Archief - messenger => windows update

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.

Lefky

Legacy Member
killerk1ng zei:
wel,
enkele weken geleden wou ik me zoals elke dag op messenger inloggen maar het ging niet...
er was iets fout met mijn fire-wall of proxy instellingen...
na even dingen te onderzoeken vond ik uiteindelijk geen oplossing en heb dan maar de hele boel verwijdert.
toen ik het opnieuw wou installeeren kwam de installer zeggen dat het niet ging (verder niets, zelfs geen foutcode).
ook kan ik nu niet meer downloaden via de microsoft sites (raar?? :confused:)
ik heb er aanmeldhulp intussen ook al af gegooid, iemand had me dit aangeraden...
en ik durf eigenlijk niet de andere live componenten te verwijderen omdat ik ze dan misschien ook niet meer kan installeren...

normaal kan ik wel met mijn pc problemen overweg, maar nu ben ik eigenlijk wel zo'n beetje hopeloos :(

ik hoop dat iemand hier een goede oplossing voor weet...
alvast bedankt

killerk1ng zei:
datum staat op vandaag :D
bij updat krijg ik deze fout...
"WindowsUpdate_80072EFD" "WindowsUpdate_dt000"
ik gebruik symantec antivirus maar daar zit denk ik geen fire-wall in dus...
http://itcweb.ecsu.edu/portal/images/symantec01.jpg

Dook-E zei:
360 zag pas in 2007 het licht dus, betwijfel het.

Exit bedoelt een hijackthislog .
Lees ook eerst eens deze link:

Mogelijk zit je inderdaad met spyware zoals hier het geval is.
Gelijkaardig probleem opgelost door zo'n log te posten.

Het programma waarmee je dit doet download je hier. Volg bij het installen en het maken van een log wel strikt de instructies zodat je niets fout doet :)
Hier vind je nog meer informatie die je mogelijk kan helpen.

Je kan misschien ook al eens een scan doen met Spybot Search & Destroy of dergelijke.

In ieder geval, een nieuwe (en betere) scanner als norton zou geen overbodige luxe zijn alsook af en toe een scan met een antispyware programme.

Als je voor de problemen begonnen nieuwe software of dergelijke geïnstalleerd hebt kan je ook altijd proberen of systeemherstel niets uithaalt? Soms doet dit echter meer slecht dan goed dus.. probeer eerst met een log op voorgenoemd forum of hier (zal je denk ik sneller geholpen worden) en bekijk het vandaar.
defender werkt ook niet meer...

nu heb ik dus de raad van hijackthis te downloaden en te laten scannen gevolgd en hier is mijn log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:48:52, on 31/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HomeCinema\PlayMovie\PMVService.exe
C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Netlog
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\HomeCinema\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [TVEService] "C:\Program Files\HomeCinema\TV Enhance\TVEService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [pp] c:\windows\pp06.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Netlog Music Tool] "C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1434392864-2945226569-1167240740-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-1434392864-2945226569-1167240740-1000\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-1434392864-2945226569-1167240740-1000\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-1434392864-2945226569-1167240740-1000\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-1434392864-2945226569-1167240740-1000\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-1434392864-2945226569-1167240740-1000\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.19\AMVConverter\grab.html
O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Zuma/Images/stg_drm.ocx
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://play.battlefield-heroes.com/static/updater/BFHUpdater_4.0.15.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AA8CEA4-9576-4F6A-AF68-4CE00A840A67}: NameServer = 85.255.115.85,85.255.112.236
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B854B33-7232-4F56-AC28-D403A7985592}: NameServer = 85.255.115.85,85.255.112.236
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.85,85.255.112.236
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AA8CEA4-9576-4F6A-AF68-4CE00A840A67}: NameServer = 85.255.115.85,85.255.112.236
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.85,85.255.112.236
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 15033 bytes


hopelijk zijn jullie er iets mee en kan ik die problemen eindelijk vergeten

Juisterr

Legacy Member
Voer de volgende acties eerst uit:
Schakel tijdelijk Windows Defender uit
Want deze kan voor stoorzender spelen bij het fixen met HJT (de fix terug ongedaan maken)
* Open Windows Defender > Klik Tools
* Klik "General Settings" of Options
* Scroll naar "Real Time Protection Options"
* Haal het vinkje weg bij "Turn on Real Time Protection (recommended)" > Klik "Save"
* Sluit Windows Defender
(als de problemen over zijn, logje weer schoon verklaard is, kan je 'm weer aanzetten)

Klik met de rechtermuis op het programma Hijackthis en kies voor "Uitvoeren als Administrator"
Kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AA8CEA4-9576-4F6A-AF68-4CE00A840A67}: NameServer = 85.255.115.85,85.255.112.236
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B854B33-7232-4F56-AC28-D403A7985592}: NameServer = 85.255.115.85,85.255.112.236
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.85,85.255.112.236
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AA8CEA4-9576-4F6A-AF68-4CE00A840A67}: NameServer = 85.255.115.85,85.255.112.236
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.85,85.255.112.236

Klik op 'Fix checked' om de items te verwijderen.



