superjona

Ziezo gedaan. MBAM heeft niets gevonden..... HijackThis! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:10:28, on 18/07/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\system32\SearchIndexer.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Java\jre6\bin\jusched.exe D:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Metacafe\MetacafeAgent.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Metacafe - New Videos Every Day R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: IEButton Class - {F81D52BF-F2F1-4F49-BF5F-05664E803039} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit O4 - Startup: Metacafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exe O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Startup: Thoosje Vista Sidebar.lnk = C:\Program Files\Thoosje Vista Sidebar\Thoosje Vista Sidebar.exe O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe O4 - Global Startup: Metacafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Save Flash - res://C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210 O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/217 O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU) O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O22 - SharedTaskScheduler: Fences - {EC654325-1273-C2A9-2B7C-45A29BCE2FBD} - C:\Program Files\Stardock\Fences\DesktopDock.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate1c9dbc187b7bc0a) (gupdate1c9dbc187b7bc0a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 10130 bytes Malwarebytes Anti-Malware Malwarebytes' Anti-Malware 1.39 Database versie: 2456 Windows 5.1.2600 Service Pack 3 18/07/2009 9:09:46 mbam-log-2009-07-18 (09-09-46).txt Scan type: Snelle Scan Objecten gescand: 97337 Verstreken tijd: 7 minute(s), 26 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) ComboFix ComboFix 09-07-14.08 - Beheerder 18/07/2009 8:38.1.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.959.474 [GMT 2:00] Gestart vanuit: c:\documents and settings\Beheerder\Mijn documenten\ComboFix.exe AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\npf.sys c:\windows\system32\kr_done1 c:\windows\system32\Packet.dll c:\windows\system32\pthreadVC.dll c:\windows\system32\WanPacket.dll c:\windows\system32\wpcap.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NPF -------\Service_npf (((((((((((((((((((( Bestanden Gemaakt van 2009-06-18 to 2009-07-18 )))))))))))))))))))))))))))))) . 2009-07-17 16:50 . 2009-07-17 16:50 -------- d-----w- c:\program files\Trend Micro 2009-07-15 11:47 . 2008-12-09 22:16 23552 ----a-w- c:\windows\system32\drivers\dfg.sys 2009-07-15 11:47 . 2009-07-15 11:49 -------- d-----w- c:\program files\Registry Kit 2009-07-13 16:15 . 2009-07-13 16:15 -------- d-----w- c:\documents and settings\Beheerder\Local Settings\Application Data\Stardock 2009-07-13 16:15 . 2009-07-13 17:07 -------- d-----w- c:\program files\Thoosje Vista Sidebar 2009-07-12 15:28 . 2009-07-12 15:28 -------- d-----w- c:\program files\Common Files\Stardock 2009-07-12 15:28 . 2009-07-12 15:38 163840 ----a-w- c:\windows\system32\drivers\vidstub.sys 2009-07-12 15:09 . 2003-06-25 14:05 266360 ----a-w- c:\windows\system32\TweakUI.exe 2009-07-12 14:58 . 2009-07-12 14:58 -------- d-----w- c:\program files\SmartPCTools 2009-07-12 14:31 . 2009-07-12 14:31 65541 ----a-w- c:\windows\BricoPackUninst.cmd 2009-07-12 14:29 . 2009-07-12 14:31 7279 ----a-w- c:\windows\BricoPackFoldersDelete.cmd 2009-07-12 14:29 . 2009-07-12 14:29 -------- d-----w- c:\windows\BricoPacks 2009-07-11 16:34 . 2009-07-11 16:35 4989464 ----a-w- c:\program files\boost-speed-setup.exe 2009-07-11 07:04 . 2009-07-11 07:04 -------- d-----w- c:\documents and settings\Beheerder\Application Data\Windows Search 2009-07-11 06:47 . 2009-07-06 20:44 937984 ----a-w- c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe 2009-07-11 06:47 . 2009-07-06 20:44 65536 ----a-w- c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\piclens@cooliris.com\components\coolirisstub.dll 2009-07-11 06:47 . 2009-07-06 20:44 103424 ----a-w- c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\piclens@cooliris.com\libs\pixomatic.dll 2009-07-11 06:47 . 2009-07-06 20:44 4722688 ----a-w- c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\piclens@cooliris.com\libs\cooliris19.dll 2009-07-11 06:47 . 2009-07-06 20:44 106496 ----a-w- c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll 2009-07-11 06:47 . 2009-07-06 20:44 344064 ----a-w- c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe 2009-07-10 05:51 . 2009-07-10 05:51 -------- d-----w- c:\program files\Disney Interactive 2009-07-07 09:33 . 2009-07-07 09:33 3403032 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe 2009-07-06 18:29 . 2009-07-04 14:42 52224 ----a-w- c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll 2009-07-06 18:29 . 2009-07-04 14:42 114688 ----a-w- c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\npmozax.dll 2009-07-06 10:58 . 2009-07-06 10:58 -------- d-----w- c:\program files\MyBee 2009-07-06 10:58 . 2009-07-06 10:58 -------- d-----w- c:\documents and settings\All Users\Application Data\MyBee 2009-07-05 16:07 . 2009-07-05 16:08 -------- d-----w- c:\program files\iWisoft Flash SWF to Video Converter 2009-07-03 13:21 . 2009-07-03 13:21 -------- d-----w- c:\documents and settings\All Users\Application Data\HipSoft 2009-07-03 13:03 . 2009-07-03 13:03 -------- d-----w- c:\program files\BuildaLot4 2009-07-02 15:27 . 2009-07-08 11:02 -------- d--h--w- C:\$AVG8.VAULT$ 2009-07-02 14:58 . 2009-07-15 11:43 -------- d-----w- c:\program files\Driver Checker 2009-07-01 11:46 . 2009-06-30 17:19 106496 ----a-w- c:\documents and settings\Beheerder\Application Data\Mozilla\Plugins\npcoolirisplugin.dll 2009-07-01 11:45 . 2009-06-30 17:19 65536 ----a-w- c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\piclens@cooliris.com-trash\components\coolirisstub.dll 2009-07-01 11:45 . 2009-06-30 17:19 4734976 ----a-w- c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\piclens@cooliris.com-trash\libs\cooliris19.dll 2009-06-30 11:22 . 2009-06-30 11:22 -------- d-----w- c:\documents and settings\Beheerder\Application Data\Media Player Classic 2009-06-29 16:26 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll 2009-06-29 16:26 . 2009-05-19 16:32 758018 ----a-w- c:\windows\system32\xvidcore.dll 2009-06-29 16:26 . 2008-12-04 19:46 180224 ----a-w- c:\windows\system32\xvidvfw.dll 2009-06-29 16:26 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll 2009-06-29 16:26 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll 2009-06-29 16:26 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\divx.dll 2009-06-29 16:26 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll 2009-06-29 16:26 . 2009-06-02 16:11 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2009-06-29 16:26 . 2009-06-29 16:26 -------- d-----w- c:\program files\K-Lite Codec Pack 2009-06-27 08:36 . 2009-06-27 08:36 -------- d-----w- c:\documents and settings\Beheerder\Application Data\Ace 2009-06-27 08:36 . 2009-06-27 08:36 -------- d-----w- c:\documents and settings\Beheerder\Local Settings\Application Data\Asobo Studio 2009-06-27 08:35 . 2007-04-04 16:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll 2009-06-27 08:35 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2009-06-27 08:34 . 2009-06-27 08:34 -------- d-----w- c:\program files\THQ 2009-06-27 08:33 . 2009-06-27 08:33 -------- d-----w- c:\documents and settings\Beheerder\Application Data\InstallShield 2009-06-25 17:00 . 2009-06-25 17:00 -------- d-----w- c:\windows\system32\Futuremark 2009-06-25 17:00 . 2009-06-25 17:00 -------- d-----w- c:\program files\Common Files\Futuremark Shared 2009-06-25 17:00 . 2008-09-17 13:14 27672 ----a-r- c:\windows\system32\drivers\Entech.sys 2009-06-25 04:54 . 