PDA

Volledige versie bekijken : In behandeling problemen met oude pc



gilbereke
26 juni 2009, 19:17
gegroet allen,

Ik heb volgende hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:10:47, on 26/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = De Tijd: Homepage (http://www.tijd.be/)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com (http://go.microsoft.com/fwlink/?LinkId=69157)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing (http://go.microsoft.com/fwlink/?LinkId=54896)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing (http://go.microsoft.com/fwlink/?LinkId=54896)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com (http://go.microsoft.com/fwlink/?LinkId=69157)
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\s wg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [lsass driver] C:\WINDOWS\msauc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ieupdate] "C:\WINDOWS\system32\ieupdates.exe"
O4 - HKCU\..\Run: [A00F1C1D34.exe] C:\DOCUME~1\roger\LOCALS~1\Temp\_A00F1C1D34.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab34120.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136832828843
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://spacevandennis87.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) - http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab37625.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BC18E6DF-BE57-4580-93E8-F228F9A133AA} (MaxisSimCity4LotTeleX Control) - http://simcity.ea.com/exchange/lots/teleport/MaxisSimCity4LotTeleX.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab35645.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: __c00CED2F - C:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Update Service (gupdate1c989f85dc731c0) (gupdate1c989f85dc731c0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 10378 bytes


verder heb ik ccleaner en ad-aware al eens uitgevoerd en draait er avg op men pc.

Het betreft hier wel een oude pc 5-7 jaar oud max.

De pc is algemeen traag en blokeert af en toe eens.

Jurgenv1
27 juni 2009, 00:48
* Download en bewaar SDFix (http://downloads.andymanchesta.com/RemovalTools/SDFix.exe)
op je bureaublad.

Dubbelklik op SDFix.exe en kies voor Install om het tooltje uit te pakken in een eigen map op je bureaubad. Herstart dan je pc in Veilige modus (http://users.pandora.be/marcvn/spyware/1378056.htm)


In veilige modus, open de SDFix map op je bureaublad en dubbelklik op RunThis.bat om het tooltje te starten.
Typ Y om het clean proces te starten.
het verwijdert alle Trojan Services of Registry Entries die met deze infectie te maken hebben, als het tooltje klaar is zal het jou vertellen om eender welke toets te drukken om je pc te herstarten, doe dit ook.
Wanneer de pc herstart zal het tooltje opnieuw runnen en het opruimproces beëindigen en je de melding Finished tonen, druk dan op eender welke toets om het scriptje te beëindigen en je bureaublad zullen tevoorschijn komen.
Wanneer je bureaublad icoontjes verschijnen zal het rapportje van SDFix openen en ook in de map bewaren onder de naam Report.txt.
Kopieer en plak nu de inhoud van dat rapportje hier met een nieuw hijackthis logje.

gilbereke
27 juni 2009, 01:52
Goed,

heb gedaan wat je vroeg met het volgende resultaat:

sdfix rapport:


SDFix: Version 1.240
Run by roger on za 27/06/2009 at 01:18

Microsoft Windows XP [versie 5.1.2600]
Running From: C:\Documents and Settings\roger\Bureaublad\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

Trojan Files Found:

