 . 2009-02-20 22:07 <DIR> d-------- c:\program files\PDFCreator 2009-02-20 22:06 . 2001-10-28 17:42 116,224 --a------ c:\windows\system32\pdfcmnnt.dll 2009-02-20 21:50 . 2006-11-30 22:24 86,016 --a------ c:\windows\system32\custmon32.dll 2009-02-20 20:44 . 2009-02-20 20:44 <DIR> d--h----- c:\windows\system32\CanonMP Uninstaller Information 2009-02-20 20:43 . 2009-02-20 20:43 <DIR> d--h----- C:\CanonMP 2009-02-19 17:37 . 2009-02-19 17:37 <DIR> d--h----- c:\documents and settings\All Users\Application Data\CanonBJ 2009-02-18 21:14 . 2009-02-18 21:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\pdf995 2009-02-18 21:14 . 2009-02-18 21:21 249,856 --a------ c:\windows\system32\pdfmona.dll 2009-02-18 21:14 . 2009-02-18 21:21 51,716 --a------ c:\windows\system32\pdf995mon.dll 2009-02-18 21:14 . 2009-02-18 21:21 25 --a------ c:\windows\wpd99.drv 2009-02-18 21:13 . 2009-02-20 21:09 <DIR> d-------- C:\pdf995 2009-02-15 18:07 . 2009-02-15 18:07 <DIR> d-------- c:\program files\Microsoft SQL Server Compact Edition 2009-02-15 17:05 . 2009-02-15 17:05 126 --a------ c:\windows\system32\{BDA126A1-7D91-4638-B52F-49D9E6F6F87E}.dat 2009-02-15 16:03 . 2009-02-20 20:51 0 --a------ c:\windows\system32\PDFtypewriter 2009-02-15 14:26 . 2009-02-15 14:26 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\CTdeveloping 2009-02-15 14:26 . 2009-02-15 14:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\CTdeveloping 2009-02-14 17:25 . 2009-02-14 17:25 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2009-02-14 17:14 . 2009-02-20 21:59 <DIR> d-------- c:\program files\Capsoft 2009-02-14 16:10 . 2009-02-14 16:10 <DIR> d-------- C:\MIR 2009-02-14 14:44 . 2009-02-14 14:44 <DIR> d-------- c:\program files\Multiple Image Resizer .NET 2009-02-12 00:11 . 2008-05-02 14:30 465,920 --------- c:\windows\system32\imapi2fs.dll 2009-02-12 00:11 . 2008-05-02 14:30 465,920 -----c--- c:\windows\system32\dllcache\imapi2fs.dll 2009-02-12 00:11 . 2008-05-02 14:30 317,952 --------- c:\windows\system32\imapi2.dll 2009-02-12 00:11 . 2008-05-02 14:30 317,952 -----c--- c:\windows\system32\dllcache\imapi2.dll 2009-02-12 00:11 . 2008-05-02 11:49 62,976 -----c--- c:\windows\system32\dllcache\cdrom.sys 2009-02-12 00:10 . 2008-04-17 05:59 407,040 -----c--- c:\windows\system32\dllcache\netlogon.dll 2009-02-12 00:10 . 2008-04-17 05:59 344,576 -----c--- c:\windows\system32\dllcache\localspl.dll 2009-02-12 00:10 . 2008-04-17 05:59 176,128 -----c--- c:\windows\system32\dllcache\w32time.dll 2009-02-12 00:10 . 2008-04-17 05:59 134,144 -----c--- c:\windows\system32\dllcache\wkssvc.dll 2009-02-12 00:10 . 2008-05-05 12:07 132,608 -----c--- c:\windows\system32\dllcache\msv1_0.dll 2009-02-12 00:10 . 2008-04-17 05:59 113,664 -----c--- c:\windows\system32\dllcache\dsuiext.dll 2009-02-12 00:10 . 2008-04-17 05:59 68,096 -----c--- c:\windows\system32\dllcache\ntdsapi.dll 2009-02-12 00:07 . 2009-02-12 00:07 <DIR> d-------- c:\program files\Dir2File 2009-02-12 00:06 . 2004-12-09 08:17 61,440 --a------ c:\windows\ContextMenuExt.dll 2009-02-12 00:05 . 2007-07-10 20:27 40,960 --a------ c:\windows\system32\SSUBTMR6.DLL 2009-02-11 23:50 . 2007-10-07 11:27 10,752 --a------ c:\windows\system32\aamd532.dll 2009-02-07 18:04 . 2009-02-07 18:04 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\Kodak 2009-02-07 18:03 . 2009-02-07 18:03 <DIR> d-------- c:\program files\Kodak 2009-02-06 20:35 . 2009-02-06 20:35 <DIR> d-------- c:\program files\BatchPhoto 2009-02-04 23:16 . 2009-02-04 23:17 <DIR> d-------- c:\program files\Photobie 2009-02-02 13:31 . 2009-02-02 13:31 360,448 --a------ c:\windows\system32\beid35applayer.dll 2009-02-02 13:31 . 2009-02-02 13:31 86,016 --a------ c:\windows\system32\Belgium Identity Card PKCS11.dll 2009-02-02 13:31 . 2009-02-02 13:31 86,016 --a------ c:\windows\system32\beidpkcs11.dll 2009-02-02 13:31 . 2009-02-02 13:31 69,632 --a------ c:\windows\system32\beidCSPlib.dll 2009-02-02 13:30 . 2009-02-02 13:30 262,144 --a------ c:\windows\system32\beid35DlgsWin32.dll 2009-02-02 13:30 . 