2009-06-25 04:54 495616 ----a-w- c:\documents and settings\All Users\Application Data\YoYoGames\d3dx8.dll 2009-06-25 04:54 . 2009-06-25 04:54 1992000 ----a-w- c:\documents and settings\All Users\Application Data\YoYoGames\yoyo70.exe 2009-06-25 04:53 . 2009-06-25 04:54 -------- d-----w- c:\documents and settings\All Users\Application Data\YoYoGames 2009-06-25 04:53 . 2007-09-25 14:13 774144 ----a-w- c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\yyginstantplay@yoyogames.com\plugins\NPYYGInstantPlay.dll 2009-06-22 14:46 . 2009-07-02 18:06 -------- d-----w- c:\program files\Emme 2009-06-22 10:03 . 2009-06-22 10:03 -------- d-----w- c:\program files\Activision 2009-06-22 10:02 . 2009-06-22 10:02 -------- d-sh--w- c:\windows\ftpcache 2009-06-21 12:56 . 2009-07-04 15:54 -------- d-----w- c:\program files\FLVPlayer4Free 2009-06-21 12:45 . 2009-06-21 12:45 -------- d-----w- c:\documents and settings\Beheerder\Local Settings\Application Data\Nero 2009-06-20 14:13 . 2009-06-20 14:13 -------- d-----w- c:\program files\Windows Sidebar 2009-06-20 12:28 . 2009-06-20 12:28 -------- d-----w- c:\program files\Common Files\xing shared 2009-06-20 06:46 . 2009-06-20 06:45 2052376 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll 2009-06-18 14:13 . 2009-07-01 11:08 664 ----a-w- c:\windows\system32\d3d9caps.dat . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-18 06:48 . 2009-05-21 17:54 -------- d-----w- c:\program files\Common Files\Akamai 2009-07-18 06:44 . 2009-05-21 17:54 -------- d-----w- c:\documents and settings\Beheerder\Application Data\Metacafe 2009-07-17 14:55 . 2009-03-25 12:41 -------- d-----w- c:\documents and settings\All Users\Application Data\DVD Shrink 2009-07-15 11:33 . 2009-04-16 10:30 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-07-15 06:20 . 2009-06-16 16:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-07-12 15:28 . 2009-03-25 12:50 -------- d-----w- c:\program files\Stardock 2009-07-12 14:31 . 2004-08-04 12:00 219136 ----a-w- c:\windows\system32\uxtheme.dll 2009-07-12 13:41 . 2009-03-24 09:17 35904 ----a-w- c:\documents and settings\Beheerder\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-07-10 05:51 . 2009-03-24 09:33 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-07 09:33 . 2009-06-16 16:02 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-07-05 10:22 . 2009-05-26 15:54 -------- d-----w- c:\program files\DVD Decrypter 2009-07-04 16:42 . 2009-05-10 14:43 -------- d-----w- c:\program files\PopCap Games 2009-07-04 16:41 . 2009-05-16 08:21 -------- d-----w- c:\documents and settings\Beheerder\Application Data\Splitscreen Studios 2009-06-27 13:05 . 2009-03-28 08:14 -------- d-----w- c:\documents and settings\Beheerder\Application Data\Chessmaster Challenge 2009-06-23 18:09 . 2009-03-30 07:10 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-06-21 18:22 . 2004-08-04 12:00 536492 ----a-w- c:\windows\system32\perfh013.dat 2009-06-21 18:22 . 2004-08-04 12:00 100960 ----a-w- c:\windows\system32\perfc013.dat 2009-06-20 14:59 . 2009-03-26 15:53 -------- d-----w- c:\documents and settings\Beheerder\Application Data\Nero 2009-06-20 14:15 . 2009-03-24 09:23 -------- d-----w- c:\program files\Nero 2009-06-20 14:06 . 2009-03-26 16:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero 2009-06-20 14:02 . 2009-03-26 16:11 -------- d-----w- c:\program files\Common Files\Nero 2009-06-20 12:27 . 2009-05-23 16:15 -------- d-----w- c:\program files\Common Files\Real 2009-06-20 12:27 . 2009-03-24 09:32 499712 ----a-w- c:\windows\system32\msvcp71.dll 2009-06-20 10:49 . 2009-04-10 09:36 52 ----a-w- c:\windows\popcinfo.dat 2009-06-17 06:15 . 2009-06-17 06:13 -------- d-----w- c:\program files\Cheat Engine 2009-06-16 18:43 . 2009-06-16 18:43 -------- d-----w- c:\documents and settings\Phil\Application Data\Windows Desktop Search 2009-06-16 18:43 . 2009-03-26 12:37 35104 ----a-w- c:\documents and settings\Phil\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-16 18:28 . 2009-06-03 15:20 -------- d-----w- c:\program files\Windows Desktop Search 2009-06-16 16:17 . 2009-06-16 16:11 -------- d-----w- c:\program files\Microsoft Works 2009-06-16 16:10 . 2009-06-16 16:10 -------- d-----w- c:\program files\Microsoft.NET 2009-06-16 16:07 . 2009-06-16 16:03 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-06-16 16:07 . 2009-06-16 16:02 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-16 16:07 . 2009-06-16 16:03 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-06-16 16:07 . 2009-06-16 16:03 12552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2009-06-16 16:02 . 2009-06-16 16:02 -------- d-----w- c:\program files\AVG 2009-06-16 16:02 . 2009-03-24 09:34 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8 2009-06-16 14:40 . 2004-08-04 12:00 81920 ------w- c:\windows\system32\fontsub.dll 2009-06-16 14:40 . 2004-08-04 12:00 119808 ------w- c:\windows\system32\t2embed.dll 2009-06-03 19:11 . 2004-08-04 12:00 1295360 ------w- c:\windows\system32\quartz.dll 2009-06-03 16:43 . 2009-06-03 16:43 132 ----a-w- c:\documents and settings\Beheerder\Local Settings\Application Data\fusioncache.dat 2009-06-03 15:20 . 2009-06-03 15:20 -------- d-----w- c:\program files\Microsoft Silverlight 2009-06-03 15:20 . 2009-06-03 15:20 -------- d-----w- c:\documents and settings\Beheerder\Application Data\Windows Desktop Search 2009-06-03 14:45 . 2009-06-03 14:45 -------- d-----w- c:\program files\MSBuild 2009-06-03 14:45 . 2009-06-03 14:45 -------- d-----w- c:\program files\Reference Assemblies 2009-06-01 12:04 . 2009-05-29 16:17 -------- d-----w- c:\program files\SpeedFan 2009-05-30 10:40 . 2009-05-30 10:40 -------- d-----w- c:\program files\Lavalys 2009-05-27 11:18 . 2009-05-27 11:15 -------- d-----w- c:\program files\Flash Favorite 2009-05-27 10:58 . 2009-05-27 10:58 -------- d-----w- c:\program files\UnH Solutions 2009-05-25 16:06 . 2009-03-28 07:54 -------- d-----w- c:\program files\Mozilla Thunderbird 2009-05-24 22:24 . 2008-05-26 20:18 350208 ----a-w- c:\windows\system32\mssph.dll 2009-05-24 15:59 . 2009-04-01 09:46 -------- d-----w- c:\program files\Atari 2009-05-23 17:44 . 2009-05-23 17:44 -------- d-----w- c:\program files\DownloadToolz 2009-05-23 16:15 . 2009-05-23 16:15 -------- d-----w- c:\program files\Real 2009-05-23 16:14 . 2009-03-25 17:52 -------- d-----w- c:\program files\Google 2009-05-23 16:13 . 2009-05-23 16:13 476696 ----a-w- c:\program files\RealPlayer11GOLD.exe 2009-05-23 15:50 . 2009-05-23 15:50 -------- d-----w- c:\program files\Virtools 2009-05-23 15:49 . 2009-05-23 15:49 210248 ----a-w- c:\program files\3DVIA_player_installer.exe 2009-05-21 17:54 . 2009-05-21 17:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Metacafe 2009-05-21 17:54 . 2009-05-21 17:54 -------- d-----w- c:\program files\Metacafe 2009-05-21 17:51 . 2009-05-21 17:51 7493456 ----a-w- c:\program files\MetacafeSetup1.4.20.0.r.exe 2009-05-21 13:35 . 2009-03-26 17:11 -------- d-----w- c:\documents and settings\All Users\Application Data\SlySoft 2009-05-21 13:35 . 2009-03-26 17:10 -------- d-----w- c:\program files\SlySoft 2009-05-21 07:18 . 2009-05-21 07:18 -------- d-----w- c:\program files\TGTSoft 2009-05-17 05:57 . 2009-05-10 14:43 52 ---h--w- c:\windows\popcreg.dat 2009-05-17 05:57 . 2009-05-10 14:43 14 ----a-w- c:\windows\popcinfot.dat 2009-05-13 05:06 . 2004-08-04 12:00 906240 ----a-w- c:\windows\system32\wininet.dll 2009-05-12 13:12 . 2009-03-21 16:45 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2009-05-07 15:34 . 2004-08-04 12:00 347136 ------w- c:\windows\system32\localspl.dll 2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr 2009-04-28 16:49 . 2009-04-28 16:49 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe 2009-04-19 19:51 . 2004-08-04 12:00 1847296 ------w- c:\windows\system32\win32k.sys 2009-04-19 16:59 . 2009-04-19 17:00 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-04-19 16:59 . 