Anoniem2 Geplaatst: 1 mei 2008 Delen Geplaatst: 1 mei 2008 Platform: Windows Vista (WinNT 6.00.1904)\r\nMSIE: Internet Explorer v7.00 (7.00.6000.16643)\r\nBoot mode: Normal: Running processes:\r\nC:\\Program Files\\Common Files\\LogiShrd\\LVCOMSER\\LVComSer.exe\r\nC:\\Windows\\system32\\taskeng.exe\r\nC:\\Windows\\system32\\Dwm.exe\r\nC:\\Windows\\Explorer.EXE\r\nC:\\Program Files\\Windows Defender\\MSASCui.exe\r\nC:\\hp\\support\\hpsysdrv.exe\r\nC:\\Program Files\\Hewlett-Packard\\On-Screen OSD Indicator\\OSD.exe\r\nC:\\Program Files\\HP\\HP Software Update\\hpwuSchd2.exe\r\nC:\\Program Files\\PowerISO\\PWRISOVM.EXE\r\nC:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\r\nC:\\Windows\\WindowsMobile\\wmdc.exe\r\nC:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PIFSvc.exe\r\nC:\\Program Files\\Common Files\\logishrd\\LComMgr\\Communications_Helper.exe\r\nC:\\Program Files\\Logitech\\QuickCam\\Quickcam.exe\r\nC:\\Windows\\RtHDVCpl.exe\r\nC:\\Program Files\\Windows Sidebar\\sidebar.exe\r\nC:\\Windows\\ehome\\ehtray.exe\r\nC:\\Program Files\\MSN Messenger\\msnmsgr.exe\r\nC:\\Program Files\\BullGuard Software\\BullGuard\\BullGuard.exe\r\nC:\\Program Files\\TomTom HOME 2\\HOMERunner.exe\r\nC:\\Program Files\\DAEMON Tools Lite\\daemon.exe\r\nc:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\MOM.EXE\r\nC:\\Windows\\ehome\\ehmsas.exe\r\nC:\\Windows\\System32\\rundll32.exe\r\nC:\\Program Files\\Windows Sidebar\\sidebar.exe\r\nC:\\Windows\\system32\\WerCon.exe\r\nC:\\Program Files\\Common Files\\Logishrd\\LQCVFX\\COCIManager.exe\r\nC:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CCC.exe\r\nC:\\hp\\kbd\\kbd.exe\r\nC:\\Program Files\\Uniblue\\RegistryBooster2\\RegistryBooster.exe\r\nC:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE\r\nC:\\Program Files\\BitComet\\BitComet.exe\r\nC:\\Users\\Mathieu\\AppData\\Local\\Temp\\is-7RGHM.tmp\\pgs.tmp\r\nC:\\Windows\\system32\\conime.exe\r\nC:\\Downloads\\dss.exe\r\nC:\\PROGRA~1\\TRENDM~1\\HIJACK~1\\Mathieu.exe\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://www.metallica.com/[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=desktop[/url]\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = \r\nO1 - Hosts: ::1 localhost\r\nO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelper.dll\r\nO2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\\Program Files\\BitComet\\tools\\BitCometBHO_1.2.1.2.dll\r\nO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\\Program Files\\Microsoft Office\\Office12\\GrooveShellExtensions.dll\r\nO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\\program files\\google\\googletoolbar2.dll\r\nO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\\program files\\google\\googletoolbar2.dll\r\nO4 - HKLM\\..\\Run: [Windows Defender] %ProgramFiles%\\Windows Defender\\MSASCui.exe -hide\r\nO4 - HKLM\\..\\Run: [hpsysdrv] c:\\hp\\support\\hpsysdrv.exe\r\nO4 - HKLM\\..\\Run: [KBD] C:\\HP\\KBD\\KbdStub.EXE\r\nO4 - HKLM\\..\\Run: [OsdMaestro] \"C:\\Program Files\\Hewlett-Packard\\On-Screen OSD Indicator\\OSD.exe\"\r\nO4 - HKLM\\..\\Run: [HP Software Update] c:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe\r\nO4 - HKLM\\..