2009-02-02 13:30 192,512 --a------ c:\windows\system32\beid35cardlayer.dll 2009-02-02 13:30 . 2009-02-02 13:30 122,880 --a------ c:\windows\system32\beid35common.dll 2009-02-02 13:29 . 2009-02-02 13:29 200,704 --a------ c:\windows\system32\eidlib.dll 2009-02-02 13:29 . 2009-02-02 13:29 200,704 --a------ c:\windows\system32\beidlib.dll 2009-01-24 00:21 . 2009-01-24 00:21 <DIR> d-------- c:\program files\CDBurnerXP 2009-01-24 00:21 . 2009-01-24 00:21 <DIR> d-------- c:\documents and settings\Erwtje\Application Data\Canneverbe_Limited . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-23 17:37 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-02-23 15:17 0 ----a-w c:\windows\system32\drivers\lvuvc.hs 2009-02-23 15:17 0 ----a-w c:\windows\system32\drivers\logiflt.iad 2009-02-23 15:13 33,536 ----a-w c:\windows\system32\drivers\a38usb.sys 2009-02-23 15:13 110,592 ----a-w c:\windows\system32\usbr38.dll 2009-02-23 13:32 --------- d-----w c:\documents and settings\Erwtje\Application Data\Uniblue 2009-02-22 22:40 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-02-21 15:26 --------- d-----w c:\program files\Ashampoo 2009-02-20 20:44 --------- d-----w c:\program files\PDFCreator Toolbar 2009-02-20 19:48 --------- d-----w c:\documents and settings\Erwtje\Application Data\Canon 2009-02-19 21:59 --------- d-----w c:\program files\Common Files\ScanSoft Shared 2009-02-19 21:57 --------- d-----w c:\program files\Canon 2009-02-18 20:31 --------- d-----w c:\documents and settings\Erwtje\Application Data\MSN6 2009-02-17 21:42 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-02-15 16:34 --------- d-----w c:\program files\Common Files\Symantec Shared 2009-02-15 16:32 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-02-15 15:09 --------- d-----w c:\program files\Common Files\Adobe 2009-02-14 17:20 --------- d-----w c:\documents and settings\All Users\Application Data\ACD Systems 2009-02-14 16:08 --------- d-----w c:\program files\Foxit Software 2009-02-14 13:44 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-11 23:08 --------- d-----w c:\program files\MSECache 2009-02-11 09:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-11 09:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-02-07 22:20 --------- d-----w c:\documents and settings\Erwtje\Application Data\XnView 2009-01-13 14:44 --------- d-----w c:\program files\CCleaner 2009-01-13 14:23 --------- d-----w c:\program files\PC Tune-Up 2009-01-05 22:33 3,751,995 ----a-w c:\windows\system32\GPhotos.scr 2008-12-29 18:58 --------- d-----w c:\documents and settings\Erwtje\Application Data\Malwarebytes 2008-12-29 18:58 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-23 21:21 --------- d-----w c:\program files\Apple Software Update 2008-12-20 23:03 826,368 ----a-w c:\windows\system32\wininet.dll 2008-07-27 20:53 47,360 ----a-w c:\documents and settings\Erwtje\Application Data\pcouffin.sys 2008-05-07 21:24 14,290 ----a-w c:\program files\settings.dat 2008-01-30 19:05 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLec.DAT 2008-01-30 19:05 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLds.DAT 2005-08-25 20:00 48,128 ----a-w c:\documents and settings\LocalService\cnmss Canon MP500 Series Printer (Local).dll 2005-08-25 20:00 48,128 ----a-w c:\documents and settings\Erwtje\cnmss Canon MP500 Series Printer (Local).dll 2008-04-19 20:14 67,696 ----a-w c:\program files\mozilla firefox\components\jar50.dll 2008-04-19 20:14 54,376 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll 2008-04-19 20:14 34,952 ----a-w c:\program files\mozilla firefox\components\myspell.dll 2008-04-19 20:14 46,720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll 2008-04-19 20:14 172,144 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll 2008-10-12 21:09 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008101220081013\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288] "RocketDock"="c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-18 