Archief - Problemen met IE/FF omwille van msn?

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
p

pipopower

Legacy Member
Ik heb nu al een maand of 2 problemen met mijn IE/FF elke keer dat ik aangemeld ben op msn (misschien met skype ook) kan ik niet meer via IE/FF op mijn hotmail account geraken, soms zelfs op Facebook niet.

Dit op zich is nu allemaal niet erg want ik kan mij altijd afmelden en dan geraak ik wel bij mijn inbox maar nu sinds gisteren kan ik geen bestanden meer downloaden van 2 verschillende sites (ik kan de sites/links doorgeven als het nodig is), het bestand wordt gedownload maar dan elke keer als hij aan 99% is dan krijg ik een foutmelding van schrijffout of iets in die aard. Terwijl ik vroeger nooit last had van zo iets.

Ik heb alvast een Hijack-scan uitgevoerd, als je eens naar mijn logje zou kunnen kijken en mij de te volgen stappen zou kunnen zeggen om mijn pc weer in orde te krijgen zou ik je dankbaar zijn (voor de zoveelste keer :p)

merci

--------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:43:56, on 20/08/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\UltraMon\UltraMonTaskbar.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Randy\Software\Security\HijackThis\HiJackThis\HijackThis.exe
C:\Program Files\UltraMon\UltraMonUiAcc.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 9lives - Games, community: spelletjes, populaire spelletjes, gamenieuws, reviews, previews, populaire games, gamecharts, releasedata van de nieuwste games en jongerenforum!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 1.1.4322; InfoPath.2; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://www.addictinggames.com/minimotocross.html"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: UltraMon.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldnl-be.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe
O23 - Service: OracleServiceXE - Oracle Corporation - c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE
O23 - Service: OracleXEClrAgent - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe
O23 - Service: OracleXETNSListener - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe

--
End of file - 9822 bytes

--------------------------------------------------------------------------
J

Juisterr

Legacy Member
Schakel tijdelijk Windows Defender uit
Want deze kan voor stoorzender spelen bij het fixen met HJT (de fix terug ongedaan maken)
* Open Windows Defender > Klik Tools
* Klik "General Settings" of Options
* Scroll naar "Real Time Protection Options"
* Haal het vinkje weg bij "Turn on Real Time Protection (recommended)" > Klik "Save"
* Sluit Windows Defender
(als de problemen over zijn, logje weer schoon verklaard is, kan je 'm weer aanzetten)

Klik met de rechtermuis op het programma Hijackthis en kies voor "Uitvoeren als Administrator"
Kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

Sluit alle vensters behalve Hijackthis
Klik op 'Fix checked' om de items te verwijderen.



Download Combofix naar je Bureaublad en gebruik het volgens deze handleiding.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
  • Dubbelklik op Combofix.exe om het te starten.
  • Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
  • Klik op OK in het "NirCmd" venstertje.
  • Klik na afloop terug op Ja om het scannen op malware te starten.
  • Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
  • Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.
Post dit logje in je volgende antwoord


Start hijackthis opnieuw en maak een nieuw HijackThis logje, let wel op want
je moet HijackThis als Administrator uitvoeren en dan de nieuwe log posten.
Indien je het niet als administrator uitvoert, wordt de oude log niet overschreven.
p

pipopower

Legacy Member
ComboFix 09-08-20.05 - Randy 21/08/2009 11:55.1.2 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.32.1043.18.3070.1912 [GMT 2:00]
Gestart vanuit: c:\users\Randy\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-51003140-4199384537-3980697693-500
I:\autorun.inf
J:\Autorun.inf

.
(((((((((((((((((((( Bestanden Gemaakt van 2009-07-21 to 2009-08-21 ))))))))))))))))))))))))))))))
.

