Het is nu do jul 24, 2014 6:21 am

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles




Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 5 berichten ] 
Auteur Bericht
BerichtGeplaatst: ma aug 17, 2009 10:17 am 
Offline
Lid
Avatar gebruiker

Geregistreerd: ma apr 23, 2007 9:07 pm
Berichten: 824
Besturingssysteem: Windows 7-SP1
Bescherming: Avast AntiVirus 7.0.1474
De cpu van de pc van mijn vriendin staat geregeld op 100%, tevens is taakbeheer onbruikbaar.

Voorzover ik kon waarnemen geen malware, alle updates geïnstalleerd.

LOG:
Log created by WinPatrol PLUS version 16.1.2009.1:16.1.2009.1
Scan saved at 12:39:54 AM, on 8/16/2009
Platform: Windows XP SP3 Service Pack 3 (Build 2600)
MSIE: Internet Explorer (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system\hpsysdrv.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\hp\KBD\kbd.exe
C:\PROGRAM FILES\MICROSOFT OFFICE\Office12\GROOVEMONITOR.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRAM FILES\PowerISO\PWRISOVM.EXE
C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRAM FILES\HP\DIGITAL IMAGING\bin\hpqtra08.exe
C:\PROGRAM FILES\Logitech\SetPoint\SetPoint.exe
C:\PROGRAM FILES\COMMON FILES\Logishrd\KHAL2\KHALMNPR.exe
C:\WINDOWS\ARSERVICE.EXE
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\ekrn.exe
C:\PROGRAM FILES\COMMON FILES\LIGHTSCRIBE\LSSrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\TUProgSt.exe
C:\PROGRAM FILES\HP\DIGITAL IMAGING\bin\hpqste08.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\WINDOWS\system32\TUNEUPDEFRAGSERVICE.EXE
C:\WINDOWS\system32\TASKMGR.EXE
C:\WINDOWS\system32\MSIEXEC.EXE
C:\PROGRAM FILES\Java\jre6\bin\jusched.exe
C:\PROGRAM FILES\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ehTray]C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv]c:\WINDOWS\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard]C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor]ALCXMNTR.EXE
O4 - HKLM\..\Run: [HP Software Update]C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinSys2]C:\WINDOWS\system32\WINSYS2.EXE
O4 - HKLM\..\Run: [KBD]C:\hp\KBD\kbd.exe
O4 - HKLM\..\Run: [GrooveMonitor]C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer]KHALMNPR.EXE
O4 - HKLM\..\Run: [Ad-Watch]C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE]C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [egui]C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher]C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [QuickTime Task]C:\Program Files\QuickTime\qttask.exe -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck]%systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched]C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [WinPatrol PLUS]C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [nwiz]C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon]C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter]C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [NvRegisterMCTrayNview]C:\WINDOWS\system32\NVMCTRAY.DLL,NvMCRegisterApp C:\Program Files\NVIDIA Corporation\nView\nview.dll
O4 - HKLM\..\RunOnce: [NvRegisterMCTray]C:\WINDOWS\system32\NVMCTRAY.DLL,NvMCRegisterApp C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\RunOnce: [NvCplDaemon]C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe]C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen]C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - Global Startup: HP Digital Imaging Monitor.lnk=C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk=C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: MagicDisc.lnk=C:\Program Files\MagicDisc\MAGICDISC.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [Java (Sun)] Java (Sun) - C:\Program Files\Java\jre6\bin
O11 - Options group: [] -
O14 - IERESET.INF: START_PAGE_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
O14 - IERESET.INF: SEARCH_PAGE_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
O14 - IERESET.INF:HKCU, Start Page = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Page_URL = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Search_URL = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKLM, Search Page = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKCU, Search Page = %SEARCH_PAGE_URL%
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_16) - http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.5.0) - http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) - http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) - http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) - http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} (Java Plug-in 1.6.0_16) - http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_16) - http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/sh ... wflash.cab
O21 - WPDShServiceObj - WPDShServiceObj Class - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - UPnPMonitor - UPnP Tray Monitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll
O23 - Service: ESET HTTP Server - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updateservice (gupdate1c9ee4f5b84de92) - - C:\Program Files\Google\Update\GoogleUpdate.exe /svc
O23 - Service: Google Software Updater - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter - - C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Net Driver HPZ12 - Hewlett-Packard - C:\WINDOWS\system32\HPZinw12.dll
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - Hewlett-Packard - C:\WINDOWS\system32\HPZipm12.dll
O23 - Service: PnkBstrA - - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service - TuneUp Software - C:\WINDOWS\system32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service - TuneUp Software - C:\WINDOWS\system32\TUProgSt.exe
O23 - Service: TuneUp Thema-uitbreiding - TuneUp Software - C:\WINDOWS\system32\uxtuneup.dll
O24 - Desktop Component 0: Mijn huidige introductiepagina - About:Home

