Hieronder de Logjes van Combofix en Hijackthis.
Ik heb trouwens na het Uitvoeren van Combofix de Computer opnieuw opgestart omdat na die tijd de hele Modem nog steeds eruit lag, maar nu werkt dat ook weer.
ComboFix 09-01-02.01 - Tijmen 2009-01-04 16:28:38.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.511.193
Gestart vanuit: c:\documents and settings\Tijmen\Mijn documenten\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\RefVirus.exe
.
(((((((((((((((((((( Bestanden Gemaakt van 2008-12-04 to 2009-01-04 ))))))))))))))))))))))))))))))
.
2100-04-01 16:22 . 2008-12-14 16:12 194 –a—— c:\windows\X83_DS.ini
2100-02-24 13:15 . 2001-04-02 15:30 821 –a—— c:\windows\Lexmark_ICM.ini
2100-02-16 15:09 . 2001-02-16 14:37 62 –a—— c:\windows\system32\LXASUSCI.INI
2009-01-03 20:32 . 2009-01-03 20:32 d——– c:\program files\Malwarebytes' Anti-Malware
2009-01-03 20:32 . 2009-01-03 20:32 d——– c:\documents and settings\Tijmen\Application Data\Malwarebytes
2009-01-03 20:32 . 2009-01-03 20:32 d——– c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-03 20:32 . 2008-12-03 19:52 38,496 –a—— c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-03 20:32 . 2008-12-03 19:52 15,504 –a—— c:\windows\system32\drivers\mbam.sys
2009-01-03 20:27 . 2009-01-03 20:27 d——– c:\program files\Trend Micro
2008-12-31 18:41 . 2008-12-31 18:41 31 –a—— c:\windows\wininit.ini
2008-12-28 17:39 . 2008-12-28 17:39 d–h—– C:\$AVG8.VAULT$
2008-12-24 19:26 . 2008-12-24 19:26 d——– c:\documents and settings\All Users\Application Data\TEMP
2008-12-24 15:46 . 2008-12-24 15:46 3,580 –a—— c:\windows\system32\d3d9caps.dat
2008-12-24 15:16 . 2008-12-24 15:56 d——– C:\OpenMPT-1.17.02.48
2008-12-21 15:21 . 2008-12-21 15:21 d——– C:\Nasm-2.06rc1-win32
2008-12-19 18:45 . 2008-12-19 18:45 d——– c:\documents and settings\Tijmen\Application Data\Apple Computer
2008-12-19 18:44 . 2008-12-19 18:44 d——– c:\program files\iTunes
2008-12-19 18:44 . 2008-12-19 18:44 d——– c:\program files\iPod
2008-12-19 18:44 . 2008-12-19 18:44 d——– c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-19 18:44 . 2008-04-17 13:12 107,368 –a—— c:\windows\system32\GEARAspi.dll
2008-12-19 18:44 . 2008-04-17 13:12 15,464 –a—— c:\windows\system32\drivers\GEARAspiWDM.sys
2008-12-19 18:43 . 2008-12-19 18:43 d——– c:\program files\Bonjour
2008-12-19 18:42 . 2008-12-19 18:43 d——– c:\program files\QuickTime
2008-12-19 18:42 . 2008-12-19 18:44 d——– c:\documents and settings\All Users\Application Data\Apple Computer
2008-12-19 18:41 . 2008-12-19 18:41 d——– c:\program files\Common Files\Apple
2008-12-19 18:41 . 2008-12-19 18:41 d——– c:\program files\Apple Software Update
2008-12-19 18:41 . 2008-12-19 18:41 d——– c:\documents and settings\All Users\Application Data\Apple
2008-12-19 18:41 . 2008-11-07 14:23 32,000 –a—— c:\windows\system32\drivers\usbaapl.sys
2008-12-17 16:14 . 2008-12-17 17:14 d——– C:\Wolfendoom
2008-12-14 16:18 . 2008-12-19 12:46 d——– C:\zdoom-2.2.0
2008-12-13 19:47 . 2003-02-19 15:06 438,272 –a—— c:\windows\system32\cmcs21.ocx
2008-12-13 19:47 . 2003-02-19 15:07 303,104 –a—— c:\windows\system32\cmcs21.dll
2008-12-13 19:47 . 2004-02-08 19:55 180,132 –a—— c:\windows\system32\GDIPlus.tlb
2008-12-12 19:22 . 2008-12-12 19:22 97,928 –a—— c:\windows\system32\drivers\avgldx86.sys
2008-12-12 19:22 . 2008-12-12 19:22 76,040 –a—— c:\windows\system32\drivers\avgtdix.sys
2008-12-12 19:22 . 2008-12-12 19:22 10,520 –a—— c:\windows\system32\avgrsstx.dll
2008-12-12 19:21 . 2009-01-03 18:52 d——– c:\windows\system32\drivers\Avg
2008-12-12 16:19 . 2008-12-12 19:21 d——– c:\documents and settings\All Users\Application Data\Avg8
2008-12-09 16:58 . 2008-12-09 16:58 410,984 –a—— c:\windows\system32\deploytk.dll
2008-12-06 14:33 . 2008-12-06 18:58 610 –a—— c:\windows\eReg.dat
2008-12-06 14:23 . 2008-12-06 14:25 d——– c:\program files\Maxis
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-04 15:18 ——— d—–w c:\documents and settings\Tijmen\Application Data\skypePM
2009-01-04 15:18 ——— d—–w c:\documents and settings\Tijmen\Application Data\Skype
2009-01-03 18:09 ——— d—–w c:\documents and settings\Tijmen\Application Data\LimeWire
2008-12-18 17:49 ——— d—–w c:\program files\DOSBox-0.72
2008-12-18 15:47 ——— d—–w c:\program files\Google
2008-12-13 06:39 3,593,216 ——w c:\windows\system32\dllcache\mshtml.dll
2008-12-12 15:04 ——— d—–w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-12-09 15:58 ——— d—–w c:\program files\Java
2008-12-06 13:25 ——— d–h–w c:\program files\InstallShield Installation Information
2008-11-24 19:42 ——— d—–w c:\documents and settings\All Users\Application Data\DVD Shrink
2008-11-24 19:39 ——— d—–w c:\program files\DVD Shrink
2008-11-24 17:11 ——— d—–w c:\program files\Spybot - Search & Destroy
2008-11-24 17:11 ——— d—–w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-24 17:11 ——— d—–w c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-22 14:05 ——— d—–w c:\program files\Lavasoft
2008-11-12 15:04 ——— d—–w c:\program files\Audacity
2008-11-08 19:29 ——— d—–w c:\program files\Notepad++
2008-10-24 11:21 455,296 ——w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 12:43 286,720 —-a-w c:\windows\system32\gdi32.dll
2008-10-23 12:43 286,720 ——w c:\windows\system32\dllcache\gdi32.dll
2008-10-16 13:14 70,656 ——w c:\windows\system32\dllcache\ie4uinit.exe
2008-10-16 13:13 202,776 —-a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 202,776 —-a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 13:13 1,809,944 —-a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 —-a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 13:12 561,688 —-a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 561,688 —-a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 —-a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 323,608 —-a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 13:11 13,824 ——w c:\windows\system32\dllcache\ieudinit.exe
2008-10-16 13:09 92,696 —-a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 —-a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 —-a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 51,224 —-a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 —-a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 —-a-w c:\windows\system32\wups.dll
2008-10-16 13:08 34,328 —-a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 13:06 268,648 —-a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 —-a-w c:\windows\system32\muweb.dll
2008-10-15 16:37 337,408 ——w c:\windows\system32\dllcache\netapi32.dll
2008-10-15 07:06 633,632 ——w c:\windows\system32\dllcache\iexplore.exe
2008-10-15 07:04 161,792 ——w c:\windows\system32\dllcache\ieakui.dll
2008-05-10 14:27 32,768 –sha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008042820080505\index.dat
2008-05-10 14:27 32,768 –sha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008051020080511\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
“ctfmon.exe”=“c:\windows\system32\ctfmon.exe”
“swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
“MsnMsgr”=“c:\program files\Windows Live\Messenger\MsnMsgr.Exe”
“Skype”=“c:\program files\Skype\Phone\Skype.exe”
“ATIPTA”=“c:\ati technologies\ATI Control Panel\atiptaxx.exe”
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe”
“NeroFilterCheck”=“c:\windows\system32\NeroCheck.exe”
“PinnacleDriverCheck”=“c:\windows\system32\PSDrvCheck.exe”
“QuickTime Task”=“c:\program files\QuickTime\QTTask.exe”
“Lexmark X83 Button Monitor”=“c:\progra~1\LEXMAR~1\ACMonitor_X83.exe”
“Lexmark X83 Button Manager”=“c:\progra~1\LEXMAR~1\AcBtnMgr_X83.exe”
“PrinTray”=“c:\windows\System32\spool\DRIVERS\W32X86\3\printray.exe”
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
“TkBellExe”=“c:\program files\Common Files\Real\Update_OB\realsched.exe”
“AVG8_TRAY”=“c:\progra~1\AVG\AVG8\avgtray.exe”
“iTunesHelper”=“c:\program files\iTunes\iTunesHelper.exe”
“ATIModeChange”=“Ati2mdxx.exe”
“CTFMON.EXE”=“c:\windows\System32\CTFMON.EXE”
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Gigaset WLAN Adapter Monitor.lnk - c:\program files\Siemens\Gigaset USB Adapter 108\Gcc.exe
“AppInit_DLLs”=avgrsstx.dll
“VIDC.MJPG”= Pvmjpg30.dll
“%windir%\\system32\\sessmgr.exe”=
“c:\\WINDOWS\\system32\\dpvsetup.exe”=
“%windir%\\Network Diagnostic\\xpnetdiag.exe”=
“c:\\Program Files\\microsoft office\\Office12\\ONENOTE.EXE”=
“c:\\Program Files\\LimeWire\\LimeWire.exe”=
“c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe”=
“c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe”=
“c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe”=
“c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe”=
“c:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe”=
“c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe”=
“c:\\Program Files\\Windows Live\\Messenger\\livecall.exe”=
“c:\\Program Files\\AVG\\AVG8\\avgemc.exe”=
“c:\\Program Files\\AVG\\AVG8\\avgupd.exe”=
“c:\\Program Files\\Bonjour\\mDNSResponder.exe”=
“c:\\Program Files\\iTunes\\iTunes.exe”=
“c:\\Program Files\\Skype\\Phone\\Skype.exe”=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys
R1 vcsmpdrv;vcsmpdrv;c:\windows\system32\drivers\vcsmpdrv.sys
R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe
R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe
R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys
R4 VCSSecS;Virtual CD v4 Security service (SDK - Version);c:\program files\Virtual CD v4 SDK\System\vcssecs.exe
S1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe
S3 PIXMCVA;JVC PIX-MCV Audio Capture;c:\windows\system32\drivers\pixmcva.sys
S3 PIXMCVV;JVC PIX-MCV Video Capture;c:\windows\system32\drivers\pixmcvv.sys
S4 BulkUsb;Genesys Logic USB Scanner Controller NT 5.0;c:\windows\system32\drivers\usbscan.sys
*Newly Created Service* - PROCEXP90
.
Inhoud van de ‘Gedeelde Taken’ map
2008-12-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe
.
- - - - ORPHANS VERWIJDERD - - - -
HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
HKCU-Run-Sonic RecordNow! - (no file)
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.startpagina.nl/
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
c:\windows\Downloaded Program Files\ewidoOnlineScan.dll - O16 -: {193C772A-87BE-4B19-A7BB-445B226FE9A1}
hxxp://downloads.ewido.net/ewidoOnlineScan.cab
c:\windows\Downloaded Program Files\sIKNPlayer.ocx - O16 -: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A}
hxxp://www.kerkomroep.nl/ocx/sIKNPlayer.cab
c:\windows\Downloaded Program Files\zylomgamesplayer.dll - O16 -: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}
hxxp://game07.zylom.com/activex/zylomgamesplayer.cab
c:\windows\Downloaded Program Files\ZylomGamesPlayer.inf
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-04 16:33:02
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen …
scannen van verborgen autostart items …
scannen van verborgen bestanden …
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
——————— DLLs Geladen Onder Lopende Processen ———————
- - - - - - - > ‘winlogon.exe’(1032)
c:\windows\system32\avgrsstx.dll
c:\program files\Funk Software\Odyssey Client\odLogin.dll
- - - - - - - > ‘lsass.exe’(1096)
c:\windows\system32\avgrsstx.dll
.
Voltooingstijd: 2009-01-04 16:34:37
ComboFix-quarantined-files.txt 2009-01-04 15:34:05
Pre-Run: 166.539.251.712 bytes beschikbaar
Post-Run: 167,357,362,176 bytes beschikbaar
206 — E O F — 2008-12-12 15:04:34
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:45:24, on 4-1-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Siemens\Gigaset USB Adapter 108\Gcc.exe
C:\Program Files\Siemens\Gigaset USB Adapter 108\OdHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: Ati2mdxx.exe
O4 - HKLM\..\Run: C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM\..\Run: C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM\..\Run: C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” /background
O4 - HKCU\..\Run: “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: Gigaset WLAN Adapter Monitor.lnk = C:\Program Files\Siemens\Gigaset USB Adapter 108\Gcc.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\nl.htm
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} (sIKN Speler) - http://www.kerkomroep.nl/ocx/sIKNPlayer.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
–
End of file - 9597 bytes
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