2009-04-19 16:59 152576 ----a-w- c:\documents and settings\Beheerder\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-04-10 15:42 . 2009-04-10 15:41 11774264 ----a-w- c:\program files\Crazy_Birds.exe 2009-04-10 15:39 . 2009-04-10 15:39 2479240 ----a-w- c:\program files\Naval_Strike.exe 2009-04-06 17:09 . 2009-04-06 17:07 25612094 ----a-w- c:\program files\Charma.exe 2009-04-03 17:34 . 2009-04-03 17:33 11469750 ----a-w- c:\program files\Air_Assault.exe 2009-04-03 16:41 . 2009-04-03 16:40 15124550 ----a-w- c:\program files\Galaxy_Strike.exe 2009-03-29 16:07 . 2009-03-29 16:07 8453554 ----a-w- c:\program files\setup_3_wcap.exe 2009-07-17 10:16 . 2009-03-25 12:08 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-23 39408] "NvMediaCenter"="c:\windows\system32\NVMCTRAY.DLL" [2002-12-27 49152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-19 148888] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2002-12-27 4263936] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-16 1948440] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-20 198160] "BootSkin Startup Jobs"="c:\program files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2002-12-27 315392] c:\documents and settings\Beheerder\Menu Start\Programma's\Opstarten\ Metacafe.lnk - c:\program files\Metacafe\MetacafeAgent.exe [2009-3-3 145736] RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784] Thoosje Vista Sidebar.lnk - c:\program files\Thoosje Vista Sidebar\Thoosje Vista Sidebar.exe [2009-7-7 605696] TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536] Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Metacafe.lnk - c:\program files\Metacafe\MetacafeAgent.exe [2009-3-3 145736] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{EC654325-1273-C2A9-2B7C-45A29BCE2FBD}"= "c:\program files\Stardock\Fences\DesktopDock.dll" [2009-03-12 517480] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-06-16 16:07 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "d:\\Program Files\\LucasArts\\Star Wars Empire at War\\GameData\\sweaw.exe"= "d:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Atari\\Terminator 3 - War of the Machines\\T3.exe"= "c:\\Program Files\\AVG\\AVG8\\avgam.exe"= "c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"= "c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "d:\\Program Files\\LucasArts\\Star Wars Empire at War\\GameData\\fpupdate.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3522:TCP"= 3522:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface "1038:TCP"= 1038:TCP:Akamai NetSession Interface "1044:TCP"= 1044:TCP:Akamai NetSession Interface "1037:TCP"= 1037:TCP:Akamai NetSession Interface "1047:TCP"= 1047:TCP:Akamai NetSession Interface "1036:TCP"= 1036:TCP:Akamai NetSession Interface "1039:TCP"= 1039:TCP:Akamai NetSession Interface "1046:TCP"= 1046:TCP:Akamai NetSession Interface "1043:TCP"= 1043:TCP:Akamai NetSession Interface "1167:TCP"= 1167:TCP:Akamai NetSession Interface "1040:TCP"= 1040:TCP:Akamai NetSession Interface "1041:TCP"= 1041:TCP:Akamai NetSession Interface "1049:TCP"= 1049:TCP:Akamai NetSession Interface "1034:TCP"= 1034:TCP:Akamai NetSession Interface "1045:TCP"= 1045:TCP:Akamai NetSession Interface "1054:TCP"= 1054:TCP:Akamai NetSession Interface R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [16/06/2009 18:03 12552] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [16/06/2009 18:02 335752] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [16/06/2009 18:03 108552] R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [4/08/2004 14:00 14336] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [16/06/2009 18:07 907032] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [16/06/2009 18:07 298776] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3/11/2006 19:19 13592] R3 MaplomL;MaplomL;c:\windows\system32\drivers\maploml.sys [25/04/2009 10:45 42632] S0 BootScreen;BootScreen;\SystemRoot\\SystemRoot\System32\drivers\vidstub.sys --> \SystemRoot\\SystemRoot\System32\drivers\vidstub.sys [?] S2 gupdate1c9dbc187b7bc0a;Google Updateservice (gupdate1c9dbc187b7bc0a);c:\program files\Google\Update\GoogleUpdate.exe [23/05/2009 18:14 133104] S3 ADM851x;ADMtek ADM8513 USB To Fast Ethernet Adapter;c:\windows\system32\drivers\ADM851x.SYS [21/03/2009 16:12 26493] S3 cpuz130;cpuz130;\??\c:\docume~1\BEHEER~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\BEHEER~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?] S3 dfg;dfg;c:\windows\system32\drivers\dfg.sys [15/07/2009 13:47 23552] S3 musbehco;musbehco;\??\c:\docume~1\BEHEER~1\LOCALS~1\Temp\musbehco.sys --> c:\docume~1\BEHEER~1\LOCALS~1\Temp\musbehco.sys [?] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-05-22 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2009-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-05-23 16:14] 2009-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-05-23 16:14] 2009-07-18 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://starter.metacafe.com uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\Microsoft Office\Office12\EXCEL.EXE/3000 IE: Save Flash - c:\program files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210 IE: Save YouTube Video - c:\program files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/217 FF - ProfilePath - c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\ FF - component: c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll FF - component: c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\piclens@cooliris.com\components\coolirisstub.dll FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - plugin: c:\documents and settings\All Users\Application Data\RealArcade\npraclient.dll FF - plugin: c:\documents and settings\Beheerder\Application Data\Mozilla\Firefox\Profiles\qq01s449.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll FF - plugin: c:\documents and settings\Beheerder\Application Data\Mozilla\plugins\npcoolirisplugin.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npraclient.dll FF - plugin: c:\program files\Virtools\3D Life Player\npvirtools.dll FF - plugin: d:\program files\iTunes\Mozilla Plugins\npitunes.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-07-18 08:46 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(3484) c:\windows\system32\SHDOCVW.dll c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll c:\program files\Windows Desktop Search\deskbar.dll c:\program files\Windows Desktop Search\nl-nl\dbres.dll.mui c:\program files\Windows Desktop Search\dbres.dll c:\program files\Windows Desktop Search\wordwheel.dll c:\program files\Windows Desktop Search\nl-nl\msnlExtRes.dll.mui c:\program files\Windows Desktop Search\msnlExtRes.dll d:\program files\iTunes\iTunesMiniPlayer.dll d:\program files\iTunes\iTunesMiniPlayer.Resources\nl.lproj\iTunesMiniPlayerLocalized.dll d:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll c:\windows\system32\ntshrui.dll c:\windows\system32\msi.dll c:\windows\system32\NETSHELL.dll c:\windows\system32\credui.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Stardock\Fences\DesktopDock.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\windows\system32\nvsvc32.exe c:\progra~1\AVG\AVG8\avgam.exe c:\program files\CyberLink\Shared files\RichVideo.exe c:\program files\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\program files\AVG\AVG8\avgcsrvx.exe c:\windows\system32\searchindexer.exe c:\program files\AVG\AVG8\avgcsrvx.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\rundll32.exe . ************************************************************************** . Voltooingstijd: 2009-07-18 8:53 - machine werd herstart ComboFix-quarantined-files.txt 2009-07-18 06:53 Pre-Run: 18.395.189.248 bytes beschikbaar Post-Run: 35.430.772.736 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect 411 --- E O F --- 2009-07-17 05:32