\\Run: [PWRISOVM.EXE] C:\\Program Files\\PowerISO\\PWRISOVM.EXE\r\nO4 - HKLM\\..\\Run: [GrooveMonitor] \"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\"\r\nO4 - HKLM\\..\\Run: [NeroFilterCheck] C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe\r\nO4 - HKLM\\..\\Run: [Windows Mobile Device Center] %windir%\\WindowsMobile\\wmdc.exe\r\nO4 - HKLM\\..\\Run: [Symantec PIF AlertEng] \"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PifSvc.exe\" /a /m \"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\AlertEng.dll\"\r\nO4 - HKLM\\..\\Run: [BullGuard] \"C:\\Program Files\\BullGuard Software\\BullGuard\\bullguard.exe\" -boot\r\nO4 - HKLM\\..\\Run: [Adobe Reader Speed Launcher] \"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"\r\nO4 - HKLM\\..\\Run: [LogitechCommunicationsManager] \"C:\\Program Files\\Common Files\\LogiShrd\\LComMgr\\Communications_Helper.exe\"\r\nO4 - HKLM\\..\\Run: [LogitechQuickCamRibbon] \"C:\\Program Files\\Logitech\\QuickCam\\Quickcam.exe\" /hide\r\nO4 - HKLM\\..\\Run: [RtHDVCpl] RtHDVCpl.exe\r\nO4 - HKLM\\..\\Run: [SBI] C:\\Downloads\\install_sbd_nl.exe\r\nO4 - HKLM\\..\\RunOnce: [overinstall] \"C:\\Program Files\\VeiligheidsAgent\\pgs.exe\" /empty\r\nO4 - HKCU\\..\\Run: [Sidebar] C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun\r\nO4 - HKCU\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter\r\nO4 - HKCU\\..\\Run: [StartCCC] c:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\r\nO4 - HKCU\\..\\Run: [ehTray.exe] C:\\Windows\\ehome\\ehTray.exe\r\nO4 - HKCU\\..\\Run: [MsnMsgr] \"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background\r\nO4 - HKCU\\..\\Run: [BullGuard] \"C:\\Program Files\\BullGuard Software\\BullGuard\\bullguard.exe\"\r\nO4 - HKCU\\..\\Run: [ISUSPM Startup] C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup\r\nO4 - HKCU\\..\\Run: [TomTomHOME.exe] \"C:\\Program Files\\TomTom HOME 2\\HOMERunner.exe\"\r\nO4 - HKCU\\..\\Run: [DAEMON Tools Lite] \"C:\\Program Files\\DAEMON Tools Lite\\daemon.exe\" -autorun\r\nO4 - HKCU\\..\\Run: [Uniblue RegistryBooster 2] c:\\program files\\uniblue\\registrybooster 2\\StartRegistryBooster.exe\r\nO4 - HKCU\\..\\Run: [MSServer] rundll32.exe C:\\Users\\Mathieu\\AppData\\Local\\Temp\\mljGXqrO.dll,#1\r\nO4 - HKCU\\..\\Run: [Uniblue Registry Booster2] c:\\program files\\uniblue\\registrybooster2\\StartRegistryBooster.exe\r\nO4 - HKCU\\..\\Run: [cmds] rundll32.exe C:\\Users\\Mathieu\\AppData\\Local\\Temp\\vtUmKCRH.dll,c\r\nO4 - HKCU\\..\\Run: [BM672ed6d2] Rundll32.exe \"C:\\Users\\Mathieu\\AppData\\Local\\Temp\\yshfxvif.dll\",s\r\nO4 - HKCU\\..\\Run: [641de54e] rundll32.exe \"C:\\Users\\Mathieu\\AppData\\Local\\Temp\\gokolmwk.dll\",b\r\nO4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'LOCAL SERVICE\')\r\nO4 - HKUS\\S-1-5-19\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User \'LOCAL SERVICE\')\r\nO4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'NETWORK SERVICE\')\r\nO8 - Extra context menu item: &D&ownload &with BitComet - res://C:\\Program Files\\BitComet\\BitComet.exe/AddLink.htm\r\nO8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\\Program Files\\BitComet\\BitComet.exe/AddVideo.htm\r\nO8 - Extra context menu item: &D&ownload all with BitComet - res://C:\\Program Files\\BitComet\\BitComet.exe/AddAllLink.htm\r\nO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\\PROGRA~1\\MICROS~2\\Office12\\EXCEL.EXE/3000\r\nO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~2\\Office12\\ONBttnIE.dll\r\nO9 - Extra \'Tools\' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~2\\Office12\\ONBttnIE.dll\r\nO9 - Extra button: @C:\\Windows\\WindowsMobile\\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\\Windows\\WindowsMobile\\INetRepl.dll\r\nO9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\\Windows\\WindowsMobile\\INetRepl.dll\r\nO9 - Extra \'Tools\' menuitem: @C:\\Windows\\WindowsMobile\\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\\Windows\\WindowsMobile\\INetRepl.dll\r\nO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\Office12\\REFIEBAR.DLL\r\nO9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\\Program Files\\BitComet\\tools\\BitCometBHO_1.2.1.2.dll/206 (file missing)\r\nO13 - Gopher Prefix: \r\nO16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - [url]http://www.eset.eu/buxus/docs/OnlineScanner.cab[/url]\r\nO16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - [url]http://www.adobe.com/products/acrobat/nos/gp.cab[/url]\r\nO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\\Program Files\\Microsoft Office\\Office12\\GrooveSystemServices.dll\r\nO23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\\Program Files\\Lavasoft\\Ad-Aware 2007\\aawservice.exe\r\nO23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\\Windows\\system32\\Ati2evxx.exe\r\nO23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard Software - C:\\Program Files\\BullGuard Software\\BullGuard\\BullGuardUpdate.exe\r\nO23 - Service: Google Updater Service (gusvc) - Google - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe\r\nO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\\Program Files\\Common Files\\InstallShield\\Driver\\1050\\Intel 32\\IDriverT.exe\r\nO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe\r\nO23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PifSvc.exe\r\nO23 - Service: LVCOMSer - Logitech Inc. - C:\\Program Files\\Common Files\\LogiShrd\\LVCOMSER\\LVComSer.exe\r\nO23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\\Program Files\\Common Files\\LogiShrd\\LVMVFM\\LVPrcSrv.exe\r\nO23 - Service: LVSrvLauncher - Logitech Inc. - C:\\Program Files\\Common Files\\LogiShrd\\SrvLnch\\SrvLnch.exe\r\nO23 - Service: NBService - Nero AG - C:\\Program Files\\Nero\\Nero 7\\Nero BackItUp\\NBService.exe\r\nO23 - Service: RoxMediaDB9 - Sonic Solutions - c:\\Program Files\\Common Files\\Roxio Shared\\9.0\\SharedCOM\\RoxMediaDB9.exe\r\nO23 - Service: stllssvr - MicroVision Development, Inc. - c:\\Program Files\\Common Files\\SureThing Shared\\stllssvr.exe\r\nEnd of file - 10227 bytes Quote Link naar reactie
Anoniem2 Geplaatst: 1 mei 2008 Auteur Delen Geplaatst: 1 mei 2008 Mechanix,\n \nKun je Malwarebytes\' Anti-Malware eens downloaden en installeren?\n \nDownload Malwarebytes\' Anti-Malware [URL=\"http://www.besttechie.net/tools/mbam-setup.exe\"][B]hier[/B][/URL] (1,47 Mb)\n \nStart mbam-setup.exe en Malwarebytes\' Anti-Malware wordt geïnstalleerd.\n \nInstallatie wijst voor zich, zorg dat er vinkjes staan bij \"Update Malwarebytes\' Anti-Malware\" en \"Start Malwarebytes\' Anti-Malware\"\n \nKies voor een snelle scan en verwijder de bestanden die Malwarebytes\' Anti-Malware vindt.\nBewaar het log en post dat hier. Quote Link naar reactie
Anoniem2 Geplaatst: 1 mei 2008 Auteur Delen Geplaatst: 1 mei 2008 alwarebytes\' Anti-Malware 1.11\r\nDatabase versie: 704\r\n\r\nScan type: Snelle Scan\r\nObjecten gescand: 33545\r\nVerstreken tijd: 7 minute(s), 50 second(s)\r\n\r\nGeheugenprocessen geïnfecteerd: 0\r\nGeheugenmodulen geïnfecteerd: 0\r\nRegistersleutels geïnfecteerd: 4\r\nRegisterwaarden geïnfecteerd: 0\r\nRegisterdata bestanden geïnfecteerd: 0\r\nMappen geïnfecteerd: 0\r\nBestanden geïnfecteerd: 2\r\n\r\nGeheugenprocessen geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nGeheugenmodulen geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nRegistersleutels geïnfecteerd:\r\nHKEY_CURRENT_USER\\Software\\Microsoft\\aldd (Malware.Trace) -> No action taken.\r\nHKEY_CURRENT_USER\\Software\\Microsoft\\affri (Malware.Trace) -> No action taken.\r\nHKEY_CURRENT_USER\\Software\\Microsoft\\affltid (Malware.Trace) -> No action taken.\r\nHKEY_CURRENT_USER\\Software\\Microsoft\\rdfa (Trojan.Vundo) -> No action taken.\r\n\r\nRegisterwaarden geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nRegisterdata bestanden geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nMappen geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nBestanden geïnfecteerd:\r\nC:\\Users\\Mathieu\\Local Settings\\Temporary Internet Files\\Content.IE5\\KQPACW8L\\glas[2] (Trojan.Vundo) -> No action taken.\r\nC:\\Users\\Mathieu\\Local Settings\\Temporary Internet Files\\Content.IE5\\RH1V7QDD\\glas[1] (Trojan.Vundo) -> No action taken. Quote Link naar reactie
Anoniem2 Geplaatst: 1 mei 2008 Auteur Delen Geplaatst: 1 mei 2008 deze zou ik verwijderen met hijack\n \nO4 - HKCU\\..\\Run: [MSServer] rundll32.exe C:\\Users\\Mathieu\\AppData\\Local\\Temp\\mljGXqrO.dll,# 1\nO4 - HKCU\\..\\Run: [cmds] rundll32.exe C:\\Users\\Mathieu\\AppData\\Local\\Temp\\vtUmKCRH.dll,c\nO13 - Gopher Prefix: Quote Link naar reactie
Anoniem2 Geplaatst: 1 mei 2008 Auteur Delen Geplaatst: 1 mei 2008 De volgende twee vind Hijack niet:\r\nO4 - HKCU\\..\\Run: [MSServer] rundll32.exe C:\\Users\\Mathieu\\AppData\\Local\\Temp\\mljGXqrO.dll,# 1\r\nO4 - HKCU\\..\\Run: [cmds] rundll32.exe C:\\Users\\Mathieu\\AppData\\Local\\Temp\\vtUmKCRH.dll,c\r\n\r\nWat moet ik doen? Quote Link naar reactie
Anoniem2 Geplaatst: 1 mei 2008 Auteur Delen Geplaatst: 1 mei 2008 Blijkbaar heeft Malwarebytes\' Anti-Malware die dan al geëlimineerd. Quote Link naar reactie
Anoniem2 Geplaatst: 1 mei 2008 Auteur Delen Geplaatst: 1 mei 2008 Bedankt, wat Bullguard niet kon oplossen heb jullie wel gedaan! Super Quote Link naar reactie
Anoniem2 Geplaatst: 1 mei 2008 Auteur Delen Geplaatst: 1 mei 2008 Ik heb nog het volgende virus. Kan iemand helpen?\r\n\r\nScan started: Thursday, May 01, 2008 13:58:30\r\nScan duration: 0 days, 00 hours, 01 minutes, 31 seconds\r\nInfections solved: 0\r\nInfections left: 1\r\nViruses left: 1\r\n\r\n----[ Files Still Infected ]------------\r\n\r\nMalware: Trojan.Generic.138368\r\nStatus: Disinfect Failed\r\n C:\\Users\\Mathieu\\AppData\\Roaming\\=>:svchost.exe Quote Link naar reactie
Anoniem2 Geplaatst: 1 mei 2008 Auteur Delen Geplaatst: 1 mei 2008 Leek me ook al sterk dat alles opeens was opgelost....\n \nDoe eens een online scan met ESET/NOD32, die kun je hier vinden.\n \n[URL]http://www.eset.com/onlinescan/[/URL] Quote Link naar reactie
Anoniem2 Geplaatst: 1 mei 2008 Auteur Delen Geplaatst: 1 mei 2008 De online scan met ESET/NOD32 geeft een foutmelding en wel de volgende:\r\nError: cannot initialize OnlineScanner. Administratie rights required.\r\n\r\nPlease help me out! Quote Link naar reactie
Anoniem2 Geplaatst: 1 mei 2008 Auteur Delen Geplaatst: 1 mei 2008 Denk dat je administratot rechten moet hebben op de PC.\n \nAls dat niet kan moet je maar wat anders proberen.... post nog eens een HijackThis log. Quote Link naar reactie
Anoniem2 Geplaatst: 2 mei 2008 Auteur Delen Geplaatst: 2 mei 2008 Logfile of Trend Micro HijackThis v2.0.2\r\nScan saved at 5:34:01, on 2-5-2008\r\nPlatform: Windows Vista SP1 (WinNT 6.00.1905)\r\nMSIE: Internet Explorer v7.00 (7.00.6001.18000)\r\nBoot mode: Normal\r\n\r\nRunning processes:\r\nC:\\Program Files\\Common Files\\LogiShrd\\LVCOMSER\\LVComSer.exe\r\nC:\\Windows\\system32\\taskeng.exe\r\nC:\\Windows\\system32\\Dwm.exe\r\nC:\\Windows\\Explorer.EXE\r\nC:\\Program Files\\Windows Defender\\MSASCui.exe\r\nC:\\hp\\support\\hpsysdrv.exe\r\nC:\\Program Files\\Hewlett-Packard\\On-Screen OSD Indicator\\OSD.exe\r\nC:\\Program Files\\Hewlett-Packard\\HP Software Update\\hpwuSchd2.exe\r\nC:\\Program Files\\PowerISO\\PWRISOVM.EXE\r\nC:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\r\nC:\\Windows\\WindowsMobile\\wmdc.exe\r\nC:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PIFSvc.exe\r\nC:\\Program Files\\Common Files\\logishrd\\LComMgr\\Communications_Helper.exe\r\nC:\\Program Files\\Logitech\\QuickCam\\Quickcam.exe\r\nC:\\Windows\\RtHDVCpl.exe\r\nC:\\Program Files\\Windows Sidebar\\sidebar.exe\r\nC:\\Windows\\ehome\\ehtray.exe\r\nC:\\Program Files\\BullGuard Software\\BullGuard\\BullGuard.exe\r\nC:\\Program Files\\TomTom HOME 2\\HOMERunner.exe\r\nC:\\Program Files\\Windows Media Player\\wmpnscfg.exe\r\nC:\\Program Files\\DAEMON Tools Lite\\daemon.exe\r\nC:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe\r\nC:\\Windows\\ehome\\ehmsas.exe\r\nC:\\Program Files\\Windows Sidebar\\sidebar.exe\r\nC:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqSTE08.exe\r\nC:\\Program Files\\Common Files\\Logishrd\\LQCVFX\\COCIManager.exe\r\nC:\\hp\\kbd\\kbd.exe\r\nC:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE\r\nC:\\Windows\\System32\\mobsync.exe\r\nC:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe\r\n\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://www.metallica.com/[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=desktop[/url]\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = \r\nO1 - Hosts: ::1 localhost\r\nO2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\\Program Files\\Hewlett-Packard\\Smart Web Printing\\hpswp_framework.dll\r\nO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelper.dll\r\nO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\\Program Files\\Microsoft Office\\Office12\\GrooveShellExtensions.dll\r\nO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\\program files\\google\\googletoolbar2.dll\r\nO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\\program files\\google\\googletoolbar2.dll\r\nO4 - HKLM\\..