honk
-
Items
401 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door honk
-
TrojanClicker:Win32/Yabector.gen
honk reageerde op honk's topic in Archief Bestrijding malware & virussen
ComboFix heeft Bullguard terug opnieuw deels verwijderd. Dan is er ook nog een probleem opgetreden met ComboFix zelf, zie bijgevoegd document. Ik ga terug keren naar het vorige herstelpunt van het systeem. ComboFix verwijdert altyd de main service van Bullguard. Doc3.docx -
TrojanClicker:Win32/Yabector.gen
honk reageerde op honk's topic in Archief Bestrijding malware & virussen
Maar wanneer ik ComboFix gebruik, dan verwijdert hij bepaalde delen van mijn antivirus die dan niet meer werkt. Zou ik dit dan eventueel kunnen vermijden? -
TrojanClicker:Win32/Yabector.gen
honk reageerde op honk's topic in Archief Bestrijding malware & virussen
HouseCall heeft dit gevonden: file: csdl.ocx Threat: TROJ_Gen.4X0844 Type: Generic -
TrojanClicker:Win32/Yabector.gen
honk reageerde op honk's topic in Archief Bestrijding malware & virussen
deze vind niets... Eigenaardig, one care live scanner zei dat het onmogelijk was om dit bestand te verwijderen, dat het naar Microsoft moet verzonden worden. Ik weet het niet. -
TrojanClicker:Win32/Yabector.gen
honk reageerde op honk's topic in Archief Bestrijding malware & virussen
Ik denk niet dat er aan dit logje iets te zien valt. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:06:57, on 23/02/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe D:\Program Files\iTunes\iTunesHelper.exe D:\Program Files\BullGuard\BullGuard.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Windows Media Player\wmpnscfg.exe D:\Program Files\RocketDock\RocketDock.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\conime.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\windows live safety center\wlschost.EXE C:\Windows\system32\Macromed\Flash\FlashUtil10e_ActiveX.exe C:\Windows\System32\mobsync.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live Safety Center\wlscUploader.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: BGAntiphishingBHO - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - D:\Program Files\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll O3 - Toolbar: BullGuard Antiphishing Bar - {730190FA-6107-4640-A59B-02A481D9AFAA} - D:\Program Files\BullGuard\Antiphishing\IE\BGToolBand.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bullGuard] "D:\Program Files\BullGuard\BullGuard.exe" -boot O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [RocketDock] "D:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: aveosti.exe.lnk = ? O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/nl-NL/wlscctrl2.cab O20 - AppInit_DLLs: BgGamingMonitor.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BgRaSvc - BullGuard Ltd. - D:\Program Files\BullGuard\Support\BgRaSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - D:\Program Files\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - D:\Program Files\BullGuard\BullGuardUpdate.exe O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - C:\Users\hendrik\CPUCooL\CooLSrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - D:\Program Files\Sony Ericsson\SupServ.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 8614 bytes EDIT: Bgamingmonitor is een bestand van mijn antivirus (; dus niet verwijderen zoals de vorige keer. Bedankt! -
Hallo, Ik heb gescant met oompje (one care live scanner) en hij zegt dat hij TrojanClicker... (zie titel onderwerp). Maar mijn antivirussen vinden deze niet. Nu, oompje kan deze niet verwijderen en daarom vraag ik aan jullie raad. Liefst zo snel mogelijk als dit kan. Doc2.docx
-
Bedankt voor te helpen. Ik heb het geinfecteerd bestand nagekeken waar het zich bevond, gescant en gedesinfecteerd en tot slot ipv naar quarantaine verwijdert. Ik vermoed dat het nu weg is. Msn is succesvol, met paar tooltjes, verwijdert en opnieuw geinstalleert. Het blijft nu niet meer hangen en is al een stuk sneller. Wanneer het zich opnieuw voordoet, verwittig ik jullie zo snel mogelijk opnieuw. Zéér bedankt om me herbij te helpen. mvg.
-
Hierjuist systeemherstel gedaan. BullGuard werkt terug normaal, nu ga ik msn nog eens verwijderen met een speciaal tooltje omdat ik het anders niet kan verwijderen, via CCleaner en via configuratiescherm niet. Dan opnieuw installeren, daarna nog eens grondig scannen en indien het zich noch voordoet neem in printscreen en laat ik het je weten. Bedankt voor te helpen.
-
Neen, ik zal dit direct een proberen. Maar komt dan alles niet terug zoals oorspronkelijk? edit: Wanneer het in quarantaine wordt gezet stoort me dit niet echt, maar het stoort me wel dat dit er iedere keer terug opkomt. Want bijna heel de quarantaine staat vol met dat geïnfecteerd bestand.
-
ja, er is een bepaald submenu bij bullGuard en die heet Gaming (denk ik, want ik kan bullguard niet meer opstarten) en dat bepaald submenu gaat over spelletjes die je speelt en dan kan je instellen bij profielen voor een bepaald spel van blokkeerd dit, negeer dat,... enzovoort. Dit is volgens jou het geinfecteerd bestand; prompt[1].htm.q.q.q.q.q.q.q.q.q...? Hier stel ik me vooral vragen bij. Wanneer ik BullGuard herinstalleer, dan ben ik terug veilig, maar ik denk dat het dan terug komt?
-
Ik heb het ook al eens gedaan door het te verwijderen en dan opnieuw te installeren. Maar ik zit nog altijd met de grote vraag: Waarom blijft msn hangen en waarom kan ik deze niet verwijderen? Groeten. Edit: Mag dit ook of komt dan het bestand terug mee? En wat moet ik dan doen met het geinfecteerde bestand dat hij altijd zegt? (zie document hierboven)
-
Dat is een bestand van mijn antivirus? Na de uitvoering van combofix werkt mijn antivirus niet meer. De Bullguard main service kan niet gestart worden. Ik zit nu dus zonder bescherming.
