Ga naar inhoud

kurt5

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    213

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door kurt5

  1. kurt5
    Hijackthis-log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:23:53, on 19/11/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E2DC7F5A744E2A3EC2 - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - (no file) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\MSNTB.DLL O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\MSNTB.DLL O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [systemTray] SysTray.Exe O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-2025429265-1606980848-1957994488-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-18\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\system32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\system32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: Win32 Classes - -- End of file - 3977 bytes Ik zei dat hij vastloopt maar in feite stopt hij halverwege en doet dan aan een slakkengangetje de rest van de opstart, maar dat duurt een paar uur, daarmee dat ik dacht dat hij vastliep.
  2. kurt5
    Oke, heb dit gedaan. Maar ik moet hem wel opstarten via veilige modus want anders opent hij bij het opstarten automatisch internet explorer en blijft terug hangen. Alsof hij maar de helft van zijn werk doet. Zal een logje makjen met Hijack in veilige modus en via een andere pc hierop zetten.
  3. kurt5
    Heb nagekeken, maar zie niet echt waar dit staat. Ik versta eigenlijk ook niet goed wat je bedoelt, kun je dit eens beter uitleggen aub. Dank u
  4. kurt5
    Oke, probleem van afsluiten is opgelost door oplossing van hierboven. Heb er ook avg van gedaan omdat men zegt dat het iets te zwaar is voor dat bakske, en natuurlijk een nieuw probleem bij het opstarten opent hij explorer en valt stil en doet niets meer. Iemand met een oplossing?
  5. kurt5
    Oké, heb er geheugen van 512mb bijgedaan maar start hetzelfde op. Moet ik iets speciaals doen want daar heb ik geen ervaring mee?
  6. kurt5
    Ik had graag geweten of er goede winkels zijn waar ik online componenten kan kopen voor een pc. Ben namelijk op zoek achter wat ram-geheugen (sdram pc133 1gb). Weet er soms iemand waar ik voordelig zoiets kan kopen. Alvast bedankt
  7. kurt5
    Oke, zal geheugen bijsteken en zien wat het oplevert
  8. kurt5
    iexplore.exe explorer.exe iexplore.exe svchost.exe wuauclt.exe dit is de juiste volgorde (iexplore komt 2 maal voor)
  9. kurt5
    Dit is een gewoon Hijackthis-log (systemscan) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:35:56, on 22/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.pandora.be:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O1 - Hosts file is located at: C:\WINDOWS\System32\drivers\etc\hosts O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E2DC7F5A744E2A3EC2 - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - (no file) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\MSNTB.DLL O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\MSNTB.DLL O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [systemTray] SysTray.Exe O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-2025429265-1606980848-1957994488-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-18\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\system32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\system32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: Win32 Classes - O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe -- End of file - 5085 bytes
  10. kurt5
    Oké, hier Hijackthis-logje StartupList report, 22/10/2009, 21:05:10 StartupList version: 1.52.2 Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE Detected: Windows XP SP3 (WinNT 5.01.2600) Detected: Internet Explorer v8.00 (8.00.6001.18702) * Using default options ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run SystemTray = SysTray.Exe MediaFace Integration = C:\Program Files\Fellowes\MediaFACE 5.0\SetHook.exe Share-to-Web Namespace Daemon = C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe AVG9_TRAY = C:\PROGRA~1\AVG\AVG9\avgtray.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} WormRadar.com IESiteBlocker.NavFilter - C:\Program Files\AVG\AVG9\avgssie.dll - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E2DC7F5A744E2A3EC2 - (no file) - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} (no name) - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} (no name) - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll - {A3BC75A2-1F87-4686-AA43-5347D756017C} (no name) - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\MSNTB.DLL - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -------------------------------------------------- Enumerating Task Scheduler jobs: Toepassing Optimalisatie Start.job PCHealth-planner voor gegevensverzameling.job Herinnering voor video.job User_Feed_Synchronization-{7BCB72A0-D63D-49AD-A733-8A6E6878F72F}.job -------------------------------------------------- Enumerating Download Program Files: [Win32 Classes] [{31435657-9980-0010-8000-00AA00389B71}] CODEBASE = http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab [shockwave Flash Object] InProcServer32 = C:\WINDOWS\SYSTEM32\MACROMED\FLASH\Flash9e.ocx CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll UPnPMonitor: C:\WINDOWS\SYSTEM32\UPNPUI.DLL WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- End of report, 5.097 bytes Report generated in 1,592 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only
  11. kurt5
    Je zou verbaasd zijn wat dat oude beestje nog allemaal kan. Xp loopt er normaal goed op (heb wel geen overschot) hetgeen normaal is. Als ik hem nadien terug start loopt hij soms nog vast (soms 10x na elkaar) en soms gaat hij direct goed. Bij het uitzetten word windows volledig afgesloten maar mijn ventilator blijft draaien, ik heb al alles gecontroleerd en alles staat goed.
  12. kurt5
    Een paar maanden heb ik de pc van mijn ouders XP opgezet ipv ME. In het begin ging alles goed ... tot nu. Soms moeten we de pc 10 keer opnieuw opstarten voordat we er kunnen mee werken. Als we willen afsluiten dan sluit windows af maar blijft de koeling draaien dus ligt de pc nog aan. Heb al gezegd dat ze een nieuwe pc moeten kopen maar om de rekening te betalen en hun mailtjes te bekijken hebben ze niet een up-to date pc nodig daarom zou ik deze opnieuw vloeiend willen krijgen. PC-specificaties :AMD Athlon, MMX, 3D now, 900Mhz 128MB Ram Nvidia Riva TNT Model 64 Pro
  13. kurt5
    Oké, alles werkt weer naar behoren. Bedankt
  14. kurt5
    Sorry kerel, maar pc blijft het zelfde zeggen zoals in het bijgevoegde document. Andere raadgevingen misschien
  15. kurt5