630784] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 49152] "COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2007-12-16 1115728] "avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-02-05 81000] "VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-07-11 122880] "UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2008-09-29 970808] "Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2002-10-11 98304] "nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2006-10-31 321088] "CTDVDDET"="c:\program files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160] "OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [2008-09-29 497008] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-04-01 568176] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\program files\DVD Region+CSS Free\DVDShell.dll" [2004-10-09 49152] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.MJPG"= pvmjpg30.dll "VIDC.PIM1"= pclepim1.dll "VIDC.ACDV"= ACDV.dll "msacm.l3codec"= l3codecp.acm "vidc.mjpx"= Pvmjpg30.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^NkbMonitor.exe.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ymetray.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^Canon IJ Status Monitor Canon MP500 Series Printer.lnk] path=c:\documents and settings\Erwtje\Menu Start\Programma's\Opstarten\Canon IJ Status Monitor Canon MP500 Series Printer.lnk backup=c:\windows\pss\Canon IJ Status Monitor Canon MP500 Series Printer.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^HDDlife.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^OpenOffice.org 2.1 .lnk] [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^RocketDock.lnk] backup=c:\windows\pss\RocketDock.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^Shrink Pic.lnk] backup=c:\windows\pss\Shrink Pic.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^TransBar.lnk] backup=c:\windows\pss\TransBar.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^UberIcon.lnk] backup=c:\windows\pss\UberIcon.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^Y'z Shadow.lnk] backup=c:\windows\pss\Y'z Shadow.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Erwtje^Menu Start^Programma's^Opstarten^Zita Nieuwsflash.lnk] HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistrySmart HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009 HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpyEraser HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinVNC HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] --a------ 2005-07-14 15:09 57344 c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-06-12 02:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] --a------ 2008-03-20 17:42 217544 c:\program files\Alcohol Soft\Alcohol 52\AxCmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Probe] --a------ 2002-12-06 16:07 617984 c:\program files\ASUS\Probe\AsusProb.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid] --a------ 2009-02-02 13:32 2035712 c:\program files\Belgium Identity Card\beid35gui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray] --a------ 2007-09-10 11:08 258134 c:\program files\IVT Corporation\BlueSoleil\BtTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative MediaSource Go] -----c--- 2004-11-30 11:00 135168 c:\program files\Creative\MediaSource\Go\CTCMSGo.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] --a------ 2008-04-14 18:02 15360 c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent] --a------ 2006-11-13 17:34 1289000 c:\progra~1\MI3AA1~1\wcescomm.