--- Additional WinPatrol Info ---
Default Browser: Windows® Internet Explorer - Internet Explorer version 8.00.6001.18702
MSIE: Internet Explorer (8.00.6001.18702)
80 IE Cookies in Folder: C:\Documents and Settings\HP_Administrator\Cookies\

WP00 - HKLM\CS1: BootExecute = autocheck autochk *
WP00 - HKLM\CCS: BootExecute = autocheck autochk *
WP00 - HKLM\CS2: BootExecute = autocheck autochk *
WP01 - HKLM\CS1: PendingFileRenameOperations = \??\C:\WINDOWS\system32\SET1397.tmp
WP01 - HKLM\CCS: PendingFileRenameOperations = \??\C:\WINDOWS\system32\SET1397.tmp
WP02 - HKLM\CCS: Command = C:\WINDOWS\system32\cmd.exe

WP03 - Windows Automatic Update = 4:Automatically download recommended updates for my computer and install them.


WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix: Default = http://
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes: www = http://

WP31 - Scheduled Tasks: [GoogleUpdateTaskMachineUA.job]C:\Program Files\Google\Update\GoogleUpdate.exe 08/16/2009 12:36 PM
WP31 - Scheduled Tasks: [GoogleUpdateTaskMachineCore.job]C:\Program Files\Google\Update\GoogleUpdate.exe 08/14/2009 11:20 AM
WP31 - Scheduled Tasks: [Eenvoudige Internetaanmelding.job]C:\Program Files\Easy Internet signup\HPSDPAPP.EXE Never
WP31 - Scheduled Tasks: [Ad-Aware Update (Weekly).job]C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe 08/03/2009 11:40 PM
WP31 - Scheduled Tasks: [1-klik Onderhoud.job]C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe 08/16/2009 12:00 PM