Download MalwareBytes' Anti-Malware en sla het op je bureaublad op.
Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg dat er na de installatie een vinkje is geplaatst bij:
  • Update MalwareBytes' Anti-Malware
  • Start MalwareBytes' Anti-Malware
Klik daarna op "Voltooien".
Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.
  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  • Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  • Druk vervolgens op "Scannen" om de scan te starten.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Plaats dit logje samen met een nieuw logje van HijackThis.

Lefky

Legacy Member
heb exact gedaan wat je zei...
de resultaten...


dit is van hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:16:30, on 1/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HomeCinema\PlayMovie\PMVService.exe
C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\aMSN\bin\wish.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Netlog
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\HomeCinema\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [TVEService] "C:\Program Files\HomeCinema\TV Enhance\TVEService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Netlog Music Tool] "C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [amsn] C:\Program Files\aMSN\amsn.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1434392864-2945226569-1167240740-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-1434392864-2945226569-1167240740-1000\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-1434392864-2945226569-1167240740-1000\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-1434392864-2945226569-1167240740-1000\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-1434392864-2945226569-1167240740-1000\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-1434392864-2945226569-1167240740-1000\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.19\AMVConverter\grab.html
O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Zuma/Images/stg_drm.ocx
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://play.battlefield-heroes.com/static/updater/BFHUpdater_4.0.15.0.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 14423 bytes




en dit van mbam:

Malwarebytes' Anti-Malware 1.37
Database versie: 2182
Windows 6.0.6001 Service Pack 1

1/06/2009 20:03:28
mbam-log-2009-06-01 (20-03-28).txt

Scan type: Snelle Scan
Objecten gescand: 116739
Verstreken tijd: 12 minute(s), 53 second(s)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 2
Registerwaarden geïnfecteerd: 1
Registerdata bestanden geïnfecteerd: 6
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 2

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\aquaplay (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pp (Backdoor.Bot) -> Quarantined and deleted successfully.

Registerdata bestanden geïnfecteerd:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2aa8cea4-9576-4f6a-af68-4ce00a840a67}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.85,85.255.112.236 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{2aa8cea4-9576-4f6a-af68-4ce00a840a67}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.85,85.255.112.236 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.85,85.255.112.236 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{2aa8cea4-9576-4f6a-af68-4ce00a840a67}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.85,85.255.112.236 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{2aa8cea4-9576-4f6a-af68-4ce00a840a67}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.85,85.255.112.236 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{2b854b33-7232-4f56-ac28-d403a7985592}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.85,85.255.112.236 -> Quarantined and deleted successfully.

Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:
c:\Windows\t55ft3105f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\Windows\9g2234wesdf3dfgjf23 (Worm.KoobFace) -> Quarantined and deleted successfully.

Lefky

Legacy Member
het werkt trouwens nog steeds niet...
ik krijg weer die WindowsUpdate_80072EFD fout...

Juisterr

Legacy Member
Tja U is / was geinfecteerd met een dns hijacker, misschien is zelfs de router meebesmet.

Download Combofix naar je Bureaublad en gebruik het volgens deze handleiding.
OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
  • Dubbelklik op Combofix.exe om het te starten.
  • Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
  • Klik op OK in het "NirCmd" venstertje.
  • Klik na afloop terug op Ja om het scannen op malware te starten.
  • Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
  • Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.
Post dit logje in je volgende antwoord

Lefky

Legacy Member
ik heb 1 klein probleempje...
ik had op mn pc bullguard geinstalleerd gekregen als trial
deze trial is al lang afgelopen maar blijkt dat bullguard nog actief is...
heb op veel mogelijke manieren geprobeerd hem uit te zetten maar dit werkt niet
gewoon verder doen? of is er toch een manier om hem uit te zetten?

is het normaal dat mn pc 2X piept bij dit programma? ^^

Lefky

Legacy Member
ComboFix 09-05-31.06 - Senne 08/06/2009 12:28.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.32.1043.18.2045.1166 [GMT 2:00]
Gestart vanuit: c:\users\Senne\Desktop\ComboFix.exe
AV: BullGuard Antivirus *On-access scanning enabled* (Updated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}
AV: Symantec AntiVirus *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
SP: Symantec AntiVirus *disabled* (Updated) {6C85A515-B91D-4D2B-AF18-40984A4A8493}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
c:\users\Senne\AppData\Local\Microsoft\Windows\Temporary Internet Files\ijjistarter_verinfo.dat
c:\users\Senne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videos.url
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_gaopdxserv.sys


(((((((((((((((((((( Bestanden Gemaakt van 2009-05-08 to 2009-06-08 ))))))))))))))))))))))))))))))
.

2009-06-08 10:37 . 2009-06-08 10:37 -------- d-----w- c:\users\Wim\AppData\Local\temp
2009-06-08 10:37 . 2009-06-08 10:37 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2009-06-08 10:37 . 2009-06-08 10:37 -------- d-----w- c:\users\Lisse\AppData\Local\temp
2009-06-08 10:37 . 2009-06-08 10:37 -------- d-----w- c:\users\Krista\AppData\Local\temp
2009-06-07 05:47 . 2009-06-07 14:52 -------- d-----w- c:\users\Krista\Tracing
2009-06-05 18:01 . 2009-03-16 08:00 1181040 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\NAVEX32A.DLL
2009-06-05 18:01 . 2009-03-16 08:00 89104 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\NAVENG.SYS
2009-06-05 18:01 . 2009-03-16 08:00 876144 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\NAVEX15.SYS
2009-06-05 18:01 . 2009-03-16 08:00 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\NAVENG32.DLL
2009-06-05 18:01 . 2009-03-16 08:00 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\EECTRL.SYS
2009-06-05 18:01 . 2009-03-16 08:00 2414128 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\CCERASER.DLL
2009-06-05 18:01 . 2009-03-16 08:00 101936 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\ERASER.SYS
2009-06-05 18:01 . 2008-11-20 09:00 259368 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\ECMSVR32.DLL
2009-06-05 17:21 . 2009-06-08 10:16 -------- d-----w- c:\users\Senne\Tracing
2009-06-05 17:12 . 2009-06-05 17:12 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-06-05 17:07 . 2009-06-05 17:12 -------- d-----w- c:\program files\Microsoft
2009-06-05 17:07 . 2009-06-05 17:07 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-06-05 11:32 . 2009-06-05 11:32 -------- d-----w- c:\program files\iPod
2009-06-05 11:30 . 2009-06-05 11:30 -------- d-----w- c:\program files\QuickTime
2009-06-05 11:24 . 2009-06-05 11:24 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-01 17:46 . 2009-06-01 17:46 -------- d-----w- c:\users\Senne\AppData\Roaming\Malwarebytes
2009-06-01 17:46 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-01 17:46 . 2009-06-01 17:46 -------- d-----w- c:\programdata\Malwarebytes
2009-06-01 17:46 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-01 17:46 . 2009-06-01 17:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-31 16:46 . 2009-05-31 16:46 -------- d-----w- c:\program files\Trend Micro
2009-05-30 19:19 . 2009-06-05 17:47 -------- d-----w- c:\users\Senne\amsn
2009-05-30 19:18 . 2009-05-30 19:19 -------- d-----w- c:\program files\aMSN
2009-05-29 19:22 . 2009-03-16 08:00 1181040 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090529.003\NAVEX32A.DLL
2009-05-29 19:22 . 2009-03-16 08:00 89104 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090529.003\NAVENG.SYS
2009-05-29 19:22 . 2009-03-16 08:00 876144 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090529.003\NAVEX15.SYS
2009-05-29 19:22 . 2009-03-16 08:00 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090529.003\EECTRL.SYS
2009-05-29 19:22 . 2009-03-16 08:00 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090529.003\NAVENG32.DLL
2009-05-29 19:22 . 2009-03-16 08:00 101936 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090529.003\ERASER.SYS
2009-05-29 19:22 . 2008-11-20 09:00 259368 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090529.003\ECMSVR32.DLL
2009-05-29 19:22 . 2009-03-16 08:00 2414128 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090529.003\CCERASER.DLL
2009-05-23 06:55 . 2006-12-07 08:45 110592 ----a-w- c:\users\Wim\AppData\Roaming\U3\temp\cleanup.exe
2009-05-23 06:32 . 2006-12-07 08:45 3096576 ---ha-w- c:\users\Wim\AppData\Roaming\U3\temp\Launchpad Removal.exe
2009-05-23 06:32 . 2009-05-24 09:01 -------- d-----w- c:\users\Wim\AppData\Roaming\U3
2009-05-22 15:44 . 2009-05-22 15:44 -------- d-----w- c:\program files\XnFoto
2009-05-21 22:51 . 2009-05-21 22:51 41808 ----a-w- c:\windows\system32\xfcodec.dll
2009-05-21 15:09 . 2009-05-21 15:09 -------- d-----w- c:\users\Lisse\AppData\Local\Mozilla
2009-05-18 12:58 . 2009-05-18 12:58 -------- d-----w- c:\users\Krista\AppData\Local\Netlog
2009-05-18 12:57 . 2009-05-18 12:57 -------- d-----w- c:\users\Krista\AppData\Roaming\Apple Computer