Als de vraag opgelost is, gelieve dan hieronder bij Status van de vraag, Markeer deze vraag als OPGELOST te drukken.

Je verliest er helaas wel je garantie mee.

Nee past er niet op.

Hallo, ik ga misschien de aankoop van een GTX 285 overwegen. Nu wil ik dat hij stil is. Heel stil. Ik zal dan ook waarschijnlijk een eVGA kaart aanschaffen, zo verlies ik mijn garantie niet. GEEN WATERKOELING! Rond de 30 a 40 euro MAX.

Ik zou kiezen voor de MSI Twin Frozr OC. Met een milde fabrieksoverklok, deze presteert ietsje minder dan de 4890 Black Edition. Deze is heeeeeeel stil.

Oké, deze is dus ook niet meer van de snelste. Met het enorme snelheidsverschil met mijn laptop, krijgt de desktop ook een beurt. alleen weet ik niet hoe die logbestanden werken. HijackThis! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:51:24, on 17/07/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\slserv.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Java\jre6\bin\jusched.exe D:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Metacafe\MetacafeAgent.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Metacafe - New Videos Every Day R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: IEButton Class - {F81D52BF-F2F1-4F49-BF5F-05664E803039} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit O4 - Startup: Metacafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exe O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Startup: Thoosje Vista Sidebar.lnk = C:\Program Files\Thoosje Vista Sidebar\Thoosje Vista Sidebar.exe O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe O4 - Global Startup: Metacafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Save Flash - res://C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210 O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/217 O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU) O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O22 - SharedTaskScheduler: Fences - {EC654325-1273-C2A9-2B7C-45A29BCE2FBD} - C:\Program Files\Stardock\Fences\DesktopDock.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate1c9dbc187b7bc0a) (gupdate1c9dbc187b7bc0a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 10046 bytes

Zo, alles uitgevoerd. Snelheid is oké, maar ti's gene racewagen. Edit: Enorm Snelheidsverschil! Hieronder de drie logjes. HijackThis! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:41:04, on 17/07/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18372) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\ThreatFire\TFService.exe C:\WINDOWS\System32\TUProgSt.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Trust\MI-2550XP OPTICAL MINI MOUSE\Mouse32a.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Customize Your Settings R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-2550XP OPTICAL MINI MOUSE\Mouse32a.exe O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1167058529890 O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1196619889781 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O22 - SharedTaskScheduler: Fences - {EC654325-1273-C2A9-2B7C-45A29BCE2FBD} - C:\Program Files\Stardock\Fences\DesktopDock.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 11232 bytes Malwarebytes Anti-Malware Malwarebytes' Anti-Malware 1.39 Database versie: 2450 Windows 5.1.2600 Service Pack 2 17/07/2009 17:38:41 mbam-log-2009-07-17 (17-38-41).txt Scan type: Snelle Scan Objecten gescand: 110669 Verstreken tijd: 18 minute(s), 3 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 4 Registerwaarden geïnfecteerd: 1 Registerdata bestanden geïnfecteerd: 1 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\zangosa (Adware.Zango) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully. Registerdata bestanden geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) ComboFix ComboFix 09-07-14.08 - jonathan 17/07/2009 18:03.1.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.1014.324 [GMT 2:00] Gestart vanuit: c:\documents and settings\jonathan\Mijn documenten\Downloads\ComboFix.exe AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\jonathan\LOCALS~1\Temp\delself.bat c:\documents and settings\jonathan\Application Data\WeatherDPA c:\documents and settings\jonathan\Application Data\WeatherDPA\Weather\WeatherStartup.xml c:\recycler\S-1-5-21-1644491937-725345543-1801674531-1003 c:\recycler\S-1-5-21-2120938953-1956860224-3455923437-1003 c:\windows\Downloaded Program Files\PurpleBean.exe c:\windows\Installer\16428a.msi c:\windows\Installer\215298.msi c:\windows\Installer\612264.msp c:\windows\Installer\6c153.msi c:\windows\msvrc20.dll . (((((((((((((((((((( Bestanden Gemaakt van 2009-06-17 to 2009-07-17 )))))))))))))))))))))))))))))) . 2009-07-17 11:26 . 2009-07-17 11:26 -------- d-----w- c:\documents and settings\jonathan\Application Data\Malwarebytes 2009-07-17 11:26 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-17 11:26 . 2009-07-17 11:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-07-17 11:26 . 2009-07-17 11:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-07-17 11:26 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-16 09:19 . 2009-07-16 09:19 -------- d-----w- c:\program files\HJT 2009-07-16 07:20 . 2009-07-08 08:21 3403032 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe 2009-07-16 06:35 . 2009-07-16 06:35 -------- d-----w- c:\documents and settings\jonathan\Local Settings\Application Data\Innovative Solutions 2009-07-16 06:35 . 2009-07-16 06:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Innovative Solutions 2009-07-16 06:35 . 2009-07-16 06:35 -------- d-----w- c:\program files\Innovative Solutions 2009-07-16 06:30 . 2009-07-16 06:30 -------- d-----w- c:\program files\HijackThis! 2009-07-16 06:28 . 2009-07-16 06:28 -------- d-----w- c:\program files\Trend Micro 2009-07-16 06:24 . 2009-07-16 09:29 -------- d-sh--w- c:\documents and settings\jonathan\Onlangs geopend 2009-07-09 05:43 . 2009-07-06 20:44 937984 ----a-w- c:\documents and settings\jonathan\Application Data\Mozilla\Firefox\Profiles\by69eu7e.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe 2009-07-09 05:43 . 2009-07-06 20:44 103424 ----a-w- c:\documents and settings\jonathan\Application Data\Mozilla\Firefox\Profiles\by69eu7e.default\extensions\piclens@cooliris.com\libs\pixomatic.dll 2009-07-09 05:43 . 2009-07-06 20:44 65536 ----a-w- c:\documents and settings\jonathan\Application Data\Mozilla\Firefox\Profiles\by69eu7e.default\extensions\piclens@cooliris.com\components\coolirisstub.dll 2009-07-09 05:43 . 2009-07-06 20:44 106496 ----a-w- c:\documents and settings\jonathan\Application Data\Mozilla\Firefox\Profiles\by69eu7e.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll 2009-07-09 05:43 . 2009-07-06 20:44 4722688 ----a-w- c:\documents and settings\jonathan\Application Data\Mozilla\Firefox\Profiles\by69eu7e.default\extensions\piclens@cooliris.com\libs\cooliris19.dll 2009-07-09 05:43 . 2009-07-06 20:44 344064 ----a-w- c:\documents and settings\jonathan\Application Data\Mozilla\Firefox\Profiles\by69eu7e.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe 2009-07-05 12:20 . 2009-07-05 12:20 -------- d-----w- c:\windows\system32\IOSUBSYS 2009-07-04 15:17 . 2009-07-04 15:17 -------- d-----w- c:\documents and settings\jonathan\Application Data\Aquarius Soft 2009-07-04 15:17 . 2009-07-04 15:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Aquarius Soft 2009-06-17 19:58 . 2009-06-17 19:58 -------- d-----w- c:\program files\Trust 2009-06-17 19:58 . 2009-06-17 19:58 -------- d-----w- C:\download . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-17 16:29 . 2008-02-03 12:05 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-07-17 10:57 . 2008-03-04 17:54 -------- d-----w- c:\program files\Spyware Doctor 2009-07-17 10:43 . 2008-03-04 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-07-16 06:11 . 2009-06-12 16:47 -------- d-----w- c:\documents and settings\jonathan\Application Data\DNA 2009-07-16 06:08 . 2009-03-22 10:45 -------- d-----w- c:\program files\MAIET 2009-07-16 06:08 . 2008-04-13 08:34 -------- d-----w- c:\program files\Janes Hotel 2009-07-16 06:07 . 2006-11-08 13:32 -------- d-----w- c:\program files\Google 2009-07-16 06:05 . 2008-05-01 15:35 -------- d-----w- c:\program files\GameSpy Arcade 2009-07-16 06:02 . 2006-02-11 06:28 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-16 06:02 . 2007-07-23 12:54 -------- d-----w- c:\program files\UnH Solutions 2009-07-16 05:57 . 2008-05-14 08:20 -------- d-----w- c:\program files\DAP 2009-07-16 05:56 . 2008-10-04 08:59 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedBit 2009-07-16 05:54 . 2009-05-30 05:37 -------- d-----w- c:\program files\Fizzy 2009-07-16 05:54 . 2008-03-02 10:14 -------- d-----w- c:\program files\Cheat Engine 2009-07-16 05:50 . 2008-02-05 17:22 -------- d-----w- c:\program files\Ashampoo 2009-07-16 05:45 . 2007-05-07 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-07-16 05:29 . 2009-06-12 16:47 -------- d-----w- c:\program files\DNA 2009-07-15 18:19 . 2008-07-08 15:00 -------- d-----w- c:\program files\Microsoft Games 2009-07-08 08:21 . 2009-06-10 11:57 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-07-05 12:13 . 2008-05-09 13:29 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller 2009-06-24 15:35 . 2008-11-02 12:24 -------- d-----w- c:\program files\ThreatFire 2009-06-22 07:35 . 2009-03-08 11:56 -------- d-----w- c:\documents and settings\krefel\Application Data\Nero 2009-06-20 16:36 . 2009-06-17 08:05 2052376 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll 2009-06-19 20:37 . 2008-11-02 12:24 46864 ----a-w- c:\windows\system32\drivers\TfSysMon.sys 2009-06-19 20:37 . 2008-11-02 12:24 33552 ----a-w- c:\windows\system32\drivers\TfNetMon.sys 2009-06-19 20:37 . 2008-11-02 12:24 51984 ----a-w- c:\windows\system32\drivers\TfFsMon.sys 2009-06-17 08:03 . 2009-06-10 11:57 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-16 14:55 . 2004-08-04 08:00 82432 ------w- c:\windows\system32\fontsub.dll 2009-06-16 14:55 . 2004-08-04 08:00 119808 ------w- c:\windows\system32\t2embed.dll 2009-06-16 13:08 . 2009-03-24 07:01 -------- d-----w- c:\program files\TuxPaint 2009-06-15 12:01 . 2009-06-06 07:31 -------- d-----w- c:\program files\FrameShow 2009-06-14 11:11 . 2006-07-12 19:48 61976 ----a-w- c:\documents and settings\krefel\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-14 10:41 . 2009-06-10 11:56 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8 2009-06-13 16:20 . 2008-12-14 08:14 -------- d-----w- c:\documents and settings\jonathan\Application Data\Nero 2009-06-13 16:16 . 2008-12-14 08:13 -------- d-----w- c:\program files\Common Files\Nero 2009-06-13 15:56 . 2008-12-14 08:13 -------- d-----w- c:\program files\Nero 2009-06-13 15:54 . 2009-06-13 15:54 -------- d-----w- c:\program files\Windows Sidebar 2009-06-13 15:46 . 2008-12-14 08:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero 2009-06-13 15:13 . 2009-06-12 16:47 -------- d-----w- c:\program files\BitTorrent 2009-06-13 15:07 . 2007-05-12 14:07 61976 ----a-w- c:\documents and settings\jonathan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-13 14:46 . 2006-02-11 06:28 -------- d-----w- c:\program files\Microsoft Works 2009-06-13 14:39 . 2009-06-13 14:39 -------- d-----w- c:\program files\Microsoft.NET 2009-06-13 11:07 . 2009-06-13 10:45 -------- d-----w- c:\documents and settings\jonathan\Application Data\BitTorrent 2009-06-13 06:36 . 2009-06-12 14:57 -------- d-----w- c:\documents and settings\jonathan\Application Data\GetRightToGo 2009-06-10 13:08 . 2009-06-10 13:08 -------- d-----w- c:\documents and settings\jonathan\Application Data\IObit 2009-06-10 13:08 . 2008-11-02 13:34 -------- d-----w- c:\program files\IObit 2009-06-10 13:05 . 2009-03-27 17:10 -------- d-----w- c:\program files\Video Enhancer 2009-06-10 13:05 . 2009-05-15 18:24 -------- d-----w- c:\documents and settings\jonathan\Application Data\Splitscreen Studios 2009-06-10 13:02 . 2008-11-11 20:09 -------- d-----w- c:\program files\LEGO Company 2009-06-10 12:59 . 2008-12-22 15:29 -------- d-----w- c:\program files\Easy DVD Creator 2009-06-10 12:19 . 2009-01-17 11:56 -------- d-----w- c:\documents and settings\All Users\Application Data\America's Army Deploy Client 2009-06-10 12:18 . 2009-06-10 11:57 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-06-10 12:17 . 2009-06-10 11:57 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-06-10 12:17 . 2009-06-10 11:57 12552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2009-06-10 12:05 . 2008-03-08 16:42 -------- d-----w- c:\program files\VS Revo Group 2009-06-10 12:03 . 2009-01-25 10:36 -------- d-----w- c:\program files\Westward III Gold Rush 2009-06-10 11:56 . 2009-06-10 11:56 -------- d-----w- c:\program files\AVG 2009-06-09 16:03 . 2009-06-09 16:02 -------- d-----w- c:\documents and settings\jonathan\Application Data\SystemRequirementsLab 2009-06-09 16:03 . 2009-06-09 16:03 -------- d-----w- c:\program files\SystemRequirementsLab 2009-06-09 16:02 . 2009-06-09 16:02 207872 ----a-w- c:\documents and settings\jonathan\Application Data\SystemRequirementsLab\SRLProxy_srl_4.dll 2009-06-09 16:02 . 2009-06-09 16:02 207872 ----a-w- c:\documents and settings\jonathan\Application Data\SystemRequirementsLab\SRLProxy_srl_3.dll 2009-06-09 16:02 . 2009-06-09 16:02 207872 ----a-w- c:\documents and settings\jonathan\Application Data\SystemRequirementsLab\SRLProxy_srl_2.dll 2009-06-09 16:02 . 2009-06-09 16:02 207872 ----a-w- c:\documents and settings\jonathan\Application Data\SystemRequirementsLab\SRLProxy_srl_1.dll 2009-06-07 06:16 . 2009-06-07 06:16 -------- d-----w- c:\documents and settings\krefel\Application Data\PhotoFrameShow 2009-06-06 07:32 . 2009-06-06 07:32 -------- d-----w- c:\documents and settings\jonathan\Application Data\PhotoFrameShow 2009-06-05 16:26 . 2009-06-05 16:23 -------- d-----w- c:\program files\TuneUp Utilities 2009 2009-06-05 16:25 . 2009-06-05 16:25 603904 ----a-w- c:\windows\system32\TUProgSt.exe 2009-06-05 16:25 . 2009-06-05 16:25 362240 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-06-05 16:25 . 2009-06-05 16:25 -------- d-----w- c:\documents and settings\jonathan\Application Data\TuneUp Software 2009-06-05 16:23 . 2009-06-05 16:23 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software 2009-06-05 16:23 . 2009-06-05 16:23 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-06-05 13:57 . 2009-06-05 13:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Corporation 2009-06-05 13:55 . 2009-06-05 13:55 -------- d-----w- c:\program files\Microsoft Windows Vista Upgrade Advisor 2009-06-03 19:27 . 2004-08-04 08:00 1294848 ------w- c:\windows\system32\quartz.dll 2009-06-03 14:19 . 2009-05-29 16:31 -------- d-----w- c:\program files\SpeedFan 2009-06-03 08:54 . 2008-05-10 09:11 -------- d-----w- c:\program files\Logitech 2009-06-02 13:59 . 2009-06-02 13:59 664 ----a-w- c:\windows\system32\d3d9caps.dat 2009-06-01 16:49 . 2009-06-01 16:49 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2009-05-30 05:38 . 2009-05-30 05:38 -------- d-----w- c:\documents and settings\jonathan\Application Data\fizzy 2009-05-29 18:08 . 2009-05-29 18:08 -------- d-----w- c:\program files\Lavalys 2009-05-26 16:06 . 2009-05-26 16:06 -------- d-----w- c:\program files\Common Files\Windows Live 2009-05-21 16:07 . 2009-04-30 05:45 -------- d-----w- c:\documents and settings\jonathan\Application Data\BatteryBar 2009-05-15 10:49 . 2008-01-15 17:26 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-05-15 09:26 . 2009-05-15 09:26 274200 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgamnot.dll 2009-05-15 09:26 . 2009-05-15 09:26 1262872 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgapix.dll 2009-05-15 09:26 . 2009-05-15 09:26 100120 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgdumpx.exe 2009-05-15 09:26 . 2009-05-15 09:26 298776 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgwdsvc.exe 2009-05-15 09:26 . 2009-05-15 09:26 512280 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgvvx.dll 2009-05-15 09:26 . 2009-05-15 09:26 531736 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgsched.dll 2009-05-15 09:26 . 2009-05-15 09:26 338712 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgscanx.dll 2009-05-15 09:26 . 2009-05-15 09:26 300824 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgmvflx.dll 2009-05-15 09:26 . 2009-05-15 09:26 177432 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgmail.dll 2009-05-15 09:25 . 2009-05-15 09:25 587032 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgiproxy.exe 2009-05-15 09:25 . 2009-05-15 09:25 755992 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avginet.dll 2009-05-13 17:50 . 2004-09-08 11:27 93976 ----a-w- c:\windows\system32\perfc013.dat 2009-05-13 17:50 . 2004-09-08 11:27 500312 ----a-w- c:\windows\system32\perfh013.dat 2009-05-07 15:44 . 2004-08-04 08:00 345600 ------w- c:\windows\system32\localspl.dll 2009-05-07 13:17 . 2009-05-07 13:17 840984 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgdiag.exe 2009-05-07 13:16 . 2009-05-07 13:16 486680 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgrsx.exe 2009-05-07 13:16 . 2009-05-07 13:16 266008 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgoff2k.dll 2009-07-17 15:46 . 2008-11-06 16:44 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll 2008-09-21 12:36 . 2008-09-21 12:37 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}"= "c:\program files\speed-bit\tbspe1.dll" [2008-06-07 1470488] [HKEY_CLASSES_ROOT\clsid\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}] 2008-06-07 12:55 1470488 ----a-w- c:\program files\speed-bit\tbspe1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}"= "c:\program files\speed-bit\tbspe1.dll" [2008-06-07 1470488] [HKEY_CLASSES_ROOT\clsid\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{2BA521AC-B9B9-4433-BA45-DBA2F02CBA5A}"= "c:\program files\speed-bit\tbspe1.dll" [2008-06-07 1470488] [HKEY_CLASSES_ROOT\clsid\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-04-30 2329936] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-04 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BootSkin Startup Jobs"="c:\program files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-11 1948440] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] "FLMOFFICE4DMOUSE"="c:\program files\Trust\MI-2550XP OPTICAL MINI MOUSE\Mouse32a.exe" [2009-06-17 370176] "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-12-08 1173384] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\krefel\Menu Start\Programma's\Opstarten\ BelgacomADSL.lnk - c:\program files\Thomson\SpeedTouch USB\stdialup.exe [2006-9-14 1651200] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{EC654325-1273-C2A9-2B7C-45A29BCE2FBD}"= "c:\program files\Stardock\Fences\DesktopDock.dll" [2009-03-12 517480] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="c:\windows\system32\logonuiX.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] 2008-01-14 05:04 210168 ----a-w- c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-06-10 12:18 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^$McRebootA5E6DEAA56$.lnk] backup=c:\windows\pss\$McRebootA5E6DEAA56$.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Desktop Search.lnk] backup=c:\windows\pss\Windows Desktop Search.lnkCommon Startup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mspwr HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Webaroo [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "iPodService"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "c:\\Program Files\\Wyzo\\wyzo.exe"= "c:\\Program Files\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"= "c:\\Program Files\\IEPro\\MiniDM.exe"= "c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"= "c:\\Program Files\\EA Games\\Battlefield 1942\\BF1942.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Small Rockets\\Red Ace Squadron\\acenet_server_release.exe"= "c:\\WINDOWS\\system32\\dplaysvr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\SpeedBit Video Accelerator\\VideoAccelerator.exe"= "c:\\Program Files\\Dobermann\\Halozero\\halozero.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\AVG\\AVG8\\avgam.exe"= "c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"= "c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1700:TCP"= 1700:TCP:MioNet Remote Drive Access "1641:TCP"= 1641:TCP:MioNet Remote Drive Verification "57762:TCP"= 57762:TCP:Pando Media Booster "57762:UDP"= 57762:UDP:Pando Media Booster R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [10/06/2009 13:57 12552] R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [15/05/2009 9:11 130936] R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2/11/2008 14:24 51984] R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2/11/2008 14:24 46864] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [10/06/2009 13:57 335752] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [10/06/2009 13:57 108552] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [10/06/2009 13:56 298776] R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [15/05/2009 9:10 348752] R2 ThreatFire;ThreatFire;c:\program files\ThreatFire\TFService.exe service --> c:\program files\ThreatFire\TFService.exe service [?] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [5/06/2009 18:25 603904] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2/11/2008 14:24 33552] S0 BootScreen;BootScreen;\SystemRoot\\SystemRoot\System32\drivers\vidstub.sys --> \SystemRoot\\SystemRoot\System32\drivers\vidstub.sys [?] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\McAfee\SiteAdvisor\McSACore.exe" --> c:\program files\McAfee\SiteAdvisor\McSACore.exe [?] S3 cpuz130;cpuz130;\??\c:\docume~1\jonathan\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\jonathan\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [4/03/2008 19:51 29744] S3 MaplomL;MaplomL; [x] S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [10/05/2008 11:13 163328] --- Andere Services/Drivers In Geheugen --- *Deregistered* - mchInjDrv HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-07-17 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 14:28] 2009-06-13 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 10:34] 2009-07-17 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20] 2009-07-17 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-23 11:54] 2009-07-17 c:\windows\Tasks\Internet Explorer.job - c:\progra~1\INTERN~1\iexplore.exe [2004-08-04 01:17] 2009-07-17 c:\windows\Tasks\User_Feed_Synchronization-{B18D7228-4532-46E0-BC86-E62AE37D0069}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 01:01] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uDefault_Search_URL = hxxp://www.google.com/ie mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*Yahoo! SearchBar Home Page uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\jonathan\Application Data\Mozilla\Firefox\Profiles\by69eu7e.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - component: c:\documents and settings\jonathan\Application Data\Mozilla\Firefox\Profiles\by69eu7e.default\extensions\piclens@cooliris.com\components\coolirisstub.dll FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - plugin: c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll FF - plugin: c:\documents and settings\jonathan\Application Data\Mozilla\Firefox\Profiles\by69eu7e.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJPI150_04.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-07-17 18:29 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwClose scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-2206795218-3374092638-768599562-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{61ADC01E-2120-0B24-FA5E-94188DC94A80}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "oamoedoionmmgapfabbfopkngdjafo"=hex:61,69,63,68,6c,6e,69,62,64,68,67,70,67,6d, 68,6e,6e,6e,67,69,66,6e,63,63,68,66,6d,64,6a,6d,67,63,62,6a,63,66,6f,6c,66,\ [HKEY_USERS\S-1-5-21-2206795218-3374092638-768599562-1007\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:ff,a1,1a,6f,55,c3,f7,8b,6f,f2,ff,7b,da,d6,af,c7,f4,f9,09,5f,1a,0e,bd, d1,70,3a,16,9b,c7,68,5b,3a,b7,82,91,39,9d,da,3c,f2,86,ba,d7,34,f8,1b,7b,fa,\ "??"=hex:90,e9,60,24,51,8b,0b,b6,27,ad,fc,19,98,ca,97,b3 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(704) c:\program files\ThreatFire\TFWAH.dll c:\program files\ThreatFire\TFNI.dll c:\program files\ThreatFire\TFMon.dll c:\program files\ThreatFire\TFRK.dll c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - - - - - - - > 'lsass.exe'(760) c:\program files\ThreatFire\TFWAH.dll - - - - - - - > 'explorer.exe'(3624) c:\program files\ThreatFire\TFWAH.dll c:\program files\Windows Desktop Search\deskbar.dll c:\program files\Windows Desktop Search\nl-nl\dbres.dll.mui c:\program files\Windows Desktop Search\dbres.dll c:\program files\Windows Desktop Search\wordwheel.dll c:\program files\Windows Desktop Search\nl-nl\msnlExtRes.dll.mui c:\program files\Windows Desktop Search\msnlExtRes.dll c:\program files\BatteryBar\BatteryBar.dll c:\program files\BatteryBar\BatteryBar.Utilities.dll c:\program files\ThreatFire\TFNI.dll c:\program files\ThreatFire\TFMon.dll c:\program files\ThreatFire\TFRK.dll c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll c:\windows\system32\msutb.dll c:\windows\system32\ieframe.dll c:\program files\Stardock\Fences\DesktopDock.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll c:\program files\Trust\MI-2550XP OPTICAL MINI MOUSE\MOUDL32A.DLL c:\program files\Bonjour\mdnsNSP.dll c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\MDM.EXE c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\progra~1\AVG\AVG8\avgam.exe c:\program files\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\program files\Spyware Doctor\pctsSvc.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\program files\ThreatFire\TFService.exe c:\windows\system32\searchindexer.exe . ************************************************************************** . Voltooingstijd: 2009-07-17 18:40 - machine werd herstart ComboFix-quarantined-files.txt 2009-07-17 16:39 Pre-Run: 17.716.895.744 bytes beschikbaar Post-Run: 17.939.238.912 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /FASTDETECT 451 --- E O F --- 2009-07-16 05:46 _________________________________ Nu doe ik nog eventjes CCleaner en Advanced Windows Care.

Ik ging net hetzelfde zeggen.

Beide al gedaan. Ik ga eens proberen wat Kape zegt. AVG laten lopen ? MBAM al gedownload. Heb me voorbereid... ---------- Post toegevoegd om 13:23 ---------- Vorige post was om 13:23 ---------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:21:57, on 17/07/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18372) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\ThreatFire\TFService.exe C:\WINDOWS\System32\TUProgSt.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Trust\MI-2550XP OPTICAL MINI MOUSE\Mouse32a.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Customize Your Settings R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-2550XP OPTICAL MINI MOUSE\Mouse32a.exe O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1167058529890 O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1196619889781 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL,wbsys.dll C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O20 - Winlogon Notify: winfxw32 - winfxw32.dll (file missing) O22 - SharedTaskScheduler: Fences - {EC654325-1273-C2A9-2B7C-45A29BCE2FBD} - C:\Program Files\Stardock\Fences\DesktopDock.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 11981 bytes Ik gebruik Firefox 3.51

Nee hoor. Dat zit allemaal op je moederbord. Onboard dus. Geen reden om een aparte kaart aan te schaffen.

Socket 1156 mobo's staan op Pre-Order bij Azerty. Dat is voor de i5 processoren zeker ? Die moeite waard om te wachten, of is i7 beter ?

Gebeurt met de exe file, en ook de install.

HijackThis wil niet opstarten, Heb mijn harde schijf geleegd, wat system optimizers en reg cleaners, maar geen effect. Nog altijd zeer zeer traag. Ik ben van plan om nu mijn drivers te backuppen, en XP herinstalleren. HijackThis wil gewoon helemaal niet opstarten, hij geeft een foutmelding weer.

Laptop deed vandaag zeer ongewoon, Firefox startten deed hij zelfs niet, zelfs Deze Computer kon hij niet openen. Dus reboot, alles werkte weer, maar hééél traag. Muis werkt nu niet naar behoren. Ik ben momenteel bezig met alle overbodige brol buiten te smijten, wat system optimizers, en Reg-cleaners. Zal binnen een paar minuutjes een HijackThis logje neerlaten, misschien kan het ook voor morgenochtend zijn. (T'zal voor morgen zijn.) Ik dacht eigenlijk zelf eerst aan een Clean Install. Aan te raden ??? :s:s:s Alvast bedankt! Laptop is HP, en er zit zo'n brol van een Centrino in.

Laptop deed vandaag zeer ongewoon, Firefox startten deed hij zelfs niet, zelfs Deze Computer kon hij niet openen. Dus reboot, alles werkte weer, maar hééél traag. Ik ben momenteel bezig met alle overbodige brol buiten te smijten, wat system optimizers, en Reg-cleaners. Zal binnen een paar minuutjes een HijackThis logje neerlaten, misschien kan het ook voor morgenochtend zijn. Ik dacht eigenlijk zelf eerst aan een Clean Install. Aan te raden ??? :s:s:s Alvast bedankt! Laptop is HP, en er zit zo'n brol van een Centrino in.

Wat is je budget ? Dan kunnen we iets samenstellen voor je. En idd, een goede pc hoeft niet altijd duur te zijn. Die processor alleen kost al 200 euro. Dus je kan je wel voorstellen dat de rest op niks trekt. Er zou een totale bottleneck ontstaan. Wij, bij PCH kunnen iets beters samenstellen voor je.

Heb je al een clean install gedaan van Windows ?

Ja idd beter de ValueRAM pakken.

Je kan ook dit nemen, presteert beter, betere videokaart en grotere HDD. De processor is Triple Core. Dat betekent 3*2.6 Ik zou die computer laten vallen en dit nemen. Mobo is wel AM2+, betekent minder snel geheugen dan AM3, waar de processor eigenlijk voor gemaakt is (past wel op AM2+), maar goedkoper. Maar het is eigenlijk gewoon hetzelfde geheugen als die eerste computer.

Hehe, zou het wel willen, Maar met komst van nieuwe PC schiet er niet echt veel geld meer over....

Wow bestaat de Playstation Portable 3 al, de tweede is nog niet in de winkels! Ik vermoed dat je PS3 bedoelt, maar die heb je eigenlijk niet echt nodig. Je kan een TV-kaart in je PC steken, en dan kan je TV opnemen... Als je dan Blu-Ray's wilt bekijken op je pc moet je gewoon een Blu-Ray lezer kopen. Kost een dikke 80 euro.

Neenee, ik bedoel het aantal wattage....

Jah, ik zou het wel willen maar ik vrees dat we niet echt naast elkaar wonen......

Och ja, parallel poorten werden nog gebruikt voor muizen zeker....... Dat zal ik wel nergens meer vinden zeker..... Ik snap niet echt wat je bedoelt met die Dell... Doe je hem weg ofzo..???