C:\WINDOWS\system32\shell31.dll - Deleted





Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover (http://www.gmer.net)
Rootkit scan 2009-06-27 01:32:00
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2re s.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Valve\\Steam\\Steam.exe"="C:\\Program Files\\Valve\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\Vietcong\\vietcong.exe"="C:\\Program Files\\Vietcong\\vietcong.exe:*:Enabled:vietcong"
"C:\\Program Files\\Infogrames\\Monopoly Tycoon\\mc.exe"="C:\\Program Files\\Infogrames\\Monopoly Tycoon\\mc.exe:*:Enabled:Monopoly Tycoon"
"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Micros oft DirectPlay8 Server"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Micr osoft DirectPlay Helper"
"C:\\Program Files\\Championship Manager 00-01\\cm0001.exe"="C:\\Program Files\\Championship Manager 00-01\\cm0001.exe:*:Enabled:cm0001"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Valve\\Condition Zero\\czero.exe"="C:\\Valve\\Condition Zero\\czero.exe:*:Enabled:Condition Zero Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\hkreddragon\\condi tion zero\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\hkreddragon\\condi tion zero\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Cyanide\\Pro Cycling Manager\\Cym2005.exe"="C:\\Program Files\\Cyanide\\Pro Cycling Manager\\Cym2005.exe:*:Enabled:Cym2005"
"C:\\Program Files\\A Few Screws Loose\\Battle Carry Demo\\client.exe"="C:\\Program Files\\A Few Screws Loose\\Battle Carry Demo\\client.exe:*:Enabled:PC Game title 'BattleCarry' uses AFSL's Screwed Suite as a set of Modules supporting AFSL's Games and Engine(s)"
"C:\\Program Files\\EA GAMES\\Battlefield 2 Demo\\BF2.exe"="C:\\Program Files\\EA GAMES\\Battlefield 2 Demo\\BF2.exe:*:Enabled:Battlefield 2"
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"="C:\\Program Files\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\\Program Files\\Codemasters\\IGI 2\\pc\\igi2.exe"="C:\\Program Files\\Codemasters\\IGI 2\\pc\\igi2.exe:*:Enabled:IGI2:Covert Strike"
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.ICD"="C:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.ICD:*:Enabled:Age of Empires II"
"C:\\Program Files\\MSN Gaming Zone\\zclient.exe"="C:\\Program Files\\MSN Gaming Zone\\zclient.exe:*:Enabled:Zone Datafile"
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.e xe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\nanoCom Corporation\\iSpQ VideoChat\\iSpQVideoChat75.exe"="C:\\Program Files\\nanoCom Corporation\\iSpQ VideoChat\\iSpQVideoChat75.exe:*:Enabled:iSpQ VideoChat"
"C:\\Program Files\\America's Army\\System\\ArmyOps.exe"="C:\\Program Files\\America's Army\\System\\ArmyOps.exe:*:Enabled:ArmyOps"
"C:\\Program Files\\Omerta Script\\mirc.exe"="C:\\Program Files\\Omerta Script\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\ChatX\\mirc.exe"="C:\\Program Files\\ChatX\\mirc.exe:*:Enabled:mIRC"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\java.exe"="C:\\WINDOWS\\system32\\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:Incre diMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:Inc rediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:Incr ediMail"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Documents and Settings\\roger\\Local Settings\\Temp\\mirc.exe"="C:\\Documents and Settings\\roger\\Local Settings\\Temp\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\mIRC-Rffo\\mirc.exe"="C:\\Program Files\\mIRC-Rffo\\mirc.exe:*:Enabled:mIRC"
"C:\\Documents and Settings\\roger\\Local Settings\\Temporary Internet Files\\Content.IE5\\KHMSCXJP\\incredimail_install[1].exe"="C:\\Documents and Settings\\roger\\Local Settings\\Temporary Internet Files\\Content.IE5\\KHMSCXJP\\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Disabled:Internet Explorer"
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\AGE2_X1.ICD"="C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\AGE2_X1.ICD:*:Enabled:Age of Empires II Expansion"
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe:*:Enabled:Age of Empires III"
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs"
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3y.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\\Program Files\\rffo-irc\\mirc.exe"="C:\\Program Files\\rffo-irc\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Ena bled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Ya hoo! FT Server"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG8\\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"="C:\\Program Files\\Java\\jre6\\bin\\java.exe:*:Enabled:Java(TM ) Platform SE binary"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2re s.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

Remaining Files :


File Backups: - C:\DOCUME~1\roger\BUREAU~1\SDFix\backups\backups.z ip

Files with Hidden Attributes :