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-08 10:18 . 2008-07-28 12:29 -------- d-----w- c:\programdata\Google Updater
2009-06-07 19:14 . 2007-12-10 18:20 -------- d-----w- c:\users\Senne\AppData\Roaming\Xfire
2009-06-07 19:12 . 2007-12-01 16:21 139984 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-06-07 19:07 . 2007-12-01 16:21 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-06-05 17:12 . 2007-11-30 19:14 -------- d-----w- c:\program files\Windows Live
2009-06-05 17:12 . 2007-11-30 19:18 -------- d-----w- c:\program files\Windows Live Toolbar
2009-06-05 16:36 . 2007-11-30 19:13 -------- d-----w- c:\programdata\WLInstaller
2009-06-05 11:32 . 2008-10-07 16:56 -------- d-----w- c:\program files\iTunes
2009-06-05 11:32 . 2008-01-16 13:30 -------- d-----w- c:\program files\Common Files\Apple
2009-06-05 11:07 . 2007-12-13 16:26 7592 ----a-w- c:\users\Senne\AppData\Local\d3d9caps.dat
2009-06-03 18:43 . 2007-12-10 18:20 -------- d-----w- c:\programdata\Xfire
2009-06-02 03:27 . 2007-12-10 17:20 7592 ----a-w- c:\users\Wim\AppData\Local\d3d9caps.dat
2009-05-28 18:20 . 2007-12-10 18:20 -------- d-----w- c:\program files\Xfire
2009-05-26 17:44 . 2006-11-02 16:11 677216 ----a-w- c:\windows\system32\perfh013.dat
2009-05-26 17:44 . 2006-11-02 16:11 131568 ----a-w- c:\windows\system32\perfc013.dat
2009-05-24 16:00 . 2008-10-03 14:11 -------- d-----w- c:\program files\Norton Security Scan
2009-05-23 10:33 . 2007-12-09 19:35 7592 ----a-w- c:\users\Krista\AppData\Local\d3d9caps.dat
2009-05-22 17:47 . 2008-05-17 12:07 -------- d-----w- c:\users\Senne\AppData\Roaming\U3
2009-05-21 18:09 . 2007-10-12 10:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-21 17:53 . 2007-12-05 13:41 -------- d-----w- c:\users\Senne\AppData\Roaming\LimeWire
2009-05-21 14:26 . 2007-12-03 17:34 116552 ----a-w- c:\users\Lisse\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-19 19:59 . 2007-11-28 14:22 116552 ----a-w- c:\users\Wim\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-18 13:58 . 2008-01-15 17:37 -------- d-----w- c:\users\Krista\AppData\Roaming\LimeWire
2009-05-18 12:40 . 2008-04-02 10:15 -------- d-----w- c:\program files\LimeWire
2009-05-16 16:44 . 2008-04-21 17:59 -------- d-----w- c:\program files\Messenger Plus! Live
2009-05-13 10:02 . 2007-11-30 18:14 116552 ----a-w- c:\users\Senne\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-13 09:48 . 2007-11-30 19:02 116552 ----a-w- c:\users\Krista\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-12 18:08 . 2007-10-12 14:40 -------- d-----w- c:\programdata\Microsoft Help
2009-05-10 19:13 . 2008-09-14 17:31 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-04-17 13:32 . 2009-04-17 13:32 -------- d-----w- c:\users\Senne\AppData\Roaming\InstallShield Installation Information
2009-04-17 13:08 . 2009-04-17 13:32 331776 ----a-w- c:\users\Senne\AppData\Roaming\InstallShield Installation Information\{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}\SetupUT3.exe
2009-04-17 13:01 . 2009-04-17 13:00 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-16 13:51 . 2009-04-16 11:59 960600988 ----a-w- c:\programdata\Xfire\downloads\UT3TitanPack.exe
2009-04-16 12:53 . 2009-04-16 11:44 324451446 ----a-w- c:\programdata\Xfire\downloads\UT3Patch4.exe
2009-04-16 12:13 . 2009-04-16 11:31 245713542 ----a-w- c:\programdata\Xfire\downloads\UT3Patch2.exe
2009-04-16 12:06 . 2009-04-16 12:06 -------- d-----w- c:\program files\AGEIA Technologies
2009-04-16 12:05 . 2008-08-31 16:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-04-16 11:43 . 2009-04-15 19:55 777027962 ----a-w- c:\programdata\Xfire\downloads\UT3BetaDemo.exe
2009-04-13 15:11 . 2009-04-10 09:34 609608161 ----a-w- c:\programdata\Xfire\downloads\CoDWaW-1.2-1.4-PatchSetup.exe
2009-04-09 20:25 . 2009-04-09 19:39 301782093 ----a-w- c:\programdata\Xfire\downloads\BF2142_Update_1.25.exe
2009-04-09 17:34 . 2009-04-08 20:04 550815505 ----a-w- c:\programdata\Xfire\downloads\BF2142_Update_1.50.exe
2009-03-19 14:32 . 2009-04-17 13:01 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-16 08:00 . 2009-03-16 08:00 89104 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\naveng.sys
2009-03-16 08:00 . 2009-03-16 08:00 876144 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\navex15.sys
2009-03-16 08:00 . 2009-03-16 08:00 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\eeCtrl.sys
2009-03-16 08:00 . 2009-03-16 08:00 2414128 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\cceraser.dll
2009-03-16 08:00 . 2009-03-16 08:00 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\naveng32.dll
2009-03-16 08:00 . 2009-03-16 08:00 1181040 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\navex32a.dll
2009-03-16 08:00 . 2009-03-16 08:00 101936 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\ERASER.sys
2007-12-04 18:13 . 2007-12-04 18:13 774144 ----a-w- c:\program files\RngInterstitial.dll
2008-09-24 12:01 . 2008-09-24 12:01 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

Lefky

Legacy Member
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-15 202024]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-28 68856]
"Netlog Music Tool"="c:\program files\Netlog Music Tool\NetlogMusicTool.exe" [2009-01-29 1728456]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"amsn"="c:\program files\aMSN\amsn.exe" [2006-11-24 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-08 178712]
"PlayMovie"="c:\program files\HomeCinema\PlayMovie\PMVService.exe" [2007-09-06 172032]
"TVEService"="c:\program files\HomeCinema\TV Enhance\TVEService.exe" [2007-10-19 155648]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NMSSupport"="c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2007-06-27 439512]
"CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2007-06-27 215256]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-24 29744]
"toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-07 136600]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-22 107112]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-11-28 134808]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 92704]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-08-17 4702208]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-08-03 1826816]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

c:\users\Krista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]