2009-08-21 10:02 . 2009-08-21 10:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-18 15:50 . 2009-08-20 14:10 -------- d-----w- c:\users\Randy\AppData\Roaming\vlc
2009-08-14 00:49 . 2009-08-18 14:46 -------- d-----w- c:\users\Randy\AppData\Roaming\Hamachi
2009-08-14 00:48 . 2009-08-14 00:48 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-08-14 00:48 . 2009-08-14 00:49 -------- d-----w- c:\program files\Hamachi
2009-08-12 13:20 . 2009-06-10 12:07 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-12 13:20 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-12 13:20 . 2009-06-04 12:34 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-12 13:20 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-06 07:58 . 2009-08-06 07:59 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-08-04 21:57 . 2009-08-04 21:57 -------- d-----w- c:\users\Randy\AppData\Roaming\dvdcss

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-21 09:12 . 2008-10-16 22:14 -------- d-----w- c:\programdata\VMware
2009-08-21 09:09 . 2008-09-24 20:05 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-08-19 11:38 . 2009-03-01 19:43 -------- d-----w- c:\users\Randy\AppData\Roaming\Skype
2009-08-19 11:38 . 2009-01-11 22:23 -------- d-----w- c:\users\Randy\AppData\Roaming\skypePM
2009-08-17 12:52 . 2008-11-17 20:19 -------- d-----w- c:\users\Randy\AppData\Roaming\FileZilla
2009-08-17 12:52 . 2008-11-17 20:19 -------- d-----w- c:\program files\FileZilla FTP Client
2009-08-15 16:26 . 2006-11-02 16:18 50460 ----a-w- c:\windows\system32\perfh013.dat
2009-08-15 16:26 . 2006-11-02 16:18 11524 ----a-w- c:\windows\system32\perfc013.dat
2009-08-12 13:26 . 2008-09-25 21:56 -------- d-----w- c:\programdata\Microsoft Help
2009-08-12 13:24 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-01 16:11 . 2008-10-05 13:54 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-27 18:14 . 2009-02-25 21:01 -------- d-----w- c:\users\Randy\AppData\Roaming\DiskAid
2009-07-21 21:52 . 2009-07-28 19:34 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-28 19:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-28 19:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:51 . 2009-07-21 20:51 -------- d-----w- c:\users\Randy\AppData\Roaming\Red Kawa
2009-07-21 20:13 . 2009-07-28 19:34 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-18 22:30 . 2009-07-18 22:30 -------- d-----w- c:\users\Randy\AppData\Roaming\Nero
2009-07-18 22:22 . 2009-07-18 22:22 -------- d-----w- c:\programdata\LightScribe
2009-07-18 18:30 . 2009-07-18 18:14 -------- d-----w- c:\program files\Common Files\Nero
2009-07-18 18:28 . 2008-09-24 21:02 -------- d-----w- c:\program files\Nero
2009-07-18 18:18 . 2009-07-18 18:14 -------- d-----w- c:\programdata\Nero
2009-07-18 18:12 . 2009-07-18 18:12 -------- d-----w- c:\program files\Common Files\LightScribe
2009-07-18 16:31 . 2008-09-24 22:22 -------- d-----w- c:\program files\Common Files\Ahead
2009-07-16 22:32 . 2009-07-16 22:31 -------- d-----w- c:\program files\iTunes
2009-07-16 22:31 . 2009-07-16 22:31 -------- d-----w- c:\program files\iPod
2009-07-16 22:31 . 2008-10-12 11:10 -------- d-----w- c:\program files\Common Files\Apple
2009-07-16 22:27 . 2009-07-16 22:27 75040 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-07-14 22:31 . 2008-09-26 19:40 189072 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-07-14 22:23 . 2008-09-26 19:40 138920 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-14 15:17 . 2009-07-14 15:17 15308440 ----a-w- c:\windows\system32\xlive.dll
2009-07-14 15:17 . 2009-07-14 15:17 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-07-14 13:00 . 2009-08-12 13:19 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-14 12:59 . 2009-08-12 13:19 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-14 12:58 . 2009-08-12 13:19 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-14 10:59 . 2009-08-12 13:19 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-06-15 18:20 . 2009-08-12 13:19 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-15 15:24 . 2009-08-12 13:19 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-06-15 15:24 . 2009-07-15 22:10 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 15:24 . 2009-08-12 13:19 72704 ----a-w- c:\windows\system32\secur32.dll
2009-06-15 15:24 . 2009-08-12 13:19 270848 ----a-w- c:\windows\system32\schannel.dll
2009-06-15 15:23 . 2009-08-12 13:19 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-15 15:22 . 2009-08-12 13:19 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-15 15:21 . 2009-08-12 13:19 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-06-15 15:20 . 2009-07-15 22:10 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 15:20 . 2009-07-15 22:10 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:57 . 2009-08-12 13:19 9728 ----a-w- c:\windows\system32\lsass.exe
2009-06-15 12:52 . 2009-07-15 22:10 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-06-10 12:45 . 2008-09-24 19:28 99864 ----a-w- c:\users\Randy\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-29 11:36 . 2009-05-29 11:36 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-05-29 11:36 . 2009-05-29 11:36 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150595.exe" [2009-03-19 460216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-04-09 2029640]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-01-23 101136]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-12-29 4317184]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-9-24 688128]