    Oké, hier is mijn log. Heb alles gedaan zoals je zei. ComboFix 09-06-26.02 - Administrator 28/06/2009 9:58.7 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.1014.531 [GMT 2:00] Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Administrator\Bureaublad\CFScript.txt AV: Kaspersky Anti-virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} . (((((((((((((((((((( Bestanden Gemaakt van 2009-05-28 to 2009-06-28 )))))))))))))))))))))))))))))) . 2009-06-28 07:22 . 2009-06-28 07:22 94643 ----a-w- c:\windows\system32\drivers\klick.dat 2009-06-28 07:22 . 2009-06-28 07:22 105395 ----a-w- c:\windows\system32\drivers\klin.dat 2009-06-25 16:27 . 2009-06-25 16:27 -------- d-----w- c:\windows\system32\dllcache\cache 2009-06-25 10:29 . 2009-06-25 10:29 -------- d-----w- c:\program files\Trend Micro 2009-06-24 19:07 . 2009-06-24 19:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2009-06-24 19:07 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-24 19:07 . 2009-06-24 19:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-06-24 19:07 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-24 19:07 . 2009-06-24 19:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-24 16:17 . 2009-06-24 16:17 -------- d-----w- c:\documents and settings\Administrator\Application Data\Desktopicon 2009-06-24 16:17 . 2009-06-24 17:20 -------- d-----w- c:\program files\Unlocker 2009-06-23 18:02 . 2009-06-28 07:57 -------- d--h--r- c:\documents and settings\Administrator\Onlangs geopend 2009-06-22 16:54 . 2009-06-22 16:54 -------- d-----w- c:\program files\LimeWire 2009-06-21 18:31 . 2009-06-21 18:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Macrovision 2009-06-21 18:30 . 2009-06-21 18:30 -------- d-----w- c:\program files\Rainbow Technologies 2009-06-20 10:33 . 2009-06-22 18:08 1467 ----a-w- c:\windows\system32\setacl.bat 2009-06-19 14:53 . 2009-06-19 14:53 -------- d-----w- C:\Cmsdata 2009-06-19 14:51 . 1994-05-25 07:59 19456 ----a-w- c:\windows\system32\drivers\KEYP.SYS 2009-06-19 14:45 . 2009-06-19 15:14 -------- d-----w- C:\Wintools 2009-06-19 10:34 . 2009-06-19 10:34 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-06-18 10:32 . 2009-06-18 10:31 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-06-18 10:31 . 2009-06-18 10:31 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_11\lzma.dll 2009-06-17 20:24 . 2004-03-01 10:07 233472 ----a-w- c:\windows\system32\s7esetdx.dll 2009-06-17 20:24 . 1998-06-17 21:00 89360 ----a-w- c:\windows\system32\vb5db.dll 2009-06-17 20:18 . 2009-06-17 20:23 -------- d-----w- c:\windows\TempRASETUP 2009-06-17 20:17 . 2009-06-20 17:17 -------- d-----w- c:\program files\SIEMENS 2009-06-17 20:17 . 2009-06-20 17:17 -------- d-----w- c:\program files\Common Files\Siemens 2009-06-17 20:17 . 2009-06-17 20:24 -------- d-----w- c:\windows\Setup 2009-06-17 20:16 . 2009-06-17 20:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Siemens 2009-06-17 19:50 . 2009-06-17 19:50 52736 ----a-w- c:\windows\ipuninst.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-28 08:02 . 2008-09-08 15:28 66793248 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-06-28 08:02 . 2008-09-08 15:28 2928160 --sha-w- c:\windows\system32\drivers\fidbox2.dat 2009-06-28 07:29 . 2008-09-08 15:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-06-28 07:22 . 2008-10-10 14:25 15336 ----a-w- c:\windows\system32\tablet.dat 2009-06-27 23:25 . 2008-09-08 15:28 894920 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-06-27 23:25 . 2008-09-08 15:28 276032 --sha-w- c:\windows\system32\drivers\fidbox2.idx 2009-06-25 10:36 . 2008-09-10 17:46 -------- d-----w- c:\documents and settings\Administrator\Application Data\U3 2009-06-22 17:40 . 2008-09-06 09:39 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-22 16:55 . 2008-09-10 17:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\LimeWire 2009-06-22 16:32 . 2008-09-08 15:26 140064 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-22 10:31 . 2008-09-08 16:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-06-21 09:06 . 2008-09-10 18:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Corel 2009-06-21 09:06 . 2008-09-10 18:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel 2009-06-20 17:30 . 2009-01-10 17:29 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment 2009-06-18 10:31 . 2008-09-06 09:37 -------- d-----w- c:\program files\Java 2009-06-18 10:27 . 2008-09-12 20:19 -------- d-----w- c:\program files\eMule 2009-06-17 20:28 . 2008-09-10 18:45 -------- d-----w- c:\program files\Common Files\Adobe 2009-06-15 15:27 . 2009-01-11 12:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\My Games 2009-06-15 15:22 . 2009-04-15 17:48 -------- d-----w- c:\program files\3D-Album-CS 2009-05-26 17:26 . 2009-05-26 17:26 10134 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe 2009-05-11 18:43 . 2008-09-13 17:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\Autodesk 2009-05-07 15:34 . 2004-08-04 08:03 347136 ----a-w- c:\windows\system32\localspl.dll 2009-05-06 18:05 . 2009-01-12 16:04 3012 ----a-w- C:\drmHeader.bin 2009-04-29 04:49 . 2004-08-04 08:03 827392 ----a-w- c:\windows\system32\wininet.dll 2009-04-29 04:49 . 2004-08-04 08:03 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-23 17:42 . 2008-09-10 18:38 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys 2009-04-23 17:42 . 2008-09-10 18:38 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys 2009-04-19 19:51 . 2004-08-04 07:56 1847296 ----a-w- c:\windows\system32\win32k.sys 2009-04-16 08:06 . 2006-05-05 01:12 92620 ----a-w- c:\windows\system32\perfc013.dat 2009-04-16 08:06 . 2006-05-05 01:12 513498 ----a-w- c:\windows\system32\perfh013.dat 2009-04-15 14:55 . 2004-08-04 08:03 585216 ----a-w- c:\windows\system32\rpcrt4.dll 2009-04-09 11:32 . 2009-04-09 11:32 89088 ----a-w- c:\documents and settings\Administrator\Application Data\Desktopicon\eBayShortcuts.exe . ((((((((((((((((((((((((((((( SnapShot@2009-06-25_16.27.00 ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-28 07:22 . 2009-06-28 07:22 16384 c:\windows\Temp\Perflib_Perfdata_21c.dat + 2009-06-25 16:27 . 2008-10-16 13:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe + 2009-06-25 16:27 . 2008-04-14 17:02 82432 c:\windows\system32\dllcache\cache\ws2_32.dll + 2009-06-25 16:27 . 2008-04-14 17:03 26112 c:\windows\system32\dllcache\cache\userinit.exe + 2009-06-25 16:27 . 2008-04-14 17:03 14336 c:\windows\system32\dllcache\cache\svchost.exe + 2009-06-25 16:27 . 2008-04-14 17:03 57856 c:\windows\system32\dllcache\cache\spoolsv.exe + 2009-06-25 16:27 . 2008-04-14 17:02 17408 c:\windows\system32\dllcache\cache\powrprof.dll + 2009-06-25 16:27 . 2008-04-14 17:03 13312 c:\windows\system32\dllcache\cache\lsass.exe + 2009-06-25 16:27 . 2008-04-14 16:39 25088 c:\windows\system32\dllcache\cache\kbdclass.sys + 2009-06-25 16:27 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys + 2009-06-25 16:27 . 2008-04-14 17:02 15360 c:\windows\system32\dllcache\cache\ctfmon.exe + 2009-06-25 16:27 . 2008-04-14 17:03 510464 c:\windows\system32\dllcache\cache\winlogon.exe + 2009-06-25 16:27 . 2009-04-29 04:49 827392 c:\windows\system32\dllcache\cache\wininet.dll + 2009-06-25 16:27 . 2008-04-14 17:02 580096 c:\windows\system32\dllcache\cache\user32.dll + 2009-06-25 16:27 . 2008-04-14 17:02 297472 c:\windows\system32\dllcache\cache\termsrv.dll + 2009-06-25 16:27 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\cache\tcpip.sys + 2009-06-25 16:27 . 2009-02-09 11:27 111104 c:\windows\system32\dllcache\cache\services.exe + 2009-06-25 16:27 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\cache\ndis.sys + 2009-06-25 16:27 . 2008-04-14 17:02 110080 c:\windows\system32\dllcache\cache\imm32.dll + 2009-06-25 16:27 . 2008-04-14 17:02 175616 c:\windows\system32\dllcache\cache\appmgmts.dll + 2009-06-25 16:27 . 2008-04-14 17:02 1571840 c:\windows\system32\dllcache\cache\sfcfiles.dll + 2009-06-25 16:27 . 2009-02-09 11:27 2149888 c:\windows\system32\dllcache\cache\ntoskrnl.exe + 2009-06-25 16:27 . 2009-02-09 11:27 2028544 c:\windows\system32\dllcache\cache\ntkrnlpa.exe + 2009-06-25 16:27 . 2009-03-21 14:09 1030656 c:\windows\system32\dllcache\cache\kernel32.dll + 2009-06-25 16:27 . 2008-04-14 17:02 1037312 c:\windows\system32\dllcache\cache\explorer.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt] @="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}" [HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}] 2008-06-10 10:29 97064 ----a-w- c:\program files\Nero\Nero8\InCD\NBHShx.