Ga naar inhoud

Eurne

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    47

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Eurne

  1. Eurne
    Even controleren... Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:17:37, on 12/08/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2010\WebProxy.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Panda Security\Panda Internet Security 2010\ApVxdWin.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Panda Security\Panda Internet Security 2010\PavBckPT.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2010\Inicio.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-832047836-1340904009-3617835092-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgress') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - AppInit_DLLs: APSHook.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\pavsrvx86.exe O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda internet security 2010\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe -- End of file - 12152 bytes
  2. Eurne
    In orde ! Bedankt voor het snelle antwoord.
  3. Eurne
    Hey, Ik heb een snel vraagje, Als ik mijn pc opstart moet ik altijd inloggen voordat windows start. Hoe kan ik ervoor zorgen dat hij automatisch inlogt of gewoon meteen alles opstart ? Ik ben de enige gebruiker dus vind het een beetje tijdverlies dat inloggen. Groeten, Arno
  4. Eurne
    Terug goed. Heeft combofix iets verwijderd ?
  5. Eurne
    Hier is het comboxif logje : ComboFix 10-08-25.01 - Arnoke 26/08/2010 20:49:24.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.1233 [GMT 2:00] Gestart vanuit: C:\Users\Arnoke\Desktop\ComboFix.exe AV: Norton Internet Security *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\WebScout Toolbar\tbHElper.dll C:\Windows\system32\wininit.exe . . . is geïnfecteerd!! . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-26 to 2010-08-26 )))))))))))))))))))))))))))))) . 2010-08-26 19:01:43 . 2010-08-26 19:01:43 -------- d-----w- C:\Users\postgress\AppData\Local\temp 2010-08-26 19:01:43 . 2010-08-26 19:01:43 -------- d-----w- C:\Users\postgres\AppData\Local\temp 2010-08-26 19:01:43 . 2010-08-26 19:01:43 -------- d-----w- C:\Users\hasabene\AppData\Local\temp 2010-08-26 19:01:42 . 2010-08-26 20:36:32 -------- d-----w- C:\Users\Arnoke\AppData\Local\temp 2010-08-26 17:32:36 . 2010-08-26 17:32:36 509552 ----a-w- C:\ProgramData\Google\Google Toolbar\Update\gtb7082.tmp.exe 2010-08-25 08:22:40 . 2010-08-25 08:22:40 509552 ----a-w- C:\ProgramData\Google\Google Toolbar\Update\gtb7F4E.tmp.exe 2010-08-24 08:31:32 . 2010-08-24 08:31:31 509552 ----a-w- C:\ProgramData\Google\Google Toolbar\Update\gtbA729.tmp.exe 2010-08-23 20:46:03 . 2010-08-23 20:46:03 -------- d-----w- C:\Program Files\EA GAMES 2010-08-23 20:25:38 . 2010-08-23 20:25:38 -------- d-----w- C:\Program Files\Common Files\EasyInfo 2010-08-23 09:43:17 . 2010-08-23 09:43:17 -------- d-----w- C:\Program Files\Free Offers from Freeze.com 2010-08-23 09:31:14 . 2010-08-23 09:37:33 3 ----a-w- C:\Windows\treeskp.sys 2010-08-23 09:31:14 . 2010-08-23 09:37:33 3 ----a-w- C:\Windows\sbacknt.bin 2010-08-23 09:31:07 . 2010-08-24 08:27:53 -------- d-----w- C:\Program Files\vghd 2010-08-23 09:31:07 . 2010-08-23 09:31:07 152904 ----a-w- C:\Windows\system32\vghd.scr 2010-08-22 19:27:01 . 2010-08-23 07:59:13 -------- d-----w- C:\Program Files\Sierra 2010-08-22 16:51:08 . 2010-04-29 13:39:38 38224 ----a-w- C:\Windows\system32\drivers\mbamswissarmy.sys 2010-08-22 16:51:07 . 2010-08-22 16:51:11 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware 2010-08-22 16:51:07 . 2010-04-29 13:39:26 20952 ----a-w- C:\Windows\system32\drivers\mbam.sys 2010-08-19 19:09:14 . 2010-08-19 19:09:15 -------- d-----w- C:\Program Files\PFPortChecker 2010-08-19 09:51:10 . 2010-08-24 19:02:50 -------- d-----w- C:\Program Files\Simple Port Forwarding 2010-08-19 09:51:10 . 2010-08-19 18:02:20 -------- d-----w- C:\Windows\Simple Port Forwarding 2010-08-18 17:23:48 . 2010-08-18 17:23:52 -------- d-----w- C:\Program Files\Recuva 2010-08-18 17:10:18 . 2010-08-18 17:10:18 388096 ----a-r- C:\Users\Arnoke\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-08-18 16:34:05 . 2010-08-18 16:34:58 -------- d-----w- C:\Program Files\Age of Empires 2 + The Conqueror 2010-08-18 16:27:03 . 2010-08-18 16:27:03 509552 ----a-w- C:\ProgramData\Google\Google Toolbar\Update\gtb4341.tmp.exe 2010-08-18 11:05:30 . 2010-08-18 11:05:30 224 ----a-w- C:\Users\Arnoke\AppData\Roaming\PFStaticIP\set_to_static.bat 2010-08-18 11:04:30 . 2010-08-19 17:35:15 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\PFStaticIP 2010-08-18 11:04:16 . 2010-08-18 11:04:16 -------- d-----w- C:\Program Files\PFStaticIP 2010-08-17 22:26:32 . 2010-08-17 22:26:34 -------- d-----w- C:\Program Files\DAEMON Tools Pro 2010-08-17 21:44:04 . 2010-08-17 21:44:10 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\GameRanger 2010-08-17 21:16:32 . 2010-08-17 21:16:32 509552 ----a-w- C:\ProgramData\Google\Google Toolbar\Update\gtb4A1A.tmp.exe 2010-08-17 10:43:45 . 2010-08-17 10:43:45 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\Need for Speed World 2010-08-17 10:29:16 . 2010-08-17 10:29:16 -------- d-----w- C:\Users\Arnoke\AppData\Local\Electronic_Arts_Inc 2010-08-17 08:16:48 . 2010-08-17 08:16:48 509552 ----a-w- C:\ProgramData\Google\Google Toolbar\Update\gtb6A98.tmp.exe 2010-08-15 08:41:10 . 2010-08-15 08:56:49 -------- d-----w- C:\Program Files\Cyanide 2010-08-14 22:31:11 . 2010-08-14 22:31:26 -------- d-----w- C:\ProgramData\DAEMON Tools Pro 2010-08-14 19:44:21 . 2010-08-14 20:28:02 -------- d-----w- C:\ProgramData\TmForever 2010-08-12 20:57:21 . 2010-08-12 20:57:21 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\Malwarebytes 2010-08-12 20:57:07 . 2010-08-12 20:57:07 -------- d-----w- C:\ProgramData\Malwarebytes 2010-08-12 19:53:00 . 2010-08-12 19:53:00 -------- d-----w- C:\Program Files\Trend Micro 2010-08-11 11:01:32 . 2010-08-11 11:01:32 -------- d-----w- C:\Program Files\Real 2010-08-11 11:01:28 . 2010-08-14 09:41:16 -------- d-----w- C:\Program Files\Common Files\Real 2010-08-11 10:49:55 . 2010-08-14 09:44:32 -------- d-----w- C:\ProgramData\VistaCodecs 2010-08-10 22:25:43 . 2010-08-10 22:25:43 56458 ----a-w- C:\ProgramData\DivX\DivXDecoderShortcut\Uninstaller.exe 2010-08-10 22:16:46 . 2010-08-10 22:16:46 54174 ----a-w- C:\ProgramData\DivX\DSAACDecoder\Uninstaller.exe 2010-08-10 22:13:06 . 2010-08-10 22:13:06 54153 ----a-w- C:\ProgramData\DivX\DFXPlugin\Uninstaller.exe 2010-08-10 22:02:31 . 2010-08-10 22:02:31 54128 ----a-w- C:\ProgramData\DivX\Converter\Uninstaller.exe 2010-08-10 11:40:04 . 2010-08-10 11:40:04 54644 ----a-w- C:\ProgramData\DivX\TranscodeEngine\Uninstaller.exe 2010-08-10 11:29:57 . 2010-08-10 11:29:57 54101 ----a-w- C:\ProgramData\DivX\MPEG2Plugin\Uninstaller.exe 2010-08-10 11:21:44 . 2010-08-10 11:21:44 57409 ----a-w- C:\ProgramData\DivX\ControlPanel\Uninstaller.exe 2010-08-10 11:11:50 . 2010-08-10 11:11:50 52963 ----a-w- C:\ProgramData\DivX\MSVC80CRTRedist\Uninstaller.exe 2010-08-10 10:10:38 . 2010-08-10 10:10:38 54073 ----a-w- C:\ProgramData\DivX\Qt4.5\Uninstaller.exe 2010-08-10 10:10:35 . 2010-08-10 10:12:39 -------- d-----w- C:\Program Files\Common Files\DivX Shared 2010-08-10 10:10:17 . 2010-08-10 10:10:17 56969 ----a-w- C:\ProgramData\DivX\ASPEncoder\Uninstaller.exe 2010-08-10 10:08:21 . 2010-08-10 10:08:21 144696 ----a-w- C:\ProgramData\DivX\RunAsUser\RUNASUSERPROCESS.exe 2010-08-10 09:47:20 . 2001-10-31 08:14:40 1122304 ----a-w- C:\Windows\system32\mplvpx.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 77824 ----a-w- C:\Windows\system32\mplaw7.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 77824 ----a-w- C:\Windows\system32\mplaa6.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 65536 ----a-w- C:\Windows\system32\mplapx.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 65536 ----a-w- C:\Windows\system32\mplam6.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 1650688 ----a-w- C:\Windows\system32\mplva6.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 1581056 ----a-w- C:\Windows\system32\mplvw7.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 1552384 ----a-w- C:\Windows\system32\mplvm6.dll 2010-08-10 09:47:19 . 2001-09-17 10:20:02 19968 ----a-w- C:\Windows\system32\cpuinf32.dll 2010-08-10 08:42:27 . 2008-03-28 08:07:22 20992 ----a-w- C:\Users\Arnoke\AppData\Roaming\Convivea\Bit_Che\languages\compare.exe 2010-08-10 08:42:23 . 2010-08-10 08:42:23 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\Convivea 2010-08-10 08:42:23 . 2009-04-10 16:40:40 118784 ----a-w- C:\Users\Arnoke\AppData\Roaming\Convivea\Bit_Che\scripts\x.exe 2010-08-10 08:42:23 . 2007-07-11 17:43:04 24557 ----a-w- C:\Users\Arnoke\AppData\Roaming\Convivea\Bit_Che\scripts\special.exe 2010-08-10 08:42:23 . 2003-08-19 03:06:14 80896 ----a-w- C:\Users\Arnoke\AppData\Roaming\Convivea\Bit_Che\scripts\x.dll 2010-08-09 17:28:16 . 2010-08-09 17:28:16 -------- d-----w- C:\ProgramData\WindowsSearch 2010-08-05 13:10:35 . 2010-08-22 13:13:55 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\vlc 2010-08-05 12:56:23 . 2010-08-26 19:01:01 -------- d-----w- C:\Program Files\WebScout Toolbar 2010-08-05 12:29:41 . 2010-08-05 12:29:41 -------- d-----w- C:\Program Files\VideoLAN 2010-08-05 12:01:07 . 2010-08-24 21:48:52 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\BitTorrent 2010-08-05 12:00:52 . 2010-08-05 12:00:58 -------- d-----w- C:\Program Files\BitTorrent . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-26 20:39:00 . 2006-11-02 16:11:51 672924 ----a-w- C:\Windows\system32\perfh013.dat 2010-08-26 20:38:59 . 2006-11-02 16:11:51 129114 ----a-w- C:\Windows\system32\perfc013.dat 2010-08-26 20:34:17 . 2008-07-07 18:41:50 31966 ----a-w- C:\ProgramData\nvModes.dat 2010-08-26 18:44:31 . 2010-02-05 09:22:46 311732 ----a-w- C:\Windows\system32\drivers\APPFCONT.DAT.bck 2010-08-26 18:44:31 . 2010-02-05 09:22:46 311732 ----a-w- C:\Windows\system32\drivers\APPFCONT.DAT 2010-08-26 18:40:49 . 2007-09-01 01:11:36 1076 ----a-w- C:\Windows\bthservsdp.dat 2010-08-26 17:45:41 . 2009-06-12 05:43:31 -------- d-----w- C:\ProgramData\Electronic Arts 2010-08-26 17:33:03 . 2010-02-05 09:22:46 1132 ----a-w- C:\Windows\system32\drivers\APPFLTR.CFG.bck 2010-08-26 17:33:03 . 2010-02-05 09:22:46 1132 ----a-w- C:\Windows\system32\drivers\APPFLTR.CFG 2010-08-25 09:48:05 . 2008-08-31 09:54:01 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\LimeWire 2010-08-18 09:22:05 . 2008-10-31 18:49:16 111120 ----a-w- C:\Users\Arnoke\AppData\Local\GDIPFONTCACHEV1.DAT 2010-08-17 22:24:02 . 2006-11-02 12:37:34 -------- d-----w- C:\Program Files\Microsoft Games 2010-08-15 08:00:47 . 2009-02-02 20:08:14 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\DAEMON Tools Pro 2010-08-14 22:32:06 . 2008-08-31 09:58:56 697328 ----a-w- C:\Windows\system32\drivers\sptd.sys 2010-08-12 21:41:05 . 2008-09-12 18:04:56 -------- d-----w- C:\ProgramData\Microsoft Help 2010-08-12 21:37:40 . 2006-11-02 11:18:33 -------- d-----w- C:\Program Files\Windows Mail 2010-08-11 10:21:37 . 2008-08-22 21:27:39 -------- d-----w- C:\Program Files\Common Files\Apple 2010-08-10 22:25:43 . 2010-05-13 16:04:13 -------- d-----w- C:\ProgramData\DivX 2010-08-10 11:33:12 . 2010-05-13 16:27:16 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\DivX 2010-08-10 10:13:49 . 2007-06-26 16:25:53 -------- d-----w- C:\Program Files\Google 2010-08-05 11:55:45 . 2007-10-12 18:25:13 -------- d-----w- C:\Program Files\LimeWire 2010-07-31 12:12:51 . 2008-11-26 17:57:55 -------- d-----w- C:\Program Files\CCleaner 2010-07-18 15:18:02 . 2008-08-22 21:30:59 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\Apple Computer 2010-07-17 20:35:01 . 2010-07-17 20:33:50 -------- d-----w- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-07-17 20:29:56 . 2010-07-17 20:29:56 -------- d-----w- C:\Program Files\Apple Software Update 2010-07-17 20:25:24 . 2010-07-17 20:25:21 -------- d-----w- C:\Program Files\Bonjour 2010-07-04 08:33:51 . 2008-08-03 08:26:19 8484 ----a-w- C:\Users\Arnoke\AppData\Local\d3d9caps.dat 2010-07-02 15:49:21 . 2008-07-17 20:17:53 -------- d-----w- C:\Program Files\Common Files\Adobe 2010-07-02 15:23:05 . 2007-09-25 15:00:24 -------- d-----w- C:\ProgramData\Skype 2010-07-02 14:24:10 . 2010-03-24 15:48:09 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\Skype 2010-07-02 14:17:35 . 2009-05-20 13:16:42 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\skypePM 2010-06-29 22:45:56 . 2010-06-29 22:45:56 1240800 ----a-w- C:\Users\Arnoke\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe 2010-06-29 22:43:10 . 2010-06-29 22:43:10 159456 ----a-w- C:\Users\Arnoke\AppData\Roaming\GameRanger\GameRanger\Data\GameRanger.dll 2010-06-26 06:05:49 . 2010-08-12 21:35:48 916480 ----a-w- C:\Windows\system32\wininet.dll 2010-06-26 06:02:15 . 2010-08-12 21:35:48 109056 ----a-w- C:\Windows\system32\iesysprep.dll 2010-06-26 06:02:15 . 2010-08-12 21:35:47 71680 ----a-w- C:\Windows\system32\iesetup.dll 2010-06-26 04:25:02 . 2010-08-12 21:35:47 133632 ----a-w- C:\Windows\system32\ieUnatt.exe 2010-06-21 13:37:03 . 2010-08-12 21:35:29 2037760 ----a-w- C:\Windows\system32\win32k.sys 2010-06-18 17:31:29 . 2010-08-12 21:35:31 36864 ----a-w- C:\Windows\system32\rtutils.dll 2010-06-18 15:04:57 . 2010-08-12 21:35:32 302080 ----a-w- C:\Windows\system32\drivers\srv.sys 2010-06-18 15:04:44 . 2010-08-12 21:35:32 144896 ----a-w- C:\Windows\system32\drivers\srv2.sys 2010-06-16 16:04:57 . 2010-08-12 21:35:45 905088 ----a-w- C:\Windows\system32\drivers\tcpip.sys 2010-06-11 16:16:20 . 2010-08-12 21:35:27 274944 ----a-w- C:\Windows\system32\schannel.dll 2010-06-11 16:15:06 . 2010-08-12 21:35:43 1248768 ----a-w- C:\Windows\system32\msxml3.dll 2010-06-08 17:35:04 . 2010-08-12 21:35:21 3548040 ----a-w- C:\Windows\system32\ntoskrnl.exe 2010-06-08 17:35:03 . 2010-08-12 21:35:22 3600768 ----a-w- C:\Windows\system32\ntkrnlpa.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-23 20:45:42 39408] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 14:44:30 3883856] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 07:33:09 125952] "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 08:17:14 427328] "Google Update"="C:\Users\Arnoke\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-08-10 10:08:38 135664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 07:38:38 1008184] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 09:44:34 31072] "APVXDWIN"="C:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE" [2009-09-25 11:51:04 906496] "SCANINICIO"="C:\Program Files\Panda Security\Panda Internet Security 2010\Inicio.exe" [2009-08-12 08:23:20 56064] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-06-17 06:24:52 40368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="C:\Windows\SMINST\launcher.exe" [2006-11-07 15:39:18 44128] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-12-20 719664] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] 2008-03-18 15:58:10 58672 ----a-w- C:\Windows\System32\avldr.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\Windows\System32\APSHook.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-06-09 08:06:33 976832 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-06-17 06:24:52 40368 ----a-w- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS] 2003-12-22 18:12:00 17920 ----a-r- c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2008-01-19 07:33:09 125952 ----a-w- C:\Windows\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler] 2007-03-12 09:54:24 50696 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant] 2007-03-01 11:18:36 472776 ----a-w- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2007-02-12 14:37:58 174872 ----a-w- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 14:44:30 3883856 ----a-w- C:\Program Files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2009-10-03 10:40:00 13826664 ----a-w- C:\Windows\System32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl] 2007-02-13 09:38:36 159744 ----a-w- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService] 2007-04-23 16:11:20 176128 ----a-w- C:\Program Files\HP\QuickPlay\QPService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL] 2006-10-09 20:43:44 729088 ----a-w- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-02-18 09:43:18 248040 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-01-23 20:45:42 39408 ----a-w- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng] 2007-03-12 08:22:00 517768 ----a-w- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2010-05-27 20:31:22 1721640 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WAWifiMessage] 2007-01-10 14:12:08 317128 ----a-w- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\xpsysClient] 2010-01-27 05:10:26 69632 ----a-w- C:\Users\Arnoke\AppData\Local\xpsysClient\xpsysClient.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:d2,14,8e,e2,87,49,ca,01 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-832047836-1340904009-3617835092-1000] "EnableNotificationsRef"=dword:00000001 R2 gupdate;Google Updateservice (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-10 10:08:38 135664] R3 AvFlt;Antivirus Filter Driver;C:\Windows\system32\drivers\av5flt.sys [x] R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\mbamswissarmy.sys [2010-04-29 13:39:38 38224] R3 PavSRK.sys;PavSRK.sys;C:\Windows\system32\PavSRK.sys [x] R3 whfltr2k;WheelMouse USB Lower Filter Driver;C:\Windows\system32\DRIVERS\whfltr2k.sys [2007-01-25 15:45:02 6784] R4 sptd;sptd;C:\Windows\system32\Drivers\sptd.sys [2010-08-14 22:32:06 697328] S0 pavboot;Panda boot driver;C:\Windows\system32\Drivers\pavboot.sys [2009-06-30 09:37:16 28552] S0 ps7akt6c;Cycling Manager 2007 Synchronization Driver (ps7akt6c);C:\Windows\system32\drivers\ps7akt6c.sys [2007-09-28 09:32:36 68752] S1 APPFLT;App Filter Plugin;C:\Windows\system32\Drivers\APPFLT.SYS [2009-09-30 22:07:44 75016] S1 DSAFLT;DSA Filter Plugin;C:\Windows\system32\Drivers\DSAFLT.SYS [2009-06-16 12:32:58 53128] S1 FNETMON;NetMon Filter Plugin;C:\Windows\system32\Drivers\fnetmon.SYS [2008-03-28 10:25:06 22072] S1 IDSFLT;Ids Filter Plugin;C:\Windows\system32\Drivers\IDSFLT.SYS [2009-06-16 12:32:58 193800] S1 NETFLTDI;Panda Net Driver [TDI Layer];C:\Windows\system32\Drivers\NETFLTDI.SYS [2009-06-16 12:33:00 159112] S1 ShldDrv;Panda File Shield Driver;C:\Windows\system32\DRIVERS\ShlDrv51.sys [2008-03-04 14:59:42 41144] S1 WNMFLT;Wifi Monitor Filter Plugin;C:\Windows\system32\Drivers\WNMFLT.SYS [2009-06-16 12:33:02 46728] S2 AmFSM;AmFSM;C:\Windows\system32\DRIVERS\amm8660.sys [2009-08-06 11:29:16 49160] S2 ASBroker;Logon Session Broker;C:\Windows\System32\svchost.exe [2008-01-19 07:33:32 21504] S2 ASChannel;Local Communication Channel;C:\Windows\System32\svchost.exe [2008-01-19 07:33:32 21504] S2 ComFiltr;Panda Anti-Dialer;C:\Windows\system32\DRIVERS\COMFiltr.sys [2010-02-05 09:23:02 13880] S2 Gwmsrv;Panda Goodware Cache Manager;C:\Windows\system32\svchost [x] S2 PavProc;Panda Process Protection Driver;C:\Windows\system32\DRIVERS\PavProc.sys [2009-06-30 16:17:12 163336] S2 pgsql-8.3;PostgreSQL Database Server 8.3;C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [2008-02-01 02:02:26 65536] S2 PskSvcRetail;Panda PSK service;C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe [2009-08-25 12:28:20 28928] S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;C:\Windows\system32\Drivers\ATSwpWDF.sys [2008-10-02 15:42:24 482176] S3 NETIMFLT01060039;PANDA NDIS IM Filter Miniport v1.6.0.39;C:\Windows\system32\DRIVERS\neti1639.sys [2009-09-09 09:29:18 199432] S3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 14:40:22 3668480] S3 PavTPK.sys;PavTPK.sys;C:\Windows\system32\PavTPK.sys [x] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ Cognizance REG_MULTI_SZ ASBroker ASChannel LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache getPlusHelper REG_MULTI_SZ getPlusHelper panda REG_MULTI_SZ Gwmsrv . Inhoud van de 'Gedeelde Taken' map 2010-08-26 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-10 10:08:41 . 2010-08-10 10:08:38] 2010-08-26 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-10 10:08:41 . 2010-08-10 10:08:38] 2010-08-25 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-832047836-1340904009-3617835092-1000Core.job - C:\Users\Arnoke\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-25 15:21:48 . 2010-08-10 10:08:38] 2010-08-26 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-832047836-1340904009-3617835092-1000UA.job - C:\Users\Arnoke\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-25 15:21:48 . 2010-08-10 10:08:38] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://google.be/ IE: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: {7553CE3A-F183-497F-9E9E-F4E61E3283E1} = 192.168.0.1,192.168.0.2 . - - - - ORPHANS VERWIJDERD - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-POEngine5 - (no file) MSConfigStartUp-iTunesHelper - C:\Program Files\iTunes\iTunesHelper.exe MSConfigStartUp-QuickTime Task - C:\Program Files\QuickTime\QTTask.exe ActiveSetup-{BA73CF1E-CC06-B8EE-3E7D-06DDB7477F8C} - C:\Users\Arnoke\AppData\Local\Temp\RarSFX0\Tiltsetup.exe AddRemove-{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk - C:\Users\Arnoke\AppData\Roaming\Google\Google Talk\uninstall.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-26 22:44:26 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... ---------- Post toegevoegd om 21:15 ---------- Vorige post was om 21:13 ---------- En ineens maar een HJT logje erbij : ComboFix 10-08-25.01 - Arnoke 26/08/2010 20:49:24.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.1233 [GMT 2:00] Gestart vanuit: C:\Users\Arnoke\Desktop\ComboFix.exe AV: Norton Internet Security *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\WebScout Toolbar\tbHElper.dll C:\Windows\system32\wininit.exe . . . is geïnfecteerd!! . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-26 to 2010-08-26 )))))))))))))))))))))))))))))) . 2010-08-26 19:01:43 . 2010-08-26 19:01:43 -------- d-----w- C:\Users\postgress\AppData\Local\temp 2010-08-26 19:01:43 . 2010-08-26 19:01:43 -------- d-----w- C:\Users\postgres\AppData\Local\temp 2010-08-26 19:01:43 . 2010-08-26 19:01:43 -------- d-----w- C:\Users\hasabene\AppData\Local\temp 2010-08-26 19:01:42 . 2010-08-26 20:36:32 -------- d-----w- C:\Users\Arnoke\AppData\Local\temp 2010-08-26 17:32:36 . 2010-08-26 17:32:36 509552 ----a-w- C:\ProgramData\Google\Google Toolbar\Update\gtb7082.tmp.exe 2010-08-25 08:22:40 . 2010-08-25 08:22:40 509552 ----a-w- C:\ProgramData\Google\Google Toolbar\Update\gtb7F4E.tmp.exe 2010-08-24 08:31:32 . 2010-08-24 08:31:31 509552 ----a-w- C:\ProgramData\Google\Google Toolbar\Update\gtbA729.tmp.exe 2010-08-23 20:46:03 . 2010-08-23 20:46:03 -------- d-----w- C:\Program Files\EA GAMES 2010-08-23 20:25:38 . 2010-08-23 20:25:38 -------- d-----w- C:\Program Files\Common Files\EasyInfo 2010-08-23 09:43:17 . 2010-08-23 09:43:17 -------- d-----w- C:\Program Files\Free Offers from Freeze.com 2010-08-23 09:31:14 . 2010-08-23 09:37:33 3 ----a-w- C:\Windows\treeskp.sys 2010-08-23 09:31:14 . 2010-08-23 09:37:33 3 ----a-w- C:\Windows\sbacknt.bin 2010-08-23 09:31:07 . 2010-08-24 08:27:53 -------- d-----w- C:\Program Files\vghd 2010-08-23 09:31:07 . 2010-08-23 09:31:07 152904 ----a-w- C:\Windows\system32\vghd.scr 2010-08-22 19:27:01 . 2010-08-23 07:59:13 -------- d-----w- C:\Program Files\Sierra 2010-08-22 16:51:08 . 2010-04-29 13:39:38 38224 ----a-w- C:\Windows\system32\drivers\mbamswissarmy.sys 2010-08-22 16:51:07 . 2010-08-22 16:51:11 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware 2010-08-22 16:51:07 . 2010-04-29 13:39:26 20952 ----a-w- C:\Windows\system32\drivers\mbam.sys 2010-08-19 19:09:14 . 2010-08-19 19:09:15 -------- d-----w- C:\Program Files\PFPortChecker 2010-08-19 09:51:10 . 2010-08-24 19:02:50 -------- d-----w- C:\Program Files\Simple Port Forwarding 2010-08-19 09:51:10 . 2010-08-19 18:02:20 -------- d-----w- C:\Windows\Simple Port Forwarding 2010-08-18 17:23:48 . 2010-08-18 17:23:52 -------- d-----w- C:\Program Files\Recuva 2010-08-18 17:10:18 . 2010-08-18 17:10:18 388096 ----a-r- C:\Users\Arnoke\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-08-18 16:34:05 . 2010-08-18 16:34:58 -------- d-----w- C:\Program Files\Age of Empires 2 + The Conqueror 2010-08-18 16:27:03 . 2010-08-18 16:27:03 509552 ----a-w- C:\ProgramData\Google\Google Toolbar\Update\gtb4341.tmp.exe 2010-08-18 11:05:30 . 2010-08-18 11:05:30 224 ----a-w- C:\Users\Arnoke\AppData\Roaming\PFStaticIP\set_to_static.bat 2010-08-18 11:04:30 . 2010-08-19 17:35:15 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\PFStaticIP 2010-08-18 11:04:16 . 2010-08-18 11:04:16 -------- d-----w- C:\Program Files\PFStaticIP 2010-08-17 22:26:32 . 2010-08-17 22:26:34 -------- d-----w- C:\Program Files\DAEMON Tools Pro 2010-08-17 21:44:04 . 2010-08-17 21:44:10 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\GameRanger 2010-08-17 21:16:32 . 2010-08-17 21:16:32 509552 ----a-w- C:\ProgramData\Google\Google Toolbar\Update\gtb4A1A.tmp.exe 2010-08-17 10:43:45 . 2010-08-17 10:43:45 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\Need for Speed World 2010-08-17 10:29:16 . 2010-08-17 10:29:16 -------- d-----w- C:\Users\Arnoke\AppData\Local\Electronic_Arts_Inc 2010-08-17 08:16:48 . 2010-08-17 08:16:48 509552 ----a-w- C:\ProgramData\Google\Google Toolbar\Update\gtb6A98.tmp.exe 2010-08-15 08:41:10 . 2010-08-15 08:56:49 -------- d-----w- C:\Program Files\Cyanide 2010-08-14 22:31:11 . 2010-08-14 22:31:26 -------- d-----w- C:\ProgramData\DAEMON Tools Pro 2010-08-14 19:44:21 . 2010-08-14 20:28:02 -------- d-----w- C:\ProgramData\TmForever 2010-08-12 20:57:21 . 2010-08-12 20:57:21 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\Malwarebytes 2010-08-12 20:57:07 . 2010-08-12 20:57:07 -------- d-----w- C:\ProgramData\Malwarebytes 2010-08-12 19:53:00 . 2010-08-12 19:53:00 -------- d-----w- C:\Program Files\Trend Micro 2010-08-11 11:01:32 . 2010-08-11 11:01:32 -------- d-----w- C:\Program Files\Real 2010-08-11 11:01:28 . 2010-08-14 09:41:16 -------- d-----w- C:\Program Files\Common Files\Real 2010-08-11 10:49:55 . 2010-08-14 09:44:32 -------- d-----w- C:\ProgramData\VistaCodecs 2010-08-10 22:25:43 . 2010-08-10 22:25:43 56458 ----a-w- C:\ProgramData\DivX\DivXDecoderShortcut\Uninstaller.exe 2010-08-10 22:16:46 . 2010-08-10 22:16:46 54174 ----a-w- C:\ProgramData\DivX\DSAACDecoder\Uninstaller.exe 2010-08-10 22:13:06 . 2010-08-10 22:13:06 54153 ----a-w- C:\ProgramData\DivX\DFXPlugin\Uninstaller.exe 2010-08-10 22:02:31 . 2010-08-10 22:02:31 54128 ----a-w- C:\ProgramData\DivX\Converter\Uninstaller.exe 2010-08-10 11:40:04 . 2010-08-10 11:40:04 54644 ----a-w- C:\ProgramData\DivX\TranscodeEngine\Uninstaller.exe 2010-08-10 11:29:57 . 2010-08-10 11:29:57 54101 ----a-w- C:\ProgramData\DivX\MPEG2Plugin\Uninstaller.exe 2010-08-10 11:21:44 . 2010-08-10 11:21:44 57409 ----a-w- C:\ProgramData\DivX\ControlPanel\Uninstaller.exe 2010-08-10 11:11:50 . 2010-08-10 11:11:50 52963 ----a-w- C:\ProgramData\DivX\MSVC80CRTRedist\Uninstaller.exe 2010-08-10 10:10:38 . 2010-08-10 10:10:38 54073 ----a-w- C:\ProgramData\DivX\Qt4.5\Uninstaller.exe 2010-08-10 10:10:35 . 2010-08-10 10:12:39 -------- d-----w- C:\Program Files\Common Files\DivX Shared 2010-08-10 10:10:17 . 2010-08-10 10:10:17 56969 ----a-w- C:\ProgramData\DivX\ASPEncoder\Uninstaller.exe 2010-08-10 10:08:21 . 2010-08-10 10:08:21 144696 ----a-w- C:\ProgramData\DivX\RunAsUser\RUNASUSERPROCESS.exe 2010-08-10 09:47:20 . 2001-10-31 08:14:40 1122304 ----a-w- C:\Windows\system32\mplvpx.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 77824 ----a-w- C:\Windows\system32\mplaw7.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 77824 ----a-w- C:\Windows\system32\mplaa6.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 65536 ----a-w- C:\Windows\system32\mplapx.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 65536 ----a-w- C:\Windows\system32\mplam6.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 1650688 ----a-w- C:\Windows\system32\mplva6.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 1581056 ----a-w- C:\Windows\system32\mplvw7.dll 2010-08-10 09:47:19 . 2001-10-31 08:14:40 1552384 ----a-w- C:\Windows\system32\mplvm6.dll 2010-08-10 09:47:19 . 2001-09-17 10:20:02 19968 ----a-w- C:\Windows\system32\cpuinf32.dll 2010-08-10 08:42:27 . 2008-03-28 08:07:22 20992 ----a-w- C:\Users\Arnoke\AppData\Roaming\Convivea\Bit_Che\languages\compare.exe 2010-08-10 08:42:23 . 2010-08-10 08:42:23 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\Convivea 2010-08-10 08:42:23 . 2009-04-10 16:40:40 118784 ----a-w- C:\Users\Arnoke\AppData\Roaming\Convivea\Bit_Che\scripts\x.exe 2010-08-10 08:42:23 . 2007-07-11 17:43:04 24557 ----a-w- C:\Users\Arnoke\AppData\Roaming\Convivea\Bit_Che\scripts\special.exe 2010-08-10 08:42:23 . 2003-08-19 03:06:14 80896 ----a-w- C:\Users\Arnoke\AppData\Roaming\Convivea\Bit_Che\scripts\x.dll 2010-08-09 17:28:16 . 2010-08-09 17:28:16 -------- d-----w- C:\ProgramData\WindowsSearch 2010-08-05 13:10:35 . 2010-08-22 13:13:55 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\vlc 2010-08-05 12:56:23 . 2010-08-26 19:01:01 -------- d-----w- C:\Program Files\WebScout Toolbar 2010-08-05 12:29:41 . 2010-08-05 12:29:41 -------- d-----w- C:\Program Files\VideoLAN 2010-08-05 12:01:07 . 2010-08-24 21:48:52 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\BitTorrent 2010-08-05 12:00:52 . 2010-08-05 12:00:58 -------- d-----w- C:\Program Files\BitTorrent . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-26 20:39:00 . 2006-11-02 16:11:51 672924 ----a-w- C:\Windows\system32\perfh013.dat 2010-08-26 20:38:59 . 2006-11-02 16:11:51 129114 ----a-w- C:\Windows\system32\perfc013.dat 2010-08-26 20:34:17 . 2008-07-07 18:41:50 31966 ----a-w- C:\ProgramData\nvModes.dat 2010-08-26 18:44:31 . 2010-02-05 09:22:46 311732 ----a-w- C:\Windows\system32\drivers\APPFCONT.DAT.bck 2010-08-26 18:44:31 . 2010-02-05 09:22:46 311732 ----a-w- C:\Windows\system32\drivers\APPFCONT.DAT 2010-08-26 18:40:49 . 2007-09-01 01:11:36 1076 ----a-w- C:\Windows\bthservsdp.dat 2010-08-26 17:45:41 . 2009-06-12 05:43:31 -------- d-----w- C:\ProgramData\Electronic Arts 2010-08-26 17:33:03 . 2010-02-05 09:22:46 1132 ----a-w- C:\Windows\system32\drivers\APPFLTR.CFG.bck 2010-08-26 17:33:03 . 2010-02-05 09:22:46 1132 ----a-w- C:\Windows\system32\drivers\APPFLTR.CFG 2010-08-25 09:48:05 . 2008-08-31 09:54:01 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\LimeWire 2010-08-18 09:22:05 . 2008-10-31 18:49:16 111120 ----a-w- C:\Users\Arnoke\AppData\Local\GDIPFONTCACHEV1.DAT 2010-08-17 22:24:02 . 2006-11-02 12:37:34 -------- d-----w- C:\Program Files\Microsoft Games 2010-08-15 08:00:47 . 2009-02-02 20:08:14 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\DAEMON Tools Pro 2010-08-14 22:32:06 . 2008-08-31 09:58:56 697328 ----a-w- C:\Windows\system32\drivers\sptd.sys 2010-08-12 21:41:05 . 2008-09-12 18:04:56 -------- d-----w- C:\ProgramData\Microsoft Help 2010-08-12 21:37:40 . 2006-11-02 11:18:33 -------- d-----w- C:\Program Files\Windows Mail 2010-08-11 10:21:37 . 2008-08-22 21:27:39 -------- d-----w- C:\Program Files\Common Files\Apple 2010-08-10 22:25:43 . 2010-05-13 16:04:13 -------- d-----w- C:\ProgramData\DivX 2010-08-10 11:33:12 . 2010-05-13 16:27:16 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\DivX 2010-08-10 10:13:49 . 2007-06-26 16:25:53 -------- d-----w- C:\Program Files\Google 2010-08-05 11:55:45 . 2007-10-12 18:25:13 -------- d-----w- C:\Program Files\LimeWire 2010-07-31 12:12:51 . 2008-11-26 17:57:55 -------- d-----w- C:\Program Files\CCleaner 2010-07-18 15:18:02 . 2008-08-22 21:30:59 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\Apple Computer 2010-07-17 20:35:01 . 2010-07-17 20:33:50 -------- d-----w- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-07-17 20:29:56 . 2010-07-17 20:29:56 -------- d-----w- C:\Program Files\Apple Software Update 2010-07-17 20:25:24 . 2010-07-17 20:25:21 -------- d-----w- C:\Program Files\Bonjour 2010-07-04 08:33:51 . 2008-08-03 08:26:19 8484 ----a-w- C:\Users\Arnoke\AppData\Local\d3d9caps.dat 2010-07-02 15:49:21 . 2008-07-17 20:17:53 -------- d-----w- C:\Program Files\Common Files\Adobe 2010-07-02 15:23:05 . 2007-09-25 15:00:24 -------- d-----w- C:\ProgramData\Skype 2010-07-02 14:24:10 . 2010-03-24 15:48:09 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\Skype 2010-07-02 14:17:35 . 2009-05-20 13:16:42 -------- d-----w- C:\Users\Arnoke\AppData\Roaming\skypePM 2010-06-29 22:45:56 . 2010-06-29 22:45:56 1240800 ----a-w- C:\Users\Arnoke\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe 2010-06-29 22:43:10 . 2010-06-29 22:43:10 159456 ----a-w- C:\Users\Arnoke\AppData\Roaming\GameRanger\GameRanger\Data\GameRanger.dll 2010-06-26 06:05:49 . 2010-08-12 21:35:48 916480 ----a-w- C:\Windows\system32\wininet.dll 2010-06-26 06:02:15 . 2010-08-12 21:35:48 109056 ----a-w- C:\Windows\system32\iesysprep.dll 2010-06-26 06:02:15 . 2010-08-12 21:35:47 71680 ----a-w- C:\Windows\system32\iesetup.dll 2010-06-26 04:25:02 . 2010-08-12 21:35:47 133632 ----a-w- C:\Windows\system32\ieUnatt.exe 2010-06-21 13:37:03 . 2010-08-12 21:35:29 2037760 ----a-w- C:\Windows\system32\win32k.sys 2010-06-18 17:31:29 . 2010-08-12 21:35:31 36864 ----a-w- C:\Windows\system32\rtutils.dll 2010-06-18 15:04:57 . 2010-08-12 21:35:32 302080 ----a-w- C:\Windows\system32\drivers\srv.sys 2010-06-18 15:04:44 . 2010-08-12 21:35:32 144896 ----a-w- C:\Windows\system32\drivers\srv2.sys 2010-06-16 16:04:57 . 2010-08-12 21:35:45 905088 ----a-w- C:\Windows\system32\drivers\tcpip.sys 2010-06-11 16:16:20 . 2010-08-12 21:35:27 274944 ----a-w- C:\Windows\system32\schannel.dll 2010-06-11 16:15:06 . 2010-08-12 21:35:43 1248768 ----a-w- C:\Windows\system32\msxml3.dll 2010-06-08 17:35:04 . 2010-08-12 21:35:21 3548040 ----a-w- C:\Windows\system32\ntoskrnl.exe 2010-06-08 17:35:03 . 2010-08-12 21:35:22 3600768 ----a-w- C:\Windows\system32\ntkrnlpa.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-23 20:45:42 39408] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 14:44:30 3883856] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 07:33:09 125952] "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 08:17:14 427328] "Google Update"="C:\Users\Arnoke\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-08-10 10:08:38 135664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 07:38:38 1008184] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 09:44:34 31072] "APVXDWIN"="C:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE" [2009-09-25 11:51:04 906496] "SCANINICIO"="C:\Program Files\Panda Security\Panda Internet Security 2010\Inicio.exe" [2009-08-12 08:23:20 56064] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-06-17 06:24:52 40368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="C:\Windows\SMINST\launcher.exe" [2006-11-07 15:39:18 44128] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-12-20 719664] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] 2008-03-18 15:58:10 58672 ----a-w- C:\Windows\System32\avldr.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\Windows\System32\APSHook.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-06-09 08:06:33 976832 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-06-17 06:24:52 40368 ----a-w- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS] 2003-12-22 18:12:00 17920 ----a-r- c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2008-01-19 07:33:09 125952 ----a-w- C:\Windows\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler] 2007-03-12 09:54:24 50696 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant] 2007-03-01 11:18:36 472776 ----a-w- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2007-02-12 14:37:58 174872 ----a-w- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 14:44:30 3883856 ----a-w- C:\Program Files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2009-10-03 10:40:00 13826664 ----a-w- C:\Windows\System32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl] 2007-02-13 09:38:36 159744 ----a-w- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService] 2007-04-23 16:11:20 176128 ----a-w- C:\Program Files\HP\QuickPlay\QPService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL] 2006-10-09 20:43:44 729088 ----a-w- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-02-18 09:43:18 248040 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-01-23 20:45:42 39408 ----a-w- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng] 2007-03-12 08:22:00 517768 ----a-w- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2010-05-27 20:31:22 1721640 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WAWifiMessage] 2007-01-10 14:12:08 317128 ----a-w- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\xpsysClient] 2010-01-27 05:10:26 69632 ----a-w- C:\Users\Arnoke\AppData\Local\xpsysClient\xpsysClient.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:d2,14,8e,e2,87,49,ca,01 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-832047836-1340904009-3617835092-1000] "EnableNotificationsRef"=dword:00000001 R2 gupdate;Google Updateservice (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-10 10:08:38 135664] R3 AvFlt;Antivirus Filter Driver;C:\Windows\system32\drivers\av5flt.sys [x] R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\mbamswissarmy.sys [2010-04-29 13:39:38 38224] R3 PavSRK.sys;PavSRK.sys;C:\Windows\system32\PavSRK.sys [x] R3 whfltr2k;WheelMouse USB Lower Filter Driver;C:\Windows\system32\DRIVERS\whfltr2k.sys [2007-01-25 15:45:02 6784] R4 sptd;sptd;C:\Windows\system32\Drivers\sptd.sys [2010-08-14 22:32:06 697328] S0 pavboot;Panda boot driver;C:\Windows\system32\Drivers\pavboot.sys [2009-06-30 09:37:16 28552] S0 ps7akt6c;Cycling Manager 2007 Synchronization Driver (ps7akt6c);C:\Windows\system32\drivers\ps7akt6c.sys [2007-09-28 09:32:36 68752] S1 APPFLT;App Filter Plugin;C:\Windows\system32\Drivers\APPFLT.SYS [2009-09-30 22:07:44 75016] S1 DSAFLT;DSA Filter Plugin;C:\Windows\system32\Drivers\DSAFLT.SYS [2009-06-16 12:32:58 53128] S1 FNETMON;NetMon Filter Plugin;C:\Windows\system32\Drivers\fnetmon.SYS [2008-03-28 10:25:06 22072] S1 IDSFLT;Ids Filter Plugin;C:\Windows\system32\Drivers\IDSFLT.SYS [2009-06-16 12:32:58 193800] S1 NETFLTDI;Panda Net Driver [TDI Layer];C:\Windows\system32\Drivers\NETFLTDI.SYS [2009-06-16 12:33:00 159112] S1 ShldDrv;Panda File Shield Driver;C:\Windows\system32\DRIVERS\ShlDrv51.sys [2008-03-04 14:59:42 41144] S1 WNMFLT;Wifi Monitor Filter Plugin;C:\Windows\system32\Drivers\WNMFLT.SYS [2009-06-16 12:33:02 46728] S2 AmFSM;AmFSM;C:\Windows\system32\DRIVERS\amm8660.sys [2009-08-06 11:29:16 49160] S2 ASBroker;Logon Session Broker;C:\Windows\System32\svchost.exe [2008-01-19 07:33:32 21504] S2 ASChannel;Local Communication Channel;C:\Windows\System32\svchost.exe [2008-01-19 07:33:32 21504] S2 ComFiltr;Panda Anti-Dialer;C:\Windows\system32\DRIVERS\COMFiltr.sys [2010-02-05 09:23:02 13880] S2 Gwmsrv;Panda Goodware Cache Manager;C:\Windows\system32\svchost [x] S2 PavProc;Panda Process Protection Driver;C:\Windows\system32\DRIVERS\PavProc.sys [2009-06-30 16:17:12 163336] S2 pgsql-8.3;PostgreSQL Database Server 8.3;C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [2008-02-01 02:02:26 65536] S2 PskSvcRetail;Panda PSK service;C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe [2009-08-25 12:28:20 28928] S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;C:\Windows\system32\Drivers\ATSwpWDF.sys [2008-10-02 15:42:24 482176] S3 NETIMFLT01060039;PANDA NDIS IM Filter Miniport v1.6.0.39;C:\Windows\system32\DRIVERS\neti1639.sys [2009-09-09 09:29:18 199432] S3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 14:40:22 3668480] S3 PavTPK.sys;PavTPK.sys;C:\Windows\system32\PavTPK.sys [x] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ Cognizance REG_MULTI_SZ ASBroker ASChannel LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache getPlusHelper REG_MULTI_SZ getPlusHelper panda REG_MULTI_SZ Gwmsrv . Inhoud van de 'Gedeelde Taken' map 2010-08-26 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-10 10:08:41 . 2010-08-10 10:08:38] 2010-08-26 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-10 10:08:41 . 2010-08-10 10:08:38] 2010-08-25 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-832047836-1340904009-3617835092-1000Core.job - C:\Users\Arnoke\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-25 15:21:48 . 2010-08-10 10:08:38] 2010-08-26 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-832047836-1340904009-3617835092-1000UA.job - C:\Users\Arnoke\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-25 15:21:48 . 2010-08-10 10:08:38] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://google.be/ IE: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: {7553CE3A-F183-497F-9E9E-F4E61E3283E1} = 192.168.0.1,192.168.0.2 . - - - - ORPHANS VERWIJDERD - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-POEngine5 - (no file) MSConfigStartUp-iTunesHelper - C:\Program Files\iTunes\iTunesHelper.exe MSConfigStartUp-QuickTime Task - C:\Program Files\QuickTime\QTTask.exe ActiveSetup-{BA73CF1E-CC06-B8EE-3E7D-06DDB7477F8C} - C:\Users\Arnoke\AppData\Local\Temp\RarSFX0\Tiltsetup.exe AddRemove-{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk - C:\Users\Arnoke\AppData\Roaming\Google\Google Talk\uninstall.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-26 22:44:26 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ...
  6. Eurne
    Ben nu weer een uur weggeweest en zal kijken of hij al opgestart is.
  7. Eurne
    Combofix heeft gescand, en is de pc nu aant het heropstarten. Het duurt echter al zo'n 20 minuten dat hij aan het afmelden is, probleem ? Pc dit stuur ik vanop een andere pc.
  8. Eurne
    Hij loopt op sommige momenten gewoon heel traag. Echt vastzitten doet hij niet, maar soms duurt het erg lang voor een internetpagina wordt geladen. Heb laatste tijd wel veel games en films gedownload, misschien dat het hierdoor komt ?
  9. Eurne
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:17:37, on 12/08/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2010\WebProxy.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Panda Security\Panda Internet Security 2010\ApVxdWin.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Panda Security\Panda Internet Security 2010\PavBckPT.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Consumer | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2010\Inicio.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-832047836-1340904009-3617835092-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgress') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - AppInit_DLLs: APSHook.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\pavsrvx86.exe O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda internet security 2010\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe -- End of file - 12152 bytes
  10. Eurne
    Heb opnieuw het gevoel dat ie weer traag begint te lopen/ meer vast begint te zitten. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:17:37, on 12/08/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2010\WebProxy.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Panda Security\Panda Internet Security 2010\ApVxdWin.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Panda Security\Panda Internet Security 2010\PavBckPT.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Consumer | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2010\Inicio.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-832047836-1340904009-3617835092-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgress') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - AppInit_DLLs: APSHook.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\pavsrvx86.exe O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda internet security 2010\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe -- End of file - 12152 bytes
  11. Eurne
    Ik wil poorten openzetten om games online deftig te kunnen spelen. Games zoals Age of Empires II, Need For Speed World, etc...
  12. Eurne
    Mijn LAN ip is idd 192.168.0.1 Als ik die link open is het IP : 81.164.12.182 Ik snap het principe van Port forwarden wel, maar ik weet niet welk ip adres ik moet invullen ? Is dat het bovenste of het onderste ?
  13. Eurne
    Ok het is gelukt. Ik heb hieronder even de belangrijke zaken gezet. Nu geeft hij 2 verschillende IP's aan. Eentje bij mijn draadloze verbinding en eentje bij mijn LAN-verbinding. Welk is dan het juiste IP adres om poorten te kunnen forwarden ? Adapter voor draadloos LAN Draadloze Netwerkverbinding IPv4-adres : 192.168.0.101 (voorkeur) Subnetmasker : 255.255.255.0 Standaard Gateway : 192.168.0.1 DNS-servers : 192.168.0.1 Ethernet-adapter LAN Verbinding IPv4-adres : 192.168.0.100 (voorkeur) Subnetmasker : 255.255.255.0 Standaard Gateway : 192.168.0.1 DNS-servers : 192.168.0.1
  14. Eurne
    Ok thx voor de snelle reactie ! Wat bedoel je juist met cmd ?
  15. Eurne
    Hoi Kape, Ik heb een nieuw vraagje, maar wist niet goed in welk subforum ik het moest posten. Daarom post ik het maar snel even hier. Ik vroeg me al een tijdje af of ik wel op de juiste manier mijn poorten forward. Ik heb hier al handleidingen over gelezen, maar ik weet niet zeker of ik mijn juiste IP adres invul. Waar kan ik het juiste IP adres vinden dat ik moet invullen voor mijn poorten te forwarden ? Groeten, Arno
  16. Eurne
    Done Laptop loopt nu weer heel goed ! Thx voor de hulp.
  17. Eurne
    Hey, Het lukt precies al een stukje beter (lees: de laptop zit nog niet vast na een uur spelen) Zijn er nog 'trucjes' die ik ineens kan doen om hem nog properder te maken, of is dat totaal overbodig ?
  18. Eurne
    Ok, klinkt goed. Kan vandaag niet op mijn laptop maar zal morgen eens proberen en kijken of hij weer normaal doet
  19. Eurne
    Alstublief Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:17:37, on 12/08/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2010\WebProxy.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Panda Security\Panda Internet Security 2010\ApVxdWin.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Panda Security\Panda Internet Security 2010\PavBckPT.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2010\Inicio.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-832047836-1340904009-3617835092-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgress') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - AppInit_DLLs: APSHook.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\pavsrvx86.exe O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda internet security 2010\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe -- End of file - 12152 bytes Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4423 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18928 12/08/2010 23:10:15 mbam-log-2010-08-12 (23-10-15).txt Scantype: Snelle scan Objecten gescand: 157558 Verstreken tijd: 6 minuut/minuten, 26 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 1 Registerwaarden geïnfecteerd: 1 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 3 Bestanden geïnfecteerd: 9 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\Software\hotbarsa (Adware.Hotbar) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\hotbar@hotbar.com (Adware.Hotbar) -> Quarantined and deleted successfully. Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully. C:\ProgramData\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\ProgramData\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> Quarantined and deleted successfully. C:\ProgramData\HotbarSA\HotbarSAAbout.mht (Adware.Hotbar) -> Quarantined and deleted successfully. C:\ProgramData\HotbarSA\HotbarSAau.dat (Adware.Hotbar) -> Quarantined and deleted successfully. C:\ProgramData\HotbarSA\HotbarSAEULA.mht (Adware.Hotbar) -> Quarantined and deleted successfully. C:\ProgramData\HotbarSA\HotbarSA_kyf.dat (Adware.Hotbar) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\About Hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Customer Support Center.lnk (Adware.Hotbar) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Reset Cursor.lnk (Adware.Hotbar) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Uninstall Hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
  20. Eurne
    Hier is hij. Ben blij dat de laptop niet vast zat voor ik dit hier kon krijgen Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:54:42, on 12/08/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2010\WebProxy.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Panda Security\Panda Internet Security 2010\ApVxdWin.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wuauclt.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Panda Security\Panda Internet Security 2010\PavBckPT.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\WebScout Toolbar\tbcore3.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: WebScout Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\WebScout Toolbar\tbcore3.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2010\Inicio.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.21022; .NET CLR 3.5.30729; InfoPath.2; OfficeLiveConnector.1.4; OfficeLivePatch.1.3; .NET CLR 3.0.30729)" -"Paard Rijden - Spele.nl - De leukste spelletjes site van Nederland!" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-832047836-1340904009-3617835092-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgress') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - AppInit_DLLs: APSHook.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\pavsrvx86.exe O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Cycling Manager 2007 Drivers Auto Removal (pr2akt6c) (pr2akt6c) - Cyanide - C:\Windows\system32\pr2akt6c.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda internet security 2010\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe -- End of file - 13537 bytes
  21. Eurne
    Ok, thx voor de snelle reactie. Zal het straks als ik thuiskom meteen proberen.
  22. Eurne
    Hoi, Ik ben nieuw en in dit topic wil ik mijn vorderingen bijhouden. Mijn laptop is de laatste maand steeds meer vast beginnen lopen. Meestal kan ik zo'n 10 minuten vlot intetten/downloaden/etc... , maar op een bepaald moment zit hij vast. Hierna kan ik op niets meer klikken of hij reageert helemaal niet meer. Dan duurt het altijd even voor hij weer reageert, maar als ik dan opnieuw op iets klik, zit hij weer volledig vast. Vanaf dan is het onmogelijk om voort te werken, en moet ik de pc heropstarten. Na 10 minuten begint hetzelfde verhaal weer. Ik ga eerst de bovenstaande sticky's is uitgebreid lezen en kijken hoe ik de laptop kan verschonen. Hier zal ik dan updates geven en de logjes plaatsen (waarop ik hopelijk reactie krijg). Groeten, Arno (Eurne)
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.