UltraMon.lnk - c:\windows\Installer\{89291966-CF6B-4DC7-9D72-8C9034A194D9}\IcoUltraMon.ico [2009-6-7 29310]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{2D5CA276-F3F0-4E7B-BC8D-765C4AC328FA}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{76AB7A0E-E3C2-4E23-8058-AF391EBCAFFC}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{20F1C6F1-E58F-4022-9028-76C09F2D608E}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{3F8B1F6C-AFF4-4E62-B4E6-6D7BA4C57B1F}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{187AAFA7-1340-44D2-93EE-354A331AC7B7}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{6C5B0D40-4EBF-4587-A73F-6BB94E11BE76}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{4D01482E-CEB5-4DF7-81BF-015EAC171DE3}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{F7E72DD2-BBEE-452A-907F-FD9416841686}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{7A1E18A9-7817-45F8-9349-3F8FEE43F02F}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{A8C0DAA2-4764-4138-8913-74D624C50A05}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{549B2915-4CB0-4DE6-90DC-A77C132E737F}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"TCP Query User{C56B4273-0561-472B-96E5-C44954425528}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:Windows Sidebar
"UDP Query User{9CF1DF23-9DCA-4F24-AEEC-F14E9B7838BD}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:Windows Sidebar
"{D5F33020-F25F-41AF-B369-8F19F7A67478}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{43DBFDF5-813E-4F89-A32D-975435C7F8C7}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{9AD53E1D-6C36-48B3-883D-CF920CD7AE2B}"= UDP:c:\program files\VMware\VMware Workstation\vmware-authd.exe:VMware Authd
"{4FE29102-C91C-4088-9C89-4A0529941EE5}"= TCP:c:\program files\VMware\VMware Workstation\vmware-authd.exe:VMware Authd
"TCP Query User{63E3E407-FA60-479C-9889-A405C4D3558A}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{963D23F4-AAE6-47E0-BCE3-13572A2073C7}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{B0DC1669-9C4C-4CC0-8E45-ED6A693D3282}c:\\program files\\tmnationsforever\\tmforever.exe"= UDP:c:\program files\tmnationsforever\tmforever.exe:TmForever
"UDP Query User{E4CEB040-205D-4893-A0FE-6E92F4311F50}c:\\program files\\tmnationsforever\\tmforever.exe"= TCP:c:\program files\tmnationsforever\tmforever.exe:TmForever
"TCP Query User{832BF03D-77FF-45CE-B7FA-BF0B4D76190F}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{2BD78D91-E27B-4FC4-BDFA-A8DF9A2C4B43}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"TCP Query User{DD6785C5-CD24-4011-AF03-06F1A709CED1}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{DC813005-7E82-40E0-A3A1-F2C6EC72E1B7}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{66AD53CC-266D-49CE-B054-86DDC35BD796}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{687E209B-B563-4A43-A466-9B23680BB6DD}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"{5D73E7A9-CD4C-4CBB-A833-3409FBAF8A70}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{A046252F-0B39-498B-83B6-9F81C96FCFA9}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{00BE151C-054C-4F92-8684-7474EEB5E90E}"= UDP:5353:Adobe CSI CS4
"{40F5B0A1-72BA-447A-A2F5-7D7CC8F8E9B4}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{0E386A8C-88BC-44A2-B40D-1B3A9E2AA965}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{A33CC5DB-C16C-4DE4-A418-E812932E5458}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{8261626B-B213-4B70-80FE-F1974AD484A1}c:\\aptana\\aptana studio\\jre\\bin\\javaw.exe"= UDP:c:\aptana\aptana studio\jre\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{A02EB7A0-600B-4283-BCED-455AF5B2DA71}c:\\aptana\\aptana studio\\jre\\bin\\javaw.exe"= TCP:c:\aptana\aptana studio\jre\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{253B09B3-59E6-46FA-9CF8-F58F2C84CA12}c:\\program files\\tightvnc\\winvnc.exe"= UDP:c:\program files\tightvnc\winvnc.exe:TightVNC Win32 Server
"UDP Query User{8289F1A4-5705-485B-9720-56655DC288A1}c:\\program files\\tightvnc\\winvnc.exe"= TCP:c:\program files\tightvnc\winvnc.exe:TightVNC Win32 Server
"TCP Query User{D99B2EE9-D7B8-402C-96B5-0210C63A5034}k:\\software\\packet tracer 5.0\\bin\\packettracer5.exe"= UDP:k:\software\packet tracer 5.0\bin\packettracer5.exe:PacketTracer5
"UDP Query User{1A62F373-87BE-4C20-8590-7295EA953420}k:\\software\\packet tracer 5.0\\bin\\packettracer5.exe"= TCP:k:\software\packet tracer 5.0\bin\packettracer5.exe:PacketTracer5
"{4214BF0E-FD79-41A0-8FD5-61265B784732}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{72C2167D-EBE5-489A-99F7-0751A9B40595}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [9/04/2009 15:18 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [9/04/2009 15:19 731840]
R2 epfwwfpr;epfwwfpr;c:\windows\System32\drivers\epfwwfpr.sys [9/04/2009 15:21 93312]
R2 OracleServiceXE;OracleServiceXE;c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE --> c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE [?]
R2 OracleXETNSListener;OracleXETNSListener;c:\oraclexe\app\oracle\product\10.2.0\server\BIN\TNSLSNR.EXE [2/02/2006 1:49 204800]
R2 UltraMonUtility;UltraMon Utility Driver;c:\program files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [14/11/2008 3:11 17184]
R2 vmci;VMware vmci;c:\windows\System32\drivers\vmci.sys [18/09/2008 23:12 54960]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe XE --> c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe XE [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
%SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
Inhoud van de 'Gedeelde Taken' map