Wed 22 Oct 2008 949,072 A.SHR --- "C:\Program Files\File Scanner Library (Spybot - Search & Destroy)\advcheck.dll"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)\Tools.dll"
Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Program Files\SDHelper (Spybot - Search & Destroy)\SDHelper.dll"
Wed 22 Oct 2008 949,072 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\advcheck.dll"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\Tools.dll"
Tue 16 Sep 2008 1,833,296 A.SHR --- "C:\Program Files\TeaTimer (Spybot - Search & Destroy)\TeaTimer.exe"
Wed 2 Nov 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 6 Mar 2008 27,136 ...H. --- "C:\Documents and Settings\roger\Mijn documenten\~WRL3414.tmp"
Thu 14 Dec 2006 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Fri 4 Apr 2008 3,372,544 ...H. --- "C:\Documents and Settings\roger\Bureaublad\bureau\~WRL3125.tmp"
Sat 23 Jun 2007 37,888 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL0003.tmp"
Sun 1 Jul 2007 95,232 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL0004.tmp"
Wed 4 Jul 2007 182,784 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL0061.tmp"
Wed 4 Jul 2007 25,600 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL0223.tmp"
Wed 4 Jul 2007 161,280 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL0479.tmp"
Wed 4 Jul 2007 146,432 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL0539.tmp"
Wed 4 Jul 2007 153,088 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL0641.tmp"
Wed 4 Jul 2007 132,608 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL0817.tmp"
Sun 1 Jul 2007 404,480 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL0950.tmp"
Wed 4 Jul 2007 25,088 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL1059.tmp"
Sun 1 Jul 2007 101,376 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL1293.tmp"
Wed 4 Jul 2007 113,664 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL1408.tmp"
Wed 4 Jul 2007 128,512 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL1672.tmp"
Wed 4 Jul 2007 24,064 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL2146.tmp"
Sun 1 Jul 2007 401,920 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL2529.tmp"
Sun 1 Jul 2007 166,912 ...H. --- "C:\Documents and Settings\roger\Bureaublad\spaans\~WRL3680.tmp"
Sun 30 Nov 2008 86,528 ...H. --- "C:\Documents and Settings\roger\Bureaublad\tim\~WRL4050.tmp"
Fri 10 Oct 2008 162 A..H. --- "C:\Documents and Settings\roger\Mijn documenten\tim school\~$RL3303.tmp"
Wed 28 Feb 2007 161,280 ...H. --- "C:\Documents and Settings\roger\Mijn documenten\tim school\~WRL0001.tmp"
Wed 28 Feb 2007 170,496 ...H. --- "C:\Documents and Settings\roger\Mijn documenten\tim school\~WRL0002.tmp"
Wed 28 Feb 2007 160,768 ...H. --- "C:\Documents and Settings\roger\Mijn documenten\tim school\~WRL1319.tmp"
Wed 28 Feb 2007 160,256 ...H. --- "C:\Documents and Settings\roger\Mijn documenten\tim school\~WRL1419.tmp"
Wed 28 Feb 2007 163,328 ...H. --- "C:\Documents and Settings\roger\Mijn documenten\tim school\~WRL2284.tmp"
Wed 28 Feb 2007 170,496 ...H. --- "C:\Documents and Settings\roger\Mijn documenten\tim school\~WRL3164.tmp"
Wed 28 Feb 2007 166,400 ...H. --- "C:\Documents and Settings\roger\Mijn documenten\tim school\~WRL3303.tmp"
Wed 28 Feb 2007 162,304 ...H. --- "C:\Documents and Settings\roger\Mijn documenten\tim school\~WRL3811.tmp"
Sat 8 Dec 2007 711,680 ...H. --- "C:\Documents and Settings\roger\Application Data\Microsoft\Word\~WRL0559.tmp"
Tue 13 Sep 2005 444 ...HR --- "C:\Documents and Settings\roger\Application Data\SecuROM\UserData\securom_v7_01.bak"
Wed 4 Oct 2006 3,072,000 A..H. --- "C:\Documents and Settings\roger\Application Data\U3\temp\Launchpad Removal.exe"
Mon 27 Aug 2007 264,192 A..H. --- "C:\Documents and Settings\roger\Bureaublad\tim\Middenjury\~WRL0003. tmp"
Mon 3 Sep 2007 265,728 A..H. --- "C:\Documents and Settings\roger\Bureaublad\tim\Middenjury\~WRL1096. tmp"
Tue 3 Mar 2009 22,016 A..H. --- "C:\Documents and Settings\roger\Bureaublad\tim\tim\~WRL2976.tmp"
Wed 2 Nov 2005 4,348 ...H. --- "C:\Documents and Settings\roger\Mijn documenten\Mijn muziek\Back-up van licentie\drmv1key.bak"
Thu 7 Dec 2006 20 A..H. --- "C:\Documents and Settings\roger\Mijn documenten\Mijn muziek\Back-up van licentie\drmv1lic.bak"
Sun 27 Mar 2005 312 A.SH. --- "C:\Documents and Settings\roger\Mijn documenten\Mijn muziek\Back-up van licentie\drmv2key.bak"
Wed 21 Nov 2007 655,872 A..H. --- "C:\Documents and Settings\roger\Application Data\U3\temp\49145fef0\~WRL0682.tmp"
Sat 8 Dec 2007 714,240 A..H. --- "C:\Documents and Settings\roger\Application Data\U3\temp\49145fef0\Documents\~WRL0681.tmp"
Sat 8 Dec 2007 714,240 A..H. --- "C:\Documents and Settings\roger\Application Data\U3\temp\49145fef0\Documents\~WRL2287.tmp"
Sat 8 Dec 2007 701,952 A..H. --- "C:\Documents and Settings\roger\Application Data\U3\temp\49145fef0\Documents\~WRL3604.tmp"
Sat 12 Apr 2008 3,456,000 A..H. --- "C:\Documents and Settings\roger\Application Data\U3\temp\49145fef0\nieuwste versie tekst!\~WRL2212.tmp"