WP16 - ActiveX: {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [Google Script Object] C:\PROGRAM FILES\Google\GOOGLE TOOLBAR\GOOGLETOOLBAR.DLL 6, 1, 1715, 1442
WP16 - ActiveX: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [QuickTime Object] C:\PROGRAM FILES\QUICKTIME\QTPlugin.ocx QuickTime 6.5.1
WP16 - ActiveX: {17492023-C23A-453E-A040-C7C580BBF700} [Windows Genuine Advantage Validation Tool] C:\WINDOWS\system32\LEGITCHECKCONTROL.DLL 1.7.0069.2
WP16 - ActiveX: {19916E01-B44E-4E31-94A4-4696DF46157B} [InformationCardSigninHelper Class] C:\WINDOWS\system32\icardie.dll 8.00.6001.18702
WP16 - ActiveX: {22D6F312-B0F6-11D0-94AB-0080C74C7E95} [Windows Media Player] C:\WINDOWS\system32\wmpdxm.dll 11.0.5721.5268
WP16 - ActiveX: {25336920-03F9-11CF-8FD0-00AA00686F13} [HTML Document] C:\WINDOWS\system32\mshtml.dll 8.00.6001.18812
WP16 - ActiveX: {2933BF90-7B36-11D2-B20E-00C04F983E60} [XML DOM Document] C:\WINDOWS\system32\msxml3.dll 8.100.1048.0
WP16 - ActiveX: {2933BF94-7B36-11D2-B20E-00C04F983E60} [XSL Template] C:\WINDOWS\system32\msxml3.dll 8.100.1048.0
WP16 - ActiveX: {2D360201-FFF5-11D1-8D03-00A0C959BC0A} [DHTML Edit Control Safe for Scripting for IE5] C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\Triedit\dhtmled.ocx 6.01.9247
WP16 - ActiveX: {48123BC4-99D9-11D1-A6B3-00C04FD91555} [XML Document] C:\WINDOWS\system32\msxml3.dll 8.100.1048.0
WP16 - ActiveX: {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} [Microsoft Terminal Services Client Control (redist)] C:\WINDOWS\system32\mstscax.dll 6.0.6001.18266
WP16 - ActiveX: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} [BDSCANONLINE Control] C:\WINDOWS\Downloaded Program Files\oscan82.ocx 1.0.0.1
WP16 - ActiveX: {6414512B-B978-451D-A0D8-FCFDF33E833C} [WUWebControl Class] C:\WINDOWS\system32\wuweb.dll 7.2.6001.788
WP16 - ActiveX: {6BF52A52-394A-11D3-B153-00C04F79FAA6} [Windows Media Player] C:\WINDOWS\system32\wmp.dll 11.0.5721.5268
WP16 - ActiveX: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [MUWebControl Class] C:\WINDOWS\system32\muweb.dll 7.2.6001.788
WP16 - ActiveX: {72267F6A-A6F9-11D0-BC94-00C04FB67863} [Active Desktop Mover] C:\WINDOWS\system32\shell32.dll 6.00.2900.5622
WP16 - ActiveX: {7390f3d8-0439-4c05-91e3-cf5cb290c3d0} [Microsoft Terminal Services Client Control (redist)] C:\WINDOWS\system32\mstscax.dll 6.0.6001.18266
WP16 - ActiveX: {760C4B83-E211-11D2-BF3E-00805FBE84A6} [Windows Media Services DRM Storage object] C:\WINDOWS\system32\msnetobj.dll 11.0.5721.5145
WP16 - ActiveX: {8856F961-340A-11D0-A96B-00C04FD705A2} [Microsoft Web Browser] C:\WINDOWS\system32\ieframe.dll 8.00.6001.18812
WP16 - ActiveX: {88D969C0-F192-11D4-A65F-0040963251E5} [XML DOM Document 4.0] C:\WINDOWS\system32\msxml4.dll 4.20.9870.0
WP16 - ActiveX: {88D96A05-F192-11D4-A65F-0040963251E5} [XML DOM Document 6.0] C:\WINDOWS\system32\msxml6.dll 6.20.1099.0
WP16 - ActiveX: {88D96A06-F192-11D4-A65F-0040963251E5} [Free Threaded XML DOM Document 6.0] C:\WINDOWS\system32\msxml6.dll 6.20.1099.0
WP16 - ActiveX: {88D96A08-F192-11D4-A65F-0040963251E5} [XSL Template 6.0] C:\WINDOWS\system32\msxml6.dll 6.20.1099.0
WP16 - ActiveX: {88D96A0A-F192-11D4-A65F-0040963251E5} [XML HTTP 6.0] C:\WINDOWS\system32\msxml6.dll 6.20.1099.0
WP16 - ActiveX: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Java Plug-in 1.6.0_16] C:\PROGRAM FILES\Java\jre6\bin\jp2iexp.dll
WP16 - ActiveX: {B45FF030-4447-11D2-85DE-00C04FA35C89} [SearchAssistantOC] C:\WINDOWS\system32\shdocvw.dll 6.00.2900.5512
WP16 - ActiveX: {BF0118D4-63FF-4138-9327-F3028FB1A578} [Helper Class] C:\WINDOWS\Web\WALLPAPER\welcome\AWhelper.dll 1, 0, 0, 1
WP16 - ActiveX: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} [Zylom Games Player] C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\Zylom\ZYLOMGAMESPLAYER\ZYLOMGAMESPLAYER.DLL 2, 0, 0, 1
WP16 - ActiveX: {CA8A9780-280D-11CF-A24D-444553540000} [Adobe PDF Reader] C:\PROGRAM FILES\COMMON FILES\Adobe\Acrobat\ActiveX\AcroPDF.dll
WP16 - ActiveX: {CD3AFA7B-B84F-48F0-9393-7EDC34128127} [AUDIO__WAV Moniker Class] C:\WINDOWS\system32\wmp.dll 11.0.5721.5268
WP16 - ActiveX: {CD3AFA8F-B84F-48F0-9393-7EDC34128127} [VIDEO__X_MS_ASF Moniker Class] C:\WINDOWS\system32\wmp.dll 11.0.5721.5268
WP16 - ActiveX: {CD3AFA94-B84F-48F0-9393-7EDC34128127} [VIDEO__X_MS_WMV Moniker Class] C:\WINDOWS\system32\wmp.dll 11.0.5721.5268
WP16 - ActiveX: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [Microsoft Url Search Hook] C:\WINDOWS\system32\ieframe.dll 8.00.6001.18812
WP16 - ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Shockwave Flash Object] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx 10,0,22,87
WP16 - ActiveX: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [iTunesDetector Class] C:\PROGRAM FILES\iTunes\ITDETECTOR.OCX 2, 0, 0, 0
WP16 - ActiveX: {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} [QuickTimeCheck Class] C:\WINDOWS\system32\QUICKTIMECHECK.OCX QuickTime 6.5.1
WP16 - ActiveX: {DFEAF541-F3E1-4C24-ACAC-99C30715084A} [Microsoft Silverlight] C:\PROGRAM FILES\MICROSOFT SILVERLIGHT\3.0.40723.0\npctrl.dll 3.0.40723.0
WP16 - ActiveX: {ED8C108E-4349-11D2-91A4-00C04F7969E8} [XML HTTP Request] C:\WINDOWS\system32\msxml3.dll 8.100.1048.0
WP16 - ActiveX: {F31D1897-7EFD-4647-8687-E05894E382AB} [Runclose Control] C:\WINDOWS\system32\RUNCLOSE.OCX 1.0.1.3
WP16 - ActiveX: {F5078F32-C551-11D3-89B9-0000F81FE221} [XML DOM Document 3.0] C:\WINDOWS\system32\msxml3.dll 8.100.1048.0
WP16 - ActiveX: {F6D90F11-9C73-11D3-B32E-00C04F990BB4} [XML DOM Document] C:\WINDOWS\system32\msxml3.dll 8.100.1048.0
WP16 - ActiveX: {F6D90F16-9C73-11D3-B32E-00C04F990BB4} [XML HTTP] C:\WINDOWS\system32\msxml3.dll 8.100.1048.0
WP16 - ActiveX: {00024522-0000-0000-C000-000000000046} [RefEdit.Ctrl] C:\Program Files\Microsoft Office\Office12\REFEDIT.DLL 12.0.6413.1000
WP16 - ActiveX: {05589fa1-c356-11ce-bf01-00aa0055595a} [ActiveMovieControl Object] C:\WINDOWS\system32\wmpdxm.dll 11.0.5721.5268
WP16 - ActiveX: {0713E8A2-850A-101B-AFC0-4210102A8DA7} [Microsoft TreeView Control, version 5.0 (SP2)] C:\WINDOWS\system32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {0713E8D2-850A-101B-AFC0-4210102A8DA7} [Microsoft ProgressBar Control, version 5.0 (SP2)] C:\WINDOWS\system32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {3605B612-C3CF-4ab4-A426-2D853391DB2E} [Certificates Class] C:\PROGRAM FILES\MICROSOFT CAPICOM 2.1.0.2\Lib\X86\capicom.dll 2, 1, 0, 2
WP16 - ActiveX: {1D2B4F40-1F10-11D1-9E88-00C04FDCAB92} [ThumbCtl Class] C:\WINDOWS\system32\webvw.dll 6.00.2900.5512
WP16 - ActiveX: {DFEAF541-F3E1-4c24-ACAC-99C30715084A} [Microsoft Silverlight] C:\PROGRAM FILES\MICROSOFT SILVERLIGHT\3.0.40723.0\npctrl.dll 3.0.40723.0
WP16 - ActiveX: {ECD0ECC6-DCA4-4013-A915-12355AB70999} [MSWebDVD Class] C:\WINDOWS\system32\mswebdvd.dll 6.05.2600.5857
WP16 - ActiveX: {52A2AAAE-085D-4187-97EA-8C30DB990436} [HHCtrl Object] C:\WINDOWS\system32\hhctrl.ocx 5.2.3790.4110
WP16 - ActiveX: {54CE37E0-9834-41ae-9896-4DAB69DC022B} [Microsoft Terminal Services Client Control (redist)] C:\WINDOWS\system32\mstscax.dll 6.0.6001.18266
WP16 - ActiveX: {58DA8D8A-9D6A-101B-AFC0-4210102A8DA7} [Microsoft ListView Control, version 5.0 (SP2)] C:\WINDOWS\system32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {58DA8D8F-9D6A-101B-AFC0-4210102A8DA7} [Microsoft ImageList Control, version 5.0 (SP2)] C:\WINDOWS\system32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {550C8FFB-4DC0-4756-828C-862E6D0AE74F} [Chain Class] C:\PROGRAM FILES\MICROSOFT CAPICOM 2.1.0.2\Lib\X86\capicom.dll 2, 1, 0, 2
WP16 - ActiveX: {6B7E638F-850A-101B-AFC0-4210102A8DA7} [Microsoft StatusBar Control, version 5.0 (SP2)] C:\WINDOWS\system32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {6A6F4B83-45C5-4ca9-BDD9-0D81C12295E4} [Microsoft Terminal Services Client Control (redist)] C:\WINDOWS\system32\mstscax.dll 6.0.6001.18266
WP16 - ActiveX: {91D221C4-0CD4-461C-A728-01D509321556} [Store Class] C:\PROGRAM FILES\MICROSOFT CAPICOM 2.1.0.2\Lib\X86\capicom.dll 2, 1, 0, 2
WP16 - ActiveX: {8856F961-340A-11D0-A96B-00C04FD705A2} [Microsoft Web Browser] C:\WINDOWS\system32\ieframe.dll 8.00.6001.18812
WP16 - ActiveX: {8BD21D50-EC42-11CE-9E0D-00AA006002F3} [Microsoft Forms 2.0 OptionButton] C:\WINDOWS\system32\FM20.DLL 12.0.6415.1000
WP16 - ActiveX: {A3F2A195-0D11-463b-96BB-D2FF1B7490A1} [MSDVDAdm Class] C:\WINDOWS\system32\mswebdvd.dll 6.05.2600.5857
WP16 - ActiveX: {971127BB-259F-48c2-BD75-5F97A3331551} [Microsoft Terminal Services Client Control (redist)] C:\WINDOWS\system32\mstscax.dll 6.0.6001.18266
WP16 - ActiveX: {AE24FDAE-03C6-11D1-8B76-0080C744F389} [Microsoft Scriptlet Component] C:\WINDOWS\system32\mshtml.dll 8.00.6001.18812
WP16 - ActiveX: {CA8A9780-280D-11CF-A24D-444553540000} [Adobe PDF Reader] C:\PROGRAM FILES\COMMON FILES\Adobe\Acrobat\ActiveX\AcroPDF.dll
WP16 - ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Shockwave Flash Object] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx 10,0,22,87
WP16 - ActiveX: {9171C115-7DD9-46BA-B1E5-0ED50AFFC1B8} [Certificate Class] C:\PROGRAM FILES\MICROSOFT CAPICOM 2.1.0.2\Lib\X86\capicom.dll 2, 1, 0, 2
WP16 - ActiveX: {E5DF9D10-3B52-11D1-83E8-00A0C90DC849} [WebViewFolderIcon Class] C:\WINDOWS\system32\webvw.dll 6.00.2900.5512
WP16 - ActiveX: {3605B612-C3CF-4ab4-A426-2D853391DB2E} [Certificates Class] C:\PROGRAM FILES\MICROSOFT CAPICOM 2.1.0.2\Lib\X86\capicom.dll 2, 1, 0, 2

WP32 - Hidden File: C:\BOOT.BAK
WP32 - Hidden File: C:\boot.ini
WP32 - Hidden File: C:\Bootfont.bin
WP32 - Hidden File: C:\cmldr
WP32 - Hidden File: C:\hiberfil.sys
WP32 - Hidden File: C:\IO.SYS
WP32 - Hidden File: C:\MSDOS.SYS
WP32 - Hidden File: C:\NTDETECT.COM
WP32 - Hidden File: C:\ntldr
WP32 - Hidden File: C:\pagefile.sys
WP32 - Hidden File: C:\WINDOWS\QTFont.qfn
WP32 - Hidden File: C:\WINDOWS\t55ft2692f44.dat
WP32 - Hidden File: C:\WINDOWS\WindowsShell.Manifest
WP32 - Hidden File: C:\WINDOWS\winnt.bmp
WP32 - Hidden File: C:\WINDOWS\winnt256.bmp
WP32 - Hidden File: C:\WINDOWS\system32\cdplayer.exe.manifest
WP32 - Hidden File: C:\WINDOWS\system32\config\default.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SECURITY.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\software.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\system.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\TempKey.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\userdiff.LOG
WP32 - Hidden File: C:\WINDOWS\system32\drivers\103C_HP_CPC_EJ152AA-ABH m7290.nl_YC_0Pavi_QCZB542_E54NLemMPC1_48_IAMETHYST-M_SMSI_V1.0_B3.35_T050930_WXP2_L413_M1535_J250_7AMD_8Athlon 64_92.19_#060202_N10EC8139_Z_G10025B62_OHP DVD Writer 740b;IDE-DVD DROM6216.MRK
WP32 - Hidden File: C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
WP32 - Hidden File: C:\WINDOWS\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
WP32 - Hidden File: C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
WP32 - Hidden File: C:\WINDOWS\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
WP32 - Hidden File: C:\WINDOWS\system32\logonui.exe.manifest
WP32 - Hidden File: C:\WINDOWS\system32\ncpa.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\nwc.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\Restore\filelist.xml
WP32 - Hidden File: C:\WINDOWS\system32\sapi.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\WindowsLogon.manifest
WP32 - Hidden File: C:\WINDOWS\system32\wuaucpl.cpl.manifest

WP33 - File Type .AVI: [Videoclip]C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:8 /Open %L
WP33 - File Type .BAT: [MS-DOS-batchbestand]%1 %*
WP33 - File Type .CAB: [Cabinet-bestand]C:\WINDOWS\Explorer.exe /idlist,%I,%L
WP33 - File Type .CAT: [Beveiligingscatalogus]rundll32.exe cryptext.dll,CryptExtOpenCAT %1
WP33 - File Type .CHM: [Gecompileerd HTML Help-bestand]C:\WINDOWS\hh.exe %1
WP33 - File Type .COM: [MS-DOS-toepassing]%1 %*
WP33 - File Type .CMD: [Windows NT-opdrachtscript]%1 %*
WP33 - File Type .DOC: [Microsoft Office Word 97 - 2003 document]C:\Program Files\Microsoft Office\Office12\WINWORD.EXE /n /dde
WP33 - File Type .EML: [Internet E-Mail Message]C:\Program Files\Outlook Express\msimn.exe /eml:%1
WP33 - File Type .EXE: [Toepassing]%1 %*
WP33 - File Type .INF: [Setup-gegevens]C:\WINDOWS\System32\NOTEPAD.EXE %1
WP33 - File Type .JS: [JScript-scriptbestand]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .LOG: [Tekstdocument]C:\WINDOWS\system32\NOTEPAD.EXE %1
WP33 - File Type .MSI: [Windows Installer Package]C:\WINDOWS\System32\msiexec.exe /i %1 %*
WP33 - File Type .MSG: [Outlook-item]C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE /f %1
WP33 - File Type .MID: [Midi-sequentie]C:\Program Files\Windows Media Player\wmplayer.exe /Open %L
WP33 - File Type .MP3: [Geluid met MP3-indeling]C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:6 /Open %L
WP33 - File Type .PIF: [Snelkoppeling naar een MS-DOS-programma]%1 %*
WP33 - File Type .REG: [Registervermeldingen]regedit.exe %1
WP33 - File Type .RTF: [Rich Text Format]C:\Program Files\Microsoft Office\Office12\WINWORD.EXE /n /dde
WP33 - File Type .SCR: [Schermbeveiliging]%1 /S
WP33 - File Type .TXT: [Tekstdocument]C:\WINDOWS\system32\NOTEPAD.EXE %1
WP33 - File Type .URL: [Internetsnelkoppeling]C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ieframe.dll,OpenURL %l
WP33 - File Type .VBS: [VBScript-scriptbestand]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .VBE: [Met VBScript gecodeerd scriptbestand]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .WSF: [Windows-scriptbestand]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .WSH: [Instellingenbestand voor Windows Script Host]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .XLS: [Microsoft Office Excel 97-2003-werkblad]C:\Program Files\Microsoft Office\Office12\EXCEL.EXE /e

Memory currently in use: 42%
Physical Memory Free: 902,668 KB
Paging File Free: 3,027,980 KB
Virtual Memory Free: 2,032,644 KB


--
End of file

_________________
Flame, virus of wapen? (Artikel)
Veilig online - 100 tips (Erg handig)
Kinderveiligheid (Erg handig)
Online scans (file & url scanners)


Omhoog
 Profiel  
 
BerichtGeplaatst: ma aug 17, 2009 12:00 pm 
Offline
Lid
Avatar gebruiker

Geregistreerd: ma apr 23, 2007 9:07 pm
Berichten: 824
Besturingssysteem: Windows 7-SP1
Bescherming: Avast AntiVirus 7.0.1474
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
bdoscandel is het uninstall prg. voor BitDefender Online Scanner. (overbodig?)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
xpnetdiag.exe is een Netwerk Diagnostiche tool voor Windows XP van Microsoft.

O11 - Options group: [] -
Leeg? In ieder geval geen 'CommonName'

Bovenstaande is wat ik denk, dus niet met zekerheid..

_________________
Flame, virus of wapen? (Artikel)
Veilig online - 100 tips (Erg handig)
Kinderveiligheid (Erg handig)
Online scans (file & url scanners)


Omhoog
 Profiel  
 
BerichtGeplaatst: za aug 22, 2009 7:47 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: wo apr 13, 2005 3:54 pm
Berichten: 33456
Woonplaats: Kotje aan de kust.
Besturingssysteem: Windows 7
Bescherming: Malwarebytes pro
Je bent over het hoofd gezien omdat je hebt gereageerd op je eigen topic, plaats even een nieuw HJT logje.

_________________
****Afbeelding****
Lid van Team Opleiding.

traagheidtips
Keuze in AV
wat is een rootkit


Omhoog
 Profiel  
 
BerichtGeplaatst: za aug 22, 2009 8:53 pm 
Offline
Lid
Avatar gebruiker

Geregistreerd: ma apr 23, 2007 9:07 pm
Berichten: 824
Besturingssysteem: Windows 7-SP1
Bescherming: Avast AntiVirus 7.0.1474
Ik heb ondertussen de hele pc opnieuw geïnstalleerd, dus daarmee is het probleem meteen opgelost..

En inderdaad, reageren op je eigen topic kan ervoor zorgen dat je over het hoofd gezien wordt..haha

Maar omdat ik binnenkort bij jullie met de opleiding start wou ik kijken of mijn 'kennis' strookte met wat de experts zoudebn zeggen. Dit dus ter controle van mezelf.. :wink:

_________________
Flame, virus of wapen? (Artikel)
Veilig online - 100 tips (Erg handig)
Kinderveiligheid (Erg handig)
Online scans (file & url scanners)


Omhoog
 Profiel  
 
BerichtGeplaatst: za aug 22, 2009 9:45 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: wo apr 13, 2005 3:54 pm
Berichten: 33456
Woonplaats: Kotje aan de kust.
Besturingssysteem: Windows 7
Bescherming: Malwarebytes pro
Bedankt voor je afmelding.

_________________
****Afbeelding****
Lid van Team Opleiding.

traagheidtips
Keuze in AV
wat is een rootkit


Omhoog
 Profiel  
 
Geef de vorige berichten weer:  Sorteer op  
Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 5 berichten ] 

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles


Wie is er online

Gebruikers op dit forum: Google [Bot] en 1 gast


Je mag geen nieuwe onderwerpen in dit forum plaatsen
Je mag niet antwoorden op een onderwerp in dit forum
Je mag je berichten in dit forum niet wijzigen
Je mag je berichten niet uit dit forum verwijderen
Je mag geen bijlagen toevoegen in dit forum

Ga naar:  
Powered by phpBB® Forum Software © phpBB Group
phpBB.nl Vertaling