2009-08-19 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2009-08-21 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2009-08-21 c:\windows\Tasks\User_Feed_Synchronization-{57952E84-E60C-4DCD-B740-F0034C674587}.job
- c:\windows\system32\msfeedssync.exe [2009-07-28 20:13]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://https://www.beyondgaming.be
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\VMware\VMware Workstation\vsocklib.dll
FF - ProfilePath - c:\users\Randy\AppData\Roaming\Mozilla\Firefox\Profiles\424bcia4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.9lives.be
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-08-21 12:02
Windows 6.0.6001 Service Pack 1 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-3245928218-1943511284-4275170740-1000\Software\SecuROM\License information*]
"datasecu"=hex:3e,5f,aa,0e,1a,ff,3e,8e,b2,0d,da,31,d6,c1,0a,2f,93,89,e7,e8,48,
cf,27,f9,76,a6,69,5a,ec,d7,1e,9d,b1,1a,48,07,dc,85,72,da,b8,00,dd,24,6c,75,\
"rkeysecu"=hex:e5,6a,8c,07,24,93,a2,55,c9,32,58,b2,6f,48,42,b6
.
Voltooingstijd: 2009-08-21 12:05
ComboFix-quarantined-files.txt 2009-08-21 10:05

Pre-Run: 18.321.809.408 bytes beschikbaar
Post-Run: 23.682.793.472 bytes beschikbaar

208 --- E O F --- 2009-08-21 09:17


--------------------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:12:53, on 21/08/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\UltraMon\UltraMonTaskbar.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\UltraMon\UltraMonUiAcc.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Randy\Software\Security\HijackThis\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 9lives - Games, community: spelletjes, populaire spelletjes, gamenieuws, reviews, previews, populaire games, gamecharts, releasedata van de nieuwste games en jongerenforum!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 1.1.4322; InfoPath.2; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://www.addictinggames.com/minimotocross.html"
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: UltraMon.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldnl-be.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe
O23 - Service: OracleServiceXE - Oracle Corporation - c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE
O23 - Service: OracleXEClrAgent - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe
O23 - Service: OracleXETNSListener - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe

--
End of file - 8821 bytes

--------------------------------------------------------------------------------------
p

pipopower

Legacy Member
Nee, ik geraak nog altijd niet op hotmail als ik aangemeld ben op msn :(

Waarschijnlijk ligt het aan iets anders maar alvast bedankt om mijn pc schoon te krijgen :)
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan