Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Computerstart duurt lang: Hijackthis-log

juisterr
18 antwoorden
  • Wie wil mijn Hijackthislog beoordelen? Is hier iets te vinden wat de start zo traag maakt. Ook als er een programma stopt worden de icoontjes op het bureaublad langzaam zichtbaar.
    Heeft dit iets met het geheugen te maken of zijn er programma's die de zaak verpesten?
    Hieronder de log:

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 23:02:24, on 1-9-2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb12.exe
    C:\Program Files\Process Lasso\processgovernor.exe
    C:\Program Files\Preventon\Personal Firewall\PFWall.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    C:\DOCUME~1\DHR~1.SMO\LOCALS~1\Temp\~ef7194.tmp
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Process Lasso\ProcessSupervisor.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32
    vsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\System32\WgaTray.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Hijackthis\HiJackThis_v2.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\\NVCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb12.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [ProcessGovernor] C:\Program Files\Process Lasso\processgovernor.exe
    O4 - HKLM\..\Run: [Personal Firewall] C:\Program Files\Preventon\Personal Firewall\PFWall.exe
    O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
    O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [ProcessSupervisorGUI] C:\Program Files\Process Lasso\ProcessSupervisor.exe /tray
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O9 - Extra button: (no name) - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.nl/s/v/19.13/uploader2.cab
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com
    dqemea/downloads/sysinfo.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com
    esource/download/scanner/wlscbase969.cab
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://flexiweb.limburg.nl
    ebis/install/mgaxctrl_6033.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156264174109
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mijnalbum.nl/skin/v2/system/upload/ImageUploader4.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://82.93.15.132/activex/AxisCamControl.cab
    O16 - DPF: {DC1FB1EB-BF1E-4C34-8A0A-A2C743CF44E7} (HTMLClientExtension Control) - https://bankieren.rabobank.nl
    aip/appl700/HTMLClientExtension.cab
    O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/obj/NpFv415.dll
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/aio/nl/check/qdiagh.cab?326
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5057/mcfscan.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

    Bedankt voor de moeite.

    Jan.





  • In je log zitten niet meteen aanduidingen die wijzen op problemen met bepaalde programma’s.

    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:

    [b:51362fd0eb]R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k[/b:51362fd0eb]

    Klik op 'Fix checked' om de items te verwijderen.

    Maak ook zeker al je mappen met “tijdelijke bestanden” leeg.

    Download ATF cleaner - http://www.atribune.org/ccount/click.php?id=1
    Dubbelklik op ATF cleaner om het programma te starten.
    Op het tabblad "Main", plaats je een vinkje bij Select All.
    Klik op de knop Empty Selected.

    En je hebt wel een heel uitgebreide opstart – de 04-lijnen – die je eens kritisch moet bekijken. Daar zijn ongetwijfeld een aantal items bij die je kan uitschakelen.
  • move to B&P

    t.
  • Beste Teacher,

    Ik heb die twee regels eruit gefixt en de ATF Cleaner laten lopen. Deze kon niets vinden.

    Ik weet echt niet wat die regels van O4 allemaal betekenen.
    IK ben bang als ik iets weghaal, programma's het niet meer doen of erger nog de computer niet meer opstart.
    Wat is wijsheid?


    Hieronder de nieuwe Hijackthislog.
    Logfile of HijackThis v1.99.1
    Scan saved at 12:17:37, on 2-9-2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb12.exe
    C:\Program Files\Process Lasso\processgovernor.exe
    C:\Program Files\Preventon\Personal Firewall\PFWall.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\DOCUME~1\DHR~1.SMO\LOCALS~1\Temp\~ef7194.tmp
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Process Lasso\ProcessSupervisor.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32
    vsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\System32\WgaTray.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\\NVCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb12.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ProcessGovernor] C:\Program Files\Process Lasso\processgovernor.exe
    O4 - HKLM\..\Run: [Personal Firewall] C:\Program Files\Preventon\Personal Firewall\PFWall.exe
    O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
    O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [ProcessSupervisorGUI] C:\Program Files\Process Lasso\ProcessSupervisor.exe /tray
    O4 - Global Startup: Adobe Gamma Loader.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O9 - Extra button: (no name) - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.nl/s/v/19.13/uploader2.cab
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com
    dqemea/downloads/sysinfo.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com
    esource/download/scanner/wlscbase969.cab
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://flexiweb.limburg.nl
    ebis/install/mgaxctrl_6033.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156264174109
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mijnalbum.nl/skin/v2/system/upload/ImageUploader4.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://82.93.15.132/activex/AxisCamControl.cab
    O16 - DPF: {DC1FB1EB-BF1E-4C34-8A0A-A2C743CF44E7} (HTMLClientExtension Control) - https://bankieren.rabobank.nl
    aip/appl700/HTMLClientExtension.cab
    O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/obj/NpFv415.dll
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/aio/nl/check/qdiagh.cab?326
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5057/mcfscan.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

    Bedankt voor je medewerking





  • C:\DOCUME~1\DHR~1.SMO\LOCALS~1\Temp\[b:f5cfc454b3]~ef7194.tmp[/b:f5cfc454b3]

    enig idee wat dat is ???????????


    O misschien heb je wat aan deze info.

    [code:1:f5cfc454b3]
    04: HijackThis verwijdert de register-entries, maar de bestanden niet.

    De aanwezigheid van een 04-item in het log betekent niet per se dat het bestand waarnaar het verwijst nog op de pc staat. Vaak zijn 04-items resten van al verwijderde programma's. Tref je het exe-bestand waarnaar het 04-item verwijst ook aan bij de lopende processen, dan kun je er zeker van zijn dat het bestand nog op de pc staat.





    04 - Global Startup: HijackThis verwijdert de snelkoppelingen, maar de bestanden waarnaar die verwijzen niet. Bevindt het bestand zich in de map Global Startup, dan wordt het wel verwijderd.

    04 - Startup: HijackThis verwijdert de snelkoppelingen, maar de bestanden waarnaar die verwijzen niet. Bevindt het bestand zich in de map Startup, dan wordt het wel verwijderd.

    [/code:1:f5cfc454b3]
  • Het bestand: C:\DOCUME~1\DHR~1.SMO\LOCALS~1\Temp\~ef7194.tmp
    heb ik al vaker naar gekeken ook met andere deskundigen uit dit Forum. Het hoort waarschijnlijk bij een spel of kaspersky virusscan.
    Het is niet te verwijderen, ook niet in de veilige modus.

    Hoe kun je het geheugen het beste optimaliseren?

    Als ik een aantal startup-programma's uitschakel, krijg ik telkens bij het opstarten schermpjes in beeld van msconfig met de melding dat ik iets gewijzigd heb.

    Dus dat werkt ook niet.

    Wat kunnen we nog doen?

    Vriendelijk groetend,
    Jan
  • Kan je toevallig de volledige naam laten zien van dat tempfile?
  • De volledige regel (naam):
    Deze computer/Smolders(c:)/Documents and settings/dhr.Smolders/Local Settings/temp/~ef7194.tmp
    is 52 kb groot
  • [quote:2a7e6248a0="smold037"]De volledige regel (naam):
    Deze computer/Smolders(c:)/Documents and settings/dhr.Smolders/Local Settings/temp/~ef7194.tmp
    is 52 kb groot[/quote:2a7e6248a0]

    het ging mij meer om dit dikgedrukte deel

    c:)/Documents and settings/dhr.Smolders/Local Settings/temp/[b:2a7e6248a0]~ef7194.tmp[/b:2a7e6248a0]
    Dus wat staat er op de plaats van ~
  • Beste Juisster,

    Op de plaats van ~ staat niets.
    Hier begint het bestand mee.
    Ik vindt het ook maar raar.

    Jan.
  • Scan het volgende bestand bij Jotti: http://virusscan.jotti.org/
    [b:8cd4e51064]
    C:\DOCUME~1\DHR~1.SMO\LOCALS~1\Temp\~ef7194.tmp
    [/b:8cd4e51064]
    Post het resultaat.
  • Beste Juisterr,

    Jotti heeft het druk maar toch, hieronder het resultaat:

    File to upload & scan:
    Service
    Service load: 0% 100%

    File: ~ef7194.tmp
    Status: OK(Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
    MD5: 784c8e3c13974d448a7c787d6373d991
    Packers detected: -
    Bit9 reports: File not found

    Scanner results
    Scan taken on 03 Sep 2007 20:44:48 (GMT)
    A-Squared Found nothing
    AntiVir Found nothing
    ArcaVir Found nothing
    Avast Found nothing
    AVG Antivirus Found nothing
    BitDefender Found nothing
    ClamAV Found nothing
    CPsecure Found nothing
    Dr.Web Found nothing
    F-Prot Antivirus Found nothing
    F-Secure Anti-Virus Found nothing
    Fortinet Found nothing
    Kaspersky Anti-Virus Found nothing
    NOD32 Found nothing
    Norman Virus Control Found nothing
    Panda Antivirus Found nothing
    Rising Antivirus Found nothing
    Sophos Antivirus Found nothing
    VirusBuster Found nothing
    VBA32 Found nothing
  • Het lijkt me dus een legitieme regel.

    Mag ik nog eens vragen om een nieuw HJT logje ben toch benieuwd of hij nog hetzelfde is.
  • Beste Juisterr,

    Hierbij de nieuwe HJT.

    Kun je nog iets ontdekken om de het systeem sneller te maken?

    Logfile of HijackThis v1.99.1
    Scan saved at 18:46:31, on 4-9-2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb12.exe
    C:\Program Files\Process Lasso\processgovernor.exe
    C:\Program Files\Preventon\Personal Firewall\PFWall.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Process Lasso\ProcessSupervisor.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\DOCUME~1\DHR~1.SMO\LOCALS~1\Temp\~ef7194.tmp
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32
    vsvc32.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\System32\WgaTray.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\\NVCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb12.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ProcessGovernor] C:\Program Files\Process Lasso\processgovernor.exe
    O4 - HKLM\..\Run: [Personal Firewall] C:\Program Files\Preventon\Personal Firewall\PFWall.exe
    O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
    O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [ProcessSupervisorGUI] C:\Program Files\Process Lasso\ProcessSupervisor.exe /tray
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = ?
    O9 - Extra button: (no name) - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.nl/s/v/19.13/uploader2.cab
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com
    dqemea/downloads/sysinfo.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com
    esource/download/scanner/wlscbase969.cab
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://flexiweb.limburg.nl
    ebis/install/mgaxctrl_6033.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156264174109
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mijnalbum.nl/skin/v2/system/upload/ImageUploader4.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://82.93.15.132/activex/AxisCamControl.cab
    O16 - DPF: {DC1FB1EB-BF1E-4C34-8A0A-A2C743CF44E7} (HTMLClientExtension Control) - https://bankieren.rabobank.nl
    aip/appl700/HTMLClientExtension.cab
    O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/obj/NpFv415.dll
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/aio/nl/check/qdiagh.cab?326
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5057/mcfscan.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe





  • Download [b:96463e0e22]Combofix[/b:96463e0e22]

    naar je Bureaublad.
    Dubbelklik [b:96463e0e22]Combofix.exe[/b:96463e0e22]
    Volg de instructies, aanvaard de disclaimer door [b:96463e0e22]1[/b:96463e0e22] (continue) te typen gevolgd door [b:96463e0e22]ENTER[/b:96463e0e22].Tijdens het runnen van de fix, [b:96463e0e22]NIET[/b:96463e0e22] in het venster klikken, want dit zal je pc doen vasthangen.

    Wanneer de fix voltooid is en na herstart, zal de log [b:96463e0e22]combofix.txt[/b:96463e0e22] openen.
    Plaats dit log in je volgende post aan het einde van de fix. <<<<

    Plaats ook een nieuw HijackThis logje aub.


    NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
  • Beste Juisterr,

    Ik heb het bestand gedownload. Op het bureaublad opgeslagen. Na de bubbelklik komt er heel even een blauw schermpje en er gebeurd verder niets. Bij de herstart komt er ook geen txt-bestand.
    Wat kan hier de oorzaak van zijn?

    Hieronder de nieuwe HJT.

    Logfile of HijackThis v1.99.1
    Scan saved at 23:24:21, on 4-9-2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb12.exe
    C:\Program Files\Process Lasso\processgovernor.exe
    C:\Program Files\Preventon\Personal Firewall\PFWall.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Process Lasso\ProcessSupervisor.exe
    C:\DOCUME~1\DHR~1.SMO\LOCALS~1\Temp\~ef7194.tmp
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32
    vsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\WINDOWS\System32\WgaTray.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\\NVCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb12.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ProcessGovernor] C:\Program Files\Process Lasso\processgovernor.exe
    O4 - HKLM\..\Run: [Personal Firewall] C:\Program Files\Preventon\Personal Firewall\PFWall.exe
    O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
    O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [ProcessSupervisorGUI] C:\Program Files\Process Lasso\ProcessSupervisor.exe /tray
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = ?
    O9 - Extra button: (no name) - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.nl/s/v/19.13/uploader2.cab
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com
    dqemea/downloads/sysinfo.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com
    esource/download/scanner/wlscbase969.cab
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://flexiweb.limburg.nl
    ebis/install/mgaxctrl_6033.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156264174109
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mijnalbum.nl/skin/v2/system/upload/ImageUploader4.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://82.93.15.132/activex/AxisCamControl.cab
    O16 - DPF: {DC1FB1EB-BF1E-4C34-8A0A-A2C743CF44E7} (HTMLClientExtension Control) - https://bankieren.rabobank.nl
    aip/appl700/HTMLClientExtension.cab
    O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/obj/NpFv415.dll
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/aio/nl/check/qdiagh.cab?326
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5057/mcfscan.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe





  • geen idee bij mij doet hij het gewoon?

    probeer het nog eens aub.
  • Beste Juisterr,

    Nu is het wel gelukt.
    Zie hieronder de copy van het tekstbestand en de nieuwe HJT

    ComboFix 07-09-05.5 - "Dhr. Smolders" 2007-09-05 18:50:05.1 - x86
    Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1043.18.163 [GMT 2:00]
    * Created a new restore point


    ((((((((((((((((((((((((( Files Created from 2007-08-05 to 2007-09-05 )))))))))))))))))))))))))))))))


    2007-09-05 18:49 51,200 –a—— C:\WINDOWS\NirCmd.exe
    2007-09-04 18:57 <DIR> dr-h—– C:\DOCUME~1\DHR~1.SMO\Onlangs geopend
    2007-08-19 10:42 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    2007-08-08 16:33 <DIR> d——– C:\Program Files\Blaze Media Pro
    2007-08-08 16:33 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-09-05 18:33 8864 –a—— C:\WINDOWS\system32\drivers\CDAC15BA.SYS
    2007-09-05 17:42 9140996 –ahs—- C:\WINDOWS\system32\drivers\fidbox2.idx
    2007-09-05 17:42 5408 –ahs—- C:\WINDOWS\system32\drivers\fidbox.dat
    2007-09-05 17:42 3236 –ahs—- C:\WINDOWS\system32\drivers\fidbox.idx
    2007-09-05 17:42 2348832 –ahs—- C:\WINDOWS\system32\drivers\fidbox2.dat
    2007-08-28 23:32 9344 –a—— C:\WINDOWS\system32\drivers\NSDriver.sys
    2007-08-28 23:32 8320 –a—— C:\WINDOWS\system32\drivers\AWRTRD.sys
    2007-07-30 19:19 92504 –a—— C:\WINDOWS\system32\dllcache\cdm.dll
    2007-07-30 19:19 92504 –a—— C:\WINDOWS\system32\cdm.dll
    2007-07-30 19:19 549720 –a—— C:\WINDOWS\system32\wuapi.dll
    2007-07-30 19:19 53080 –a—— C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 19:19 53080 –a—— C:\WINDOWS\system32\dllcache\wuauclt.exe
    2007-07-30 19:19 43352 –a—— C:\WINDOWS\system32\wups2.dll
    2007-07-30 19:19 325976 –a—— C:\WINDOWS\system32\wucltui.dll
    2007-07-30 19:19 271224 –a—— C:\WINDOWS\system32\mucltui.dll
    2007-07-30 19:19 207736 –a—— C:\WINDOWS\system32\muweb.dll
    2007-07-30 19:19 203096 –a—— C:\WINDOWS\system32\wuweb.dll
    2007-07-30 19:19 1712984 –a—— C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 19:19 1712984 –a—— C:\WINDOWS\system32\dllcache\wuaueng.dll
    2007-07-30 19:18 33624 –a—— C:\WINDOWS\system32\wups.dll
    2007-06-21 16:21 240558 –a—— C:\WINDOWS\system32\doc.exe
    2005-05-11 23:36 12288 –a—— C:\WINDOWS\Fonts.\RandFont.dll
    2004-01-15 15:59 4057802 –a—— C:\Program Files\Speed.exe


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"="SOUNDMAN.EXE" [2002-09-11 04:57 C:\WINDOWS\SOUNDMAN.EXE]
    "NvCplDaemon"="C:\WINDOWS\System32\\NVCpl.dll" [2002-10-25 18:18]
    "nwiz"="nwiz.exe" [2002-10-25 18:18 C:\WINDOWS\system32
    wiz.exe]
    "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2004-03-18 09:33]
    "EM_EXEC"="C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-09 09:50]
    "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2003-02-12 15:27]
    "HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb12.exe" [2004-12-14 18:06]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
    "ProcessGovernor"="C:\Program Files\Process Lasso\processgovernor.exe" [2005-07-16 01:22]
    "Personal Firewall"="C:\Program Files\Preventon\Personal Firewall\PFWall.exe" [2004-08-05 14:16]
    "kav"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2006-03-24 19:09]
    "Realtime Audio Engine"="mmrtkrnl.exe" [2005-01-20 12:02 C:\WINDOWS\system32\MMRTKRNL.EXE]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12]
    "AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-28 23:32]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-11 12:00]
    "ProcessSupervisorGUI"="C:\Program Files\Process Lasso\ProcessSupervisor.exe" [2005-07-16 01:23]
    "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-08-17 22:48]

    C:\DOCUME~1\ALLUSE~1\MENUST~1\PROGRA~1\OPSTAR~1\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 21:05:56]
    Snelstart HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-12 00:49:24]
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26]
    Adobe Reader Snelle start.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
    Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2003-08-30 22:26:59]
    Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2003-08-30 22:26:59]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "NoDispBackgroundPage"=0 (0x0)

    R0 BsStor;InCD Storage Helper Driver;C:\WINDOWS\System32\DRIVERS\bsstor.sys
    R1 PfTdi;PfTdi;C:\WINDOWS\System32\drivers\PfTdi.sys
    R2 BsUDF;InCD UDF Driver;C:\WINDOWS\System32\drivers\BsUDF.sys
    R3 ArtFirewall;Preventon NDIS IM Firewall Miniport;C:\WINDOWS\System32\DRIVERS\Pfwall.sys
    R3 itchfltr;iTouch Keyboard Filter;C:\WINDOWS\System32\DRIVERS\itchfltr.sys
    S0 NVDual;NVDual;C:\WINDOWS\System32\DRIVERS
    vDual.sys
    S3 ids00026;ids00026;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys
    S3 ids0004C;ids0004C;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0004C.sys
    S3 ids0005c;ids0005c;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys
    S3 Ip6FwHlp;IPv6 Internet Connection Firewall;C:\WINDOWS\System32\svchost.exe -k netsvcs
    S3 ssm_bus;Samsung Mobile USB Device II 1.0 driver (WDM);C:\WINDOWS\System32\DRIVERS\ssm_bus.sys
    S3 ssm_mdfl;Samsung Mobile USB Modem II 1.0 Filter;C:\WINDOWS\System32\DRIVERS\ssm_mdfl.sys
    S3 ssm_mdm;Samsung Mobile USB Modem II 1.0 Drivers;C:\WINDOWS\System32\DRIVERS\ssm_mdm.sys

    *Newly Created Service* - CATCHME

    Contents of the 'Scheduled Tasks' folder
    "2007-09-04 21:43:02 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#Deskjet#5550.job"
    "2007-09-04 22:00:02 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
    - C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
    "2007-08-19 07:00:02 C:\WINDOWS\Tasks\Bridget Maasland en Jan Smit - Kerst voor iedereen.job"
    - C:\Documents and Settings\Dhr. Smolders\Mijn documenten\Joop\Kerstnummers!\Bridget Maasland en Jan Smit - Kerst voor iedereen.mp3

    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-09-05 18:53:56
    Windows 5.1.2600 Service Pack 1 FAT NTAPI

    scanning hidden processes …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden files: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ ]


    Completion time: 2007-09-05 18:54:26
    C:\ComboFix-quarantined-files.txt … 2007-09-05 18:54

    — E O F —


    HJT d.d. 5-9-2007

    Logfile of HijackThis v1.99.1
    Scan saved at 18:56:59, on 5-9-2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb12.exe
    C:\Program Files\Process Lasso\processgovernor.exe
    C:\Program Files\Preventon\Personal Firewall\PFWall.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\DOCUME~1\DHR~1.SMO\LOCALS~1\Temp\~ef7194.tmp
    C:\Program Files\Process Lasso\ProcessSupervisor.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32
    vsvc32.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\WgaTray.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32
    otepad.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\\NVCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb12.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ProcessGovernor] C:\Program Files\Process Lasso\processgovernor.exe
    O4 - HKLM\..\Run: [Personal Firewall] C:\Program Files\Preventon\Personal Firewall\PFWall.exe
    O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
    O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [ProcessSupervisorGUI] C:\Program Files\Process Lasso\ProcessSupervisor.exe /tray
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = ?
    O9 - Extra button: (no name) - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.nl/s/v/19.13/uploader2.cab
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com
    dqemea/downloads/sysinfo.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com
    esource/download/scanner/wlscbase969.cab
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://flexiweb.limburg.nl
    ebis/install/mgaxctrl_6033.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156264174109
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mijnalbum.nl/skin/v2/system/upload/ImageUploader4.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://82.93.15.132/activex/AxisCamControl.cab
    O16 - DPF: {DC1FB1EB-BF1E-4C34-8A0A-A2C743CF44E7} (HTMLClientExtension Control) - https://bankieren.rabobank.nl
    aip/appl700/HTMLClientExtension.cab
    O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/obj/NpFv415.dll
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/aio/nl/check/qdiagh.cab?326
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5057/mcfscan.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe








Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.