Finished!

gilbereke
27 juni 2009, 01:55
en dan het hijackthisrapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:47:42, on 27/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = De Tijd: Homepage (http://www.tijd.be/)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com (http://go.microsoft.com/fwlink/?LinkId=69157)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing (http://go.microsoft.com/fwlink/?LinkId=54896)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing (http://go.microsoft.com/fwlink/?LinkId=54896)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com (http://go.microsoft.com/fwlink/?LinkId=69157)
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\s wg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [A00F1C1D34.exe] C:\DOCUME~1\roger\LOCALS~1\Temp\_A00F1C1D34.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

gilbereke
27 juni 2009, 02:01
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) -
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) -
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) -
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) -
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) -
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) -
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
O16 - DPF: {BC18E6DF-BE57-4580-93E8-F228F9A133AA} (MaxisSimCity4LotTeleX Control) -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class)
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) -
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) -
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: __c00CED2F - C:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Update Service (gupdate1c989f85dc731c0) (gupdate1c989f85dc731c0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 10140 bytes

Ik kreeg het om de een of andere reden niet in 1 deel gepost, vandaar dat ik het in delen gepost heb + ik heb bij de "016" files de weblinks altijd verwijderd, ik hoop dat dat niks uitmaakt?
Anders kreeg ik het niet gepost.

alvast bedankt voor uw hulp.

Jurgenv1
1 juli 2009, 01:07
Download combofix.exe: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Plaats het op je bureaublad.
Dubbelklik er op om het programma te starten.
In het scherm dat verschijnt tik je een 1 in om het cleaning- en analysesproces te laten uitvoeren.
Volg de instructies op het scherm.
Als het tooltje klaar is, opent er een logfile (combofix.txt).
Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.

gilbereke
1 juli 2009, 14:10
Gegroet:
hieronder het log file van het combofix programma

ComboFix 09-06-29.07 - roger 01/07/2009 13:45.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.149 [GMT 2:00]
Gestart vanuit: c:\documents and settings\roger\Bureaublad\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\mlfcache.dat
c:\windows\system32\sirenacm(2).dll

.
(((((((((((((((((((( Bestanden Gemaakt van 2009-06-01 to 2009-07-01 ))))))))))))))))))))))))))))))
.

2009-06-26 23:17 . 2009-06-26 23:17 580096 -c--a-w- c:\windows\system32\dllcache\user32.dll
2009-06-26 23:12 . 2009-06-26 23:12 -------- d-----w- c:\windows\ERUNT
2009-06-26 17:06 . 2009-06-26 17:06 -------- d-----w- c:\program files\Trend Micro
2009-06-10 11:11 . 2009-04-30 21:18 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-06-10 11:11 . 2009-04-30 21:17 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-02 16:44 . 2009-06-02 16:44 -------- d-----w- c:\program files\Microsoft
2009-06-02 16:43 . 2009-06-02 16:43 -------- d-----w- c:\program files\Windows Live SkyDrive

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-07-01 11:29 . 2009-04-25 13:34 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-06-30 18:23 . 2009-04-26 12:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-06-29 18:18 . 2009-06-20 18:19 520024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-06-29 18:18 . 2009-06-20 18:19 1029456 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-06-28 11:40 . 2007-02-20 10:23 -------- d-----w- c:\program files\VisualRoute
2009-06-28 11:40 . 2009-06-28 11:40 30601 ----a-w- c:\windows\java\x.exe
2009-06-28 11:00 . 2009-04-25 13:35 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-28 11:00 . 2009-04-25 13:35 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-06-28 11:00 . 2009-04-25 13:35 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-13 16:12 . 2005-10-02 13:54 -------- d-----w- c:\documents and settings\roger\Application Data\Image Zone Express
2009-06-02 16:45 . 2005-03-16 14:28 -------- d-----w- c:\program files\MSN Messenger
2009-06-02 16:44 . 2008-03-08 14:29 -------- d-----w- c:\program files\Windows Live
2009-05-30 18:28 . 2009-05-30 18:28 15688 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe
2009-05-30 18:28 . 2009-02-18 13:49 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-05-19 04:07 . 2006-11-23 20:10 -------- d-----w- c:\program files\Google
2009-05-13 11:30 . 2007-12-16 15:47 -------- d-----w- c:\program files\Windows Live Safety Center
2009-05-13 05:06 . 2002-09-30 15:21 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:34 . 2002-09-30 15:00 347136 ----a-w- c:\windows\system32\localspl.dll
2009-05-02 11:53 . 2009-04-25 13:35 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-04-27 18:32 . 2009-04-27 18:32 64160 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\lbd.sys
2009-04-27 18:32 . 2009-01-31 19:18 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-04-19 19:51 . 2002-09-30 15:21 1847296 ----a-w- c:\windows\system32\win32k.sys
2009-04-18 12:54 . 2002-09-30 15:09 502724 ----a-w- c:\windows\system32\perfh013.dat
2009-04-18 12:54 . 2002-09-30 15:09 87388 ----a-w- c:\windows\system32\perfc013.dat
2009-04-17 18:14 . 2009-04-17 18:14 152576 ----a-w- c:\documents and settings\roger\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-15 14:55 . 2002-09-30 15:11 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2000-10-06 15:11 . 2009-01-30 15:08 6520832 ----a-w- c:\program files\cm0001.exe
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2009-04-26 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-07-28 4841472]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-04-27 282624]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-06-28 270648]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-06-29 520024]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-28 1948440]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2003-07-28 323584]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
VPN Client.lnk - c:\windows\Installer\{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}\Icon3E5562ED7.ico [2009-1-24 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-06-28 11:00 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e\0lsdelete

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\aawservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Championship Manager 00-01\\cm0001.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.ICD"=
"c:\\Program Files\\MSN Gaming Zone\\zclient.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\America's Army\\System\\ArmyOps.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\mIRC-Rffo\\mirc.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\AGE2_X1.ICD"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3y.exe"=
"c:\\Program Files\\rffo-irc\\mirc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [31/01/2009 21:18 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [25/04/2009 15:35 327688]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [25/04/2009 15:35 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [25/04/2009 15:35 298776]
S3 BulkUsb;VoIPUSBDriver.sys;c:\windows\system32\driv ers\VoIPUSBDriver.sys [16/09/2005 17:14 149504]
S3 NmpdrvN;Audio Player USB Controller;c:\windows\system32\drivers\NmpdrvN.sys [22/01/2006 10:41 15792]
S3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\DRIVERS\pfc027.sys --> c:\windows\system32\DRIVERS\pfc027.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Inhoud van de 'Gedeelde Taken' map

2009-06-29 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 18:19]

2009-07-01 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-26 12:52]

2009-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-08 14:20]

2009-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-08 14:20]

2009-07-01 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2009-06-30 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2009-07-01 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
.
- - - - ORPHANS VERWIJDERD - - - -

HKCU-Run-Steam - c:\program files\Valve\Steam\Steam.exe
Notify-__c00CED2F - (no file)


.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.tijd.be/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover (http://www.gmer.net)
Rootkit scan 2009-07-01 13:56
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

************************************************** ************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Curr entVersion\Installer\UserData\LocalSystem\Componen ts\Ø•€|ÿÿÿÿ•€|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Voltooingstijd: 2009-07-01 14:01
ComboFix-quarantined-files.txt 2009-07-01 12:01

Pre-Run: 77.004.734.464 bytes beschikbaar
Post-Run: 77.165.658.112 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOW S
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

184 --- E O F --- 2009-06-29 14:47

gilbereke
1 juli 2009, 14:12
En bij deze het hijackthis log file:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:06:02, on 1/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.e xe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = De Tijd: Homepage (http://www.tijd.be/)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com (http://go.microsoft.com/fwlink/?LinkId=69157)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing (http://go.microsoft.com/fwlink/?LinkId=54896)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing (http://go.microsoft.com/fwlink/?LinkId=54896)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com (http://go.microsoft.com/fwlink/?LinkId=69157)
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\s wg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) -
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) -
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) -
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) -
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) -
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) -
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
O16 - DPF: {BC18E6DF-BE57-4580-93E8-F228F9A133AA} (MaxisSimCity4LotTeleX Control) -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) -
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) -
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Update Service (gupdate1c989f85dc731c0) (gupdate1c989f85dc731c0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 9625 bytes



Ik heb opnieuw de weblinks verwijderd in de O16 puntjes.

Jurgenv1
10 juli 2009, 14:14
Gelieve niet zelf iets te fixen in hijackthis aub... :) Zijn er anders nog problemen?

gilbereke
10 juli 2009, 17:53
Gelieve niet zelf iets te fixen in hijackthis aub... :) Zijn er anders nog problemen?

Hoezo zelf iets fixes in de hijacks? Ik heb niks gefixt? Het enige dat ik veranderd heb is de links verwijderen uit het hijackthis log file, maar ik kan mij niet inbeelden dat dat veel uitmaakt.
(ik heb het over die links die nog wel in mijn eerste logfile staan, die zo in het rood staan).

En de pc is nog altijd traag eigenlijk.

Maar kan het zijn dat het draaien van zowel avg als ad aware tegelijk overdreven is? Want avg heeft nu ook een anti spy ware functie. Misschien moet ik ad aware verwijderen?

Jurgenv1
11 juli 2009, 20:59
Hoezo zelf iets fixes in de hijacks? Ik heb niks gefixt? Het enige dat ik veranderd heb is de links verwijderen uit het hijackthis log file, maar ik kan mij niet inbeelden dat dat veel uitmaakt.
(ik heb het over die links die nog wel in mijn eerste logfile staan, die zo in het rood staan).