-
Ziehier het logje zoals beloofd. ComboFix 10-02-20.04 - hendrik 21/02/2010 17:08:59.6.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3069.1743 [GMT 1:00] Gestart vanuit: c:\users\hendrik\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Aanwezig AV is actief . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_BsMain (((((((((((((((((((( Bestanden Gemaakt van 2010-01-21 to 2010-02-21 )))))))))))))))))))))))))))))) . 2010-02-21 16:23 . 2010-02-21 16:26 -------- d-----w- c:\users\hendrik\AppData\Local\temp 2010-02-21 16:23 . 2010-02-21 16:23 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-02-21 16:23 . 2010-02-21 16:23 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-02-20 16:51 . 2010-02-21 06:53 -------- d-----w- c:\program files\Windows Live Safety Center 2010-02-19 19:31 . 2010-02-19 19:31 -------- d-----w- c:\users\hendrik\AppData\Roaming\Zylom 2010-02-19 19:30 . 2010-02-21 13:12 -------- d-----w- c:\users\hendrik\AppData\Local\Zylom Games 2010-02-10 12:38 . 2010-02-10 12:38 -------- d-----w- c:\program files\Trend Micro 2010-02-09 20:44 . 2010-02-09 20:44 -------- d-----w- c:\program files\Common Files\Windows Live 2010-02-08 15:52 . 2010-02-08 15:52 -------- d-----w- c:\program files\iPod 2010-02-01 17:42 . 2010-02-11 15:30 122744 ----a-w- c:\windows\system32\BdInstHk.dll 2010-02-01 11:01 . 2010-02-01 11:01 148816 ----a-w- c:\windows\system32\BGLsp.dll 2010-01-30 15:20 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll 2010-01-30 15:20 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys 2010-01-27 17:11 . 2010-01-27 17:11 -------- d-----w- c:\programdata\BVRP Software 2010-01-27 17:01 . 2008-10-21 08:22 86824 ----a-w- c:\windows\system32\drivers\s0017bus.sys 2010-01-27 17:01 . 2008-10-21 08:22 26024 ----a-w- c:\windows\system32\drivers\s0017nd5.sys 2010-01-27 17:01 . 2008-10-21 08:22 15016 ----a-w- c:\windows\system32\drivers\s0017mdfl.sys 2010-01-27 17:01 . 2008-10-21 08:22 12200 ----a-w- c:\windows\system32\drivers\s0017whnt.sys 2010-01-27 17:01 . 2008-10-21 08:22 12200 ----a-w- c:\windows\system32\drivers\s0017wh.sys 2010-01-27 17:01 . 2008-10-21 08:22 12200 ----a-w- c:\windows\system32\drivers\s0017cmnt.sys 2010-01-27 17:01 . 2008-10-21 08:22 12200 ----a-w- c:\windows\system32\drivers\s0017cm.sys 2010-01-27 17:01 . 2008-10-21 08:22 114600 ----a-w- c:\windows\system32\drivers\s0017mdm.sys 2010-01-27 17:01 . 2008-10-21 08:22 109736 ----a-w- c:\windows\system32\drivers\s0017unic.sys 2010-01-27 17:01 . 2008-10-21 08:22 108328 ----a-w- c:\windows\system32\drivers\s0017mgmt.sys 2010-01-27 17:01 . 2008-10-21 08:22 10792 ----a-w- c:\windows\system32\drivers\s0017cr.sys 2010-01-27 17:01 . 2008-10-21 08:22 104616 ----a-w- c:\windows\system32\drivers\s0017obex.sys 2010-01-27 16:42 . 2010-01-27 16:42 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys 2010-01-27 16:42 . 2010-01-27 16:42 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys 2010-01-27 16:42 . 2010-01-27 16:42 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-21 16:03 . 2008-06-27 17:00 -------- d-----w- c:\programdata\BullGuard 2010-02-20 13:23 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-02-20 12:40 . 2006-11-02 16:11 667352 ----a-w- c:\windows\system32\perfh013.dat 2010-02-20 12:40 . 2006-11-02 16:11 126854 ----a-w- c:\windows\system32\perfc013.dat 2010-02-20 11:12 . 2008-06-27 16:37 27525 ----a-w- c:\users\hendrik\AppData\Roaming\nvModes.dat 2010-02-16 10:42 . 2010-02-11 15:31 632144 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\plugins\BpGaming.dll 2010-02-16 10:42 . 2010-02-11 15:31 352080 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BackupShellTransfer.exe 2010-02-16 10:42 . 2010-02-11 15:31 1114448 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BackupRun.exe 2010-02-16 10:42 . 2010-02-11 15:30 320848 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BgSecErase.exe 2010-02-16 10:42 . 2010-02-11 15:30 288080 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\ManualUpdate.exe 2010-02-16 10:42 . 2010-02-11 15:29 252240 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\bgcrs.exe 2010-02-11 15:30 . 2010-02-11 15:30 367952 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BsFire.dll 2010-02-11 15:29 . 2010-02-11 15:29 155472 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\Login.dll 2010-02-11 15:29 . 2010-02-11 15:29 777040 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\GUIHook.dll 2010-02-11 15:29 . 2010-02-11 15:29 2063696 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BullGuard.exe 2010-02-11 15:29 . 2010-02-11 15:29 138576 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BsMain.dll 2010-02-11 15:29 . 2010-02-11 15:29 199504 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BgLauncher.exe 2010-02-11 15:29 . 2010-02-11 15:29 85328 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BgInstallAssist.dll 2010-02-11 15:27 . 2010-02-11 15:27 329552 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BullGuardUpdate.exe 2010-02-11 15:27 . 2010-02-11 15:27 329552 ----a-w- c:\programdata\BullGuard\Update\Bin\BullGuardUpdate.exe 2010-02-08 15:52 . 2008-07-13 09:43 -------- d-----w- c:\program files\Common Files\Apple 2010-02-08 15:45 . 2010-02-08 15:45 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe 2010-02-05 16:19 . 2008-06-27 17:00 -------- d-----w- c:\users\hendrik\AppData\Roaming\BullGuard 2010-02-02 21:50 . 2008-12-12 17:13 -------- d-----w- c:\programdata\Avanquest Bluetooth SDK 2010-01-30 15:27 . 2008-04-14 11:39 -------- d-----w- c:\programdata\Microsoft Help 2010-01-27 17:00 . 2008-04-14 10:24 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-27 16:53 . 2010-01-27 16:53 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf 2010-01-26 18:04 . 2009-11-28 11:28 -------- d-----w- c:\users\hendrik\AppData\Roaming\uTorrent 2010-01-21 17:06 . 2008-04-14 11:14 -------- d-----w- c:\program files\Common Files\Adobe 2010-01-16 16:12 . 2010-01-16 16:12 -------- d-----w- c:\program files\Common Files\Java 2010-01-16 16:11 . 2008-12-03 13:49 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-01-14 10:12 . 2009-10-03 15:25 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-01-11 13:20 . 2008-08-07 17:35 680 ----a-w- c:\users\hendrik\AppData\Local\d3d9caps.dat 2010-01-11 09:30 . 2010-01-11 09:30 98128 ----a-w- c:\windows\system32\BgGamingMonitor.dll 2010-01-09 09:05 . 2009-01-31 18:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-08 19:00 . 2009-03-29 15:55 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-01-07 15:07 . 2009-01-31 18:23 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2009-01-31 18:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-06 16:47 . 2008-06-28 11:25 -------- d-----w- c:\program files\Windows Live 2010-01-02 06:38 . 2010-01-30 15:18 916480 ----a-w- c:\windows\system32\wininet.dll 2010-01-02 06:32 . 2010-01-30 15:18 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-01-02 06:32 . 2010-01-30 15:18 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-01-02 04:57 . 2010-01-30 15:18 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-12-27 23:59 . 2009-01-30 16:58 -------- d-----w- c:\program files\Mixxx 2009-12-26 14:25 . 2008-07-13 09:45 -------- d-----w- c:\programdata\Apple Computer 2009-12-26 14:19 . 2009-12-26 14:19 -------- d-----w- c:\programdata\WindowsSearch 2009-12-26 14:18 . 2009-11-28 16:58 -------- d-----w- c:\users\hendrik\AppData\Roaming\BSplayer 2009-12-25 18:59 . 2009-12-25 18:59 658696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-12-22 19:25 . 2008-06-27 16:26 107736 ----a-w- c:\users\hendrik\AppData\Local\GDIPFONTCACHEV1.DAT 2009-12-14 19:07 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-12-14 14:20 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2009-12-14 14:19 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2009-12-12 14:13 . 2009-06-16 11:39 737280 ----a-w- c:\windows\iun6002.exe 2009-12-12 11:57 . 2009-12-12 11:57 2208 ----a-w- c:\windows\system32\drivers\nxsIO32.sys 2009-12-10 20:58 . 2009-12-10 15:44 294 ---ha-w- c:\windows\sysreg.dat 2009-12-04 10:00 . 2009-12-04 10:00 318488 ----a-w- c:\windows\system32\drivers\afwcore.sys 2009-12-04 10:00 . 2009-12-04 10:00 29208 ----a-w- c:\windows\system32\drivers\afw.sys 2009-12-04 09:59 . 2009-12-04 09:59 53840 ----a-w- c:\windows\system32\drivers\BdSpy.sys 2009-12-02 15:27 . 2009-08-23 14:23 138280 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-12-02 15:26 . 2009-08-23 14:23 111928 ----a-w- c:\windows\system32\PnkBstrB.exe 2006-05-03 09:06 . 2009-11-28 11:21 163328 --sh--r- c:\windows\System32\flvDX.dll 2007-02-21 10:47 . 2009-11-28 11:21 31232 --sh--r- c:\windows\System32\msfDX.dll 2008-03-16 12:30 . 2009-11-28 11:21 216064 --sh--r- c:\windows\System32\nbDX.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-11-08 4702208] "MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2008-03-14 561152] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-11-24 622592] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2006-07-19 65536] "Skytel"="Skytel.exe" [2007-11-08 1826816] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-08 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-08 8462336] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-08 81920] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-01-07 429392] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504] "Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader\Reader_sl.exe" [2009-12-22 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] "QuickTime Task"="d:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2010-01-22 141608] "BullGuard"="d:\program files\BullGuard\BullGuard.exe" [2010-02-11 2063696] c:\users\hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ aveosti.exe.lnk - c:\program files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe [2008-4-14 28672] Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-2-27 2756608] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\BgGamingMonitor.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:89,ec,59,ca,db,7c,ca,01 R0 Si3531;SiI-3531 SATA Controller;c:\windows\System32\drivers\Si3531.sys [5/02/2009 18:38 212520] R1 afw;Agnitum Firewall Driver;c:\windows\System32\drivers\afw.sys [4/12/2009 11:00 29208] R1 BdSpy;BdSpy;c:\windows\System32\drivers\BdSpy.sys [4/12/2009 10:59 53840] R1 ntiomin;ntiomin;c:\windows\System32\drivers\ntiomin.sys [12/04/2008 16:40 11392] R2 BsBrowser;BullGuard antiphishing service;c:\windows\System32\SvcHost.exe -k BullGuard_LowPriv [14/12/2009 14:26 21504] R2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe -k BullGuard [14/12/2009 14:26 21504] R2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe -k BullGuard [14/12/2009 14:26 21504] R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe -k BullGuard [14/12/2009 14:26 21504] R2 BsUpdate;BullGuard update service;d:\program files\BullGuard\BullGuardUpdate.exe [11/02/2010 16:27 329552] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/12/2009 20:01 236368] R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [14/04/2008 13:05 61440] R2 nxsIO32;NextSensor Kernel I/O Driver;c:\windows\System32\drivers\nxsIO32.sys [12/12/2009 12:57 2208] R2 OMSI download service;Sony Ericsson OMSI download service;d:\program files\Sony Ericsson\SupServ.exe [27/01/2010 18:00 90112] R3 afwcore;afwcore;c:\windows\System32\drivers\afwcore.sys [4/12/2009 11:00 318488] R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [14/04/2008 11:34 32256] R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [31/01/2009 19:23 19160] R3 MGHwCtrl;MGHwCtrl;c:\windows\System32\drivers\MGHwCtrl.sys [14/04/2008 13:05 19456] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [18/11/2009 0:51 4247552] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\System32\drivers\a38usbxp.sys [30/04/2004 12:35 24832] S3 BgRaSvc;BgRaSvc;d:\program files\BullGuard\Support\BgRaSvc.exe [22/12/2009 16:56 100176] S3 BsScanner;BullGuard scanning service;d:\program files\BullGuard\BullGuardScanner.exe [22/01/2010 10:36 290640] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys [27/01/2010 17:42 13224] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\System32\drivers\s0017bus.sys [27/01/2010 18:01 86824] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\System32\drivers\s0017mdfl.sys [27/01/2010 18:01 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\System32\drivers\s0017mdm.sys [27/01/2010 18:01 114600] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0017mgmt.sys [27/01/2010 18:01 108328] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\System32\drivers\s0017nd5.sys [27/01/2010 18:01 26024] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\System32\drivers\s0017obex.sys [27/01/2010 18:01 104616] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\System32\drivers\s0017unic.sys [27/01/2010 18:01 109736] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache BullGuard_Main REG_MULTI_SZ BsMain BullGuard REG_MULTI_SZ BsFileScan BsMailProxy BsFire BullGuard_LowPriv REG_MULTI_SZ BsBrowser . Inhoud van de 'Gedeelde Taken' map 2010-02-20 c:\windows\Tasks\Malwarebytes' Scheduled Update for hendrik.job - c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-01-31 15:07] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.hln.be/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\BGLsp.dll FF - ProfilePath - c:\users\hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\prr7ovz6.default\ FF - component: d:\program files\BullGuard\Antiphishing\FF\antiphishing@bullguard\components\BGFFComponent.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPDFusionWebFirefox.dll FF - plugin: c:\program files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll FF - plugin: d:\program files\Adobe\Reader\browser\nppdf32.dll FF - plugin: d:\program files\iTunes\Mozilla Plugins\npitunes.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin2.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin3.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin4.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin5.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin6.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin7.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "Firefox web browser | Faster, more secure, & customizable"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-02-21 17:25 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\agrsmsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\users\hendrik\CPUCooL\CooLSrv.exe c:\windows\system32\PnkBstrA.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe c:\windows\system32\conime.exe c:\windows\RtHDVCpl.exe c:\program files\Brother\ControlCenter3\brccMCtl.exe c:\windows\System32\rundll32.exe c:\windows\ehome\ehmsas.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Voltooingstijd: 2010-02-21 17:32:26 - machine werd herstart ComboFix-quarantined-files.txt 2010-02-21 16:32 ComboFix2.txt 2010-02-10 19:53 Pre-Run: 6.542.475.264 bytes beschikbaar Post-Run: 6.438.604.800 bytes beschikbaar - - End Of File - - AE9E6F66BE2FB08BE69F8B6B0DAC8B53
-
Combofix komt er aan hoor, maar ik zit met de one care scanner. Deze scant voor een paar uur je computer. Ik hoop tegen de avond de log te posten. In ieder geval, bedankt al om me te helpen.
-
Hier alvast een nieuw hijackthis logje, combofix komt eraan, ik ben aan het scannen met one care, en dit kan wel even duren. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:18:48, on 21/02/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Windows\System32\rundll32.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe D:\Program Files\iTunes\iTunesHelper.exe D:\Program Files\BullGuard\BullGuard.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\Program Files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\Macromed\Flash\FlashUtil10e_ActiveX.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\windows live safety center\wlschost.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hln.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: BGAntiphishingBHO - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - D:\Program Files\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll O3 - Toolbar: BullGuard Antiphishing Bar - {730190FA-6107-4640-A59B-02A481D9AFAA} - D:\Program Files\BullGuard\Antiphishing\IE\BGToolBand.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bullGuard] "D:\Program Files\BullGuard\BullGuard.exe" -boot O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: aveosti.exe.lnk = ? O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/nl-NL/wlscctrl2.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {FAB2BB9D-91E9-457E-9D42-75A7FCCBBC00} (CDFusionActiveXCtl Object) - http://www.mine.be/plugin/DFusionHomeWebPlugIn.InstallerFull.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BgRaSvc - BullGuard Ltd. - D:\Program Files\BullGuard\Support\BgRaSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - D:\Program Files\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - D:\Program Files\BullGuard\BullGuardUpdate.exe O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - C:\Users\hendrik\CPUCooL\CooLSrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - D:\Program Files\Sony Ericsson\SupServ.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 8405 bytes
-
ook wil ik nog zeggen dat ik ALTIJD, zelfs dagelijks (!) met hetzelfde virus op mijn computer zit. zie bijlage. Doc1.docx
-
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:46:28, on 21/02/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Windows\System32\rundll32.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe D:\Program Files\iTunes\iTunesHelper.exe D:\Program Files\BullGuard\BullGuard.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\Program Files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\Macromed\Flash\FlashUtil10e_ActiveX.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: BGAntiphishingBHO - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - D:\Program Files\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll O3 - Toolbar: BullGuard Antiphishing Bar - {730190FA-6107-4640-A59B-02A481D9AFAA} - D:\Program Files\BullGuard\Antiphishing\IE\BGToolBand.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bullGuard] "D:\Program Files\BullGuard\BullGuard.exe" -boot O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: aveosti.exe.lnk = ? O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/nl-NL/wlscctrl2.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {FAB2BB9D-91E9-457E-9D42-75A7FCCBBC00} (CDFusionActiveXCtl Object) - http://www.mine.be/plugin/DFusionHomeWebPlugIn.InstallerFull.exe O20 - AppInit_DLLs: BgGamingMonitor.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BgRaSvc - BullGuard Ltd. - D:\Program Files\BullGuard\Support\BgRaSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - D:\Program Files\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - D:\Program Files\BullGuard\BullGuardUpdate.exe O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - C:\Users\hendrik\CPUCooL\CooLSrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - D:\Program Files\Sony Ericsson\SupServ.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 8430 bytes
-
Beste, ik zit hier ook met een dergerlijk probleem. Wanneer ik een tijdje ben aangemeld en ik probeer een gespreksvenster te openen, dan hoor ik 'boem' (het geluid dat iets niet gaat). En dit kan soms wel 10 minuten duren vooraleer ik het terug kan openen. Zou iemand me kunnen helpen? EDIT : beter niet posten in een topic van een andere forumgebruiker. Heb even een eigen onderwerp voor je aangemaakt. Gaan we hier gewoon verder
-
neen, via configuratiescherm reageert hij niet, en ook niet via CCleaner. Ik heb ooit eens 1uur gewacht nadat ik heb geklikt, zonder resultaat.
-
Antivirus is ok, heb deze verwijdert en terug geinstalleerd. Foutmelding komt er ook niet meer op, maar problemen met msn blijven.
-
ComboFix 10-02-10.01 - hendrik 10/02/2010 20:30:10.5.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3069.1789 [GMT 1:00] Gestart vanuit: c:\users\hendrik\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Aanwezig AV is actief . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-1762531168-3983674141-3596849225-500 c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500 c:\programdata\hpeECF1.dll c:\users\hendrik\AppData\Roaming\Desktopicon c:\users\hendrik\AppData\Roaming\Desktopicon\eBay.ico c:\users\hendrik\AppData\Roaming\Desktopicon\uninst.exe c:\users\Public\Documents\SearchIt99 c:\users\Public\Documents\SearchIt99\FileClientDB.dic c:\users\Public\Documents\SearchIt99\FileClientIndex.dic . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_BsMain (((((((((((((((((((( Bestanden Gemaakt van 2010-01-10 to 2010-02-10 )))))))))))))))))))))))))))))) . 2010-02-10 19:43 . 2010-02-10 19:48 -------- d-----w- c:\users\hendrik\AppData\Local\temp 2010-02-10 19:43 . 2010-02-10 19:43 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-02-10 12:38 . 2010-02-10 12:38 -------- d-----w- c:\program files\Trend Micro 2010-02-09 20:44 . 2010-02-09 20:44 -------- d-----w- c:\program files\Common Files\Windows Live 2010-02-08 15:52 . 2010-02-08 15:52 -------- d-----w- c:\program files\iPod 2010-02-01 17:42 . 2010-02-10 18:10 122744 ----a-w- c:\windows\system32\BdInstHk.dll 2010-02-01 11:01 . 2010-02-01 11:01 148816 ----a-w- c:\windows\system32\BGLsp.dll 2010-01-30 15:20 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll 2010-01-30 15:20 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys 2010-01-27 17:11 . 2010-01-27 17:11 -------- d-----w- c:\programdata\BVRP Software 2010-01-27 17:01 . 2008-10-21 08:22 86824 ----a-w- c:\windows\system32\drivers\s0017bus.sys 2010-01-27 17:01 . 2008-10-21 08:22 26024 ----a-w- c:\windows\system32\drivers\s0017nd5.sys 2010-01-27 17:01 . 2008-10-21 08:22 15016 ----a-w- c:\windows\system32\drivers\s0017mdfl.sys 2010-01-27 17:01 . 2008-10-21 08:22 12200 ----a-w- c:\windows\system32\drivers\s0017whnt.sys 2010-01-27 17:01 . 2008-10-21 08:22 12200 ----a-w- c:\windows\system32\drivers\s0017wh.sys 2010-01-27 17:01 . 2008-10-21 08:22 12200 ----a-w- c:\windows\system32\drivers\s0017cmnt.sys 2010-01-27 17:01 . 2008-10-21 08:22 12200 ----a-w- c:\windows\system32\drivers\s0017cm.sys 2010-01-27 17:01 . 2008-10-21 08:22 114600 ----a-w- c:\windows\system32\drivers\s0017mdm.sys 2010-01-27 17:01 . 2008-10-21 08:22 109736 ----a-w- c:\windows\system32\drivers\s0017unic.sys 2010-01-27 17:01 . 2008-10-21 08:22 108328 ----a-w- c:\windows\system32\drivers\s0017mgmt.sys 2010-01-27 17:01 . 2008-10-21 08:22 10792 ----a-w- c:\windows\system32\drivers\s0017cr.sys 2010-01-27 17:01 . 2008-10-21 08:22 104616 ----a-w- c:\windows\system32\drivers\s0017obex.sys 2010-01-27 16:42 . 2010-01-27 16:42 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys 2010-01-27 16:42 . 2010-01-27 16:42 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys 2010-01-27 16:42 . 2010-01-27 16:42 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll 2010-01-16 16:12 . 2010-01-16 16:12 -------- d-----w- c:\program files\Common Files\Java . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-10 18:10 . 2010-02-10 18:10 8528 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\res\nl\SFEngineRes.dll 2010-02-10 18:09 . 2010-02-10 18:09 456528 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\plugins\BpMain.dll 2010-02-10 18:09 . 2010-02-10 18:09 10064 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\res\nl\bgcrsRes.dll 2010-02-10 18:09 . 2010-02-10 18:09 155472 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\Login.dll 2010-02-10 18:09 . 2010-02-10 18:09 777040 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\GUIHook.dll 2010-02-10 18:09 . 2010-02-10 18:09 2063696 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BullGuard.exe 2010-02-10 18:09 . 2010-02-10 18:09 138576 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BsMain.dll 2010-02-10 18:09 . 2010-02-10 18:09 199504 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BgLauncher.exe 2010-02-10 18:09 . 2010-02-10 18:09 85328 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BgInstallAssist.dll 2010-02-10 18:09 . 2010-02-10 18:09 252240 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\bgcrs.exe 2010-02-10 18:06 . 2010-02-10 18:06 329552 ----a-w- c:\programdata\BullGuard\Update\Download\APPDIR\BullGuardUpdate.exe 2010-02-10 18:06 . 2010-02-10 18:06 329552 ----a-w- c:\programdata\BullGuard\Update\Bin\BullGuardUpdate.exe 2010-02-10 18:05 . 2008-06-27 17:00 -------- d-----w- c:\programdata\BullGuard 2010-02-09 20:49 . 2008-06-27 16:37 27525 ----a-w- c:\users\hendrik\AppData\Roaming\nvModes.dat 2010-02-08 20:28 . 2006-11-02 16:11 667352 ----a-w- c:\windows\system32\perfh013.dat 2010-02-08 20:28 . 2006-11-02 16:11 126854 ----a-w- c:\windows\system32\perfc013.dat 2010-02-08 15:52 . 2008-07-13 09:43 -------- d-----w- c:\program files\Common Files\Apple 2010-02-08 15:45 . 2010-02-08 15:45 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe 2010-02-05 16:19 . 2008-06-27 17:00 -------- d-----w- c:\users\hendrik\AppData\Roaming\BullGuard 2010-02-04 20:44 . 2010-02-04 20:44 77824 ----a-w- c:\programdata\BullGuard\Update\Download\AVDEFS\bdupd.dll 2010-02-02 21:50 . 2008-12-12 17:13 -------- d-----w- c:\programdata\Avanquest Bluetooth SDK 2010-01-30 15:56 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-01-30 15:27 . 2008-04-14 11:39 -------- d-----w- c:\programdata\Microsoft Help 2010-01-27 17:00 . 2008-04-14 10:24 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-27 16:53 . 2010-01-27 16:53 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf 2010-01-26 18:04 . 2009-11-28 11:28 -------- d-----w- c:\users\hendrik\AppData\Roaming\uTorrent 2010-01-21 17:06 . 2008-04-14 11:14 -------- d-----w- c:\program files\Common Files\Adobe 2010-01-16 16:11 . 2008-12-03 13:49 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-01-14 10:12 . 2009-10-03 15:25 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-01-11 13:20 . 2008-08-07 17:35 680 ----a-w- c:\users\hendrik\AppData\Local\d3d9caps.dat 2010-01-11 09:30 . 2010-01-11 09:30 98128 ----a-w- c:\windows\system32\BgGamingMonitor.dll 2010-01-09 09:05 . 2009-01-31 18:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-08 19:00 . 2009-03-29 15:55 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-01-07 15:07 . 2009-01-31 18:23 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2009-01-31 18:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-06 16:47 . 2008-06-28 11:25 -------- d-----w- c:\program files\Windows Live 2010-01-02 06:38 . 2010-01-30 15:18 916480 ----a-w- c:\windows\system32\wininet.dll 2010-01-02 06:32 . 2010-01-30 15:18 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-01-02 06:32 . 2010-01-30 15:18 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-01-02 04:57 . 2010-01-30 15:18 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-12-27 23:59 . 2009-01-30 16:58 -------- d-----w- c:\program files\Mixxx 2009-12-26 14:25 . 2008-07-13 09:45 -------- d-----w- c:\programdata\Apple Computer 2009-12-26 14:19 . 2009-12-26 14:19 -------- d-----w- c:\programdata\WindowsSearch 2009-12-26 14:18 . 2009-11-28 16:58 -------- d-----w- c:\users\hendrik\AppData\Roaming\BSplayer 2009-12-25 18:59 . 2009-12-25 18:59 658696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-12-22 19:25 . 2008-06-27 16:26 107736 ----a-w- c:\users\hendrik\AppData\Local\GDIPFONTCACHEV1.DAT 2009-12-22 18:42 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild 2009-12-22 18:37 . 2009-12-22 18:37 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2009-12-22 17:12 . 2009-12-22 17:12 -------- d-----w- c:\program files\Total Immersion 2009-12-21 15:59 . 2009-01-20 19:06 -------- d-----w- c:\users\hendrik\AppData\Roaming\FrostWire 2009-12-16 19:34 . 2008-08-03 13:48 -------- d-----w- c:\programdata\SwiftKit 2009-12-14 19:07 . 2009-12-14 19:07 -------- d-----w- c:\program files\Windows Portable Devices 2009-12-14 19:07 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-12-14 19:07 . 2009-12-14 19:07 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf 2009-12-14 19:06 . 2009-12-14 19:06 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2009-12-14 16:31 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-12-14 16:31 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2009-12-14 16:31 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2009-12-14 16:31 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2009-12-14 16:31 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2009-12-14 16:31 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2009-12-14 16:26 . 2009-12-14 16:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2009-12-14 16:26 . 2009-12-14 16:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2009-12-14 14:20 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2009-12-14 14:19 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2009-12-12 14:13 . 2009-06-16 11:39 737280 ----a-w- c:\windows\iun6002.exe 2009-12-12 11:57 . 2009-12-12 11:57 2208 ----a-w- c:\windows\system32\drivers\nxsIO32.sys 2009-12-10 20:58 . 2009-12-10 15:44 294 ---ha-w- c:\windows\sysreg.dat 2009-12-04 10:00 . 2009-12-04 10:00 318488 ----a-w- c:\windows\system32\drivers\afwcore.sys 2009-12-04 10:00 . 2009-12-04 10:00 29208 ----a-w- c:\windows\system32\drivers\afw.sys 2009-12-04 09:59 . 2009-12-04 09:59 53840 ----a-w- c:\windows\system32\drivers\BdSpy.sys 2009-12-02 15:27 . 2009-08-23 14:23 138280 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-12-02 15:26 . 2009-08-23 14:23 111928 ----a-w- c:\windows\system32\PnkBstrB.exe 2006-05-03 09:06 . 2009-11-28 11:21 163328 --sh--r- c:\windows\System32\flvDX.dll 2007-02-21 10:47 . 2009-11-28 11:21 31232 --sh--r- c:\windows\System32\msfDX.dll 2008-03-16 12:30 . 2009-11-28 11:21 216064 --sh--r- c:\windows\System32\nbDX.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-11-08 4702208] "MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2008-03-14 561152] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-11-24 622592] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2006-07-19 65536] "Skytel"="Skytel.exe" [2007-11-08 1826816] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-08 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-08 8462336] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-08 81920] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-01-07 429392] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504] "Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader\Reader_sl.exe" [2009-12-22 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] "BullGuard"="d:\program files\Bullguard\BullGuard.exe" [2010-02-10 2063696] "QuickTime Task"="d:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2010-01-22 141608] c:\users\hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ aveosti.exe.lnk - c:\program files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe [2008-4-14 28672] Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-2-27 2756608] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:89,ec,59,ca,db,7c,ca,01 R0 Si3531;SiI-3531 SATA Controller;c:\windows\System32\drivers\Si3531.sys [5/02/2009 18:38 212520] R1 afw;Agnitum Firewall Driver;c:\windows\System32\drivers\afw.sys [4/12/2009 11:00 29208] R1 BdSpy;BdSpy;c:\windows\System32\drivers\BdSpy.sys [4/12/2009 10:59 53840] R1 ntiomin;ntiomin;c:\windows\System32\drivers\ntiomin.sys [12/04/2008 16:40 11392] R2 BsBrowser;BullGuard antiphishing service;c:\windows\System32\SvcHost.exe -k BullGuard_LowPriv [14/12/2009 14:26 21504] R2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe -k BullGuard [14/12/2009 14:26 21504] R2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe -k BullGuard [14/12/2009 14:26 21504] R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe -k BullGuard [14/12/2009 14:26 21504] R2 BsUpdate;BullGuard update service;d:\program files\Bullguard\BullGuardUpdate.exe [10/02/2010 19:06 329552] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/12/2009 20:01 236368] R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [14/04/2008 13:05 61440] R2 nxsIO32;NextSensor Kernel I/O Driver;c:\windows\System32\drivers\nxsIO32.sys [12/12/2009 12:57 2208] R2 OMSI download service;Sony Ericsson OMSI download service;d:\program files\Sony Ericsson\SupServ.exe [27/01/2010 18:00 90112] R3 afwcore;afwcore;c:\windows\System32\drivers\afwcore.sys [4/12/2009 11:00 318488] R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [14/04/2008 11:34 32256] R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [31/01/2009 19:23 19160] R3 MGHwCtrl;MGHwCtrl;c:\windows\System32\drivers\MGHwCtrl.sys [14/04/2008 13:05 19456] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [18/11/2009 0:51 4247552] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\System32\drivers\a38usbxp.sys [30/04/2004 12:35 24832] S3 BgRaSvc;BgRaSvc;d:\program files\Bullguard\Support\BgRaSvc.exe [22/12/2009 16:56 100176] S3 BsScanner;BullGuard scanning service;d:\program files\Bullguard\BullGuardScanner.exe [22/01/2010 10:36 290640] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [14/12/2009 14:26 21504] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys [27/01/2010 17:42 13224] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\System32\drivers\s0017bus.sys [27/01/2010 18:01 86824] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\System32\drivers\s0017mdfl.sys [27/01/2010 18:01 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\System32\drivers\s0017mdm.sys [27/01/2010 18:01 114600] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0017mgmt.sys [27/01/2010 18:01 108328] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\System32\drivers\s0017nd5.sys [27/01/2010 18:01 26024] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\System32\drivers\s0017obex.sys [27/01/2010 18:01 104616] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\System32\drivers\s0017unic.sys [27/01/2010 18:01 109736] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache BullGuard_Main REG_MULTI_SZ BsMain BullGuard REG_MULTI_SZ BsFileScan BsMailProxy BsFire BullGuard_LowPriv REG_MULTI_SZ BsBrowser . Inhoud van de 'Gedeelde Taken' map 2010-02-10 c:\windows\Tasks\Malwarebytes' Scheduled Update for hendrik.job - c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-01-31 15:07] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.hln.be/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: {FAB2BB9D-91E9-457E-9D42-75A7FCCBBC00} - hxxp://www.mine.be/plugin/DFusionHomeWebPlugIn.InstallerFull.exe FF - ProfilePath - c:\users\hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\prr7ovz6.default\ FF - component: d:\program files\Bullguard\Antiphishing\FF\antiphishing@bullguard\components\BGFFComponent.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPDFusionWebFirefox.dll FF - plugin: c:\program files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll FF - plugin: d:\program files\Adobe\Reader\browser\nppdf32.dll FF - plugin: d:\program files\iTunes\Mozilla Plugins\npitunes.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin2.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin3.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin4.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin5.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin6.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin7.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "Firefox web browser | Faster, more secure, & customizable"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . - - - - ORPHANS VERWIJDERD - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) AddRemove-eBay Icon - c:\users\hendrik\AppData\Roaming\Desktopicon\uninst.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-02-10 20:47 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\agrsmsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\users\hendrik\CPUCooL\CooLSrv.exe c:\windows\system32\PnkBstrA.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe c:\windows\system32\conime.exe c:\windows\RtHDVCpl.exe c:\windows\System32\rundll32.exe c:\program files\Brother\ControlCenter3\brccMCtl.exe c:\windows\System32\rundll32.exe c:\windows\ehome\ehmsas.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Voltooingstijd: 2010-02-10 20:53:49 - machine werd herstart ComboFix-quarantined-files.txt 2010-02-10 19:53 Pre-Run: 2.326.794.240 bytes beschikbaar Post-Run: 1.966.825.472 bytes beschikbaar - - End Of File - - 43DF038EDE78EEDD2E37FA238183E504 ++ mijn antivirus werkt nu niet meer, de main service draait niet zegt hij. ++ Ik vind dat hier tegenwoordig alles wat traag begint te draaien en sommige dingen nietmeer werken.
-
Malwarebytes' Anti-Malware 1.44 Database versie: 3719 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18882 10/02/2010 14:48:58 mbam-log-2010-02-10 (14-48-58).txt Scan type: Snelle Scan Objecten gescand: 103113 Verstreken tijd: 12 minute(s), 47 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:51:25, on 10/02/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe D:\Program Files\Bullguard\BullGuard.exe D:\Program Files\iTunes\iTunesHelper.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\Macromed\Flash\FlashUtil10e_ActiveX.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: BGAntiphishingBHO - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - D:\Program Files\Bullguard\Antiphishing\IE\BGAntiphishingIEBHO.dll O3 - Toolbar: BullGuard Antiphishing Bar - {730190FA-6107-4640-A59B-02A481D9AFAA} - D:\Program Files\Bullguard\Antiphishing\IE\BGToolBand.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bullGuard] "D:\Program Files\Bullguard\BullGuard.exe" -boot O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: aveosti.exe.lnk = ? O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {FAB2BB9D-91E9-457E-9D42-75A7FCCBBC00} (CDFusionActiveXCtl Object) - http://www.mine.be/plugin/DFusionHomeWebPlugIn.InstallerFull.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BgRaSvc - BullGuard Ltd. - D:\Program Files\Bullguard\Support\BgRaSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - D:\Program Files\Bullguard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - D:\Program Files\Bullguard\BullGuardUpdate.exe O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - C:\Users\hendrik\CPUCooL\CooLSrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - D:\Program Files\Sony Ericsson\SupServ.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 7541 bytes
-
Bedankt (;
-
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:39:57, on 10/02/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe D:\Program Files\Bullguard\BullGuard.exe D:\Program Files\iTunes\iTunesHelper.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\Macromed\Flash\FlashUtil10e_ActiveX.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: BGAntiphishingBHO - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - D:\Program Files\Bullguard\Antiphishing\IE\BGAntiphishingIEBHO.dll O3 - Toolbar: BullGuard Antiphishing Bar - {730190FA-6107-4640-A59B-02A481D9AFAA} - D:\Program Files\Bullguard\Antiphishing\IE\BGToolBand.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bullGuard] "D:\Program Files\Bullguard\BullGuard.exe" -boot O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: aveosti.exe.lnk = ? O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O13 - Gopher Prefix: O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {FAB2BB9D-91E9-457E-9D42-75A7FCCBBC00} (CDFusionActiveXCtl Object) - http://www.mine.be/plugin/DFusionHomeWebPlugIn.InstallerFull.exe O20 - AppInit_DLLs: BgGamingMonitor.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BgRaSvc - BullGuard Ltd. - D:\Program Files\Bullguard\Support\BgRaSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - D:\Program Files\Bullguard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - D:\Program Files\Bullguard\BullGuardUpdate.exe O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - C:\Users\hendrik\CPUCooL\CooLSrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - D:\Program Files\Sony Ericsson\SupServ.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 8216 bytes
-
Hallo, ik zit met een probleem bij het opstarten van het bureaublad; wanneer ik het bureaublad zie dan komt er deze foutmelding dikwijls op na het opstarten van de computer (zie bijlage) Soms is het ook een andere naam, en weet niet waartoe deze dient. Tegenwoordig heb ik ook zéér veel problemen met het blijven vasthangen van Windows live messenger. Verwijderen reageert hij niet op, vind ik wel vreemd. edit: De foutmelding is niet volledig, want wanneer ik op printscreen druktte, ging het weg. Groeten. Doc1.docx