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTpatch] -ra------ 2002-10-30 10:40 28672 c:\windows\htpatch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager] --a------ 2008-08-14 16:11 565008 c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] --a------ 2008-08-14 16:15 2407184 c:\program files\Logitech\QuickCam\Quickcam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MRC] --a------ 2007-09-20 10:16 2419200 c:\program files\PC Tune-Up\PCTuneUp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --------- 2008-04-14 18:03 1695232 c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --a------ 2007-10-18 11:34 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OE] --a------ 2008-09-29 14:08 497008 c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2] --a------ 2003-05-08 11:00 49152 c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCLEPCI] --a------ 2004-08-30 17:31 36864 c:\progra~1\Pinnacle\PPE\PPE.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PicoBackupOE] --a------ 2005-06-17 14:52 1129472 c:\program files\PicoBackupOE\PicoBackupAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-06-29 05:24 286720 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock] --a------ 2007-03-18 23:05 630784 c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector] --------- 2005-07-28 08:32 94208 c:\program files\Common Files\Ulead Systems\AutoDetector\Monitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead Calendar Checker] --a--c--- 2005-08-22 09:10 69632 c:\program files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg] --------- 2000-05-11 01:00 90112 c:\windows\Updreg.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse] --a--c--- 2006-02-17 10:14 163840 c:\program files\A4TECH\Mouse\Amoumain.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper] --a------ 2005-08-07 23:10 16384 c:\windows\CTHELPER.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp] --a------ 2005-08-07 23:10 18944 c:\windows\system32\CTXFIHLP.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Realtime Audio Engine] --a------ 2008-06-23 16:43 70144 c:\windows\system32\mmrtkrnl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "usnjsvc"=3 (0x3) "rpcapd"=3 (0x3) "ose"=3 (0x3) "odserv"=3 (0x3) "MDM"=2 (0x2) "LVCOMSer"=2 (0x2) "iPod Service"=3 (0x3) "gusvc"=2 (0x2) "FirebirdServerMAGIXInstance"=3 (0x3) "BsHelpCS"=3 (0x3) "BlueSoleilCS"=2 (0x2) "Apple Mobile Device"=2 (0x2) "a2free"=2 (0x2) "StarWindServiceAE"=2 (0x2) "TapiSrv"=3 (0x3) "Schedule"=2 (0x2) "LVPrcSrv"=2 (0x2) "IDriverT"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\CCleaner\\ccleaner.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Piolet\\Piolet.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\ASUS\\AsusUpdate\\Update.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"= "c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"= "c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"= "c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"= "c:\\Program Files\\Outlook Express\\msimn.exe"= "c:\\Program Files\\Linksys Wireless-G PCI Wireless Network Monitor\\InvokeSvc2.exe"= "c:\\Program Files\\Windows Live\\Mail\\wlmail.exe"= "c:\\Program Files\\Windows Live\\Writer\\WindowsLiveWriter.exe"= "c:\\Program Files\\PrinterAnywhere\\paConsole.exe"= "c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"= "c:\\Program Files\\Opera\\opera.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\1 Click PC Fix\\1clickpcfix.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-29 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-11-29 20560] R2 dvdmrp;dvdmrp;c:\windows\system32\drivers\dvdmrp.sys [2005-08-03 5504] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [2006-03-24 33536] R3 Amps2prt;A4Tech PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [2006-05-09 13824] R3 BENDER;Pinnacle AV/DV2 Capture;c:\windows\system32\drivers\bender.sys [2006-11-20 200320] S2 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;f:\magix\Common\Database\bin\fbserver.exe --> f:\magix\Common\Database\bin\fbserver.exe [?] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512] --- Andere Services/Drivers In Geheugen --- *NewlyCreated* - GTNDIS5 *Deregistered* - ImapiService *Deregistered* - lanmanserver *Deregistered* - lanmanworkstation *Deregistered* - LmHosts *Deregistered* - mnmsrvc *Deregistered* - Netman *Deregistered* - Nla *Deregistered* - NMSAccessU *Deregistered* - nmservice *Deregistered* - PolicyAgent *Deregistered* - ProtectedStorage *Deregistered* - RasMan *Deregistered* - rpcapd *Deregistered* - RpcSs *Deregistered* - SamSs *Deregistered* - SCardSvr *Deregistered* - seclogon *Deregistered* - SENS *Deregistered* - SharedAccess *Deregistered* - ShellHWDetection *Deregistered* - SoundMAX Agent Service (default) *Deregistered* - Spooler *Deregistered* - srservice *Deregistered* - stisvc *Deregistered* - TapiSrv *Deregistered* - TermService *Deregistered* - Themes *Deregistered* - TrkWks *Deregistered* - Uniblue DiskRescue *Deregistered* - WebClient *Deregistered* - WinDefend *Deregistered* - winmgmt *Deregistered* - WMP54Gv4SVC *Deregistered* - wscsvc *Deregistered* - wuauserv *Deregistered* - WZCSVC [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L] \Shell\AutoRun\command - L:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\M] \Shell\AutoRun\command - M:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{33ff8e03-1f8d-11dd-9071-0011675a9d92}] \Shell\AutoRun\command - H:\ClickMe.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static] msiexec /fums {3CBBEE47-C8F4-316A-92FF-ED7E3DFAE41E} /qb . Inhoud van de 'Gedeelde Taken' map 2008-12-23 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2008-12-24 c:\windows\Tasks\At1.job - c:\windows\system32\3AA45Enp.exe [] 2008-10-11 c:\windows\Tasks\At10.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-23 c:\windows\Tasks\At11.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-23 c:\windows\Tasks\At12.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-23 c:\windows\Tasks\At13.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-23 c:\windows\Tasks\At14.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-25 c:\windows\Tasks\At15.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-25 c:\windows\Tasks\At16.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-25 c:\windows\Tasks\At17.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-25 c:\windows\Tasks\At18.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-24 c:\windows\Tasks\At19.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-25 c:\windows\Tasks\At2.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-24 c:\windows\Tasks\At20.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-24 c:\windows\Tasks\At21.job - c:\windows\system32\3AA45Enp.exe [] 2009-02-17 c:\windows\Tasks\At22.job - c:\windows\system32\3AA45Enp.exe [] 2009-02-17 c:\windows\Tasks\At23.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-24 c:\windows\Tasks\At24.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-25 c:\windows\Tasks\At3.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-24 c:\windows\Tasks\At4.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-24 c:\windows\Tasks\At5.job - c:\windows\system32\3AA45Enp.exe [] 2008-09-06 c:\windows\Tasks\At6.job - c:\windows\system32\3AA45Enp.exe [] 2008-09-06 c:\windows\Tasks\At7.job - c:\windows\system32\3AA45Enp.exe [] 2008-09-06 c:\windows\Tasks\At8.job - c:\windows\system32\3AA45Enp.exe [] 2008-10-11 c:\windows\Tasks\At9.job - c:\windows\system32\3AA45Enp.exe [] 2008-12-05 c:\windows\Tasks\Norton Security Scan.job - c:\program files\Norton Security Scan\Nss.exe [2007-09-18 23:42] 2008-12-24 c:\windows\Tasks\RegistrySmart Scheduled Scan.job - c:\program files\RegistrySmart\RegistrySmart.exe [] 2008-12-24 c:\windows\Tasks\RegistrySmart Scheduled Scan.job - c:\program files\RegistrySmart [] 2009-02-23 c:\windows\Tasks\Uniblue DiskRescue 2009.job - c:\program files\Uniblue\DiskRescue\UBDiskRescue.exe [2008-09-10 16:22] 2007-02-18 c:\windows\Tasks\Uniblue SpyEraser.job - c:\program files\Uniblue\SpyEraser\SpyEraser.exe [] . - - - - ORPHANS VERWIJDERD - - - - MSConfigStartUp-CamMonitor - f:\digital imaging\\Unload\hpqcmon.exe MSConfigStartUp-iTunesHelper - F:\iTunesHelper.exe MSConfigStartUp-PDFtypewriterPrinterMonitor - c:\program files\PDFtypewriter\Printer\PDFtypewriterMonitorStart.exe MSConfigStartUp-Share-to-Web Namespace Daemon - f:\hp share-to-web\hpgs2wnd.exe . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.hln.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm Trusted Zone: microsoft.com\download.windowsupdate Trusted Zone: microsoft.com\support Trusted Zone: microsoft.com\www.update DPF: DirectAnimation Java Classes DPF: Microsoft XML Parser for Java FF - ProfilePath - . . ------- Bestandsassociaties ------- . regfile\shell\edit\command=%SystemRoot%\system32\NOTEPAD.EXE %1 . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-23 18:41:31 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-1004336348-583907252-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{557B07D3-7DB1-3FD4-A397-E353685CF813}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "iakiachldgmohicgdc"=hex:6b,61,6e,6e,6e,6e,70,63,69,61,70,6c,67,6e,61,6f,6e,6f, 62,68,66,68,00,00 "haaiodhdphjaomoe"=hex:6b,61,6e,6e,6d,6e,69,6e,61,68,6e,70,64,70,69,65,6e,6d, 6f,62,67,66,00,00 [HKEY_USERS\S-1-5-21-1004336348-583907252-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B96E5DFF-D769-C338-7EE4-EFA8663D62F2}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,9f,6c,aa,c8,f4, 7a,a9,94,c8,28,51,af,b0,29,a3,98,13,30,66,8d,37,c5,87,12,e2,63,26,f1,3f,c8,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,9f,65,67,08,bf, 1a,28,ab,71,3b,04,66,8b,46,0d,96,6a,7e,ff,0c,f8,1c,6f,4a,6a,9c,d6,61,af,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,07,db,6a,2a,c5, 7c,10,3f,25,da,ec,7e,55,20,c9,26,ab,88,e2,cf,19,41,cf,20,ff,7c,85,e0,43,d4,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,06,18,9f,85,43, 97,d3,4c,3e,1e,9e,e0,57,5a,93,61,2f,03,b3,0e,c9,a1,51,44,86,8c,21,01,be,91,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,79,97,17,f6,e8, 92,06,6d,cd,44,cd,b9,a6,33,6c,cd,88,b3,8a,7d,02,c1,b7,f2,f5,1d,4d,73,a8,13,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,70,06,92,03,05, a5,73,54,b0,18,ed,a7,3f,8d,37,a4,e2,44,3a,dc,6a,12,4e,fc,df,20,58,62,78,6b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,84,e2,96,ee,db, c7,3b,db,31,77,e1,ba,b1,f8,68,02,c7,ca,df,bb,ee,01,ae,50,fb,a7,78,e6,12,2f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,9a,30,dc,4d,18, 06,d5,d5,83,6c,56,8b,a0,85,96,ab,d4,24,bf,1f,10,f4,1e,50,01,3a,48,fc,e8,04,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,b2,91,df,47,ba, 16,02,d4,51,fa,6e,91,28,9e,14,cc,b6,57,c0,ad,f5,d2,31,3b,f6,0f,4e,58,98,5b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "f5f62a6129303efb32fbe080bb27835b"=hex:37,a4,aa,c3,a6,15,56,0a,f7,63,8b,20,59, 8e,b4,a2,b1,cd,45,5a,a8,c4,f8,b9,85,08,f9,99,21,eb,9f,48,3d,ce,ea,26,2d,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,60,76,76,6d,5a, a8,6e,d3,e3,0e,66,d5,eb,bc,2f,6b,cb,c4,4b,9a,c8,6a,1b,13,2a,b7,cc,b5,b9,7f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,60,7f,0a,df,65, ed,ae,ce,fa,ea,66,7f,d4,3b,6b,70,10,31,34,90,a9,42,80,7d,6c,43,2d,1e,aa,22,\ [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\Settings] @DACL=(02 0012) @Denied: (Full) (Everyone) "Data"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00, 00,00,79,52,33,1c,d4,b0,80,42,b2,a5,ee,9f,d0,f1,a1,e7,04,00,00,00,04,00,00,\ . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(752) c:\windows\system32\Ati2evxx.dll . Voltooingstijd: 2009-02-23 18:43:23 ComboFix-quarantined-files.txt 2009-02-23 17:43:20 ComboFix2.txt 2007-05-22 19:46:20 Pre-Run: 220.994.686.976 bytes beschikbaar Post-Run: 220,994,633,728 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn Current=6 Default=6 Failed=5 LastKnownGood=7 Sets=1,2,3,4,5,6,7 567 --- E O F --- 2009-02-19 20:49:11 -
[OPGELOST] het venster hulprogramma voor systeemconfiguratie"
Erwtje69 reageerde op Erwtje69's topic in Archief Windows Algemeen