c:\users\Senne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{7D4572D2-8784-406B-A5F8-4D2D5959C3C3}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{FFADDC61-246B-4985-9A66-50351C78F6D6}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{BD442D80-F6A8-4E44-BF50-2BB661868316}"= c:\program files\HomeCinema\MakeDisc\MakeDisc.exe:CyberLink MakeDisc
"{479B7605-D7C1-40EB-866C-1F816A936502}"= c:\program files\HomeCinema\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{834381FE-4A86-42B6-9025-A9EA9A897E6A}"= c:\program files\HomeCinema\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"{6F7DA96B-65A6-4D93-8569-105A8004B34A}"= c:\program files\HomeCinema\PlayMovie\PlayMovie.exe:CyberLink PlayMovie
"{9874179B-856A-493B-B0E7-2C2C4F241086}"= c:\program files\HomeCinema\PlayMovie\PMVService.exe:CyberLink PlayMovie Resident Program
"{B3DC6501-85BD-4D6B-8A21-2EE7D6E54250}"= c:\program files\HomeCinema\TV Enhance\TVEnhance.exe:CyberLink TVEnhance
"{2DFA07BE-2E80-41D3-B69E-CAF3BA56EC46}"= c:\program files\HomeCinema\TV Enhance\TVEService.exe:CyberLink TVEnhance Resident Program
"{0067636D-7D2F-4707-8CB4-164DFE37708A}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{0AC563FE-73AB-4E7D-9434-FE2CE8BFD2E4}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{A6F46304-C70D-44E1-944D-363EC61546C7}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{60F88230-0875-4610-86B3-B34D241498C1}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{8804CBB5-0A30-4D96-9866-1B42D55149F1}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{96862587-0EAB-4733-B7C2-602B67B9AAC1}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{A7A4D408-9B61-4A73-B305-4B3BC5F83616}"= TCP:Profile=Private|Profile=Public|9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery
"{4F8EDC2E-FB1E-489D-BDBF-BD540B1952A6}"= TCP:Profile=Private|Profile=Public|1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery
"{4A7D9DE3-4DA3-4391-B347-DC1E6AC9E995}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{CFBBDE77-C7B0-4494-9945-5524496C2071}c:\\program files\\maiet\\gunz\\gunzlauncher.exe"= UDP:c:\program files\maiet\gunz\gunzlauncher.exe:GunzLauncher
"UDP Query User{CBFEF2EA-8EA9-40E6-911E-22EE6757B881}c:\\program files\\maiet\\gunz\\gunzlauncher.exe"= TCP:c:\program files\maiet\gunz\gunzlauncher.exe:GunzLauncher
"{A44FEF2B-A3DE-46D8-9DFA-3F8B6CEC0196}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{1A1A2428-C80D-4AE1-9905-76EFA5AF1E38}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{7044ACC7-B00C-49F3-930D-82F687A2165C}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{22166507-B023-4508-920F-92A0A854CA2A}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{0A161E3C-7FC8-4589-946D-DA416700A018}c:\\windows\\temp\\navbrowser.exe"= UDP:c:\windows\temp\navbrowser.exe:navbrowser.exe
"UDP Query User{38F33F8D-0E1B-4A62-BA44-A326FE29DBFA}c:\\windows\\temp\\navbrowser.exe"= TCP:c:\windows\temp\navbrowser.exe:navbrowser.exe
"TCP Query User{6C854139-F803-4522-9B80-34174A5D22E2}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{12A22430-54DA-477E-95C8-2C0082502DA2}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"TCP Query User{9C176CEE-02B9-4E62-986D-A46BCAF46EB0}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{58D05A86-0DAD-4158-BCE2-4C8BDBE0211C}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"{73DA52A7-9063-4482-8E13-355E2862F7CA}"= UDP:c:\program files\Sony\Media Manager for PSP 2.5\MediaManager.exe:Media Manager for PSP 2.5
"{294A1990-DE5E-4911-8E98-1C46CAA2A0B3}"= TCP:c:\program files\Sony\Media Manager for PSP 2.5\MediaManager.exe:Media Manager for PSP 2.5
"TCP Query User{5434A160-710E-4AAD-9C84-448ADD1370C1}c:\\ijji\\english\\gunz\\gunz.exe"= UDP:c:\ijji\english\gunz\gunz.exe:Gunz
"UDP Query User{22E6A561-7FC1-4623-9E95-0F533593674B}c:\\ijji\\english\\gunz\\gunz.exe"= TCP:c:\ijji\english\gunz\gunz.exe:Gunz
"{0E77F6F3-9784-4C98-8F82-DA704257774C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{499D12C1-C94C-44CC-AF47-AF48BF0E423C}"= UDP:c:\program files\Symantec AntiVirus\Rtvscan.exe:Symantec Antivirus
"{D4ACCA09-2BBB-4521-88C9-7CC0C56FC3E9}"= TCP:c:\program files\Symantec AntiVirus\Rtvscan.exe:Symantec Antivirus
"{DC06A7BF-E951-4403-A2D4-823AE10786AE}"= UDP:c:\program files\Common Files\Symantec Shared\ccApp.exe:Symantec Email
"{D6BB3BAC-2CAD-4C1B-9953-9CF3B35E974C}"= TCP:c:\program files\Common Files\Symantec Shared\ccApp.exe:Symantec Email
"{F67761F9-79C1-47A5-89E8-6594D51515AA}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{E8306A48-7F67-4C33-9EBC-3D590C759CA3}c:\\program files\\hamachi\\hamachi.exe"= UDP:c:\program files\hamachi\hamachi.exe:Hamachi Client
"UDP Query User{345DDD85-AE98-42FE-AA10-B7821FBE1FB2}c:\\program files\\hamachi\\hamachi.exe"= TCP:c:\program files\hamachi\hamachi.exe:Hamachi Client
"TCP Query User{0C7B7917-A946-4C3D-AACD-2529E89742CB}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{655B1A11-5EAC-4E7F-A4E6-2F8CB0AACC11}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{7C067FA4-3F9D-4A31-8A20-B9DD4478DB2D}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{F088FC9A-BBE2-443E-92D0-AD32830FF3CE}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{B1CA6872-14E1-43B4-B9D6-0643C7B7C1F9}"= UDP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{9BA6F1E7-34CB-44D9-84C8-4796AFC655A8}"= TCP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{65E274D0-437A-4A78-977C-BE3408449854}"= UDP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{BAF7D800-71B2-46B2-A2C4-0CFA6659B176}"= TCP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{F5AA9F84-BF78-472B-AD5B-71FCDC9319E4}"= UDP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{977D7B23-7E97-40D5-AD78-B7F64D823E2C}"= TCP:c:\program files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"TCP Query User{330906D2-7FDA-437B-83CC-56B53859360A}c:\\ijji\\english\\u_gunz.exe"= UDP:c:\ijji\english\u_gunz.exe:<ijji Downloader>
"UDP Query User{B78B6161-2176-44AD-9935-EAA05A71CAAB}c:\\ijji\\english\\u_gunz.exe"= TCP:c:\ijji\english\u_gunz.exe:<ijji Downloader>
"TCP Query User{2DD1A918-172D-4AB8-BB4C-BBEFEAB81D46}c:\\users\\senne\\desktop\\gunz\\gunz\\gunzlauncher.exe"= UDP:c:\users\senne\desktop\gunz\gunz\gunzlauncher.exe:gunzlauncher.exe
"UDP Query User{5A333AA3-5FF9-4033-ADB4-CC51B4042066}c:\\users\\senne\\desktop\\gunz\\gunz\\gunzlauncher.exe"= TCP:c:\users\senne\desktop\gunz\gunz\gunzlauncher.exe:gunzlauncher.exe
"TCP Query User{1701B69D-3A1A-487C-A6B4-698A69154D87}c:\\users\\senne\\desktop\\gunz\\gunz\\gunz.exe"= UDP:c:\users\senne\desktop\gunz\gunz\gunz.exe:gunz.exe
"UDP Query User{738ECB17-2194-42AE-B285-1497FC098ECB}c:\\users\\senne\\desktop\\gunz\\gunz\\gunz.exe"= TCP:c:\users\senne\desktop\gunz\gunz\gunz.exe:gunz.exe
"TCP Query User{8F15471E-A969-4336-AB62-7ABB91A7CEBD}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{BED2270D-B7AA-4C7F-9969-C06B79AF6B88}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"TCP Query User{447824F0-36FD-4D67-8ADE-FD89A22804D2}c:\\users\\senne\\appdata\\locallow\\garagegames\\iaplayer\\products\\www_instantaction_com\\6000\\install\\cyclomite.exe"= UDP:c:\users\senne\appdata\locallow\garagegames\iaplayer\products\www_instantaction_com\6000\install\cyclomite.exe:cyclomite.exe
"UDP Query User{6EA98E36-C2D6-420D-BE2D-C242479E7562}c:\\users\\senne\\appdata\\locallow\\garagegames\\iaplayer\\products\\www_instantaction_com\\6000\\install\\cyclomite.exe"= TCP:c:\users\senne\appdata\locallow\garagegames\iaplayer\products\www_instantaction_com\6000\install\cyclomite.exe:cyclomite.exe
"TCP Query User{F12F8359-1F5E-4255-B3F7-8D9467BAA2B8}c:\\program files\\america's army\\system\\armyops.exe"= UDP:c:\program files\america's army\system\armyops.exe:ArmyOps
"UDP Query User{3A6F2CDF-FF60-46D1-9CC1-1B9CCB80BD66}c:\\program files\\america's army\\system\\armyops.exe"= TCP:c:\program files\america's army\system\armyops.exe:ArmyOps
"{26221B6F-3CD9-44F6-8EFA-9479C1EC418B}"= UDP:c:\users\Senne\AppData\Local\Temp\PurpleBean.exe:PurpleBean.exe
"{8F907B74-0CDF-46B8-9D23-35D5562A3F25}"= TCP:c:\users\Senne\AppData\Local\Temp\PurpleBean.exe:PurpleBean.exe
"TCP Query User{2FD3D782-09AE-4C26-9BAE-C41FE7387B1F}c:\\ijji\\english\\u_sf\\soldierfront.exe"= UDP:c:\ijji\english\u_sf\soldierfront.exe:soldierfront
"UDP Query User{BBF09F98-B650-4BF5-A567-14CEF732D3AE}c:\\ijji\\english\\u_sf\\soldierfront.exe"= TCP:c:\ijji\english\u_sf\soldierfront.exe:soldierfront
"{5B1CA806-A29A-4E87-B8CE-690ED3B61E59}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{FDFA6157-5B67-4E91-83BE-D982D8F693BB}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{D8ADF845-1240-479C-9E43-547FEE730DC8}"= UDP:i:\senne\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{38120345-71F7-4291-B389-1A4304FF5A4E}"= TCP:i:\senne\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{E3F084E8-D6AE-4E8F-B6CD-A679422D39BC}"= UDP:i:\senne\GAMES\ACTIVISION - CoD\CoD4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{87B59741-C9EF-44F2-89C2-69E42268BF63}"= TCP:i:\senne\GAMES\ACTIVISION - CoD\CoD4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{B861C777-1038-46EE-BB90-996B18AE98CB}"= UDP:i:\senne\GAMES\ACTIVISION - CoD\CoD5\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{0E9435CC-6B78-40BA-BE5D-D261089CFDF7}"= TCP:i:\senne\GAMES\ACTIVISION - CoD\CoD5\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{5D49AC23-71DF-4616-92CE-4D7BA38EFBE1}"= UDP:i:\senne\GAMES\ACTIVISION - CoD\CoD5\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{28FD928D-2540-4137-93EB-664CAAE77633}"= TCP:i:\senne\GAMES\ACTIVISION - CoD\CoD5\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{32F8E709-B824-4754-9EB1-8F93E8C83CF6}"= UDP:j:\senne\GAMES\ACTIVISION - CoD\CoD5\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{B3FC3F10-A424-44F7-92DA-47FBAD60C740}"= TCP:j:\senne\GAMES\ACTIVISION - CoD\CoD5\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{AD7CA662-A506-477D-8857-18BC399C33EF}"= UDP:j:\senne\GAMES\ACTIVISION - CoD\CoD5\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{CD10D1B4-348D-4001-BF3A-51BE989FE568}"= TCP:j:\senne\GAMES\ACTIVISION - CoD\CoD5\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{91478C10-128A-4AC3-8F61-008733205770}"= UDP:j:\senne\GAMES\HAWX demo\Game\HAWX.exe:Tom Clancy's H.A.W.X
"{2E32E3C2-CCCB-4C07-8C9F-34EE7AE71DA2}"= TCP:j:\senne\GAMES\HAWX demo\Game\HAWX.exe:Tom Clancy's H.A.W.X
"{403673D5-0D3F-43DC-A30A-AA6A2FECF252}"= UDP:j:\senne\GAMES\HAWX demo\Game\HAWX_dx10.exe:Tom Clancy's H.A.W.X
"{6164E795-BFB5-4708-A76A-B62B41E91DD2}"= TCP:j:\senne\GAMES\HAWX demo\Game\HAWX_dx10.exe:Tom Clancy's H.A.W.X
"{32AF958B-A12A-4BE1-BCE7-557CAB8423B4}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{4693B1F6-D60D-44AB-B2C2-557934FC354E}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{815B222B-2B87-449A-87E2-9A13E51D4A78}"= UDP:k:\senne\GAMES\BF 2142\BF2142.exe:Battlefield 2
"{C773B308-0590-424E-B3C2-F95E066C035A}"= TCP:k:\senne\GAMES\BF 2142\BF2142.exe:Battlefield 2
"{625FFCC4-F9C1-414F-B9C9-0C028420796D}"= UDP:k:\senne\GAMES\ACTIVISION - CoD\CoD5\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{1DDF146A-3E0A-4E40-9B01-B2211D046BAD}"= TCP:k:\senne\GAMES\ACTIVISION - CoD\CoD5\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{55BA70F3-53D2-4B31-9B59-D06F2AD1882F}"= UDP:k:\senne\GAMES\ACTIVISION - CoD\CoD5\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{60549CC6-5724-486C-8639-7AC2704A8033}"= TCP:k:\senne\GAMES\ACTIVISION - CoD\CoD5\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{B48632FC-4B2F-4CEB-9948-361F534C1805}"= UDP:k:\senne\GAMES\UT3\Binaries\UT3.exe:Unreal Tournament 3
"{452F0000-8C35-4DE8-AEF9-39B0120C7704}"= TCP:k:\senne\GAMES\UT3\Binaries\UT3.exe:Unreal Tournament 3
"TCP Query User{2485CAD0-4314-40E1-8D29-B397F7014B4E}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= Disabled:UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{9CD1B3E5-AF15-4254-8294-6A45CE2389B5}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= Disabled:TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{1FC6D7CB-06E3-4D3B-9474-6265D93165AD}c:\\program files\\amsn\\bin\\wish.exe"= UDP:c:\program files\amsn\bin\wish.exe:Wish Application
"UDP Query User{7C4637EB-32A0-4F66-828C-22107B87BD44}c:\\program files\\amsn\\bin\\wish.exe"= TCP:c:\program files\amsn\bin\wish.exe:Wish Application
"{F9699F1B-9395-47B5-B69E-217FDE5D0566}"= UDP:c:\windows\System32\WindowsAnytimeUpgrade.exe:Windows Anytime Upgrade
"{50F205CE-AAE6-48CF-B142-B552BDB195CB}"= TCP:c:\windows\System32\WindowsAnytimeUpgrade.exe:Windows Anytime Upgrade
"{0FAF5FA8-20FF-4D5A-9DEC-EF37FD15334D}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{CF228231-E6E3-4D9A-BD55-1E87703A1042}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{2DB97F32-5775-48DD-BC88-A0938777837C}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\HomeCinema\PlayMovie\000.fcl [24/10/2007 16:30 41456]
R2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [12/02/2007 11:46 208896]
R2 NMSCore;Intel(R) NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [27/06/2007 10:14 317656]
R2 nmsunidr;UniDriver for NMS;c:\windows\System32\drivers\nmsunidr.sys [18/02/2007 20:34 5376]
R2 QualityManager;Intel(R) Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe [27/06/2007 10:17 272600]
R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [24/10/2007 16:31 290909]
R2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [24/10/2007 16:31 114779]
R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\System32\drivers\3xHybrid.sys [9/10/2007 23:26 1242976]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [27/02/2009 21:04 101936]
R3 IntelDH;IntelDH Driver;c:\windows\System32\drivers\IntelDH.sys [24/10/2007 18:07 5632]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr28u.sys [9/10/2007 23:26 554496]
R3 X10Hid;X10 Hid Device;c:\windows\System32\drivers\x10hid.sys [12/10/2007 13:28 13976]
S3 DHTRACE;Intel(R) DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [27/06/2007 10:15 39640]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [28/11/2007 16:13 29744]
S3 MobileAdapter;Huawei Mobile Adapter USB Modem and USB Serial;c:\windows\System32\drivers\hmvmdm.sys [6/10/2008 19:46 101504]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [28/11/2006 7:34 122008]
.
Inhoud van de 'Gedeelde Taken' map

2009-06-08 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-11-28 16:33]

2009-06-03 c:\windows\Tasks\Norton Security Scan for Senne.job
- c:\program files\Norton Security Scan\Nss.exe [2008-09-19 02:18]
.
- - - - ORPHANS VERWIJDERD - - - -

HKCU-Run-BullGuard - c:\program files\BullGuard Software\BullGuard\BullGuard.exe
HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe
SafeBoot-procexp90.Sys


.
------- Bijkomende Scan -------
.
uStart Page = hxxp://nl.netlog.com/
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = http=localhost:7171
IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.19\AMVConverter\grab.html
IE: Add to Windows &Live Favorites - Sign In
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://play.battlefield-heroes.com/static/updater/BFHUpdater_4.0.15.0.cab
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-06-08 12:48
Windows 6.0.6001 Service Pack 1 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\HomeCinema\PlayMovie\000.fcl"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\HomeCinema\PowerDVD\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-1434392864-2945226569-1167240740-1002\Software\Sony Creative Software\M*e*d*i*a* *M*a*n*a*g*e*r* *f*o*r* *P*S*P*"!\2.5]
"FRT"="LPvYP1HunVBjzCbfxprB6++ZdcJvXf4l+O8dwZ18/rsk329fbW9DwA=="
"PLCK"="5JnLYNRalgM271jCeCsfCgYBFKwxwRJD"
"Percents"="0 0.0752 0.2569 0.4404 0.7643 0.8416 0.8453 "
"Increment"=".007576"
"PHSH"=""

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Intel\IntelDH\CCU\AlertService.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\System32\PnkBstrA.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\windows\System32\WUDFHost.exe
c:\progra~1\COMMON~1\X10\Common\X10nets.exe
c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe
c:\program files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
c:\windows\System32\conime.exe
c:\program files\Symantec AntiVirus\VPTray.exe
c:\windows\System32\rundll32.exe
c:\program files\Intel\IntelDH\CCU\CCU_Engine.exe
c:\program files\aMSN\bin\wish.exe
c:\windows\ehome\ehmsas.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
c:\windows\ehome\mcupdate.exe
.
**************************************************************************
.
Voltooingstijd: 2009-06-08 12:53 - machine werd herstart
ComboFix-quarantined-files.txt 2009-06-08 10:53

Pre-Run: 289.661.526.016 bytes beschikbaar
Post-Run: 294.511.923.200 bytes beschikbaar

404 --- E O F --- 2009-01-22 17:01

Juisterr

Legacy Member
Je kan beter alleen de vista firewall gebruiken die is best hoor.

Lefky

Legacy Member
ik heb hem al eens uit gezet maar het ging nog niet...
ik heb wel iets van een 10000 verschillende soorten oplossingen voor het probleem gevonden :oink:

Juisterr

Legacy Member
Download OTM (by OldTimer) naar je Bureaublad.
* Dubbelklik op OTM.exe om de tool te starten.
* Kopiëer (selecteren en druk Ctrl-C) alle onderstaande, code tekst :
Code:
:Processes

:Services
:Reg
:Files

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
* Plak de gekopiëerde tekst (druk Ctrl-V) in het "Paste List of Files/Folders to be moved" venster
* Klik op de rode MoveIt! knop
* Kopiëer en plak de inhoud van het rechter resultaat-venster in je volgende antwoord,
(of het logje dat je terugvindt als C:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log).
* Sluit OTM
Indien een bestand of map niet onmiddellijk kan verplaatst worden,
kun je gevraagd worden om de PC te herstarten teneinde het verplaatsen te beeïndigen.
Klik dan op Ja/Yes.

gaat het nu beter ?
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan