jean&nancy
-
Items
24 -
Registratiedatum
-
Laatst bezocht
jean&nancy's prestaties
-
Goedenavond kape, Moet ik nu nog iets anders doen op mijn pc? Ik herinner me van de vorige keer dat ik CC Cleaner moest gebruiken om alle scanprogramma's op virussen te verwijderen. Of heb ik het mis en is dat niet nodig ? Mvg Nancy
-
dag Kape, Er zal waarschijnlijk niets anders opzitten. Bedankt in iedere geval voor je hulp. Mvg Nancy
-
hoikes, pc start nog altijd traag. Zou dit dan aan iets anders liggen dan aan een virus ? mvg Nancy
-
Beste Kape, Pff, wat ben ik een leek op het vlak van computers maar ik denk dat het gelukt is. Het is een .rar bestand. Mvg Nancy CureIt.rar
-
het lukt niet; ik ben nu nog maar aan een tiende ofzo; kan ik het logbestand op een andere manier aan je doorsturen? Mvg Nancy
-
hallo kape, ik bekwam geen logbestand van die tweede scan met findykill. Er kwam enkel melding :"bedankt om het programma te gebruiken" . Hebben wij de scan correct gedaan ? Incredimail werkt nog niet zo goed; ook blijft de computer soms nog blokkeren; het opstarten gaat wel al vlotter; dus dat is al een verbetering, waarvoor dank. mvg Nancy
-
Hallo kape, die download van photoshop was van vorige week; ik dacht dat die legaal was; die andere van access was een drietal weken geleden. ik laat nu de computer terug scannen met optie 2. Mvg Nancy
-
Hallo kape, ik heb volgend logbericht van Findykill. Als ik het goed begrijp vindt hij geen virussen. Is dat correct? Ik heb office2007 van Piratebay gedownload omdat mijn zoon access nodig heeft voor in school. (dit programma werkt wel niet goed want hij vraagt voortdurend correcte sleutels) en Photoshop. De computer is beginnen traag te werken na deze download. Ik hoop dat U vindt wat er met mijn pc scheelt. Want deze avond duurde het weer een half uur vooraleer al mijn iconen geïnstalleerd waren op mijn pc en ik internetverbinding kreeg. vele groeten Nancy ----------------- FindyKill V4.005 ------------------ * User : Nancy Demets - YOUR-FFACC82D80 * Emplacement : C:\Program Files\FindyKill * Outils Mis a jours le 17/10/08 par Chiquitine29 * Recherche effectuée à 20:23:52 le vr 16/04/2010 * Windows XP - Internet Explorer 8.0.6001.18702 ((((((((((((((((( *** Recherche *** )))))))))))))))))) --------------- [ Processus actifs ] ---------------- C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Oxigen\bin\Oxigen.exe C:\Program Files\Oxigen\bin\OxiTray.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\AVG\AVG9\avgui.exe C:\Program Files\AVG\AVG9\avgcmgr.exe C:\Program Files\IncrediMail\bin\ImNotfy.exe C:\WINDOWS\system32\wuauclt.exe --------------- [ Fichiers/Dossiers infectieux ] ---------------- »»»» Presence des fichiers dans C: »»»» Presence des fichiers dans C:\WINDOWS »»»» Presence des fichiers dans C:\WINDOWS\Prefetch Present ! - C:\WINDOWS\prefetch\MDELK.EXE-238AA5EF.pf »»»» Presence des fichiers dans C:\WINDOWS\system32 »»»» Presence des fichiers dans C:\WINDOWS\system32\drivers »»»» Presence des fichiers dans C:\Documents and Settings\Nancy Demets\Application Data »»»» Presence des fichiers dans C:\DOCUME~1\NANCYD~1\LOCALS~1\Temp --------------- [ Registre / Startup ] ---------------- ! REG.EXE VERSION 3.0 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run igfxtray REG_SZ C:\WINDOWS\system32\igfxtray.exe igfxhkcmd REG_SZ C:\WINDOWS\system32\hkcmd.exe igfxpers REG_SZ C:\WINDOWS\system32\igfxpers.exe High Definition Audio Property Page Shortcut REG_SZ CHDAudPropShortcut.exe HP Software Update REG_SZ C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe hpWirelessAssistant REG_SZ C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe eabconfg.cpl REG_SZ C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start Cpqset REG_SZ C:\Program Files\HPQ\Default Settings\cpqset.exe RecGuard REG_SZ C:\Windows\SMINST\RecGuard.exe DXM6Patch_981116 REG_SZ C:\WINDOWS\p_981116.exe /Q:A Adobe Photo Downloader REG_SZ "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" ExtraFilmHemmaAgent REG_SZ "C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe" AppleSyncNotifier REG_SZ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe OxigenClientAdmin REG_SZ "C:\Program Files\Oxigen\bin\Oxigen.exe" OxigenTrayIcon REG_SZ "C:\Program Files\Oxigen\bin\OxiTray.exe" NokiaMServer REG_SZ C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles Nokia FastStart REG_SZ "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart beid REG_SZ "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup TkBellExe REG_SZ "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe" SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents ! REG.EXE VERSION 3.0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" IncrediMail REG_SZ C:\Program Files\IncrediMail\bin\IncMail.exe /c ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe --------------- [ Registre / Clés infectieuses ] ---------------- --------------- [ Etat / Services ] ---------------- +- Services : [ Auto=2 Demande=3 Désactivé=4 ] Ndisuio - Type de démarrage = 3 EapHost - Type de démarrage = 3 Ip6Fw - Type de démarrage = 3 SharedAccess - Type de démarrage = 2 wuauserv - Type de démarrage = 2 wscsvc - Type de démarrage = 2 --------------- [ Recherche dans supports amovibles] ---------------- +- Informations : C: - vast station D: - vast station +- presence des fichiers : Présent ! - D:\info.exe --------------- [ Registre / Moutpoint2 ] ---------------- -> Recherche négative. ------------------- ! Fin du rapport ! --------------------
-
hoi kape, het is al wat beter maar nog niet zoals vroeger; hij blijft ook nog hangen/vastzitten als wij hem een paar minuten (30 min) niet gebruiken ; daarnet kon ik ook niet op internet en heb ik het via incredimail moeten doen en de link via uw mail moeten volgen). mvg Nancy
-
ComboFix 10-04-14.04 - Jean Soenen 15/04/2010 19:15:52.5.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1014.416 [GMT 2:00] Gestart vanuit: c:\documents and settings\Nancy Demets\Mijn documenten\Mijn ontvangen bestanden\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Jean Soenen\Bureaublad\CFScript.txt AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: ESET NOD32 antivirus systeem 2.70 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} FILE :: "c:\windows\system32\Adobe\Shockwave 11\nssstub.exe" "c:\windows\system32\drivers\ctredr15.sys" "c:\windows\system32\drivers\ctredrv.sys" "c:\windows\Tasks\NSSstub.job" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Jean Soenen\Onlangs geopend\Thumbs.db c:\windows\system32\Adobe\Shockwave 11\nssstub.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_CTREDR15.SYS -------\Legacy_CTREDRV.SYS -------\Service_ctredr15.sys -------\Service_ctredrv.sys (((((((((((((((((((( Bestanden Gemaakt van 2010-03-15 to 2010-04-15 )))))))))))))))))))))))))))))) . 2010-04-07 14:07 . 2010-04-07 14:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-15 13:22 . 2010-02-09 17:10 -------- d-----w- c:\program files\SwiftKit 2010-04-15 13:13 . 2009-11-02 14:19 75 ----a-w- c:\documents and settings\Kevin Soenen\jagex_runescape_preferences2.dat 2010-04-15 11:26 . 2008-07-04 07:18 69 ----a-w- c:\documents and settings\Kevin Soenen\jagex_runescape_preferences.dat 2010-04-15 11:05 . 2006-11-14 16:06 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-04-14 08:54 . 2009-11-01 08:38 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2010-04-11 18:41 . 2006-07-29 19:44 -------- d-----w- c:\program files\Java 2010-04-11 18:38 . 2010-04-11 18:38 79488 ----a-w- c:\documents and settings\Kevin Soenen\Application Data\Sun\Java\jre1.6.0_19\gtapi.dll 2010-04-11 18:21 . 2007-08-03 20:27 -------- d-----w- c:\program files\SwiftSwitch 2010-04-10 19:48 . 2010-03-07 09:22 439816 ----a-w- c:\documents and settings\Kevin Soenen\Application Data\Real\Update\setup3.10\setup.exe 2010-04-10 12:34 . 2006-07-29 19:44 -------- d-----w- c:\program files\Google 2010-04-10 11:12 . 2008-12-18 13:32 -------- d-----w- c:\program files\BitLord 2010-04-10 09:11 . 2010-02-02 09:11 0 ----a-w- c:\documents and settings\Jean Soenen\Local Settings\Application Data\prvlcl.dat 2010-04-10 06:23 . 2008-06-11 16:39 106824 -c--a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT 2010-04-10 06:23 . 2006-07-29 12:27 8224 -c--a-w- c:\documents and settings\Nancy Demets\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-04-09 14:32 . 2008-05-30 14:36 -------- d-----w- c:\documents and settings\Kevin Soenen\Application Data\Azureus 2010-04-08 06:39 . 2010-04-08 06:39 4255072 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcorex.dll 2010-04-07 13:52 . 2007-02-05 19:04 -------- d-----w- c:\program files\Common Files\Adobe 2010-04-07 13:50 . 2010-04-07 13:50 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared 2010-04-07 12:06 . 2010-04-07 12:06 439816 ----a-w- c:\documents and settings\Yaro Soenen\Application Data\Real\Update\setup3.10\setup.exe 2010-04-03 07:25 . 2010-04-03 07:25 1038688 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.exe 2010-04-03 07:25 . 2010-04-03 07:25 1689952 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.dll 2010-04-03 07:25 . 2010-04-03 07:25 813336 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avginet.dll 2010-04-03 07:25 . 2010-04-03 07:25 624920 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgiproxy.exe 2010-03-28 17:51 . 2004-09-08 11:27 95562 ----a-w- c:\windows\system32\perfc013.dat 2010-03-28 17:51 . 2004-09-08 11:27 519492 ----a-w- c:\windows\system32\perfh013.dat 2010-03-25 09:27 . 2010-03-25 09:27 439816 ----a-w- c:\documents and settings\Jean Soenen\Application Data\Real\Update\setup3.10\setup.exe 2010-03-24 16:36 . 2010-03-24 16:36 0 ----a-w- c:\documents and settings\Kevin Soenen\jagex__preferences3.dat 2010-03-21 10:15 . 2010-03-21 10:15 -------- d-----w- c:\program files\Microsoft ActiveSync 2010-03-21 10:10 . 2010-03-21 10:10 -------- d-----w- c:\program files\Common Files\L&H 2010-03-21 10:10 . 2007-05-06 16:04 -------- d-----w- c:\program files\Windows Messaging 2010-03-16 16:56 . 2010-03-16 16:56 -------- d-----w- c:\documents and settings\Jean Soenen\Application Data\Malwarebytes 2010-03-14 12:37 . 2008-03-28 15:57 -------- d-----w- c:\program files\Azureus 2010-03-14 12:36 . 2010-03-14 12:36 -------- d-----w- c:\program files\Vuze_Remote 2010-03-14 12:28 . 2010-03-14 12:20 -------- d-----w- c:\program files\K-Lite Codec Pack 2010-03-13 11:27 . 2010-03-13 11:27 360584 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtdix.sys 2010-03-13 11:27 . 2010-03-13 11:27 333192 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgldx86.sys 2010-03-13 11:27 . 2010-03-13 11:27 28424 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgmfx86.sys 2010-03-13 11:26 . 2009-11-01 08:58 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-03-13 11:26 . 2010-03-13 11:26 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-03-13 11:26 . 2009-11-01 08:58 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-03-13 11:25 . 2009-11-01 08:58 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-03-10 18:00 . 2010-03-14 12:20 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2010-03-09 02:28 . 2008-12-15 11:15 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-03-07 18:45 . 2006-07-29 13:16 -------- d-----w- c:\documents and settings\Kevin Soenen\Application Data\Apple Computer 2010-02-28 18:49 . 2010-02-28 18:49 -------- d-----w- c:\documents and settings\Kevin Soenen\Application Data\Uniblue 2010-02-28 18:49 . 2010-02-28 18:49 -------- d-----w- c:\program files\Uniblue 2010-02-25 06:20 . 2004-08-04 08:00 916480 ------w- c:\windows\system32\wininet.dll 2010-02-20 13:15 . 2010-02-20 13:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2010-02-20 11:15 . 2006-07-29 12:53 -------- d-----w- c:\documents and settings\Jean Soenen\Application Data\Apple Computer 2010-02-15 18:15 . 2010-02-15 18:15 -------- d-----w- c:\program files\MoparScape 2010-02-12 10:03 . 2010-02-26 18:19 293376 ------w- c:\windows\system32\browserchoice.exe 2010-02-10 17:13 . 2010-03-14 12:20 165376 ----a-w- c:\windows\system32\unrar.dll 2010-02-07 13:51 . 2010-02-07 13:51 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe 2010-02-06 16:44 . 2009-12-05 10:48 79488 ----a-w- c:\documents and settings\Kevin Soenen\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2010-02-06 16:27 . 2009-12-05 10:24 79488 ----a-w- c:\documents and settings\Jean Soenen\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2010-01-27 16:13 . 2010-01-27 16:13 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe 2010-01-24 12:02 . 2010-01-24 10:33 69 ----a-w- c:\documents and settings\Nancy Demets\jagex_runescape_preferences2.dat 2010-01-24 12:02 . 2010-01-24 10:32 39 ----a-w- c:\documents and settings\Nancy Demets\jagex_runescape_preferences.dat 2006-09-15 20:24 . 2006-09-15 20:24 22 -csha-w- c:\windows\SMINST\HPCD.sys . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2010-02-23 12:04 1664256 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-04-16 251264] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-17 68856] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-31 468408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-03 98304] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-03 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-03 118784] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2005-11-08 61952] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-11 761945] "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 507904] "eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2005-12-07 409600] "Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-06-29 233534] "RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840] "DXM6Patch_981116"="c:\windows\p_981116.exe" [1998-11-30 497376] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-22 63712] "ExtraFilmHemmaAgent"="c:\program files\ExtraFilm PhotoAssistant\Agent.exe" [2007-11-05 323584] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "OxigenClientAdmin"="c:\program files\Oxigen\bin\Oxigen.exe" [2007-06-23 887264] "OxigenTrayIcon"="c:\program files\Oxigen\bin\OxiTray.exe" [2007-06-23 557536] "Nokia FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2008-10-17 2323680] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-28 198160] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-22 141608] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Nancy Demets\Menu Start\Programma's\Opstarten\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-8-16 577597] HP Photosmart Premier Snelstart.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] PHOTOfunSTUDIO.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe [2009-8-12 44176] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2010-03-13 11:26 12464 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\StubInstaller.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "7356:TCP"= 7356:TCP:BitComet 7356 TCP "7356:UDP"= 7356:UDP:BitComet 7356 UDP R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [1/11/2009 10:58 216200] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [1/11/2009 10:58 242696] R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [13/03/2010 13:26 308064] S1 SAS***IL;SAS***IL;\??\c:\program files\SUPERAntiSpyware\SAS***IL.sys --> c:\program files\SUPERAntiSpyware\SAS***IL.sys [?] S2 gupdate1c9f7cef0a66972;Google Updateservice (gupdate1c9f7cef0a66972);c:\program files\Google\Update\GoogleUpdate.exe [28/06/2009 11:00 133104] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 20:14 33536] S3 PLCMPR5;PLCMPR5 NDIS Protocol Driver;\??\c:\windows\system32\PLCMPR5.SYS --> c:\windows\system32\PLCMPR5.SYS [?] S3 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;c:\windows\system32\PLCNDIS5.SYS [18/04/2008 3:55 17280] . Inhoud van de 'Gedeelde Taken' map 2010-04-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 10:34] 2010-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 09:00] 2010-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 09:00] 2010-04-02 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2010-04-15 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2010-04-15 c:\windows\Tasks\User_Feed_Synchronization-{0E0011BA-CF2E-4EAF-B21A-35E141914D19}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] 2010-04-15 c:\windows\Tasks\User_Feed_Synchronization-{13D994C3-94FC-4254-91E6-3743FA3863EC}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] 2010-04-15 c:\windows\Tasks\User_Feed_Synchronization-{FD8A58AE-A5A4-4D91-AC24-97D25283B2CB}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.shareware-ne.com/nl/index.php?rvs=hompag uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 . - - - - ORPHANS VERWIJDERD - - - - Toolbar-Locked - (no file) WebBrowser-{F592709F-FF4A-4862-B659-4AFABDA56312} - (no file) WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\program files\AskBarDis\bar\bin\askBar.dll ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-04-15 19:38 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????????n??|?????? ???B?????????????hLC? ?????? scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{28E9A2DF-E65E-D85A-85759F1A85229B2E}\{8098DB1F-177D-3A31-208A24FCBB357FA9}\{15CEB269-F259-C879-5DE6F8EB9C542703}*] "CE4J2XQRGMR1PZTVDBUFMHVOGA1"=hex:01,00,01,00,00,00,00,00,cc,fe,5c,3b,ff,b3,38, 11,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{4E801B1F-2C34-C71B-55752B4DE71FAE4A}\{6707E13D-DFA5-4083-2A160A7F601D7F5F}\{38345692-AD4C-2D4A-1F4885FC450939AB}*] "{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,06,48,3c, f0,8d,54,88,a2,e2,b5,bd,3b,d5,a9,f2,3f,03,50,1e,eb,c2,8a,1f,b4,70,92,15,d5,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{512F71DC-3CBC-2B47-1A3BBA2110007DA7}\{3581E3EE-9609-7F22-508FFD480F192236}\{AD70F944-B806-2E49-AC620EB899FA98F6}*] "ICNI5VY1JTL2UXKQCRTPNVJUTD1"=hex:01,00,01,00,00,00,00,00,f5,7a,de,ba,99,33,75, a0,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(876) c:\windows\system32\igfxdev.dll - - - - - - - > 'explorer.exe'(1828) c:\windows\system32\msls31.dll c:\program files\Common Files\Microsoft Shared\Ink\SKCHUI.DLL c:\program files\IncrediMail\bin\B4ImApp.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVG\AVG9\avgchsvx.exe c:\program files\AVG\AVG9\avgrsx.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\windows\System32\SCardSvr.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe c:\program files\Common Files\EPSON\EBAPI\SAgent2.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\windows\system32\PnkBstrA.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\program files\AVG\AVG9\avgnsx.exe c:\windows\system32\WgaTray.exe c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe c:\progra~1\HPQ\SHARED\HPQTOA~1.EXE c:\program files\IncrediMail\bin\IMApp.exe c:\program files\HP\Digital Imaging\bin\hpqimzone.exe c:\program files\iPod\bin\iPodService.exe c:\program files\PC Connectivity Solution\ServiceLayer.exe c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe . ************************************************************************** . Voltooingstijd: 2010-04-15 19:50:47 - machine werd herstart ComboFix-quarantined-files.txt 2010-04-15 17:50 ComboFix2.txt 2010-04-14 11:08 ComboFix3.txt 2009-08-02 07:16 Pre-Run: 18.747.719.680 bytes beschikbaar Post-Run: 18.830.778.368 bytes beschikbaar - - End Of File - - 7D4DF6534B6E69C4D5E88FA7626C5823
-
hoi kape, volharding loont en het is mij dan uiteindelijk toch gelukt; hierbij vindt u het logbestand van combofix ComboFix 10-04-13.03 - Nancy Demets 14/04/2010 12:01:00.4.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1014.496 [GMT 2:00] Gestart vanuit: c:\documents and settings\Nancy Demets\Mijn documenten\Mijn ontvangen bestanden\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: ESET NOD32 antivirus systeem 2.70 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Nancy Demets\Onlangs geopend\Thumbs.db C:\LOG124.tmp C:\LOG9.tmp C:\LOGD.tmp c:\windows\Downloaded Program Files\f3initialsetup1.0.0.15.inf c:\windows\system32\Thumbs.db . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NPF -------\Service_NPF (((((((((((((((((((( Bestanden Gemaakt van 2010-03-14 to 2010-04-14 )))))))))))))))))))))))))))))) . 2010-04-10 09:02 . 2010-04-10 09:02 -------- d-----w- c:\documents and settings\Nancy Demets\Application Data\EPSON 2010-04-07 14:07 . 2010-04-07 14:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems 2010-04-07 13:50 . 2010-04-07 13:50 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared 2010-04-07 12:01 . 2010-04-07 12:02 -------- d-----w- c:\documents and settings\Yaro Soenen\Local Settings\Application Data\Vuze_Remote 2010-03-24 16:36 . 2010-03-24 16:36 0 ----a-w- c:\documents and settings\Kevin Soenen\jagex__preferences3.dat 2010-03-21 10:15 . 2010-03-21 10:15 -------- d-----w- c:\program files\Microsoft ActiveSync 2010-03-21 10:10 . 2010-03-21 10:10 -------- d-----w- c:\program files\Common Files\L&H 2010-03-16 16:56 . 2010-03-16 16:56 -------- d-----w- c:\documents and settings\Jean Soenen\Application Data\Malwarebytes . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-14 08:54 . 2009-11-01 08:38 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2010-04-13 10:59 . 2009-11-02 14:19 75 ----a-w- c:\documents and settings\Kevin Soenen\jagex_runescape_preferences2.dat 2010-04-13 10:33 . 2008-07-04 07:18 69 ----a-w- c:\documents and settings\Kevin Soenen\jagex_runescape_preferences.dat 2010-04-13 07:19 . 2010-02-09 17:10 -------- d-----w- c:\program files\SwiftKit 2010-04-11 18:41 . 2006-07-29 19:44 -------- d-----w- c:\program files\Java 2010-04-11 18:21 . 2007-08-03 20:27 -------- d-----w- c:\program files\SwiftSwitch 2010-04-10 13:20 . 2006-11-14 16:06 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-04-10 12:34 . 2006-07-29 19:44 -------- d-----w- c:\program files\Google 2010-04-10 11:12 . 2008-12-18 13:32 -------- d-----w- c:\program files\BitLord 2010-04-10 09:11 . 2010-02-02 09:11 0 ----a-w- c:\documents and settings\Jean Soenen\Local Settings\Application Data\prvlcl.dat 2010-04-10 06:23 . 2008-06-11 16:39 106824 -c--a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT 2010-04-10 06:23 . 2006-07-29 12:27 8224 -c--a-w- c:\documents and settings\Nancy Demets\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-04-09 14:32 . 2008-05-30 14:36 -------- d-----w- c:\documents and settings\Kevin Soenen\Application Data\Azureus 2010-04-07 13:52 . 2007-02-05 19:04 -------- d-----w- c:\program files\Common Files\Adobe 2010-03-28 17:51 . 2004-09-08 11:27 95562 ----a-w- c:\windows\system32\perfc013.dat 2010-03-28 17:51 . 2004-09-08 11:27 519492 ----a-w- c:\windows\system32\perfh013.dat 2010-03-21 13:21 . 2009-04-18 07:34 -------- d-----w- c:\documents and settings\Nancy Demets\Application Data\Azureus 2010-03-21 10:10 . 2007-05-06 16:04 -------- d-----w- c:\program files\Windows Messaging 2010-03-14 12:37 . 2008-03-28 15:57 -------- d-----w- c:\program files\Azureus 2010-03-14 12:36 . 2010-03-14 12:36 -------- d-----w- c:\program files\Vuze_Remote 2010-03-14 12:28 . 2010-03-14 12:20 -------- d-----w- c:\program files\K-Lite Codec Pack 2010-03-13 11:26 . 2009-11-01 08:58 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-03-13 11:26 . 2010-03-13 11:26 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-03-13 11:26 . 2009-11-01 08:58 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-03-13 11:25 . 2009-11-01 08:58 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-03-10 18:00 . 2010-03-14 12:20 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2010-03-10 13:40 . 2010-03-10 13:01 -------- d-----w- c:\documents and settings\Nancy Demets\Application Data\GetRightToGo 2010-03-09 02:28 . 2008-12-15 11:15 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-03-07 18:45 . 2006-07-29 13:16 -------- d-----w- c:\documents and settings\Kevin Soenen\Application Data\Apple Computer 2010-02-28 18:49 . 2010-02-28 18:49 -------- d-----w- c:\documents and settings\Kevin Soenen\Application Data\Uniblue 2010-02-28 18:49 . 2010-02-28 18:49 -------- d-----w- c:\program files\Uniblue 2010-02-25 06:20 . 2004-08-04 08:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-20 13:15 . 2010-02-20 13:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2010-02-20 11:15 . 2006-07-29 12:53 -------- d-----w- c:\documents and settings\Jean Soenen\Application Data\Apple Computer 2010-02-15 18:15 . 2010-02-15 18:15 -------- d-----w- c:\program files\MoparScape 2010-02-12 10:03 . 2010-02-26 18:19 293376 ------w- c:\windows\system32\browserchoice.exe 2010-02-10 17:13 . 2010-03-14 12:20 165376 ----a-w- c:\windows\system32\unrar.dll 2010-01-24 12:02 . 2010-01-24 10:33 69 ----a-w- c:\documents and settings\Nancy Demets\jagex_runescape_preferences2.dat 2010-01-24 12:02 . 2010-01-24 10:32 39 ----a-w- c:\documents and settings\Nancy Demets\jagex_runescape_preferences.dat 2006-09-15 20:24 . 2006-09-15 20:24 22 -csha-w- c:\windows\SMINST\HPCD.sys . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}] 2010-02-14 10:12 2349080 ----a-w- c:\program files\TorrentMan\tbTor1.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2010-02-23 12:04 1664256 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTor1.dll" [2010-02-14 2349080] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256] [HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{7C5C0F58-E061-457D-9033-77307F5ED00C}"= "c:\program files\TorrentMan\tbTor1.dll" [2010-02-14 2349080] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256] [HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-17 68856] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-04-16 251264] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-03 98304] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-03 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-03 118784] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2005-11-08 61952] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-11 761945] "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 507904] "eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2005-12-07 409600] "Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-06-29 233534] "RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840] "DXM6Patch_981116"="c:\windows\p_981116.exe" [1998-11-30 497376] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-22 63712] "ExtraFilmHemmaAgent"="c:\program files\ExtraFilm PhotoAssistant\Agent.exe" [2007-11-05 323584] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "OxigenClientAdmin"="c:\program files\Oxigen\bin\Oxigen.exe" [2007-06-23 887264] "OxigenTrayIcon"="c:\program files\Oxigen\bin\OxiTray.exe" [2007-06-23 557536] "Nokia FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2008-10-17 2323680] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-28 198160] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-22 141608] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Nancy Demets\Menu Start\Programma's\Opstarten\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-8-16 577597] HP Photosmart Premier Snelstart.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] PHOTOfunSTUDIO.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe [2009-8-12 44176] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2010-03-13 11:26 12464 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\StubInstaller.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "7356:TCP"= 7356:TCP:BitComet 7356 TCP "7356:UDP"= 7356:UDP:BitComet 7356 UDP R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [1/11/2009 10:58 216200] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [1/11/2009 10:58 242696] R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [13/03/2010 13:26 308064] S1 ctredr15.sys;ctredr15.sys;\??\c:\windows\system32\drivers\ctredr15.sys --> c:\windows\system32\drivers\ctredr15.sys [?] S1 ctredrv.sys;ctredrv.sys;\??\c:\windows\system32\drivers\ctredrv.sys --> c:\windows\system32\drivers\ctredrv.sys [?] S1 SAS***IL;SAS***IL;\??\c:\program files\SUPERAntiSpyware\SAS***IL.sys --> c:\program files\SUPERAntiSpyware\SAS***IL.sys [?] S2 gupdate1c9f7cef0a66972;Google Updateservice (gupdate1c9f7cef0a66972);c:\program files\Google\Update\GoogleUpdate.exe [28/06/2009 11:00 133104] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 20:14 33536] S3 PLCMPR5;PLCMPR5 NDIS Protocol Driver;\??\c:\windows\system32\PLCMPR5.SYS --> c:\windows\system32\PLCMPR5.SYS [?] S3 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;c:\windows\system32\PLCNDIS5.SYS [18/04/2008 3:55 17280] . Inhoud van de 'Gedeelde Taken' map 2010-04-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 10:34] 2010-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 09:00] 2010-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 09:00] 2009-09-17 c:\windows\Tasks\NSSstub.job - c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-09-08 17:16] 2010-04-02 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2010-04-14 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2010-04-14 c:\windows\Tasks\User_Feed_Synchronization-{0E0011BA-CF2E-4EAF-B21A-35E141914D19}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] 2010-04-13 c:\windows\Tasks\User_Feed_Synchronization-{13D994C3-94FC-4254-91E6-3743FA3863EC}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.shareware-ne.com/nl/index.php?rvs=hompag uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 . - - - - ORPHANS VERWIJDERD - - - - Toolbar-Locked - (no file) WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-04-14 12:59 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????????n??|?????? ???B?????????????hLC? ?????? scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{28E9A2DF-E65E-D85A-85759F1A85229B2E}\{8098DB1F-177D-3A31-208A24FCBB357FA9}\{15CEB269-F259-C879-5DE6F8EB9C542703}*] "CE4J2XQRGMR1PZTVDBUFMHVOGA1"=hex:01,00,01,00,00,00,00,00,cc,fe,5c,3b,ff,b3,38, 11,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{4E801B1F-2C34-C71B-55752B4DE71FAE4A}\{6707E13D-DFA5-4083-2A160A7F601D7F5F}\{38345692-AD4C-2D4A-1F4885FC450939AB}*] "{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,06,48,3c, f0,8d,54,88,a2,e2,b5,bd,3b,d5,a9,f2,3f,03,50,1e,eb,c2,8a,1f,b4,70,92,15,d5,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{512F71DC-3CBC-2B47-1A3BBA2110007DA7}\{3581E3EE-9609-7F22-508FFD480F192236}\{AD70F944-B806-2E49-AC620EB899FA98F6}*] "ICNI5VY1JTL2UXKQCRTPNVJUTD1"=hex:01,00,01,00,00,00,00,00,f5,7a,de,ba,99,33,75, a0,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(2076) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVG\AVG9\avgchsvx.exe c:\program files\AVG\AVG9\avgrsx.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\windows\System32\SCardSvr.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe c:\program files\Common Files\EPSON\EBAPI\SAgent2.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\windows\system32\PnkBstrA.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\windows\system32\fxssvc.exe c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\program files\AVG\AVG9\avgnsx.exe c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe c:\progra~1\HPQ\SHARED\HPQTOA~1.EXE c:\program files\IncrediMail\bin\IMApp.exe c:\program files\iPod\bin\iPodService.exe c:\program files\HP\Digital Imaging\bin\hpqimzone.exe c:\program files\PC Connectivity Solution\ServiceLayer.exe c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe c:\program files\IncrediMail\bin\ImNotfy.exe . ************************************************************************** . Voltooingstijd: 2010-04-14 13:08:42 - machine werd herstart ComboFix-quarantined-files.txt 2010-04-14 11:08 ComboFix2.txt 2009-08-02 07:16 Pre-Run: 17.268.314.112 bytes beschikbaar Post-Run: 18.699.116.544 bytes beschikbaar - - End Of File - - 45BCB5104618A5D1ABCC655A38C5A9E2
-
Hoi kape, Mijn computer begint een echte ramp te worden; ik ben nu al twee uur bezig met opstarten, proberen op internet te geraken en het antivirus systeem AVG uit te schakelen. Hij loopt telkens vast als ik iets wil doen ivm AVG. Het lukt me ook niet om AVG uit te schakelen om combofix op te starten. Ik probeerde dan AVG te verwijderen maar ik dacht dat is waarschijnlijk toch geen goede oplossing en ben dan gestopt. Mag ik combofix starten zonder AVG uit te schakelen of zal dat niet lukken. Hoe schakel ik anders AVG uit? ik vind ook het controlcenter niet enkel een gebruikersinterface. Of is dat hetzelfde? Ik heb wel lang blond haar maar ik ben niet dom en voor het moment voel ik mij wel dom Groetjes Nancy
-
hoi kape, ik heb alles gedaan wat U voorstelde. De snelle scan gaf echter geen kwaadaardige bestanden; Hierbij vindt u het logbestand. mvg Nancy en nogmaals bedankt voor uw hulp Malwarebytes' Anti-Malware 1.39 Database versie: 2513 Windows 5.1.2600 Service Pack 3 13/04/2010 19:52:35 mbam-log-2010-04-13 (19-52-35).txt Scan type: Snelle Scan Objecten gescand: 130348 Verstreken tijd: 22 minute(s), 42 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) ---------- Post toegevoegd om 18:02 ---------- Vorige post was om 17:57 ---------- Ik was nog de logfile vergeten te voegen van HijackThis. groetjes Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:00:41, on 13/04/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\fxssvc.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe C:\Program Files\Oxigen\bin\Oxigen.exe C:\Program Files\Oxigen\bin\OxiTray.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Downloads - Programmadownloads zijn gecheckt tegen virus en spyware R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Downloads - Programmadownloads zijn gecheckt tegen virus en spyware R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor1.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll O3 - Toolbar: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor1.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [sA] C:\Program Files\Logitech\QuickCam\SA3.EXE O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [OxigenClientAdmin] "C:\Program Files\Oxigen\bin\Oxigen.exe" O4 - HKLM\..\Run: [OxigenTrayIcon] "C:\Program Files\Oxigen\bin\OxiTray.exe" O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: HP Photosmart Premier Snelstart.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: RealGuide - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/1.0.0971.42/WinSSWebAgent.CAB O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://kvn1994.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader4.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-b482794d56a535fe.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.be/NET/Import/ImageUploader3.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.be/ImageUploader4.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: Google Updateservice (gupdate1c9f7cef0a66972) (gupdate1c9f7cef0a66972) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 15155 bytes
-
oke dat is goed. Hopelijk kan kape me helpen. mvg Nancy
-
Dankje Angel voor uw snelle reactie; In bijlage vindt u het logbestand van Hijack. groetjes Nancy Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:46:08, on 12/04/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\Oxigen\bin\Oxigen.exe C:\Program Files\Oxigen\bin\OxiTray.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Downloads - Programmadownloads zijn gecheckt tegen virus en spyware R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com by R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Downloads - Programmadownloads zijn gecheckt tegen virus en spyware R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com by R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor1.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: (no name) - {f592709f-ff4a-4862-b659-4afabda56312} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll O3 - Toolbar: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor1.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [sA] C:\Program Files\Logitech\QuickCam\SA3.EXE O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [OxigenClientAdmin] "C:\Program Files\Oxigen\bin\Oxigen.exe" O4 - HKLM\..\Run: [OxigenTrayIcon] "C:\Program Files\Oxigen\bin\OxiTray.exe" O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6.4; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"Nieuwsblad Online Games" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: HP Photosmart Premier Snelstart.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: RealGuide - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/1.0.0971.42/WinSSWebAgent.CAB O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://kvn1994.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader4.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-b482794d56a535fe.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.be/NET/Import/ImageUploader3.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.be/ImageUploader4.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: Google Updateservice (gupdate1c9f7cef0a66972) (gupdate1c9f7cef0a66972) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 16421 bytes