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "Google Update"="c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-04-18 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824] "Recguard"="c:\windows\Sminst\Recguard.exe" [2006-05-12 1138688] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-09-21 127036] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-03-20 213936] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-20 86960] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936] "Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-04-24 888832] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-31 761856] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13529088] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 86016] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-12 143360] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-12 172032] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-12 143360] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-18 136600] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-05-02 1630208] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2008-10-10 106496] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\SMINST\\Scheduler.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Autodesk\\Maya8.5\\bin\\maya.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [19/01/2009 18:16 120320] R1 SSHDRV85;SSHDRV85;c:\windows\system32\drivers\SSHDRV85.sys [21/01/2009 22:05 78848] R2 KeyP;KeyP;c:\windows\system32\drivers\KEYP.SYS [19/06/2009 16:51 19456] R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [10/06/2008 12:29 53032] R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [6/09/2008 11:41 540448] R2 S7opcsrtx;PROFINET IO RT-Protocol (LLDP);c:\windows\system32\drivers\s7opcsrtx.sys [3/07/2008 13:04 31232] R2 s7snsrtx;PROFINET IO RT-Protocol;c:\windows\system32\drivers\s7snsrtx.sys [30/07/2007 12:06 71168] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [4/04/2007 14:58 24344] R3 ovt530;Webcam Deluxe;c:\windows\system32\drivers\ov530vid.sys [8/09/2008 17:40 161792] S2 UGS License Server (ugslmd);UGS License Server (ugslmd);"c:\program files\UGS\UGSLicensing\lmgrd.exe" --> c:\program files\UGS\UGSLicensing\lmgrd.exe [?] S3 DualCoreCenter;DualCoreCenter;c:\biostools\NTGLM7X.sys [17/12/2008 10:38 28160] S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [28/11/2008 17:34 33752] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [5/11/2008 19:05 138112] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [5/11/2008 19:05 8320] --- Andere Services/Drivers In Geheugen --- *NewlyCreated* - GTNDIS5 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map 2009-06-22 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 12:21] 2009-06-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1594230785-904726401-1854274687-500.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-18 09:36] 2009-06-27 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-06-28 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-06-28 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2009-04-23 20:18] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/ uInternet Settings,ProxyOverride = *.local IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - Sign In IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 Trusted Zone: arena51.be\www Trusted Zone: bedrockplace.net\www Trusted Zone: cgsociety.org\www Trusted Zone: dexia.be\www Trusted Zone: digitaltutors.com\www Trusted Zone: google.be\www Trusted Zone: kwsd.be\www Trusted Zone: pc-helpforum.be\www Trusted Zone: sportwereld.be\www Trusted Zone: svzw.be\www . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-06-28 10:02 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pdfcDispatcher] "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(1368) c:\windows\system32\GTGina.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll c:\windows\system32\klogon.dll - - - - - - - > 'lsass.exe'(1432) c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll - - - - - - - > 'explorer.exe'(1188) c:\windows\system32\tabhook.dll c:\program files\Nero\Nero8\InCD\NBHShx.dll c:\program files\Nero\Nero8\InCD\NBHStr.dll c:\program files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2009-06-28 10:04 ComboFix-quarantined-files.txt 2009-06-28 08:04 ComboFix2.txt 2009-06-28 07:42 ComboFix3.txt 2009-06-27 11:59 ComboFix4.txt 2009-06-27 11:39 ComboFix5.txt 2009-06-28 07:57 Pre-Run: 35.484.483.584 bytes beschikbaar Post-Run: 35.458.777.088 bytes beschikbaar Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4 260 --- E O F --- 2009-06-14 01:01
  16. kurt5
    Ja heb nog altijd het probleem dat ik een bestand niet kan verwijderen. Ik heb een printscreen genomen en daarop zie je het prog die ik wil verwijderen maar niet lukt en een foutmelding geeft. Dat was in feite mijn hoofdprobleem. Dit moet eraf zodat ik alles eens opnieuw kan erop zetten. PrintScreen.doc
  17. kurt5
    Heb exact gedaan wat je zei, ik moest wel niet heropstarten. Dus moest ik iets verkeerd doen ik zou niet weten wat. Dus hier is mijn log. ComboFix 09-06-26.02 - Administrator 27/06/2009 13:50.5 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.1014.605 [GMT 2:00] Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Administrator\Bureaublad\CFScript.txt AV: Kaspersky Anti-virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FILE :: "c:\windows\system32\drivers\klick.dat" "c:\windows\system32\drivers\klin.dat" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\klick.dat c:\windows\system32\drivers\klin.dat . (((((((((((((((((((( Bestanden Gemaakt van 2009-05-27 to 2009-06-27 )))))))))))))))))))))))))))))) . 2009-06-25 16:27 . 2009-06-25 16:27 -------- d-----w- c:\windows\system32\dllcache\cache 2009-06-25 10:29 . 2009-06-25 10:29 -------- d-----w- c:\program files\Trend Micro 2009-06-24 19:07 . 2009-06-24 19:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2009-06-24 19:07 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-24 19:07 . 2009-06-24 19:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-06-24 19:07 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-24 19:07 . 2009-06-24 19:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-24 16:17 . 2009-06-24 16:17 -------- d-----w- c:\documents and settings\Administrator\Application Data\Desktopicon 2009-06-24 16:17 . 2009-06-24 17:20 -------- d-----w- c:\program files\Unlocker 2009-06-23 18:02 . 2009-06-27 11:48 -------- d--h--r- c:\documents and settings\Administrator\Onlangs geopend 2009-06-22 17:49 . 2009-06-25 04:46 -------- d-----w- c:\program files\UGS 2009-06-22 16:54 . 2009-06-22 16:54 -------- d-----w- c:\program files\LimeWire 2009-06-21 18:31 . 2009-06-21 18:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Macrovision 2009-06-21 18:30 . 2009-06-21 18:30 -------- d-----w- c:\program files\Rainbow Technologies 2009-06-20 10:33 . 2009-06-22 18:08 1467 ----a-w- c:\windows\system32\setacl.bat 2009-06-19 14:53 . 2009-06-19 14:53 -------- d-----w- C:\Cmsdata 2009-06-19 14:51 . 1994-05-25 07:59 19456 ----a-w- c:\windows\system32\drivers\KEYP.SYS 2009-06-19 14:45 . 2009-06-19 15:14 -------- d-----w- C:\Wintools 2009-06-19 10:34 . 2009-06-19 10:34 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-06-18 10:32 . 2009-06-18 10:31 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-06-18 10:31 . 2009-06-18 10:31 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_11\lzma.dll 2009-06-17 20:24 . 2004-03-01 10:07 233472 ----a-w- c:\windows\system32\s7esetdx.dll 2009-06-17 20:24 . 1998-06-17 21:00 89360 ----a-w- c:\windows\system32\vb5db.dll 2009-06-17 20:18 . 2009-06-17 20:23 -------- d-----w- c:\windows\TempRASETUP 2009-06-17 20:17 . 2009-06-20 17:17 -------- d-----w- c:\program files\SIEMENS 2009-06-17 20:17 . 2009-06-20 17:17 -------- d-----w- c:\program files\Common Files\Siemens 2009-06-17 20:17 . 2009-06-17 20:24 -------- d-----w- c:\windows\Setup 2009-06-17 20:16 . 2009-06-17 20:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Siemens 2009-06-17 19:50 . 2009-06-17 19:50 52736 ----a-w- c:\windows\ipuninst.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-27 11:57 . 2008-09-08 15:28 66623008 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-06-27 11:57 . 2008-09-08 15:28 2920224 --sha-w- c:\windows\system32\drivers\fidbox2.dat 2009-06-27 11:45 . 2008-09-08 15:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-06-27 11:44 . 2008-10-10 14:25 15336 ----a-w- c:\windows\system32\tablet.dat 2009-06-27 11:43 . 2008-09-08 15:28 893576 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-06-27 11:43 . 2008-09-08 15:28 275576 --sha-w- c:\windows\system32\drivers\fidbox2.idx 2009-06-25 10:36 . 2008-09-10 17:46 -------- d-----w- c:\documents and settings\Administrator\Application Data\U3 2009-06-22 17:40 . 2008-09-06 09:39 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-22 16:55 . 2008-09-10 17:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\LimeWire 2009-06-22 16:32 . 2008-09-08 15:26 140064 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-22 10:31 . 2008-09-08 16:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-06-21 09:06 . 2008-09-10 18:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Corel 2009-06-21 09:06 . 2008-09-10 18:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel 2009-06-20 17:30 . 2009-01-10 17:29 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment 2009-06-18 10:31 . 2008-09-06 09:37 -------- d-----w- c:\program files\Java 2009-06-18 10:27 . 2008-09-12 20:19 -------- d-----w- c:\program files\eMule 2009-06-17 20:28 . 2008-09-10 18:45 -------- d-----w- c:\program files\Common Files\Adobe 2009-06-15 15:27 . 2009-01-11 12:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\My Games 2009-06-15 15:22 . 2009-04-15 17:48 -------- d-----w- c:\program files\3D-Album-CS 2009-05-26 17:26 . 2009-05-26 17:26 10134 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe 2009-05-11 18:43 . 2008-09-13 17:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\Autodesk 2009-05-07 15:34 . 2004-08-04 08:03 347136 ----a-w- c:\windows\system32\localspl.dll 2009-05-06 18:05 . 2009-01-12 16:04 3012 ----a-w- C:\drmHeader.bin 2009-04-29 04:49 . 2004-08-04 08:03 827392 ----a-w- c:\windows\system32\wininet.dll 2009-04-29 04:49 . 2004-08-04 08:03 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-23 17:42 . 2008-09-10 18:38 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys 2009-04-23 17:42 . 2008-09-10 18:38 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys 2009-04-19 19:51 . 2004-08-04 07:56 1847296 ----a-w- c:\windows\system32\win32k.sys 2009-04-16 08:06 . 2006-05-05 01:12 92620 ----a-w- c:\windows\system32\perfc013.dat 2009-04-16 08:06 . 2006-05-05 01:12 513498 ----a-w- c:\windows\system32\perfh013.dat 2009-04-15 14:55 . 2004-08-04 08:03 585216 ----a-w- c:\windows\system32\rpcrt4.dll 2009-04-09 11:32 . 2009-04-09 11:32 89088 ----a-w- c:\documents and settings\Administrator\Application Data\Desktopicon\eBayShortcuts.exe . ((((((((((((((((((((((((((((( SnapShot@2009-06-25_16.27.00 ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-27 11:44 . 2009-06-27 11:44 16384 c:\windows\Temp\Perflib_Perfdata_2d0.dat + 2009-06-25 16:27 . 2008-10-16 13:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe + 2009-06-25 16:27 . 2008-04-14 17:02 82432 c:\windows\system32\dllcache\cache\ws2_32.dll + 2009-06-25 16:27 . 2008-04-14 17:03 26112 c:\windows\system32\dllcache\cache\userinit.exe + 2009-06-25 16:27 . 2008-04-14 17:03 14336 c:\windows\system32\dllcache\cache\svchost.exe + 2009-06-25 16:27 . 2008-04-14 17:03 57856 c:\windows\system32\dllcache\cache\spoolsv.exe + 2009-06-25 16:27 . 2008-04-14 17:02 17408 c:\windows\system32\dllcache\cache\powrprof.dll + 2009-06-25 16:27 . 2008-04-14 17:03 13312 c:\windows\system32\dllcache\cache\lsass.exe + 2009-06-25 16:27 . 2008-04-14 16:39 25088 c:\windows\system32\dllcache\cache\kbdclass.sys + 2009-06-25 16:27 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys + 2009-06-25 16:27 . 2008-04-14 17:02 15360 c:\windows\system32\dllcache\cache\ctfmon.exe + 2009-06-25 16:27 . 2008-04-14 17:03 510464 c:\windows\system32\dllcache\cache\winlogon.exe + 2009-06-25 16:27 . 2009-04-29 04:49 827392 c:\windows\system32\dllcache\cache\wininet.dll + 2009-06-25 16:27 . 2008-04-14 17:02 580096 c:\windows\system32\dllcache\cache\user32.dll + 2009-06-25 16:27 . 2008-04-14 17:02 297472 c:\windows\system32\dllcache\cache\termsrv.dll + 2009-06-25 16:27 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\cache\tcpip.sys + 2009-06-25 16:27 . 2009-02-09 11:27 111104 c:\windows\system32\dllcache\cache\services.exe + 2009-06-25 16:27 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\cache\ndis.sys + 2009-06-25 16:27 . 2008-04-14 17:02 110080 c:\windows\system32\dllcache\cache\imm32.dll + 2009-06-25 16:27 . 2008-04-14 17:02 175616 c:\windows\system32\dllcache\cache\appmgmts.dll + 2009-06-25 16:27 . 2008-04-14 17:02 1571840 c:\windows\system32\dllcache\cache\sfcfiles.dll + 2009-06-25 16:27 . 2009-02-09 11:27 2149888 c:\windows\system32\dllcache\cache\ntoskrnl.exe + 2009-06-25 16:27 . 2009-02-09 11:27 2028544 c:\windows\system32\dllcache\cache\ntkrnlpa.exe + 2009-06-25 16:27 . 2009-03-21 14:09 1030656 c:\windows\system32\dllcache\cache\kernel32.dll + 2009-06-25 16:27 . 2008-04-14 17:02 1037312 c:\windows\system32\dllcache\cache\explorer.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt] @="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}" [HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}] 2008-06-10 10:29 97064 ----a-w- c:\program files\Nero\Nero8\InCD\NBHShx.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "Google Update"="c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-04-18 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824] "Recguard"="c:\windows\Sminst\Recguard.exe" [2006-05-12 1138688] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-09-21 127036] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-03-20 213936] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-20 86960] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936] "Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-04-24 888832] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-31 761856] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13529088] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 86016] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-12 143360] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-12 172032] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-12 143360] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-18 136600] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-05-02 1630208] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2008-10-10 106496] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\SMINST\\Scheduler.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Autodesk\\Maya8.5\\bin\\maya.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [19/01/2009 18:16 120320] R1 SSHDRV85;SSHDRV85;c:\windows\system32\drivers\SSHDRV85.sys [21/01/2009 22:05 78848] R2 KeyP;KeyP;c:\windows\system32\drivers\KEYP.SYS [19/06/2009 16:51 19456] R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [10/06/2008 12:29 53032] R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [6/09/2008 11:41 540448] R2 S7opcsrtx;PROFINET IO RT-Protocol (LLDP);c:\windows\system32\drivers\s7opcsrtx.sys [3/07/2008 13:04 31232] R2 s7snsrtx;PROFINET IO RT-Protocol;c:\windows\system32\drivers\s7snsrtx.sys [30/07/2007 12:06 71168] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [4/04/2007 14:58 24344] R3 ovt530;Webcam Deluxe;c:\windows\system32\drivers\ov530vid.sys [8/09/2008 17:40 161792] S2 UGS License Server (ugslmd);UGS License Server (ugslmd);"c:\program files\UGS\UGSLicensing\lmgrd.exe" --> c:\program files\UGS\UGSLicensing\lmgrd.exe [?] S3 DualCoreCenter;DualCoreCenter;c:\biostools\NTGLM7X.sys [17/12/2008 10:38 28160] S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [28/11/2008 17:34 33752] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [5/11/2008 19:05 138112] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [5/11/2008 19:05 8320] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map 2009-06-22 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 12:21] 2009-06-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1594230785-904726401-1854274687-500.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-18 09:36] 2009-06-25 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-06-27 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-06-27 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2009-04-23 20:18] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/ uInternet Settings,ProxyOverride = *.local IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - Sign In IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 Trusted Zone: arena51.be\www Trusted Zone: bedrockplace.net\www Trusted Zone: cgsociety.org\www Trusted Zone: dexia.be\www Trusted Zone: digitaltutors.com\www Trusted Zone: google.be\www Trusted Zone: kwsd.be\www Trusted Zone: pc-helpforum.be\www Trusted Zone: sportwereld.be\www Trusted Zone: svzw.be\www . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-06-27 13:57 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pdfcDispatcher] "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(1368) c:\windows\system32\GTGina.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll c:\windows\system32\klogon.dll - - - - - - - > 'lsass.exe'(1424) c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll . Voltooingstijd: 2009-06-27 13:58 ComboFix-quarantined-files.txt 2009-06-27 11:58 ComboFix2.txt 2009-06-27 11:39 ComboFix3.txt 2009-06-26 10:49 ComboFix4.txt 2009-06-26 10:40 ComboFix5.txt 2009-06-27 11:49 Pre-Run: 35.493.990.400 bytes beschikbaar Post-Run: 35.470.204.928 bytes beschikbaar Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4 254 --- E O F --- 2009-06-14 01:01
  18. kurt5
    ComboFix 09-06-25.05 - Administrator 26/06/2009 12:32.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.1014.607 [GMT 2:00] Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe AV: Kaspersky Anti-virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} . (((((((((((((((((((( Bestanden Gemaakt van 2009-05-26 to 2009-06-26 )))))))))))))))))))))))))))))) . 2009-06-25 16:27 . 2009-06-25 16:27 -------- d-----w- c:\windows\system32\dllcache\cache 2009-06-25 10:29 . 2009-06-25 10:29 -------- d-----w- c:\program files\Trend Micro 2009-06-24 19:07 . 2009-06-24 19:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2009-06-24 19:07 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-24 19:07 . 2009-06-24 19:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-06-24 19:07 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-24 19:07 . 2009-06-24 19:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-24 16:17 . 2009-06-24 16:17 -------- d-----w- c:\documents and settings\Administrator\Application Data\Desktopicon 2009-06-24 16:17 . 2009-06-24 17:20 -------- d-----w- c:\program files\Unlocker 2009-06-23 18:02 . 2009-06-26 10:31 -------- d--h--r- c:\documents and settings\Administrator\Onlangs geopend 2009-06-22 17:49 . 2009-06-25 04:46 -------- d-----w- c:\program files\UGS 2009-06-22 16:54 . 2009-06-22 16:54 -------- d-----w- c:\program files\LimeWire 2009-06-21 18:31 . 2009-06-21 18:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Macrovision 2009-06-21 18:30 . 2009-06-21 18:30 -------- d-----w- c:\program files\Rainbow Technologies 2009-06-20 10:33 . 2009-06-22 18:08 1467 ----a-w- c:\windows\system32\setacl.bat 2009-06-19 14:53 . 2009-06-19 14:53 -------- d-----w- C:\Cmsdata 2009-06-19 14:51 . 1994-05-25 07:59 19456 ----a-w- c:\windows\system32\drivers\KEYP.SYS 2009-06-19 14:45 . 2009-06-19 15:14 -------- d-----w- C:\Wintools 2009-06-19 10:34 . 2009-06-19 10:34 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-06-18 10:32 . 2009-06-18 10:31 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-06-18 10:31 . 2009-06-18 10:31 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_11\lzma.dll 2009-06-17 20:24 . 2004-03-01 10:07 233472 ----a-w- c:\windows\system32\s7esetdx.dll 2009-06-17 20:24 . 1998-06-17 21:00 89360 ----a-w- c:\windows\system32\vb5db.dll 2009-06-17 20:18 . 2009-06-17 20:23 -------- d-----w- c:\windows\TempRASETUP 2009-06-17 20:17 . 2009-06-20 17:17 -------- d-----w- c:\program files\SIEMENS 2009-06-17 20:17 . 2009-06-20 17:17 -------- d-----w- c:\program files\Common Files\Siemens 2009-06-17 20:17 . 2009-06-17 20:24 -------- d-----w- c:\windows\Setup 2009-06-17 20:16 . 2009-06-17 20:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Siemens 2009-06-17 19:50 . 2009-06-17 19:50 52736 ----a-w- c:\windows\ipuninst.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-26 10:38 . 2008-09-08 15:28 66382880 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-06-26 10:38 . 2008-09-08 15:28 2906400 --sha-w- c:\windows\system32\drivers\fidbox2.dat 2009-06-26 10:21 . 2008-09-08 15:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-06-26 10:20 . 2008-10-10 14:25 15336 ----a-w- c:\windows\system32\tablet.dat 2009-06-26 05:35 . 2008-09-08 15:28 890312 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-06-26 05:35 . 2008-09-08 15:28 274232 --sha-w- c:\windows\system32\drivers\fidbox2.idx 2009-06-25 10:36 . 2008-09-10 17:46 -------- d-----w- c:\documents and settings\Administrator\Application Data\U3 2009-06-22 17:40 . 2008-09-06 09:39 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-22 16:55 . 2008-09-10 17:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\LimeWire 2009-06-22 16:32 . 2008-09-08 15:26 140064 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-22 10:31 . 2008-09-08 16:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-06-21 09:06 . 2008-09-10 18:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Corel 2009-06-21 09:06 . 2008-09-10 18:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel 2009-06-20 17:30 . 2009-01-10 17:29 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment 2009-06-18 10:31 . 2008-09-06 09:37 -------- d-----w- c:\program files\Java 2009-06-18 10:27 . 2008-09-12 20:19 -------- d-----w- c:\program files\eMule 2009-06-17 20:28 . 2008-09-10 18:45 -------- d-----w- c:\program files\Common Files\Adobe 2009-06-15 15:27 . 2009-01-11 12:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\My Games 2009-06-15 15:22 . 2009-04-15 17:48 -------- d-----w- c:\program files\3D-Album-CS 2009-05-26 17:26 . 2009-05-26 17:26 10134 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe 2009-05-23 09:09 . 2008-09-08 15:28 94643 ----a-w- c:\windows\system32\drivers\klick.dat 2009-05-23 09:09 . 2008-09-08 15:28 105395 ----a-w- c:\windows\system32\drivers\klin.dat 2009-05-11 18:43 . 2008-09-13 17:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\Autodesk 2009-05-07 15:34 . 2004-08-04 08:03 347136 ----a-w- c:\windows\system32\localspl.dll 2009-05-06 18:05 . 2009-01-12 16:04 3012 ----a-w- C:\drmHeader.bin 2009-04-29 04:49 . 2004-08-04 08:03 827392 ----a-w- c:\windows\system32\wininet.dll 2009-04-29 04:49 . 2004-08-04 08:03 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-23 17:42 . 2008-09-10 18:38 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys 2009-04-23 17:42 . 2008-09-10 18:38 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys 2009-04-19 19:51 . 2004-08-04 07:56 1847296 ----a-w- c:\windows\system32\win32k.sys 2009-04-16 08:06 . 2006-05-05 01:12 92620 ----a-w- c:\windows\system32\perfc013.dat 2009-04-16 08:06 . 2006-05-05 01:12 513498 ----a-w- c:\windows\system32\perfh013.dat 2009-04-15 14:55 . 2004-08-04 08:03 585216 ----a-w- c:\windows\system32\rpcrt4.dll 2009-04-09 11:32 . 2009-04-09 11:32 89088 ----a-w- c:\documents and settings\Administrator\Application Data\Desktopicon\eBayShortcuts.exe . ((((((((((((((((((((((((((((( SnapShot@2009-06-25_16.27.00 ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-26 10:20 . 2009-06-26 10:20 16384 c:\windows\Temp\Perflib_Perfdata_260.dat + 2009-06-25 16:27 . 2008-10-16 13:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe + 2009-06-25 16:27 . 