Ga naar inhoud

Rebecca92

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    11

  • Registratiedatum

  • Laatst bezocht

Rebecca92's prestaties

Groentje

Groentje (2/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. Rebecca92
    Dan denk ik dat mijn probleem opgelost is, niet? Alvast een dikke merci om mij te helpen.
  2. Rebecca92
    dus er is niets aan te doen? - - - Updated - - - welk antivirus raden julie dan aan?
  3. Rebecca92
    http://speccy.piriform.com/results/4bp4RB4vaSM1Osh7xGHOJzv de pc was wel juist opgestart, mss dat het kan wijzigen als de pc langere tijd aan staat
  4. Rebecca92
    weinig, pc heeft waarschijnlijk zijn eigen willetje
  5. Rebecca92
    Heb alles stap voor stap uitgevoerd het volgende logje kwam tevoorschijn: Zoek.exe Version 4.0.0.2 Updated 03-June-2013 Tool run by Pc on di 04/06/2013 at 21:38:54,01. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 1400 1400_Help 1400Trb Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader 6.0 Adobe Reader 8.3.1 - Nederlands AiO_Scan AiOSoftware ArcSoft Print Creations - Album Page ArcSoft Print Creations - Funhouse ArcSoft Print Creations - Greeting Card ArcSoft Print Creations - Photo Book ArcSoft Print Creations - Photo Calendar ArcSoft Print Creations - Scrapbook ArcSoft Print Creations - Slimline Card ArcSoft Print Creations ATI Display Driver AVG 2013 AVG PC Tuneup Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127-v2) Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390) Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260) Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027) Beveiligingsupdate voor Windows Internet Explorer 8 (KB969897) Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961) Beveiligingsupdate voor Windows Internet Explorer 8 (KB972260) Beveiligingsupdate voor Windows Internet Explorer 8 (KB976325) Beveiligingsupdate voor Windows Internet Explorer 8 (KB978207) Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332) Beveiligingsupdate voor Windows XP (KB2584146) Beveiligingsupdate voor Windows XP (KB2585542) Beveiligingsupdate voor Windows XP (KB2598479) Beveiligingsupdate voor Windows XP (KB2603381) Beveiligingsupdate voor Windows XP (KB2621440) Beveiligingsupdate voor Windows XP (KB2631813) Beveiligingsupdate voor Windows XP (KB2641653) Beveiligingsupdate voor Windows XP (KB2646524) Beveiligingsupdate voor Windows XP (KB2647518) Beveiligingsupdate voor Windows XP (KB2653956) Beveiligingsupdate voor Windows XP (KB2655992) Beveiligingsupdate voor Windows XP (KB2659262) Beveiligingsupdate voor Windows XP (KB2660465) Beveiligingsupdate voor Windows XP (KB2661637) Beveiligingsupdate voor Windows XP (KB2676562) Beveiligingsupdate voor Windows XP (KB2685939) Beveiligingsupdate voor Windows XP (KB2686509) Beveiligingsupdate voor Windows XP (KB2691442) Beveiligingsupdate voor Windows XP (KB2695962) Beveiligingsupdate voor Windows XP (KB2698365) Beveiligingsupdate voor Windows XP (KB2705219) Beveiligingsupdate voor Windows XP (KB2707511) Beveiligingsupdate voor Windows XP (KB2709162) Beveiligingsupdate voor Windows XP (KB2712808) Beveiligingsupdate voor Windows XP (KB2718523) Beveiligingsupdate voor Windows XP (KB2719985) Beveiligingsupdate voor Windows XP (KB2723135) Beveiligingsupdate voor Windows XP (KB2724197) Beveiligingsupdate voor Windows XP (KB2727528) Beveiligingsupdate voor Windows XP (KB2731847) Beveiligingsupdate voor Windows XP (KB2753842-v2) Beveiligingsupdate voor Windows XP (KB2753842) Beveiligingsupdate voor Windows XP (KB2757638) Beveiligingsupdate voor Windows XP (KB2758857) Beveiligingsupdate voor Windows XP (KB2761226) Beveiligingsupdate voor Windows XP (KB2770660) Beveiligingsupdate voor Windows XP (KB2778344) Beveiligingsupdate voor Windows XP (KB2779030) Beveiligingsupdate voor Windows XP (KB2780091) Beveiligingsupdate voor Windows XP (KB2799494) Beveiligingsupdate voor Windows XP (KB2802968) Beveiligingsupdate voor Windows XP (KB2807986) Beveiligingsupdate voor Windows XP (KB2808735) Beveiligingsupdate voor Windows XP (KB2813170) Beveiligingsupdate voor Windows XP (KB2813345) Beveiligingsupdate voor Windows XP (KB2820197) Beveiligingsupdate voor Windows XP (KB2820917) Beveiligingsupdate voor Windows XP (KB2829361) Beveiligingsupdate voor Windows XP (KB923789) BufferChm CCScore CP_AtenaShokunin1Config CP_CalendarTemplates1 CP_Package_Basic1 CP_Package_Variety1 CP_Package_Variety2 CP_Package_Variety3 CP_Panorama1Config CueTour CustomerResearchQFolder Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Destinations DeviceFunctionQFolder DeviceManagementQFolder DocProc DocumentViewer DocumentViewerQFolder ESSBrwr ESSCDBK ESScore ESSgui ESSini ESSPCD ESSPDock ESSTOOLS essvatgt eSupportQFolder Fax fflink FullDPAppQFolder Google Toolbar for Internet Explorer Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix voor Windows XP (KB2756822) Hotfix voor Windows XP (KB2779562) Hotfix voor Windows XP (KB959765) HP Document Viewer 5.3 HP Extended Capabilities 5.3 HP Image Zone 5.3 HP Image Zone Express HP Imaging Device Functions 5.3 HP Product Assistant HP PSC & OfficeJet 5.3.B HP Solution Center & Imaging Support Tools 5.3 HP Update HPProductAssistant InstantShareAlert InstantShareDevices InterActual Player Java 6 Update 22 Junk Mail filter update Kodak EasyShare-software MarketResearch Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Dutch Language Pack Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2742597) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Language Pack - NLD Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - NLD Microsoft .NET Framework 3.0 Dutch Language Pack Microsoft .NET Framework 3.0 Nederlands taalpakket Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - NLD Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended NLD Language Pack Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft National Language Support Downlevel APIs Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft Software Update for Web Folders (Dutch) 14 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MioMore Desktop 2 MSVC80_x86 MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyTomTom 3.2.0.906 Nero OEM Nero Suite netbrdg NewCopy Nokia Connectivity Cable Driver NVIDIA Drivers OfotoXMI OGA Notifier 1.7.0105.35.0 Pakket voor de provider van Microsoft Base-smartcardcryptografieservice PanoStandAlone PC Connectivity Solution PhotoGallery PowerDVD ProductContext QuickTime RandMap Readme Realtek High Definition Audio Driver ScannerCopy Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) Segoe UI SFR SHASTA skin0001 SkinsHP1 SKINXSDK SolutionCenter Sonic_PrimoSDK staticcr Status Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Taalpakket voor Microsoft .NET Framework 4 Extended - NLD tooltips TrayApp Unload Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Update voor Windows Internet Explorer 8 (KB968220) Update voor Windows Internet Explorer 8 (KB969497) Update voor Windows Internet Explorer 8 (KB971180) Update voor Windows Internet Explorer 8 (KB971930) Update voor Windows Internet Explorer 8 (KB972636) Update voor Windows Internet Explorer 8 (KB973874) Update voor Windows Internet Explorer 8 (KB975364) Update voor Windows Internet Explorer 8 (KB976662) Update voor Windows Internet Explorer 8 (KB976749) Update voor Windows Internet Explorer 8 (KB978506) Update voor Windows Internet Explorer 8 (KB980182) Update voor Windows Internet Explorer 8 (KB980302) Update voor Windows XP (KB2661254-v2) Update voor Windows XP (KB2718704) Update voor Windows XP (KB2736233) Update voor Windows XP (KB2749655) Visual Studio C++ 10.0 Runtime VPRINTOL WebFldrs XP WebReg Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows Communication Foundation Language Pack - NLD Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Live Toolbar Windows Live Writer Windows Media Format 11 runtime Windows Media Player 11 Windows Presentation Foundation Language Pack (NLD) Windows Workflow Foundation NL Language Pack Windows XP Service Pack 3 WIRELESS XML Paper Specification Shared Components Language Pack 1.0 ==== Deleting Files \ Folders ====================== "C:\WINDOWS\002738_.tmp" deleted "C:\WINDOWS\SET3.tmp" deleted "C:\WINDOWS\SET4.tmp" deleted "C:\WINDOWS\SET8.tmp" deleted "C:\WINDOWS\SkyCD.tmp" deleted "C:\WINDOWS\SkyInst.tmp" deleted "C:\Documents and Settings\Pc\Application Data\Skinux" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2013-05-29 15:24:13 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe 2013-05-29 15:24:13 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe 2013-05-29 15:24:13 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe 2013-05-29 15:24:13 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe 2013-05-29 15:24:13 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe ====== C:\DOCUME~1\Pc\LOCALS~1\Temp ==== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C: ===== 2013-05-29 15:27:30 17D7055859D99A0D606CFAF17AE38638 211 ----a-w- C:\Boot.bak 2013-05-29 15:27:27 271E9B6A3AEC7BCA63D9231A4B3575C0 261936 --sha-r- C:\cmldr 2013-05-19 11:02:25 C0BB206041092944A6715CC01FBCF924 953 ----a-w- C:\AdwCleaner[R1].txt ====== C:\Documents and Settings\Pc\Application Data ====== 2013-05-29 15:47:39 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Documents and Settings\All Users\Application Data\TEMP ====== C:\Documents and Settings\Pc ====== 2013-05-30 16:21:18 -------- d-sh--w- C:\Documents and Settings\NetworkService\Cookies ====== C: exe-files == 2013-05-29 15:27:26 5F1499F64F80AA219A94A5D945B3836D 610816 ----a-w- C:\cmdcons\autofmt.exe 2013-05-29 15:27:26 3C200120F6E86A1A42EDA2E1E2D17AEC 619008 ----a-w- C:\cmdcons\autochk.exe 2013-05-29 15:24:13 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe 2013-05-29 15:24:13 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe 2013-05-29 15:24:13 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe 2013-05-29 15:24:13 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe 2013-05-29 15:24:13 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe === C: other files == 2013-05-29 15:51:04 D684693D8CF5B349742F4E0C22656BA6 2294883 ----a-w- C:\Documents and Settings\All Users\Application Data\AVG2013\IDS\quarantine\268b6592-fe8c-47d3-96e2-d15ac948cff9.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_USERS\S-1-5-21-2052111302-1425521274-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run] "MyTomTomSA.exe"="C:\Program Files\MyTomTom 3\MyTomTomSA.exe" "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY" "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MyTomTomSA.exe"="C:\Program Files\MyTomTom 3\MyTomTomSA.exe" "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Reader_sl" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ACDaemon" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ctfmon" "hkey"="HKCU" "command"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPWuSchd2" "hkey"="HKLM" "command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBJ] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NBJ" "hkey"="HKCU" "command"="\"C:\\Program Files\\Ahead\\Nero BackItUp\\NBJ.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\NeroCheck.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDVDServ" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDCPL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RTHDCPL" "hkey"="HKLM" "command"="RTHDCPL.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\HP Digital Imaging Monitor.lnk" "backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Kodak EasyShare software.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Kodak EasyShare software.lnk" "backup"="C:\\WINDOWS\\pss\\Kodak EasyShare software.lnkCommon Startup" "command"="C:\\PROGRA~1\\Kodak\\KODAKE~1\\bin\\EASYSH~1.EXE -hx" "item"="Kodak EasyShare software" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Snelstart HP Image Zone.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Snelstart HP Image Zone.lnk" "backup"="C:\\WINDOWS\\pss\\Snelstart HP Image Zone.lnkCommon Startup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqthb08.exe -s" "item"="Snelstart HP Image Zone" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Windows Search.lnk" "backup"="C:\\WINDOWS\\pss\\Windows Search.lnkCommon Startup" "command"="C:\\PROGRA~1\\WI459E~1\\WINDOW~1.EXE /startup" "item"="Windows Search" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15/05/2013 18:43] C:\WINDOWS\tasks\AVG PC Tuneup Integrator Start On Pc Logon.job --a------ C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe [03/11/2011 18:20] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13/12/2012 19:29] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13/12/2012 19:29] C:\WINDOWS\tasks\OGADaily.job --a------ C:\WINDOWS\system32\OGAVerify.exe [31/12/2008 17:04] C:\WINDOWS\tasks\OGALogon.job --a------ C:\WINDOWS\system32\OGAVerify.exe [31/12/2008 17:04] C:\WINDOWS\tasks\User_Feed_Synchronization-{ED761A18-2959-45DF-A50A-0CF1FEF1CB90}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08/03/2009 04:31] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="{searchTerms} - Bing" {1A41EFB7-B924-4B46-BA27-85F21656F967} Google Url="{searchTerms} - Google Search" {29A1B1EC-96A6-4A1B-8CB3-AAC36848CC99} Zoeken.nl Url="Toegang tot Zoeken.nl geweigerd}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Reset Google Chrome ====================== C:\Documents and Settings\Pc\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Documents and Settings\Pc\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Documents and Settings\Pc\Bureaublad\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Pc\Bureaublad\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 ==== shortcuts on All Users Desktop ====================== C:\Documents and Settings\All Users\Bureaublad\Adobe Reader 8.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Documents and Settings\All Users\Bureaublad\AVG 2013.lnk - C:\Program Files\AVG\AVG2013\avgui.exe C:\Documents and Settings\All Users\Bureaublad\Belgacom e-Services.lnk - C:\Documents and Settings\All Users\Bureaublad\HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe C:\Documents and Settings\All Users\Bureaublad\HP Documentviewer.lnk - C:\Program Files\HP\Digital Imaging\bin\HPQDocViewer.exe C:\Documents and Settings\All Users\Bureaublad\HP Image Zone Express.lnk - C:\Program Files\HP\Image Zone Express\HP_IZE.exe C:\Documents and Settings\All Users\Bureaublad\HP Solution Center.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe C:\Documents and Settings\All Users\Bureaublad\InterActual Player.lnk - C:\Program Files\InterActual\InterActual Player\iPlayer.exe C:\Documents and Settings\All Users\Bureaublad\MioMore Desktop 2.lnk - C:\Program Files\Mio Technology\MioMore Desktop 2\MioMore.exe C:\Documents and Settings\All Users\Bureaublad\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Documents and Settings\All Users\Bureaublad\PowerDVD.lnk - C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe C:\Documents and Settings\All Users\Bureaublad\QuickTime Player.lnk - C:\Program Files\QuickTime\QuickTimePlayer.exe ==== shortcuts in Users Start Menu ====================== C:\Documents and Settings\Pc\Menu Start\Programma's\TomTom\MyTomTom.lnk - C:\Program Files\MyTomTom 3\MyTomTomSA.exe "" C:\Documents and Settings\Pc\Menu Start\Programma's\TomTom\Verwijder MyTomTom.lnk - C:\Program Files\MyTomTom 3\Uninstall MyTomTom3.exe ==== shortcuts in Quick Launch ====================== C:\Documents and Settings\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk - C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe C:\Documents and Settings\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Documents and Settings\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Documents and Settings\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk - C:\WINDOWS\Installer\{08CA9554-B5FE-4313-938F-D4A417B81175}\QTPlayer.ico C:\Documents and Settings\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Pc\Local Settings\Temporary Internet Files\Content.IE5\7UGFGFMI will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\Pc\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Documents and Settings\Pc\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Pc\LOCALS~1\Temp successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\Pc\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\Pc\Local Settings\Temporary Internet Files\Content.IE5\7UGFGFMI" not found ==== EOF on di 04/06/2013 at 21:48:23,12 ======================
  6. Rebecca92
    hoi, ik merk nog niet echt verbetering
  7. Rebecca92
    Het log bestand: Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] zou je eventueel ook kunnen vertellen, in mensentaal, wat ik al allemaal gedaan heb ,met deze verschillende programma's? mvg Rebecca - - - Updated - - - Gezien dat ik het verkeerde heb gecopie-paste ComboFix 13-05-30.02 - Pc 30/05/2013 19:35:48.3.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.511.260 [GMT 2:00] Gestart vanuit: c:\documents and settings\Pc\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Pc\Bureaublad\CFScript.txt AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: BitDefender Antivirus *Disabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB} FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66} FW: AVG Internet Security 2012 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: BitDefender Firewall *Disabled* {4055920F-2E99-48A8-A270-4243D2B8F242} . . (((((((((((((((((((( Bestanden Gemaakt van 2013-04-28 to 2013-05-30 )))))))))))))))))))))))))))))) . . . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-15 16:43 . 2013-01-02 16:32 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-15 16:43 . 2012-01-03 08:03 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-04-12 14:01 . 2004-08-04 12:00 1876480 ----a-w- c:\windows\system32\win32k.sys 2013-03-08 08:36 . 2004-08-04 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll 2013-03-07 15:56 . 2004-08-04 00:58 2074368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-03-07 15:56 . 2004-08-04 12:00 2197760 ----a-w- c:\windows\system32\ntoskrnl.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MyTomTomSA.exe"="c:\program files\MyTomTom 3\MyTomTomSA.exe" [2013-01-07 451656] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-12-20 519584] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Kodak EasyShare software.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Kodak EasyShare software.lnk backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Snelstart HP Image Zone.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Snelstart HP Image Zone.lnk backup=c:\windows\pss\Snelstart HP Image Zone.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Windows Search.lnk backup=c:\windows\pss\Windows Search.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-03-29 19:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-08-31 01:57 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service] 2010-10-27 17:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] 2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2011-05-10 01:41 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ] 2004-09-22 14:10 1871872 ------w- c:\program files\Ahead\Nero BackItUp\NBJ.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2008-05-27 09:50 413696 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2003-10-31 18:42 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2006-03-14 09:01 16010752 ------r- c:\windows\RTHDCPL.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [15/10/2012 4:48 55776] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [21/09/2012 4:46 177376] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [14/09/2012 4:05 35552] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [22/10/2012 14:02 179936] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [21/09/2012 4:45 19936] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2/10/2012 4:30 159712] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [21/09/2012 4:46 164832] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [16/11/2012 0:34 5814904] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [22/10/2012 14:05 196664] S1 MpKsl3fb5b609;MpKsl3fb5b609;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBD06712-C1BA-4192-A948-2C6824A5E492}\MpKsl3fb5b609.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBD06712-C1BA-4192-A948-2C6824A5E492}\MpKsl3fb5b609.sys [?] S1 MpKsl518678c7;MpKsl518678c7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBD06712-C1BA-4192-A948-2C6824A5E492}\MpKsl518678c7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBD06712-C1BA-4192-A948-2C6824A5E492}\MpKsl518678c7.sys [?] S2 BDVEDISK;BDVEDISK;\??\c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys --> c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [?] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] . Inhoud van de 'Gedeelde Taken' map . 2013-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-02 16:43] . 2013-05-30 c:\windows\Tasks\AVG PC Tuneup Integrator Start On Pc Logon.job - c:\program files\AVG\AVG PC Tuneup\BoostSpeed.exe [2012-01-03 16:20] . 2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-12-13 17:29] . 2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-12-13 17:29] . 2013-05-30 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2013-05-30 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2013-05-29 c:\windows\Tasks\User_Feed_Synchronization-{ED761A18-2959-45DF-A50A-0CF1FEF1CB90}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Trusted Zone: hotmail.com TCP: DhcpNameServer = 192.168.1.1 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-05-30 19:45 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{42E6D7B2-B1C8-2837-2B153136718EFEB8}\{8E0BC5B0-8FBD-4DC6-72B4724501FBC409}\{8BABC9F6-A6DF-6175-8337ACE301A74A27}*] "PAWVLKGCJJ1LCNGX4YOPJD4AVC1"=hex:01,00,01,00,00,00,00,00,49,9f,e4,26,ff,ef,e6, 1b,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5B0B6C35-3AEA-9EAE-179EBB09B20EA2F1}\{75565C86-DCE5-4077-B0F3502E93E7104E}\{6B409343-0D15-4A1C-46DBD99A1375331F}*] "C1DOCMZEVQCFRZOX1JFAECQ4JG1"=hex:01,00,01,00,00,00,00,00,d2,ea,71,f8,77,b8,d3, 8a,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{71AAA611-245D-D09F-882845FC5EAA24CC}\{DFD26894-68B9-4777-FDD1761F9E74CD53}\{F10C9B44-6C01-0B82-830AFBCCD029C402}*] "{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,24,65,e8, ae,f1,d8,6f,f8,1c,4e,2e,67,05,e0,1a,33,97,69,f6,c9,39,b7,19,ba,16,fa,09,12,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{793A0CD2-18B8-B505-D2705730ED7730B5}\{224F5FE7-6AB9-E5AA-092A0B3F1E7E0249}\{E87C09AA-1A97-D30E-8C0D3EFE96A56BA8}*] "IA4KYCR425UAONYGOGVOJRXUKE1"=hex:01,00,01,00,00,00,00,00,c9,ed,d6,8a,32,72,87, 59,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8CAEBE53-D682-CDAF-519EE3CF7967C68E}\{8C508ADF-4343-FC56-CBD32C17823651FA}\{6A028BE3-939E-3029-BC9A5A822CA0E824}*] "ICNI5VY1JTL2UXKQCRTPNVJUTD1"=hex:01,00,01,00,00,00,00,00,f5,7a,de,ba,99,33,75, a0,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{945169D7-C27E-315B-97A3E6913A1C7622}\{06C63AB7-5C18-FA8E-E5D32118C99A5B59}\{F7BD6AFF-A45B-6FB8-BB91AB79C0A3DA53}*] "DIT6ZOM5B14NHYLTYZ22F3XEBE1"=hex:01,00,01,00,00,00,00,00,5d,66,f6,5e,7f,dc,c5, 51,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B3A3A58F-967E-A40A-C7DDFB524B0CDFB3}\{B28E8422-363F-1C4B-CC056478281B7FCE}\{569EFB20-10B3-C9F5-895B6A19B8852344}*] "NNKNKL2NQO53QSFI4IGHCPVUMH1"=hex:01,00,01,00,00,00,00,00,be,a4,c1,ca,71,ec,da, 44,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C90A28BC-773C-126D-283406BB2257B96E}\{E82646F0-1D13-3C7B-9DA42BF4D45399EA}\{81435B8A-EA08-C688-E11E2C0E41CEF69E}*] "CE4J2XQRGMR1PZTVDBUFMHVOGA1"=hex:01,00,01,00,00,00,00,00,cc,fe,5c,3b,ff,b3,38, 11,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CD78DEAB-EC34-4DBA-708695CFC66C434E}\{9B07BBBD-296F-3B7C-2BDF54F1C8A81F31}\{FDFE4940-DE05-5675-1C56B565A6F7C9A3}*] "GZ626ABCKEFMHIW45WDOEESN2F1"=hex:01,00,01,00,00,00,00,00,a2,43,40,55,b4,32,4a, 52,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EA20B5D7-213B-BF6A-A687F1F5E27AC26F}\{EEE35091-0AEA-CF92-BEFE1061EF739928}\{47B248DC-A6E0-641B-BA973614FEEFC865}*] "U4FYAKSJ5VM3GJXQTXJWACGIRB1"=hex:01,00,01,00,00,00,00,00,e3,ea,75,7b,b7,8d,ae, 78,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(860) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(2872) c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf c:\progra~1\MICROS~2\Office14\1043\GrooveIntlResource.dll c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2013-05-30 19:50:24 ComboFix-quarantined-files.txt 2013-05-30 17:50 ComboFix2.txt 2013-05-29 16:49 . Pre-Run: 54.273.703.936 bytes beschikbaar Post-Run: 54.276.702.208 bytes beschikbaar . - - End Of File - - 55C7DE96979792EF9106B583038E81E5
  8. Rebecca92
    Het bestandje Combofix ComboFix 13-05-29.01 - Pc 29/05/2013 18:37:16.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.511.240 [GMT 2:00] Gestart vanuit: c:\documents and settings\Pc\Bureaublad\ComboFix.exe AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: BitDefender Antivirus *Disabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB} FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66} FW: AVG Internet Security 2012 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: BitDefender Firewall *Disabled* {4055920F-2E99-48A8-A270-4243D2B8F242} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Pc\Application Data\HPSU_48BitScanUpdate.log c:\windows\EventSystem.log c:\windows\system32\system c:\windows\system32\Thumbs.db . ---- Voorgaande Run ------- . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\All Users\Menu Start\HP Image Zone .lnk c:\documents and settings\Pc\WINDOWS C:\install.exe c:\windows\IsUn0413.exe c:\windows\system32\Cache c:\windows\system32\Cache\0ce133ab39074197.fb c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\287204568329e189.fb c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\2c53092c95605355.fb c:\windows\system32\Cache\31a0997e9a5b5eb3.fb c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\35491a2949df7e14.fb c:\windows\system32\Cache\3917078cb68ec657.fb c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\60ed6b0e4d681555.fb c:\windows\system32\Cache\610289e025a3ee9a.fb c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\6fccca74504423eb.fb c:\windows\system32\Cache\8b3a365e7bc25296.fb c:\windows\system32\Cache\8d5eb73b3efbb373.fb c:\windows\system32\Cache\969e402c6d5b7029.fb c:\windows\system32\Cache\9b847dcbbff9e60d.fb c:\windows\system32\Cache\a8556537add6dfc5.fb c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d2e94710a5708128.fb c:\windows\system32\Cache\d79b9dfe81484ec4.fb c:\windows\system32\Cache\d87116b24b7ee146.fb c:\windows\system32\Cache\e0de16f883bea794.fb c:\windows\system32\Cache\f998975c9cc711ee.fb c:\windows\system32\SET56F.tmp c:\windows\system32\SET5D4.tmp c:\windows\system32\SET5D5.tmp c:\windows\system32\SET5D6.tmp c:\windows\system32\SETB29.tmp c:\windows\system32\URTTemp c:\windows\system32\URTTemp\fusion.dll c:\windows\system32\URTTemp\mscoree.dll c:\windows\system32\URTTemp\mscoree.dll.local c:\windows\system32\URTTemp\mscorsn.dll c:\windows\system32\URTTemp\mscorwks.dll c:\windows\system32\URTTemp\msvcr71.dll c:\windows\system32\URTTemp\regtlib.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2013-04-28 to 2013-05-29 )))))))))))))))))))))))))))))) . . . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-15 16:43 . 2013-01-02 16:32 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-15 16:43 . 2012-01-03 08:03 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-04-12 14:01 . 2004-08-04 12:00 1876480 ----a-w- c:\windows\system32\win32k.sys 2013-03-08 08:36 . 2004-08-04 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll 2013-03-07 15:56 . 2004-08-04 00:58 2074368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-03-07 15:56 . 2004-08-04 12:00 2197760 ----a-w- c:\windows\system32\ntoskrnl.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MyTomTomSA.exe"="c:\program files\MyTomTom 3\MyTomTomSA.exe" [2013-01-07 451656] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-12-20 519584] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Kodak EasyShare software.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Kodak EasyShare software.lnk backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Snelstart HP Image Zone.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Snelstart HP Image Zone.lnk backup=c:\windows\pss\Snelstart HP Image Zone.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Windows Search.lnk backup=c:\windows\pss\Windows Search.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-03-29 19:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-08-31 01:57 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 10:43 69632 ----a-r- c:\windows\ALCMTR.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service] 2010-10-27 17:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] 2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2011-05-10 01:41 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ] 2004-09-22 14:10 1871872 ------w- c:\program files\Ahead\Nero BackItUp\NBJ.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2008-05-27 09:50 413696 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2003-10-31 18:42 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2006-03-14 09:01 16010752 ------r- c:\windows\RTHDCPL.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [15/10/2012 4:48 55776] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [21/09/2012 4:46 177376] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [14/09/2012 4:05 35552] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [22/10/2012 14:02 179936] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [21/09/2012 4:45 19936] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2/10/2012 4:30 159712] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [21/09/2012 4:46 164832] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [22/10/2012 14:05 196664] S1 MpKsl3fb5b609;MpKsl3fb5b609;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBD06712-C1BA-4192-A948-2C6824A5E492}\MpKsl3fb5b609.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBD06712-C1BA-4192-A948-2C6824A5E492}\MpKsl3fb5b609.sys [?] S1 MpKsl518678c7;MpKsl518678c7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBD06712-C1BA-4192-A948-2C6824A5E492}\MpKsl518678c7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBD06712-C1BA-4192-A948-2C6824A5E492}\MpKsl518678c7.sys [?] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [16/11/2012 0:34 5814904] S2 BDVEDISK;BDVEDISK;\??\c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys --> c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [?] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2013-05-29 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-02 16:43] . 2013-05-29 c:\windows\Tasks\AVG PC Tuneup Integrator Start On Pc Logon.job - c:\program files\AVG\AVG PC Tuneup\BoostSpeed.exe [2012-01-03 16:20] . 2013-05-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-12-13 17:29] . 2013-05-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-12-13 17:29] . 2013-05-29 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2013-05-29 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2013-05-29 c:\windows\Tasks\User_Feed_Synchronization-{ED761A18-2959-45DF-A50A-0CF1FEF1CB90}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Trusted Zone: hotmail.com TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-TimeLiner 5.1 - e:\program files\TimeLiner\SETUP\setup.exe AddRemove-vdegwn.exe - c:\windows\ISUN0413.EXE . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-05-29 18:46 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{42E6D7B2-B1C8-2837-2B153136718EFEB8}\{8E0BC5B0-8FBD-4DC6-72B4724501FBC409}\{8BABC9F6-A6DF-6175-8337ACE301A74A27}*] "PAWVLKGCJJ1LCNGX4YOPJD4AVC1"=hex:01,00,01,00,00,00,00,00,49,9f,e4,26,ff,ef,e6, 1b,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5B0B6C35-3AEA-9EAE-179EBB09B20EA2F1}\{75565C86-DCE5-4077-B0F3502E93E7104E}\{6B409343-0D15-4A1C-46DBD99A1375331F}*] "C1DOCMZEVQCFRZOX1JFAECQ4JG1"=hex:01,00,01,00,00,00,00,00,d2,ea,71,f8,77,b8,d3, 8a,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{71AAA611-245D-D09F-882845FC5EAA24CC}\{DFD26894-68B9-4777-FDD1761F9E74CD53}\{F10C9B44-6C01-0B82-830AFBCCD029C402}*] "{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,24,65,e8, ae,f1,d8,6f,f8,1c,4e,2e,67,05,e0,1a,33,97,69,f6,c9,39,b7,19,ba,16,fa,09,12,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{793A0CD2-18B8-B505-D2705730ED7730B5}\{224F5FE7-6AB9-E5AA-092A0B3F1E7E0249}\{E87C09AA-1A97-D30E-8C0D3EFE96A56BA8}*] "IA4KYCR425UAONYGOGVOJRXUKE1"=hex:01,00,01,00,00,00,00,00,c9,ed,d6,8a,32,72,87, 59,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8CAEBE53-D682-CDAF-519EE3CF7967C68E}\{8C508ADF-4343-FC56-CBD32C17823651FA}\{6A028BE3-939E-3029-BC9A5A822CA0E824}*] "ICNI5VY1JTL2UXKQCRTPNVJUTD1"=hex:01,00,01,00,00,00,00,00,f5,7a,de,ba,99,33,75, a0,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{945169D7-C27E-315B-97A3E6913A1C7622}\{06C63AB7-5C18-FA8E-E5D32118C99A5B59}\{F7BD6AFF-A45B-6FB8-BB91AB79C0A3DA53}*] "DIT6ZOM5B14NHYLTYZ22F3XEBE1"=hex:01,00,01,00,00,00,00,00,5d,66,f6,5e,7f,dc,c5, 51,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B3A3A58F-967E-A40A-C7DDFB524B0CDFB3}\{B28E8422-363F-1C4B-CC056478281B7FCE}\{569EFB20-10B3-C9F5-895B6A19B8852344}*] "NNKNKL2NQO53QSFI4IGHCPVUMH1"=hex:01,00,01,00,00,00,00,00,be,a4,c1,ca,71,ec,da, 44,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C90A28BC-773C-126D-283406BB2257B96E}\{E82646F0-1D13-3C7B-9DA42BF4D45399EA}\{81435B8A-EA08-C688-E11E2C0E41CEF69E}*] "CE4J2XQRGMR1PZTVDBUFMHVOGA1"=hex:01,00,01,00,00,00,00,00,cc,fe,5c,3b,ff,b3,38, 11,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CD78DEAB-EC34-4DBA-708695CFC66C434E}\{9B07BBBD-296F-3B7C-2BDF54F1C8A81F31}\{FDFE4940-DE05-5675-1C56B565A6F7C9A3}*] "GZ626ABCKEFMHIW45WDOEESN2F1"=hex:01,00,01,00,00,00,00,00,a2,43,40,55,b4,32,4a, 52,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EA20B5D7-213B-BF6A-A687F1F5E27AC26F}\{EEE35091-0AEA-CF92-BEFE1061EF739928}\{47B248DC-A6E0-641B-BA973614FEEFC865}*] "U4FYAKSJ5VM3GJXQTXJWACGIRB1"=hex:01,00,01,00,00,00,00,00,e3,ea,75,7b,b7,8d,ae, 78,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(860) c:\windows\system32\Ati2evxx.dll . Voltooingstijd: 2013-05-29 18:49:07 ComboFix-quarantined-files.txt 2013-05-29 16:49 . Pre-Run: 54.370.451.456 bytes beschikbaar Post-Run: 54.334.193.664 bytes beschikbaar . - - End Of File - - D2A772B7D00DA0A622FFBE6539E53F4D Mvg Rebecca
  9. Rebecca92
    Beste, srr voor het late antwoord, maar ben om de een of andere reden het mailtje uit het oog verloren vandaar dat ik dus nu pas reageer het logbestand van HijackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:44:38, on 19/05/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 SP2 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2013\avgrsx.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\AVG\AVG2013\avgidsagent.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG2013\avgnsx.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MyTomTom 3\MyTomTomSA.exe C:\Program Files\AVG\AVG2013\avgemcx.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Pc\Bureaublad\HijackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\cidaemon.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files\MyTomTom 3\MyTomTomSA.exe" O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -- End of file - 7882 bytes Het logbestand van het andere was ik kwijt, ik heb dus gezocht en hopelijk het juiste gevonden AdwCleaner v2.301 - Verslag gemaakt op 19/05/2013 om 13:02:25 # Geactualiseerd op 16/05/2013 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruiker : Pc - HOME-F23788B7EF # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Documents and Settings\Pc\Bureaublad\adwcleaner.exe # Optie [Zoeken] ***** [Diensten] ***** ***** [Files / Mappen] ***** ***** [Register] ***** ***** [browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v [Onmogelijk de versie te verkrijgen] File : C:\Documents and Settings\Pc\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R1].txt - [826 octets] - [19/05/2013 13:02:25] ########## EOF - C:\AdwCleaner[R1].txt - [885 octets] ########## Nogmaals mijn excuses
  10. Rebecca92
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:55:29, on 20/04/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 SP2 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2013\avgrsx.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\AVG\AVG2013\avgidsagent.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MyTomTom 3\MyTomTomSA.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG2013\avgnsx.exe C:\Program Files\AVG\AVG2013\avgemcx.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\cidaemon.exe C:\Documents and Settings\Pc\Bureaublad\HijackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files\MyTomTom 3\MyTomTomSA.exe" O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -- End of file - 8722 bytes
  11. Rebecca92
    Beste de 'huis' pc is enorm traag, zowel het internet als algemeen. Indien er internet wordt gebruikt via de laptop (dan wel draadloos) gaat het wel vlotter dus het probleem situeert zich in de pc zelf. Het is geen jonge pc, dus gaat die zowiezo trager, mr de pc is wel heel traag. wat kan er mis zijn? En is dit te verhelpen, of is het beter om een nieuwe aan te schaffen? mvg Rebecca
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.