Beste Kape, heb vandaag al drie keer meegemaakt dat al mijn icoontjse in de werkbalk onderaan mijn scherm zijn verdwenen.Ook krijg ik dan (soms),de melding :"in explorer.exe is een fout opgetreden en moet worden afgesloten". Ik moet dan telkens via taakbeheer /nieuwe taak/explorer.exe intikken ,dan komt mijn bureaublad weer tevoorschijn maar mijnicoontjes niet .Ik moet dan manueel de werkbalk :"snelstarten" opnieuw aanvinken en dan zijn de icoontjes daar terug?????? Ps.heb ook nog een externe hd die is aangesloten aan mijn computer.Zou het mogelijk zijn dat vandaar ergens een trojan of ander virus kan optreden??? Raar maar waar?? MVG.Erwtje69 -
[OPGELOST] het venster hulprogramma voor systeemconfiguratie"
Erwtje69 reageerde op Erwtje69's topic in Archief Windows Algemeen
Goedemorgen Kape, behalve dat mijn pc bleef hangen op het xp logo toen ik hem deze morgend opstarte lijkt alles nu wel in orde.Met een druk op de reset knop kwam de computer terug helemaal tot leven. Doet er wel een tijdje over alvorens hij volledig is opgestart,maar dat is waarschijnlijk te wijten aan de vele geinstalleerde programma's op deze computer. Misschien een een herinstallatie overwegen van xp of er maar metteen vista er op ploffen misschien,maar kweet niet of twee GB ddr ram genoeg is daarvoor.heb dus nog geen ddr2 of drie in deze computer.Moederbord ondersteund dat trouwens niet . In ieder geval erg bedankt voor uw hulp.Als er terug problemen zouden opduiken dan weet ik nu waarheen ,he. Bedankt hoor. Mvg.erwtje69 -
[OPGELOST] het venster hulprogramma voor systeemconfiguratie"
Erwtje69 reageerde op Erwtje69's topic in Archief Windows Algemeen
Eigenaardig,eerst wilde deze pagina niet meer openen ,terwijl ik de logjes hier aan het invoegen was en nu blijken ze plots hier dubbel gepost te zijn????? Sorry hoor,maar hoe dat nu weerr kan weet ik ook niet meer?? MVg.Erwtje69 -
[OPGELOST] het venster hulprogramma voor systeemconfiguratie"
Erwtje69 reageerde op Erwtje69's topic in Archief Windows Algemeen
Hier ben ik dan met de gevraagde logjes .Alvast bedankt voor uw spontane hulp. Mvg.Erwtje69 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:51:26, on 22/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Comodo\Firewall\cmdagent.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\WinPcap\rpcapd.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\Program Files\Comodo\Firewall\CPF.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\PROGRA~1\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\Windows Live\Messenger\HTC.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: (no name) - -{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - (no file) O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-19\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.0.6.5.cab O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager_dev/plugin/IEGetPlugin.ocx O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/e/38.09/f-6tcHDGwoY/uploader2.cab O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - https://www.microsoft.com/resources/virtuallabs/ActiveX/VMRCActiveXClient1.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.nl/downloads/BUM/BUM_WIN_IE_2/axofupld.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1218922213856&h=1228216423e2b904dbf135487519793c/&filename=jinstall-6u7-windows-i586-jc.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/nl/TSEasyInstallX.CAB O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - F:\MAGIX\Common\Database\bin\fbserver.exe (file missing) O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe -- End of file - 12362 bytes Hier is dan het logje van malwarebytes Malwarebytes' Anti-Malware 1.34 Database versie: 1794 Windows 5.1.2600 Service Pack 3 22/02/2009 23:45:54 mbam-log-2009-02-22 (23-45-54).txt Scan type: Snelle Scan Objecten gescand: 72526 Verstreken tijd: 3 minute(s), 37 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 3 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: C:\WINDOWS\system32\drivers\seneka.sys (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\senekayxtjcvka.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\UACrdoexwkb.sys (Trojan.Agent) -> Quarantined and deleted successfully.
OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!