2008-04-14 17:02 82432 c:\windows\system32\dllcache\cache\ws2_32.dll + 2009-06-25 16:27 . 2008-04-14 17:03 26112 c:\windows\system32\dllcache\cache\userinit.exe + 2009-06-25 16:27 . 2008-04-14 17:03 14336 c:\windows\system32\dllcache\cache\svchost.exe + 2009-06-25 16:27 . 2008-04-14 17:03 57856 c:\windows\system32\dllcache\cache\spoolsv.exe + 2009-06-25 16:27 . 2008-04-14 17:02 17408 c:\windows\system32\dllcache\cache\powrprof.dll + 2009-06-25 16:27 . 2008-04-14 17:03 13312 c:\windows\system32\dllcache\cache\lsass.exe + 2009-06-25 16:27 . 2008-04-14 16:39 25088 c:\windows\system32\dllcache\cache\kbdclass.sys + 2009-06-25 16:27 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys + 2009-06-25 16:27 . 2008-04-14 17:02 15360 c:\windows\system32\dllcache\cache\ctfmon.exe + 2009-06-25 16:27 . 2008-04-14 17:03 510464 c:\windows\system32\dllcache\cache\winlogon.exe + 2009-06-25 16:27 . 2009-04-29 04:49 827392 c:\windows\system32\dllcache\cache\wininet.dll + 2009-06-25 16:27 . 2008-04-14 17:02 580096 c:\windows\system32\dllcache\cache\user32.dll + 2009-06-25 16:27 . 2008-04-14 17:02 297472 c:\windows\system32\dllcache\cache\termsrv.dll + 2009-06-25 16:27 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\cache\tcpip.sys + 2009-06-25 16:27 . 2009-02-09 11:27 111104 c:\windows\system32\dllcache\cache\services.exe + 2009-06-25 16:27 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\cache\ndis.sys + 2009-06-25 16:27 . 2008-04-14 17:02 110080 c:\windows\system32\dllcache\cache\imm32.dll + 2009-06-25 16:27 . 2008-04-14 17:02 175616 c:\windows\system32\dllcache\cache\appmgmts.dll + 2009-06-25 16:27 . 2008-04-14 17:02 1571840 c:\windows\system32\dllcache\cache\sfcfiles.dll + 2009-06-25 16:27 . 2009-02-09 11:27 2149888 c:\windows\system32\dllcache\cache\ntoskrnl.exe + 2009-06-25 16:27 . 2009-02-09 11:27 2028544 c:\windows\system32\dllcache\cache\ntkrnlpa.exe + 2009-06-25 16:27 . 2009-03-21 14:09 1030656 c:\windows\system32\dllcache\cache\kernel32.dll + 2009-06-25 16:27 . 2008-04-14 17:02 1037312 c:\windows\system32\dllcache\cache\explorer.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt] @="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}" [HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}] 2008-06-10 10:29 97064 ----a-w- c:\program files\Nero\Nero8\InCD\NBHShx.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "Google Update"="c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-04-18 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824] "Recguard"="c:\windows\Sminst\Recguard.exe" [2006-05-12 1138688] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-09-21 127036] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-03-20 213936] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-20 86960] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936] "Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-04-24 888832] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-31 761856] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13529088] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 86016] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-12 143360] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-12 172032] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-12 143360] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-18 136600] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-05-02 1630208] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2008-10-10 106496] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\SMINST\\Scheduler.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Autodesk\\Maya8.5\\bin\\maya.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [19/01/2009 18:16 120320] R1 SSHDRV85;SSHDRV85;c:\windows\system32\drivers\SSHDRV85.sys [21/01/2009 22:05 78848] R2 KeyP;KeyP;c:\windows\system32\drivers\KEYP.SYS [19/06/2009 16:51 19456] R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [10/06/2008 12:29 53032] R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [6/09/2008 11:41 540448] R2 S7opcsrtx;PROFINET IO RT-Protocol (LLDP);c:\windows\system32\drivers\s7opcsrtx.sys [3/07/2008 13:04 31232] R2 s7snsrtx;PROFINET IO RT-Protocol;c:\windows\system32\drivers\s7snsrtx.sys [30/07/2007 12:06 71168] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [4/04/2007 14:58 24344] R3 ovt530;Webcam Deluxe;c:\windows\system32\drivers\ov530vid.sys [8/09/2008 17:40 161792] S2 UGS License Server (ugslmd);UGS License Server (ugslmd);"c:\program files\UGS\UGSLicensing\lmgrd.exe" --> c:\program files\UGS\UGSLicensing\lmgrd.exe [?] S3 DualCoreCenter;DualCoreCenter;c:\biostools\NTGLM7X.sys [17/12/2008 10:38 28160] S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [28/11/2008 17:34 33752] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [5/11/2008 19:05 138112] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [5/11/2008 19:05 8320] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map 2009-06-22 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 12:21] 2009-06-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1594230785-904726401-1854274687-500.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-18 09:36] 2009-06-25 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-06-26 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-06-26 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2009-04-23 20:18] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/ uInternet Settings,ProxyOverride = *.local IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - Sign In IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 Trusted Zone: arena51.be\www Trusted Zone: bedrockplace.net\www Trusted Zone: cgsociety.org\www Trusted Zone: dexia.be\www Trusted Zone: digitaltutors.com\www Trusted Zone: google.be\www Trusted Zone: kwsd.be\www Trusted Zone: pc-helpforum.be\www Trusted Zone: sportwereld.be\www Trusted Zone: svzw.be\www . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-06-26 12:38 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pdfcDispatcher] "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(1392) c:\windows\system32\GTGina.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll c:\windows\system32\klogon.dll - - - - - - - > 'lsass.exe'(1456) c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll - - - - - - - > 'explorer.exe'(2648) c:\windows\system32\tabhook.dll c:\program files\Nero\Nero8\InCD\NBHShx.dll c:\program files\Nero\Nero8\InCD\NBHStr.dll c:\program files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Common Files\Nero\Lib\NeroDigitalExt.dll c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll . Voltooingstijd: 2009-06-26 12:40 ComboFix-quarantined-files.txt 2009-06-26 10:40 ComboFix2.txt 2009-06-25 16:29 Pre-Run: 35.546.845.184 bytes beschikbaar Post-Run: 35.521.331.200 bytes beschikbaar Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4 257 --- E O F --- 2009-06-14 01:01
  19. kurt5
    ComboFix 09-06-24.05 - Administrator 25/06/2009 18:22.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.1014.620 [GMT 2:00] Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\Mijn Software\ComboFix.exe AV: Kaspersky Anti-virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\recycler\S-1-5-21-1617759899-3559801728-2112800298-500 c:\windows\system32\dRoZg.vbs c:\windows\system32\IoiBt.vbs c:\windows\system32\XBuSo91.vbs c:\documents and settings\Administrator\Application Data\02000000e6b03060620C.manifest c:\documents and settings\Administrator\Application Data\02000000e6b03060620O.manifest c:\documents and settings\Administrator\Application Data\02000000e6b03060620P.manifest c:\documents and settings\Administrator\Application Data\02000000e6b03060620S.manifest c:\recycler\S-1-5-21-1617759899-3559801728-2112800298-500\desktop.ini c:\recycler\S-1-5-21-1617759899-3559801728-2112800298-500\INFO2 c:\windows\system32\GroupPolicy000.dat c:\windows\system32\ogacheckcontrol.dll D:\Autorun.inf D:\Desktop.ini . (((((((((((((((((((( Bestanden Gemaakt van 2009-05-25 to 2009-06-25 )))))))))))))))))))))))))))))) . 2009-06-25 10:29 . 2009-06-25 10:29 -------- d-----w- c:\program files\Trend Micro 2009-06-24 19:07 . 2009-06-24 19:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2009-06-24 19:07 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-24 19:07 . 2009-06-24 19:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-06-24 19:07 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-24 19:07 . 2009-06-24 19:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-24 16:17 . 2009-06-24 16:17 -------- d-----w- c:\documents and settings\Administrator\Application Data\Desktopicon 2009-06-24 16:17 . 2009-06-24 17:20 -------- d-----w- c:\program files\Unlocker 2009-06-23 18:02 . 2009-06-25 10:43 -------- d--h--r- c:\documents and settings\Administrator\Onlangs geopend 2009-06-22 17:49 . 2009-06-25 04:46 -------- d-----w- c:\program files\UGS 2009-06-22 16:54 . 2009-06-22 16:54 -------- d-----w- c:\program files\LimeWire 2009-06-21 18:31 . 2009-06-21 18:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Macrovision 2009-06-21 18:30 . 2009-06-21 18:30 -------- d-----w- c:\program files\Rainbow Technologies 2009-06-20 10:33 . 2009-06-22 18:08 1467 ----a-w- c:\windows\system32\setacl.bat 2009-06-19 14:53 . 2009-06-19 14:53 -------- d-----w- C:\Cmsdata 2009-06-19 14:51 . 1994-05-25 07:59 19456 ----a-w- c:\windows\system32\drivers\KEYP.SYS 2009-06-19 14:45 . 2009-06-19 15:14 -------- d-----w- C:\Wintools 2009-06-19 10:34 . 2009-06-19 10:34 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-06-18 10:32 . 2009-06-18 10:31 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-06-18 10:31 . 2009-06-18 10:31 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_11\lzma.dll 2009-06-17 20:24 . 2004-03-01 10:07 233472 ----a-w- c:\windows\system32\s7esetdx.dll 2009-06-17 20:24 . 1998-06-17 21:00 89360 ----a-w- c:\windows\system32\vb5db.dll 2009-06-17 20:18 . 2009-06-17 20:23 -------- d-----w- c:\windows\TempRASETUP 2009-06-17 20:17 . 2009-06-20 17:17 -------- d-----w- c:\program files\SIEMENS 2009-06-17 20:17 . 2009-06-20 17:17 -------- d-----w- c:\program files\Common Files\Siemens 2009-06-17 20:17 . 2009-06-17 20:24 -------- d-----w- c:\windows\Setup 2009-06-17 20:16 . 2009-06-17 20:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Siemens 2009-06-17 19:50 . 2009-06-17 19:50 52736 ----a-w- c:\windows\ipuninst.exe 2009-05-26 19:06 . 2008-12-12 08:40 147456 ----a-w- c:\windows\system32\igfxCoIn_v5016.dll 2009-05-26 19:06 . 2008-12-12 08:34 1481884 ----a-w- c:\windows\system32\igkrng400.bin 2009-05-26 19:06 . 2009-05-26 19:06 -------- d-----w- c:\windows\system32\Lang 2009-05-26 19:06 . 2009-05-26 19:06 -------- d-----w- C:\Intel 2009-05-26 17:26 . 2009-05-26 17:26 10134 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe 2009-05-26 17:26 . 2009-05-26 17:26 -------- d-----w- c:\windows\Downloaded Installations . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-25 16:27 . 2008-09-08 15:28 66302240 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-06-25 16:27 . 2008-09-08 15:28 2901024 --sha-w- c:\windows\system32\drivers\fidbox2.dat 2009-06-25 10:36 . 2008-09-10 17:46 -------- d-----w- c:\documents and settings\Administrator\Application Data\U3 2009-06-25 03:23 . 2008-09-08 15:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-06-25 03:21 . 2008-10-10 14:25 15336 ----a-w- c:\windows\system32\tablet.dat 2009-06-25 03:20 . 2008-09-08 15:28 273128 --sha-w- c:\windows\system32\drivers\fidbox2.idx 2009-06-25 03:20 . 2008-09-08 15:28 868784 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-06-22 17:40 . 2008-09-06 09:39 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-22 16:55 . 2008-09-10 17:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\LimeWire 2009-06-22 16:32 . 2008-09-08 15:26 140064 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-22 10:31 . 2008-09-08 16:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-06-21 09:06 . 2008-09-10 18:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Corel 2009-06-21 09:06 . 2008-09-10 18:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel 2009-06-20 17:30 . 2009-01-10 17:29 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment 2009-06-18 10:31 . 2008-09-06 09:37 -------- d-----w- c:\program files\Java 2009-06-18 10:27 . 2008-09-12 20:19 -------- d-----w- c:\program files\eMule 2009-06-17 20:28 . 2008-09-10 18:45 -------- d-----w- c:\program files\Common Files\Adobe 2009-06-15 15:27 . 2009-01-11 12:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\My Games 2009-06-15 15:22 . 2009-04-15 17:48 -------- d-----w- c:\program files\3D-Album-CS 2009-05-23 09:09 . 2008-09-08 15:28 94643 ----a-w- c:\windows\system32\drivers\klick.dat 2009-05-23 09:09 . 2008-09-08 15:28 105395 ----a-w- c:\windows\system32\drivers\klin.dat 2009-05-11 18:43 . 2008-09-13 17:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\Autodesk 2009-05-07 15:34 . 2004-08-04 08:03 347136 ----a-w- c:\windows\system32\localspl.dll 2009-05-06 18:05 . 2009-01-12 16:04 3012 ----a-w- C:\drmHeader.bin 2009-04-29 04:49 . 2004-08-04 08:03 827392 ----a-w- c:\windows\system32\wininet.dll 2009-04-29 04:49 . 2004-08-04 08:03 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-23 17:42 . 2008-09-10 18:38 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys 2009-04-23 17:42 . 2008-09-10 18:38 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys 2009-04-19 19:51 . 2004-08-04 07:56 1847296 ----a-w- c:\windows\system32\win32k.sys 2009-04-16 08:06 . 2006-05-05 01:12 92620 ----a-w- c:\windows\system32\perfc013.dat 2009-04-16 08:06 . 2006-05-05 01:12 513498 ----a-w- c:\windows\system32\perfh013.dat 2009-04-15 14:55 . 2004-08-04 08:03 585216 ----a-w- c:\windows\system32\rpcrt4.dll 2009-04-09 11:32 . 2009-04-09 11:32 89088 ----a-w- c:\documents and settings\Administrator\Application Data\Desktopicon\eBayShortcuts.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt] @="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}" [HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}] 2008-06-10 10:29 97064 ----a-w- c:\program files\Nero\Nero8\InCD\NBHShx.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "Google Update"="c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-04-18 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824] "Recguard"="c:\windows\Sminst\Recguard.exe" [2006-05-12 1138688] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-09-21 127036] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-03-20 213936] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-20 86960] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936] "Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-04-24 888832] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-31 761856] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13529088] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 86016] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-12 143360] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-12 172032] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-12 143360] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-18 136600] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-05-02 1630208] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2008-10-10 106496] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\SMINST\\Scheduler.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Autodesk\\Maya8.5\\bin\\maya.