\\Run: [Windows Defender] %ProgramFiles%\\Windows Defender\\MSASCui.exe -hide\r\nO4 - HKLM\\..\\Run: [hpsysdrv] c:\\hp\\support\\hpsysdrv.exe\r\nO4 - HKLM\\..\\Run: [KBD] C:\\HP\\KBD\\KbdStub.EXE\r\nO4 - HKLM\\..\\Run: [OsdMaestro] \"C:\\Program Files\\Hewlett-Packard\\On-Screen OSD Indicator\\OSD.exe\"\r\nO4 - HKLM\\..\\Run: [HP Software Update] C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd2.exe\r\nO4 - HKLM\\..\\Run: [PWRISOVM.EXE] C:\\Program Files\\PowerISO\\PWRISOVM.EXE\r\nO4 - HKLM\\..\\Run: [GrooveMonitor] \"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\"\r\nO4 - HKLM\\..\\Run: [NeroFilterCheck] C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe\r\nO4 - HKLM\\..\\Run: [Windows Mobile Device Center] %windir%\\WindowsMobile\\wmdc.exe\r\nO4 - HKLM\\..\\Run: [Symantec PIF AlertEng] \"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PifSvc.exe\" /a /m \"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\AlertEng.dll\"\r\nO4 - HKLM\\..\\Run: [BullGuard] \"C:\\Program Files\\BullGuard Software\\BullGuard\\bullguard.exe\" -boot\r\nO4 - HKLM\\..\\Run: [Adobe Reader Speed Launcher] \"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"\r\nO4 - HKLM\\..\\Run: [LogitechCommunicationsManager] \"C:\\Program Files\\Common Files\\LogiShrd\\LComMgr\\Communications_Helper.exe\"\r\nO4 - HKLM\\..\\Run: [LogitechQuickCamRibbon] \"C:\\Program Files\\Logitech\\QuickCam\\Quickcam.exe\" /hide\r\nO4 - HKLM\\..\\Run: [RtHDVCpl] RtHDVCpl.exe\r\nO4 - HKLM\\..\\Run: [Windows Mobile-based device management] %windir%\\WindowsMobile\\wmdSync.exe\r\nO4 - HKCU\\..\\Run: [Sidebar] C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun\r\nO4 - HKCU\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter\r\nO4 - HKCU\\..\\Run: [StartCCC] c:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\r\nO4 - HKCU\\..\\Run: [ehTray.exe] C:\\Windows\\ehome\\ehTray.exe\r\nO4 - HKCU\\..\\Run: [BullGuard] \"C:\\Program Files\\BullGuard Software\\BullGuard\\bullguard.exe\"\r\nO4 - HKCU\\..\\Run: [ISUSPM Startup] C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup\r\nO4 - HKCU\\..\\Run: [TomTomHOME.exe] \"C:\\Program Files\\TomTom HOME 2\\HOMERunner.exe\"\r\nO4 - HKCU\\..\\Run: [DAEMON Tools Lite] \"C:\\Program Files\\DAEMON Tools Lite\\daemon.exe\" -autorun\r\nO4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe\r\nO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe\r\nO8 - Extra context menu item: &D&ownload &with BitComet - res://C:\\Program Files\\BitComet\\BitComet.exe/AddLink.htm\r\nO8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\\Program Files\\BitComet\\BitComet.exe/AddVideo.htm\r\nO8 - Extra context menu item: &D&ownload all with BitComet - res://C:\\Program Files\\BitComet\\BitComet.exe/AddAllLink.htm\r\nO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\\PROGRA~1\\MICROS~2\\Office12\\EXCEL.EXE/3000\r\nO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~2\\Office12\\ONBttnIE.dll\r\nO9 - Extra \'Tools\' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~2\\Office12\\ONBttnIE.dll\r\nO9 - Extra button: @C:\\Windows\\WindowsMobile\\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\\Windows\\WindowsMobile\\INetRepl.dll\r\nO9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\\Windows\\WindowsMobile\\INetRepl.dll\r\nO9 - Extra \'Tools\' menuitem: @C:\\Windows\\WindowsMobile\\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\\Windows\\WindowsMobile\\INetRepl.dll\r\nO9 - Extra button: HP Clipboek - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\\Program Files\\Hewlett-Packard\\Smart Web Printing\\hpswp_extensions.dll\r\nO9 - Extra button: HP Slim selecteren - {700259D7-1666-479a-93B1-3250410481E8} - C:\\Program Files\\Hewlett-Packard\\Smart Web Printing\\hpswp_extensions.dll\r\nO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\Office12\\REFIEBAR.DLL\r\nO9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - (no file)\r\nO13 - Gopher Prefix: \r\nO16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - [url]http://www.eset.eu/buxus/docs/OnlineScanner.cab[/url]\r\nO16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - [url]http://www.adobe.com/products/acrobat/nos/gp.cab[/url]\r\nO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\\Program Files\\Microsoft Office\\Office12\\GrooveSystemServices.dll\r\nO23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\\Program Files\\Lavasoft\\Ad-Aware 2007\\aawservice.exe\r\nO23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\\Windows\\system32\\Ati2evxx.exe\r\nO23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard Software - C:\\Program Files\\BullGuard Software\\BullGuard\\BullGuardUpdate.exe\r\nO23 - Service: Google Updater Service (gusvc) - Google - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe\r\nO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\\Program Files\\Common Files\\InstallShield\\Driver\\1050\\Intel 32\\IDriverT.exe\r\nO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe\r\nO23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PifSvc.exe\r\nO23 - Service: LVCOMSer - Logitech Inc. - C:\\Program Files\\Common Files\\LogiShrd\\LVCOMSER\\LVComSer.exe\r\nO23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\\Program Files\\Common Files\\LogiShrd\\LVMVFM\\LVPrcSrv.exe\r\nO23 - Service: LVSrvLauncher - Logitech Inc. - C:\\Program Files\\Common Files\\LogiShrd\\SrvLnch\\SrvLnch.exe\r\nO23 - Service: NBService - Nero AG - C:\\Program Files\\Nero\\Nero 7\\Nero BackItUp\\NBService.exe\r\nO23 - Service: RoxMediaDB9 - Sonic Solutions - c:\\Program Files\\Common Files\\Roxio Shared\\9.0\\SharedCOM\\RoxMediaDB9.exe\r\nO23 - Service: stllssvr - MicroVision Development, Inc. - c:\\Program Files\\Common Files\\SureThing Shared\\stllssvr.exe\r\n\r\n--\r\nEnd of file - 9241 bytes Quote Link naar reactie
Anoniem2 Geplaatst: 2 mei 2008 Auteur Delen Geplaatst: 2 mei 2008 Ziet er goed uit. Geen enge dingen meer :D Quote Link naar reactie
Aanbevolen berichten
Om een reactie te plaatsen, moet je eerst inloggen