tomba

Mijn PC is traag, ik twijfel of ik alles misschien helemaal opnieuw erop moet gaan zetten. Kan het zijn dat door veelvuldig software toevoegen en verwijderen de boel verstopt? Defragmenteren biedt geen uitkomst en het lijkt nu sinds ik de nieuwste explorer heb geinstalleerd of hij nog langzamer is geworden. Ik speelde altijd Battlefield 2142 en dat draaide zegmaar net goed maar dat werkt nu ook te traag om het nog leuk online te kunnen spelen. Kun je naar mijn hijack kijken of er misschien iets aan te doen valt? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:02:56, on 1-8-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\hp\support\hpsysdrv.exe C:\hp\KBD\kbd.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Windows\System32\rundll32.exe C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\System32\rundll32.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe C:\Windows\system32\conime.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mijnAOL | HP R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - HKUS\S-1-5-21-1309670431-4282271401-877372540-1003\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Claire') O4 - HKUS\S-1-5-21-1309670431-4282271401-877372540-1003\..\Run: [steam] (User 'Claire') O4 - HKUS\S-1-5-21-1309670431-4282271401-877372540-1003\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Claire') O4 - HKUS\S-1-5-21-1309670431-4282271401-877372540-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Claire') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O13 - Gopher Prefix: O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate1c98e81a64da43a) (gupdate1c98e81a64da43a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10831 bytes

combofix mapje staat er nog wel maar is leeg dus blijkbaar heeft het gewerkt, toch? dank je wel voor alle hulp

oke dat is gebeurd. PC is inderdaad weer sneller. Waar ik alleen aan twijfel is of zoals je zegt Comofix is verwijderd. Naar mijn gevoel deed het programma gewoon hetzelfde als wat ik al eerder moest doen. Ik zag in iedergeval nergens staan Combofix wordt verwijderd. Dank je wel

Hoi, via dos kan ik ook niet in dat mapje komen. Er komt dan een map die roaming heet, heb het maar even gekopierd misschien kun je er iets mee? Microsoft Windows [versie 6.0.6001] Copyright © 2006 Microsoft Corporation. Alle rechten voorbehouden. C:\Users\tom>cd\\ '\\' CMD ondersteunt geen UNC-paden als actieve mappen. C:\Users\tom>cd// Het systeem kan het opgegeven pad niet vinden. C:\Users\tom>cd\ C:\>cd windows C:\Windows>cd system32 C:\Windows\System32>cd %APPDATA% C:\Users\tom\AppData\Roaming>dir De volumenaam van station C is HP Het volumenummer is FC18-3DE7 Map van C:\Users\tom\AppData\Roaming 16-05-2009 11:22 <DIR> . 16-05-2009 11:22 <DIR> .. 25-04-2009 11:59 <DIR> Adobe 19-04-2007 18:19 <DIR> AdobeUM 02-11-2007 19:33 <DIR> Apple Computer 12-03-2009 15:41 <DIR> Belastingdienst 19-12-2008 18:45 <DIR> CoreFTP 09-03-2009 20:00 <DIR> DAEMON Tools 09-03-2009 20:02 <DIR> DAEMON Tools Lite 09-03-2009 20:00 <DIR> DAEMON Tools Pro 11-06-2007 19:31 <DIR> Download Manager 15-04-2007 00:28 <DIR> Google 14-04-2007 17:51 <DIR> Hewlett-Packard 08-02-2008 20:19 <DIR> HP 14-04-2007 17:55 <DIR> Identities 24-11-2008 16:57 <DIR> IGN_DLM 12-09-2008 12:24 <DIR> InstallShield 04-01-2009 12:15 <DIR> InterVideo 19-07-2008 09:15 <DIR> Lavasoft 06-10-2008 16:14 <DIR> LimeWire 16-04-2007 18:51 <DIR> Macromedia 16-05-2009 11:22 <DIR> Malwarebytes 02-11-2006 14:37 <DIR> Media Center Programs 08-02-2008 20:52 <DIR> Media Player Classic 26-06-2007 11:57 <DIR> Mozilla 13-05-2009 14:28 <DIR> Nokia 09-08-2008 12:39 <DIR> Nvu 13-05-2009 13:08 <DIR> PC Suite 23-11-2008 22:42 22.328 PnkBstrK.sys 03-12-2007 15:22 <DIR> Radmin 08-03-2009 18:51 <DIR> Roxio 26-06-2007 11:59 <DIR> SecondLife 23-01-2009 11:51 <DIR> Skype 23-01-2009 11:50 <DIR> skypePM 30-12-2008 13:51 <DIR> Sony 18-06-2008 10:35 <DIR> Symantec 06-05-2009 09:12 <DIR> TeamViewer 10-05-2007 14:02 <DIR> Template 25-03-2008 20:05 <DIR> U3 01-11-2007 10:58 <DIR> WinBatch 12-03-2008 00:01 3.474 wklnhst.dat 2 bestand(en) 25.802 bytes 39 map(pen) 160.542.871.552 bytes beschikbaar C:\Users\tom\AppData\Roaming>

kan c:\windows\system32\%APPDATA% niet vinden. Wel de map system32 en die staat bomvol

het is inderdaad een hoop rotzooi allemaal. Het werkt ook een stuk sneller maar nog steeds duurt het 16 seconden eerdat explorer geopend op mijn scherm staat. Dit is een stuk langer dan het een half jaartje geleden was. Zijn er nog zaken die opgeruimd kunnen worden waardoor de prestatie verbetert? thanks

Bedankt alvast, het gaat al een stuk beter. De starttijd voor explorer tot ik in mijn opstartpagina ben is nu 12 seconden. Hierbij de logs.... combofix: ComboFix 09-05-15.04 - tom 16-05-2009 12:01.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.2047.1239 [GMT 2:00] Gestart vanuit: c:\users\tom\Desktop\ComboFix.exe AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1000\$I7Z5CCG.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1000\$ICW446Q.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I1A9MNK.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I2BO4S2.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I2ESP48.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I2GZ973.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I3D3TJQ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I4D0IJA.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I4EMD2T.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I4JGWKQ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I5CBKVY.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I5CJP81.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I5Z95G3.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I73Y7FI.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I7O6VBY.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I80RHIX.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I93LLT7.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I9AUQQA.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I9FI8JD.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I9KT4EL.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$I9T5LDS.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IAJRLHM.AVI c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IBRYQX4.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$ICGPJCX.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$ICMLID9.AVI c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$ID84ALT.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IEJTDU7.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IFAEPA5.AVI c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IFPKCIT.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IGLAZ7U.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IH0CIGJ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IHYN1GL.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$II62189.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IIN6ZS5.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IJHFMWE.pptx c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IJNWQEN.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IK9STNO.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IL3VCJB.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$ILQSIWY.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$ILVEWC4.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IMBJ24H.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IMY7V7K.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IN22EN3.AVI c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$INBWYY9.jnt c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IPIFTD6.AVI c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IPK0UL3.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IPKGZ4V.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IQG2X5A.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IQT6C2R.url c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IQXOC5X.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IRLJ97C.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$ISMPPCJ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$ITPF3HU.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$ITTJZC1.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$ITU7Y4Z.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IU5VWTZ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IUDTEYN.docx c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IVG0PPZ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IW5DDDP.AVI c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IW6L9V8.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IX4CU89.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IXI3L7C.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IXPRAXO.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IXZFZT7.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IY0P0YQ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IYGGJ2R.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IYP7FQT.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IZUQ8OK.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$IZUXZNH.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R1A9MNK.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R2BO4S2.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R2ESP48.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R2GZ973.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R3D3TJQ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R4D0IJA.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R4EMD2T.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R4JGWKQ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R5CBKVY.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R5CJP81.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R5Z95G3.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R73Y7FI.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R7O6VBY.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R80RHIX.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R93LLT7.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R9AUQQA.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R9FI8JD.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R9KT4EL.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$R9T5LDS.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RAJRLHM.AVI c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RBRYQX4.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RCGPJCX.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RCMLID9.AVI c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RD84ALT.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$REJTDU7.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RFAEPA5.AVI c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RFPKCIT.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RGLAZ7U.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RH0CIGJ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RHYN1GL.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RI62189.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RIN6ZS5.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RJHFMWE.pptx c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RJNWQEN.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RK9STNO.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RL3VCJB.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RLQSIWY.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RLVEWC4.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RMBJ24H.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RMY7V7K.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RN22EN3.AVI c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RNBWYY9.jnt c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RPIFTD6.AVI c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RPK0UL3.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RPKGZ4V.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RQG2X5A.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RQXOC5X.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RRLJ97C.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RSMPPCJ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RTPF3HU.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RTTJZC1.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RTU7Y4Z.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RU5VWTZ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RUDTEYN.docx c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RVG0PPZ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RW5DDDP.AVI c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RW6L9V8.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RX4CU89.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RXI3L7C.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RXPRAXO.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RXZFZT7.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RY0P0YQ.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RYGGJ2R.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RYP7FQT.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RZUQ8OK.JPG c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1001\$RZUXZNH.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$I1S78QZ.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$I1ZIO1Q.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$I2KGPTU.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$I4W25SK.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$I5NTJHW.avi c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$I7XW5EZ.hlp c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$I7Y6LGW c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IBD0IUM.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IDV0FAS.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IFD541Z.exe c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IGRVBIH.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IH5VWBL.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IINB9EM.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IJJTJZE.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IJKH96X.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IJQBYIL.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IKON3KM.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$ILO0PAF.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IMFR833.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IMQTOAZ.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IMR4WCK.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$INDP7HP.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$INP29HT.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$INQ8EG8.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IOP4HR9.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IP0D2UW.MP3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IRFD1LS.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$ISGEYS3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$ITAVUU3.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IUH447C.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IUMCE0R.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IUXCCBO.tmp c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IV3V8UN.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IV5GIHG.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IV5Q9A6.zip c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IV728OE.cnt c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IVJYWX2.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IW0RQQY.m4a c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IXEOFLI.bmp c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IXHMNN4.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IXWB6MK.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IYDJNZR.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IZ1Q3RZ.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$IZDHBGL.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$R1S78QZ.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$R1ZIO1Q.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$R2KGPTU.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$R4W25SK.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$R5NTJHW.avi c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$R7XW5EZ.hlp c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RBD0IUM.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RDV0FAS.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RFD541Z.exe c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RGRVBIH.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RH5VWBL.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RINB9EM.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RJJTJZE.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RJKH96X.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RJQBYIL.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RKON3KM.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RLO0PAF.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RMFR833.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RMQTOAZ.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RMR4WCK.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RNDP7HP.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RNQ8EG8.jpg c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$ROP4HR9.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RP0D2UW.MP3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RRFD1LS.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RTAVUU3.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RUH447C.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RUMCE0R.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RV3V8UN.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RV5GIHG.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RV5Q9A6.zip c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RV728OE.cnt c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RVJYWX2.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RW0RQQY.m4a c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RXEOFLI.bmp c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RXHMNN4.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RXWB6MK.mp3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RYDJNZR.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RZ1Q3RZ.wma c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1002\$RZDHBGL.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$I0GRYKY.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$I0STHG5.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$I0YNMN0.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$I1CQSNW c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$I1V0SWC.search-ms c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$I29U0OB.search-ms c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$I2EERHT.search-ms c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$I2T18DH.pptx c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$IA5AYZ9.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$IBYLYJ3 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$IC1XYS6.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$IE0ICWW c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$IFZU6V8 c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$INIFJZX.contact c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$IOCR6CV.search-ms c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$ION0BG8.search-ms c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$IPKUJH2.search-ms c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$IR7UHQG.txt c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$IRZJMKA c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$ISMH07U c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$IT6IRWE c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$ITS1V9I.contact c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$ITXBXOM.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$IWHVTLE c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$IZ5X33D.xlsx c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$R0GRYKY.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$R0STHG5.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$R0YNMN0.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$R1V0SWC.search-ms c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$R29U0OB.search-ms c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$R2EERHT.search-ms c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$R2T18DH.pptx c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$RA5AYZ9.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$RC1XYS6.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$RNIFJZX.contact c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$ROCR6CV.search-ms c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$RON0BG8.search-ms c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$RPKUJH2.search-ms c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$RTS1V9I.contact c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$RTXBXOM.lnk c:\$recycle.bin\S-1-5-21-1309670431-4282271401-877372540-1003\$RZ5X33D.xlsx c:\users\tom\eula.txt c:\windows\system32\AutoRun.inf . (((((((((((((((((((( Bestanden Gemaakt van 2009-04-16 to 2009-05-16 )))))))))))))))))))))))))))))) . 2009-05-16 09:22 . 2009-05-16 09:22 -------- d-----w c:\users\tom\AppData\Roaming\Malwarebytes 2009-05-16 09:22 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-05-16 09:22 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-16 09:22 . 2009-05-16 09:22 -------- d-----w c:\programdata\Malwarebytes 2009-05-16 09:22 . 2009-05-16 09:22 -------- d-----w c:\users\All Users\Malwarebytes 2009-05-16 09:22 . 2009-05-16 09:22 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-05-14 08:47 . 2009-05-15 12:42 -------- d-----w c:\program files\Lavasoft 2009-05-14 08:09 . 2009-05-14 08:09 -------- d-----w c:\programdata\Hitman Pro 2009-05-14 08:09 . 2009-05-14 08:09 -------- d-----w c:\users\All Users\Hitman Pro 2009-05-14 08:09 . 2009-05-14 08:39 -------- d-----w c:\programdata\Hitman Pro 3 2009-05-14 08:09 . 2009-05-14 08:39 -------- d-----w c:\users\All Users\Hitman Pro 3 2009-05-13 16:53 . 2009-05-13 16:53 -------- d-----w c:\users\Anouk\AppData\Roaming\PC Suite 2009-05-13 16:44 . 2009-05-13 16:45 -------- d-sh--w c:\users\tom\Phone Browser 2009-05-13 11:08 . 2009-05-13 12:28 -------- d-----w c:\programdata\PC Suite 2009-05-13 11:08 . 2009-05-13 12:28 -------- d-----w c:\users\All Users\PC Suite 2009-05-13 09:46 . 2009-05-13 12:28 -------- d-----w c:\users\tom\AppData\Roaming\Nokia 2009-05-13 09:45 . 2009-05-13 09:45 -------- d-----w c:\program files\DIFX 2009-05-13 09:42 . 2009-05-13 11:08 -------- d-----w c:\users\tom\AppData\Roaming\PC Suite 2009-05-13 09:42 . 2009-05-13 09:42 -------- d-----w c:\program files\PC Connectivity Solution 2009-05-13 09:39 . 2009-05-13 09:39 -------- d-----w c:\programdata\Installations 2009-05-13 09:39 . 2009-05-13 09:39 -------- d-----w c:\users\All Users\Installations 2009-05-13 07:19 . 2009-05-13 07:19 -------- d-sh--w c:\windows\system32\%APPDATA% 2009-05-08 08:03 . 2009-05-08 08:03 -------- d-----r c:\program files\Skype 2009-05-06 12:47 . 2008-09-29 06:07 64432 ----a-w c:\windows\system32\drivers\mferkdet.sys 2009-05-06 12:47 . 2008-09-29 06:07 42424 ----a-w c:\windows\system32\drivers\mfebopk.sys 2009-05-06 12:47 . 2008-09-29 06:07 74648 ----a-w c:\windows\system32\drivers\mfeapfk.sys 2009-05-06 12:47 . 2008-09-29 06:07 90360 ----a-w c:\windows\system32\drivers\mfeavfk.sys 2009-05-06 12:47 . 2008-09-29 06:07 62704 ----a-w c:\windows\system32\drivers\mfetdik.sys 2009-05-06 12:47 . 2008-09-29 06:07 340592 ----a-w c:\windows\system32\drivers\mfehidk.sys 2009-05-06 12:47 . 2008-09-29 06:07 67904 ----a-w c:\windows\system32\mfevtps.exe 2009-05-06 12:46 . 2009-05-06 12:46 -------- d-----w c:\program files\Common Files\Cisco Systems 2009-05-06 12:46 . 2009-05-06 12:47 -------- d-----w c:\programdata\McAfee 2009-05-06 12:46 . 2009-05-06 12:47 -------- d-----w c:\users\All Users\McAfee 2009-05-06 12:46 . 2009-05-06 12:46 -------- d-----w c:\program files\Common Files\McAfee 2009-05-06 12:46 . 2009-05-06 12:46 -------- d-----w c:\program files\McAfee 2009-05-06 12:17 . 2009-05-06 12:17 -------- d-----w c:\program files\Intel 2009-05-06 07:12 . 2009-05-06 07:12 -------- d-----w c:\users\tom\AppData\Roaming\TeamViewer 2009-05-05 18:43 . 2008-04-07 04:38 22872 ----a-r c:\windows\system32\AdobePDFUI.dll 2009-04-30 19:56 . 2009-04-30 19:57 -------- d-----w c:\users\Nicky\AppData\Local\Microsoft Games 2009-04-24 12:53 . 2009-04-24 12:53 -------- d-----w c:\users\Anouk\AppData\Roaming\Media Player Classic . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-16 09:37 . 2006-12-10 11:24 711660 ----a-w c:\windows\system32\perfh013.dat 2009-05-16 09:37 . 2006-12-10 11:24 147296 ----a-w c:\windows\system32\perfc013.dat 2009-05-15 13:52 . 2007-04-23 15:37 137992 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2009-05-15 13:52 . 2007-04-23 15:36 201816 ----a-w c:\windows\system32\PnkBstrB.exe 2009-05-15 12:49 . 2006-12-10 02:43 -------- d--h--w c:\program files\InstallShield Installation Information 2009-05-13 16:45 . 2009-05-13 16:45 0 ---ha-w c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf 2009-05-13 07:16 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail 2009-05-12 09:49 . 2009-05-12 09:49 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2009-05-09 07:16 . 2007-04-15 13:38 105120 ----a-w c:\users\Claire\AppData\Local\GDIPFONTCACHEV1.DAT 2009-05-09 05:47 . 2007-04-15 10:42 105120 ----a-w c:\users\Anouk\AppData\Local\GDIPFONTCACHEV1.DAT 2009-05-08 16:42 . 2007-04-14 15:55 105120 ----a-w c:\users\tom\AppData\Local\GDIPFONTCACHEV1.DAT 2009-05-08 16:29 . 2006-12-10 02:49 -------- d-----w c:\program files\Microsoft Works 2009-05-06 06:03 . 2008-08-14 05:57 73312 ----a-w c:\windows\system32\drivers\adfs.sys 2009-04-30 19:47 . 2007-04-15 15:29 105120 ----a-w c:\users\Nicky\AppData\Local\GDIPFONTCACHEV1.DAT 2009-04-05 15:06 . 2009-04-05 15:06 -------- d-----w c:\program files\Loop Recorder 2009-04-03 15:15 . 2008-03-03 13:59 -------- d-----w c:\program files\Common Files\Adobe 2009-04-03 14:48 . 2009-04-03 14:48 -------- d-----w c:\program files\Adobe Media Player 2009-04-03 14:45 . 2009-04-03 14:45 -------- d-----w c:\program files\Common Files\Adobe AIR 2009-03-28 13:08 . 2007-11-02 23:30 1356 ----a-w c:\users\tom\AppData\Local\d3d9caps.dat 2009-03-26 19:05 . 2007-04-20 20:08 -------- d-----w c:\program files\Java 2009-03-17 03:38 . 2009-04-15 08:51 13824 ----a-w c:\windows\system32\apilogen.dll 2009-03-17 03:38 . 2009-04-15 08:51 24064 ----a-w c:\windows\system32\amxread.dll 2009-03-09 17:48 . 2009-03-09 17:48 717296 ----a-w c:\windows\system32\drivers\sptd.sys 2009-03-09 04:19 . 2008-11-27 16:17 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-08 11:34 . 2009-05-08 16:21 914944 ----a-w c:\windows\system32\wininet.dll 2009-03-08 11:34 . 2009-05-08 16:21 43008 ----a-w c:\windows\system32\licmgr10.dll 2009-03-08 11:33 . 2009-05-08 16:21 18944 ----a-w c:\windows\system32\corpol.dll 2009-03-08 11:33 . 2009-05-08 16:21 109056 ----a-w c:\windows\system32\iesysprep.dll 2009-03-08 11:33 . 2009-05-08 16:21 109568 ----a-w c:\windows\system32\PDMSetup.exe 2009-03-08 11:33 . 2009-05-08 16:21 132608 ----a-w c:\windows\system32\ieUnatt.exe 2009-03-08 11:33 . 2009-05-08 16:21 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe 2009-03-08 11:33 . 2009-05-08 16:21 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe 2009-03-08 11:33 . 2009-05-08 16:21 103936 ----a-w c:\windows\system32\SetDepNx.exe 2009-03-08 11:33 . 2009-05-08 16:21 420352 ----a-w c:\windows\system32\vbscript.dll 2009-03-08 11:32 . 2009-05-08 16:21 72704 ----a-w c:\windows\system32\admparse.dll 2009-03-08 11:32 . 2009-05-08 16:21 71680 ----a-w c:\windows\system32\iesetup.dll 2009-03-08 11:32 . 2009-05-08 16:21 66560 ----a-w c:\windows\system32\wextract.exe 2009-03-08 11:32 . 2009-05-08 16:21 169472 ----a-w c:\windows\system32\iexpress.exe 2009-03-08 11:31 . 2009-05-08 16:21 34816 ----a-w c:\windows\system32\imgutil.dll 2009-03-08 11:31 . 2009-05-08 16:21 48128 ----a-w c:\windows\system32\mshtmler.dll 2009-03-08 11:31 . 2009-05-08 16:21 45568 ----a-w c:\windows\system32\mshta.exe 2009-03-08 11:22 . 2009-05-08 16:21 156160 ----a-w c:\windows\system32\msls31.dll 2009-03-03 04:46 . 2009-04-15 08:52 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-03-03 04:46 . 2009-04-15 08:52 3547632 ----a-w c:\windows\system32\ntoskrnl.exe 2009-03-03 04:39 . 2009-04-15 08:51 183296 ----a-w c:\windows\system32\sdohlp.dll 2009-03-03 04:39 . 2009-04-15 08:52 551424 ----a-w c:\windows\system32\rpcss.dll 2009-03-03 04:39 . 2009-04-15 08:51 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll 2009-03-03 04:37 . 2009-04-15 08:51 98304 ----a-w c:\windows\system32\iasrecst.dll 2009-03-03 04:37 . 2009-04-15 08:51 54784 ----a-w c:\windows\system32\iasads.dll 2009-03-03 04:37 . 2009-04-15 08:51 44032 ----a-w c:\windows\system32\iasdatastore.dll 2009-03-03 03:04 . 2009-04-15 08:51 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe 2009-03-03 02:38 . 2009-04-15 08:51 17408 ----a-w c:\windows\system32\iashost.exe 2008-05-29 01:45 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini 2007-04-16 12:06 . 2007-04-16 12:06 22 --sha-w c:\windows\SMINST\HPCD.sys . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 221184] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-17 68856] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-08 393216] "WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-19 2153472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536] "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "hpqSRMon"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-08-27 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-08-27 8473120] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-08-27 81920] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-03-11 611712] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-02-27 38768] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-02-27 640376] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2008-06-02 178712] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2008-03-14 136512] "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2008-09-29 124240] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-15 4874240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-24 44136] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{2EDFFAB0-B846-4E7C-A580-BF4C2E88A485}"= UDP:c:\program files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2 "{8612D4FA-AC82-4A08-8782-3C4387C14EC9}"= TCP:c:\program files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2 "{BBEDE9A6-EF6B-4C51-B8A1-036B543D3B5A}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{99AD31E0-8FFD-44AE-9000-BF3039499043}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire "TCP Query User{7D7D3749-289A-4CAE-8985-C2CC62C32832}c:\\program files\\steam\\steamapps\\nickyleurs\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\nickyleurs\counter-strike source\hl2.exe:hl2 "UDP Query User{4D39C421-438B-497D-9C60-A5618AB14155}c:\\program files\\steam\\steamapps\\nickyleurs\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\nickyleurs\counter-strike source\hl2.exe:hl2 "{76CBD369-EFF1-4311-A365-66C5ADF083D5}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{2AAAA3BC-A69C-406C-B127-4DED68141B32}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{4C097043-98FD-41A8-BAB7-A0519CA8FD22}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{A711CBDA-3E72-4F45-9AFA-D04D0A9F26DF}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent "{4520B633-5718-4227-8AC4-9F74B6817A02}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent "TCP Query User{49996C0E-6448-461B-B969-D49B7ACFCE14}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "UDP Query User{E9EE5342-A051-437D-9E44-EBF2A58B3A19}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "TCP Query User{36A6E4ED-E114-40A5-A82E-07EADE51AB08}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire "UDP Query User{D01709DA-9FAE-46D0-BD37-57A043CF0E42}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire "{23919817-D40B-4E89-A6E6-0A5D6C02C36B}"= c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqpse.exe:hpqpse.exe "{36748737-67E7-456B-AD02-2292965859C2}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe "{EDCE7A7C-90AC-499E-8197-FE3C714BC255}"= c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe "{90E4B354-6FA8-44EF-AF97-428D65547CDA}"= c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe "TCP Query User{69945F4B-E82D-409E-AEB4-870E56DCCED5}c:\\program files\\snelstart\\v850\\snelstart.exe"= UDP:c:\program files\snelstart\v850\snelstart.exe:SnelStart administratieve software "UDP Query User{6DDD2C18-CF05-4A32-B4A3-35340CF0E0CE}c:\\program files\\snelstart\\v850\\snelstart.exe"= TCP:c:\program files\snelstart\v850\snelstart.exe:SnelStart administratieve software "{539483FE-989B-4186-A0C6-7FDCD1994EAA}"= UDP:c:\program files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2 "{673A83C1-3685-4444-BC92-DD3024102788}"= TCP:c:\program files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2 "TCP Query User{544EA8E4-3B95-49EE-A8BB-BFDA3B5F6DB7}c:\\program files\\gamespy\\comrade\\comrade.exe"= UDP:c:\program files\gamespy\comrade\comrade.exe:Comrade "UDP Query User{A364CCC9-5C88-49ED-A84D-89817C3CE144}c:\\program files\\gamespy\\comrade\\comrade.exe"= TCP:c:\program files\gamespy\comrade\comrade.exe:Comrade "{CBDA52F9-63DE-4CC0-B825-6231BEB7933C}"= c:\program files\Skype\Phone\Skype.exe:Skype "TCP Query User{A279BCFF-759D-4183-86E2-6EAB36210002}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{3012CEB1-B18E-4C00-8816-EE0371F74E1D}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{D3454E96-E8F2-4E84-91FA-02451F894D10}c:\\program files\\activision\\call of duty - world at war beta\\codwawbeta.exe"= UDP:c:\program files\activision\call of duty - world at war beta\codwawbeta.exe:Call of Duty®: World at War Multiplayer "UDP Query User{EA6747DE-A102-4C1D-867F-C6CE8E9C51EE}c:\\program files\\activision\\call of duty - world at war beta\\codwawbeta.exe"= TCP:c:\program files\activision\call of duty - world at war beta\codwawbeta.exe:Call of Duty®: World at War Multiplayer "{E4BA0300-F09E-4C4E-9891-6E1B72EE332B}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{CD687DEE-1EEE-4792-B493-01F928DFE439}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{1B8C34D4-200A-4C0C-A653-43ED529C639C}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{CE6436B9-AE97-405A-973A-750BAF3FE5EC}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "TCP Query User{47C22199-9743-4D3B-8F35-553914F0792A}c:\\program files\\snelstart\\v850\\snelstart.exe"= UDP:c:\program files\snelstart\v850\snelstart.exe:SnelStart administratieve software "UDP Query User{98F27D15-93FA-46F3-97E3-AA165F7BE243}c:\\program files\\snelstart\\v850\\snelstart.exe"= TCP:c:\program files\snelstart\v850\snelstart.exe:SnelStart administratieve software "{4D4F8D21-781F-48B2-A184-A4A5551DD01C}"= UDP:c:\program files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.2 "{9D25F60D-D3CB-4784-8529-5F4458FDC1F0}"= TCP:c:\program files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.2 "TCP Query User{1E3E7B0A-DC50-4231-9682-016D200104A8}c:\\program files\\microsoft games\\combat flight simulator 3\\cfs3.exe"= UDP:c:\program files\microsoft games\combat flight simulator 3\cfs3.exe:Microsoft® Combat Flight Simulator 3 "UDP Query User{36F57A18-171F-41ED-901C-4F33063929DA}c:\\program files\\microsoft games\\combat flight simulator 3\\cfs3.exe"= TCP:c:\program files\microsoft games\combat flight simulator 3\cfs3.exe:Microsoft® Combat Flight Simulator 3 "{CAFF4B59-75DF-44B1-BBB8-87FA3E4CED53}"= UDP:5353:Adobe CSI CS4 "{46C88B0E-4D88-4754-B9D5-361379A7ED01}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "{545EE6ED-80EB-41C4-8C74-E542E0B83623}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "TCP Query User{F9AB8BDE-8F67-4839-95DC-3B3205B94B69}c:\\users\\tom\\temp\\teamviewer\\version4\\teamviewer.exe"= UDP:c:\users\tom\temp\teamviewer\version4\teamviewer.exe:teamviewer.exe "UDP Query User{1B8E225F-FC53-4C41-ADCC-806E4CD4F488}c:\\users\\tom\\temp\\teamviewer\\version4\\teamviewer.exe"= TCP:c:\users\tom\temp\teamviewer\version4\teamviewer.exe:teamviewer.exe "{C1F475E0-13D1-4664-A1EA-EA535B7DAE39}"= UDP:c:\program files\McAfee\Common Framework\FrameworkService.exe:McAfee Framework Service "{F0276999-89E7-4B20-A4A1-45CF2D8953C9}"= TCP:c:\program files\McAfee\Common Framework\FrameworkService.exe:McAfee Framework Service R2 McAfeeEngineService;McAfee Engine Service;c:\program files\McAfee\VirusScan Enterprise\EngineServer.exe [29-9-2008 8:07 19456] R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\System32\mfevtps.exe [6-5-2009 14:47 67904] S2 gupdate1c98e81a64da43a;Google Updateservice (gupdate1c98e81a64da43a);c:\program files\Google\Update\GoogleUpdate.exe [14-2-2009 10:53 133104] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\System32\drivers\mferkdet.sys [6-5-2009 14:47 64432] S3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\System32\drivers\netr73.sys [26-2-2008 9:17 493568] S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\System32\drivers\s1018bus.sys [30-12-2008 13:25 90408] S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\System32\drivers\s1018mdfl.sys [30-12-2008 13:25 15016] S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\System32\drivers\s1018mdm.sys [30-12-2008 13:25 122024] S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s1018mgmt.sys [30-12-2008 13:25 115368] S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\System32\drivers\s1018nd5.sys [30-12-2008 13:25 25768] S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\System32\drivers\s1018obex.sys [30-12-2008 13:25 111784] S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\System32\drivers\s1018unic.sys [30-12-2008 13:25 117544] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-05-16 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-04-15 06:54] 2009-05-06 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-14 08:52] . - - - - ORPHANS VERWIJDERD - - - - HKCU-Run-AdobeBridge - (no file) . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=desktop uInternet Settings,ProxyOverride = *.local IE: Converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Koppelingdoel converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Koppelingdoel converteren naar bestaand PDF-bestand - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Selectie converteren naar bestaand PDF-bestand - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-05-16 12:08 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2009-05-16 12:10 ComboFix-quarantined-files.txt 2009-05-16 10:10 Pre-Run: 164.902.211.584 bytes beschikbaar Post-Run: 165.551.058.944 bytes beschikbaar 536 --- E O F --- 2009-05-15 07:32 MBAM: Malwarebytes' Anti-Malware 1.36 Database versie: 2139 Windows 6.0.6001 Service Pack 1 16-5-2009 11:30:56 mbam-log-2009-05-16 (11-30-56).txt Scan type: Snelle Scan Objecten gescand: 95785 Verstreken tijd: 6 minute(s), 54 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 1 Bestanden geïnfecteerd: 5 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDownload\BitDownload Downloads.lnk (Trojan.Lop) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDownload\BitDownload Uninstall.lnk (Trojan.Lop) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDownload\BitDownload.lnk (Trojan.Lop) -> Quarantined and deleted successfully. C:\Users\Nicky\Desktop\BitDownload Downloads.lnk (Trojan.Lop) -> Quarantined and deleted successfully. C:\Users\tom\Desktop\BitDownload Downloads.lnk (Trojan.Lop) -> Quarantined and deleted successfully. Hijack: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:19:10, on 16-5-2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\unsecapp.exe C:\hp\support\hpsysdrv.exe C:\hp\KBD\kbd.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe C:\Windows\system32\conime.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\Explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mijnAOL | HP R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate1c98e81a64da43a) (gupdate1c98e81a64da43a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10538 bytes

Mijn PC is de laatste paar maanden niet meer vooruit te branden. Heb nu ook Explorer 8 geinstalleerd maar dat maakt niets uit. Het opstarten is het echt grote probleem. Nadat ik explorer aanklik kan het wel 20 seconden duren voordat er wat gebeurd. Andere programma's starten ook langzaam. Kan iemand mij helpen?? Hierbij mijn hijackthis printje?? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:28:25, on 15-5-2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\hp\support\hpsysdrv.exe C:\hp\KBD\kbd.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Windows\System32\rundll32.exe C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mijnAOL | HP R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mijnAOL | HP R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O1 - Hosts: %windir%\system32\drivers\etc\hosts O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate1c98e81a64da43a) (gupdate1c98e81a64da43a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 11361 bytes