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [19/01/2009 18:16 120320] R1 SSHDRV85;SSHDRV85;c:\windows\system32\drivers\SSHDRV85.sys [21/01/2009 22:05 78848] R2 KeyP;KeyP;c:\windows\system32\drivers\KEYP.SYS [19/06/2009 16:51 19456] R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [10/06/2008 12:29 53032] R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [6/09/2008 11:41 540448] R2 S7opcsrtx;PROFINET IO RT-Protocol (LLDP);c:\windows\system32\drivers\s7opcsrtx.sys [3/07/2008 13:04 31232] R2 s7snsrtx;PROFINET IO RT-Protocol;c:\windows\system32\drivers\s7snsrtx.sys [30/07/2007 12:06 71168] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [4/04/2007 14:58 24344] R3 ovt530;Webcam Deluxe;c:\windows\system32\drivers\ov530vid.sys [8/09/2008 17:40 161792] S2 UGS License Server (ugslmd);UGS License Server (ugslmd);"c:\program files\UGS\UGSLicensing\lmgrd.exe" --> c:\program files\UGS\UGSLicensing\lmgrd.exe [?] S3 DualCoreCenter;DualCoreCenter;c:\biostools\NTGLM7X.sys [17/12/2008 10:38 28160] S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [28/11/2008 17:34 33752] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [5/11/2008 19:05 138112] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [5/11/2008 19:05 8320] --- Andere Services/Drivers In Geheugen --- *NewlyCreated* - GTNDIS5 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map 2009-06-22 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 12:21] 2009-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1594230785-904726401-1854274687-500.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-18 09:36] 2009-06-24 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-06-25 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-06-25 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2009-04-23 20:18] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/ uInternet Settings,ProxyOverride = *.local IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - Sign In IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 Trusted Zone: arena51.be\www Trusted Zone: bedrockplace.net\www Trusted Zone: cgsociety.org\www Trusted Zone: dexia.be\www Trusted Zone: digitaltutors.com\www Trusted Zone: google.be\www Trusted Zone: kwsd.be\www Trusted Zone: pc-helpforum.be\www Trusted Zone: sportwereld.be\www Trusted Zone: svzw.be\www . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-06-25 18:27 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pdfcDispatcher] "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(1396) c:\windows\system32\GTGina.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll c:\windows\system32\klogon.dll - - - - - - - > 'lsass.exe'(1452) c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll . Voltooingstijd: 2009-06-25 18:29 ComboFix-quarantined-files.txt 2009-06-25 16:29 Pre-Run: 35.282.485.248 bytes beschikbaar Post-Run: 35.463.852.032 bytes beschikbaar WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4 245 --- E O F --- 2009-06-14 01:01
  20. kurt5
    Oké heb alles gedaan wat je wou en ziehier het resultaat Mbam-log Malwarebytes' Anti-Malware 1.38 Database versie: 2333 Windows 5.1.2600 Service Pack 3 25/06/2009 12:40:39 mbam-log-2009-06-25 (12-40-39).txt Scan type: Snelle Scan Objecten gescand: 97461 Verstreken tijd: 6 minute(s), 30 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Hijackthis-log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:43:09, on 25/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16850) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\PDF Complete\pdfsvc.exe C:\WINDOWS\system32\IoctlSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\WINDOWS\SMINST\Scheduler.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\WTablet\TabUserW.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Windows Live Toolbar\msn_sl.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = HP United States - Computers, Laptops, Servers, Printers and more R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKLM\..\Run: [scheduler] C:\WINDOWS\SMINST\Scheduler.exe O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Anti-Virus voor internet statistieken - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Kaspersky Anti Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe O23 - Service: UGS License Server (ugslmd) - Unknown owner - C:\Program Files\UGS\UGSLicensing\lmgrd.exe (file missing) O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe -- End of file - 11180 bytes
  21. kurt5
    Oké, heb het bestand gevonden en unlocker geprobeerd. Er blijft een programma icoontje staan onder /configuratiescherm/software, als ik opnieuw verwijderen doe krijg ik een melding "Repair will not work. You must remove and reinstall." wat ik al probeerde. Ik kan het niet verwijderen en terug installeren gaat ook niet. Is het mogelijk dat ik met een virus zit want mijn pc gaat opeens ook trager werken. Heb nochtans Kaspersky anti-virus (en al verscheidene keren laten lopen, maar niets gevonden) en die is nog goed voor 3 weken. ---------- Post added at 19:54 ---------- Previous post was at 19:40 ---------- Heb eens een hijackthis file bijgestoken. Als er iemand eens wil kijken of er brol instaat of wat ik moet doen . Gr Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:43:42, on 24/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16850) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\msa.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\PDF Complete\pdfsvc.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\WINDOWS\SMINST\Scheduler.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\WTablet\TabUserW.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Administrator\Application Data\U3\0000185E25729220\LaunchPad.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\msiexec.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\b.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live Toolbar\msn_sl.exe C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\4UGR0YJD\HiJackThis[1].exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = HP United States - Computers, Laptops, Servers, Printers and more R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKLM\..\Run: [scheduler] C:\WINDOWS\SMINST\Scheduler.exe O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Cognac] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\b.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Anti-Virus voor internet statistieken - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O20 - AppInit_DLLs: C:\WINDOWS\System32\d3dx9_3532.dll O20 - Winlogon Notify: 9836a681620 - C:\WINDOWS\System32\d3dx9_3532.dll O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Kaspersky Anti Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe O23 - Service: UGS License Server (ugslmd) - Unknown owner - C:\Program Files\UGS\UGSLicensing\lmgrd.exe (file missing) O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe -- End of file - 12291 bytes
  22. kurt5
    Oke, heb het geprobeerd maar vind de map niet in mijn verkenner dus kan ik unlocker niet gebruiken en nu kan mijn pc google openen maar kan hij de volledige pagina niet weergeven of het duurt 15 min. en dan heb ik ze nog niet volledig
  23. kurt5
    Heb verleden week een programma op mijn pc gezet, maar aangezien deze daarna raar deed heb ik het progje verwijderd met Uninstall, maar 1 mapje blijft staan en krijg ik niet weg. Het werd aangemaakt door het licentieprogramma die meegeleverd werd met de software. Ik heb het geprobeerd via start/instellingen/configuratiescherm/software maar krijg de melding dat ik het niet kan verwijderen en/of beschadigt is. De pc vraagt om het opnieuw te installeren en daarna te verwijderen, maar dan blokkert hij. Heeft er iemand raad. Dank u,
  24. kurt5
    Hallo, ik moet een affichke maken voor ons op de voetbal mar ik heb daar een probleempje. Het formaat zou een A3 zijn maar ik heb geen A3 printer dus zou ik 2 A4 bladen tegen mekaar plakken. Is dit mogelijk dat ik die A3 affiche afdruk op 2 A4 bladen en dan boven elkaar en aan elkaar kleef of niet. Dank
  25. kurt5
    ja heb een printscreen gedaan zo kun je het ook zien. Het moet toch mogelijk zijn deze kaart te vinden mijn laptop is maar 2 en een haf jaar. PrintScreen.doc
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.