En de pc is nog altijd traag eigenlijk.

Maar kan het zijn dat het draaien van zowel avg als ad aware tegelijk overdreven is? Want avg heeft nu ook een anti spy ware functie. Misschien moet ik ad aware verwijderen?
Het kan geen kwaad om op twee paarden te wedden wat betreft "op aanvraag scanners". :)


Download Dr.Web CureIt en plaats het op je bureaublad: ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe

Dubbelklik op cureit.exe, en klik daarna op Start om het programma een snelle scan te laten uitvoeren.
Deze snelle scan zal de bestanden scannen die momenteel in het geheugen geladen zijn.
Wordt er wat gevonden, dan laat je CureIt dit repareren.
- Verschijnt er een venster met een aanbieding tot kopen met 50% korting, dan klik je deze weg met het kruisje.
Daarna zal het hoofdvenster zichtbaar worden.
- Kies bovenaan in het menu Optie voor Taal en wijzig deze naar Dutch (Nederlands), indien deze anders ingesteld staat.
- In het menu Opties kies je voor Instellingen veranderen (F9).
Op het tabblad "Scan" haal je het vinkje weg bij Heuristic Analyse.
Druk op Toepassen.
Op het tabblad "Bestandstypen" moet bij Scan mode geselecteerd zijn: Alle bestanden.
Op het tabblad "Acties" stel je het volgende in bij Malware:
-Adware: Verplaats
-Dialers: Verplaats
-Jokes: Rapportage
-Riskware: Rapportage
-Hacktools: Verplaats
Nog steeds op het tabblad "Acties" stel je het volgende in bij Objecten:
- Geïnfecteerde objecten: Repareer
- Onrepareerbare: Verplaats
- Verdachte objecten: Rapportage
Haal dan het vinkje weg bij: Prompt bij actie.
Druk op Toepassen.
Druk daarna op OK.
Terug in het hoofdvenster kan je selecteren welke scan je wil uitvoeren.
- Selecteer Volledige scan
Klik op de groene pijl aan de rechterkant om de scan te starten.
Indien de geïnfecteerde bestanden niet kunnen gedesinfecteerd worden, zullen deze verplaatst worden naar de map %userprofile%\DoctorWeb\Quarantine.
- Als de scan klaar is kies je in het menu voor Bestand voor Rapportagelijst opslaan en sla je de log op op je bureaublad.
- Sluit daarna Dr.Web Cureit.

Herstart je computer.
Dit moet je zeker uitvoeren, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen of verwijderen na een herstart.

Als de computer opnieuw gestart is, kopieer en plak je de inhoud van de log die je eerder hebt opgeslagen op je bureaublad, in je volgende post.
Post ook een nieuwe hijackthislog.

gilbereke
12 juli 2009, 22:27
SDFix.exe\SDFix\apps\Process.exe C:\Documents and Settings\roger\Bureaublad\SDFix.exe Tool.Prockill
SDFix.exe C:\Documents and Settings\roger\Bureaublad Archief bevat geïnfecteerde objecten Verplaatst.
Process.exe C:\Documents and Settings\roger\Bureaublad\SDFix\apps Tool.Prockill Verplaatst.
freeripmp3.exe\data014 C:\Medion\FreeRIP\freeripmp3.exe Adware.MyWay
freeripmp3.exe\data015 C:\Medion\FreeRIP\freeripmp3.exe Adware.MyWay
freeripmp3.exe\data016 C:\Medion\FreeRIP\freeripmp3.exe Adware.MyWay
freeripmp3.exe C:\Medion\FreeRIP Archief bevat geïnfecteerde objecten Verplaatst.
mirc.exe C:\Program Files\mIRC-Rffo Program.mIRC.623
mirc.exe C:\Program Files\rffo-irc Program.mIRC.623
A0873285.reg C:\System Volume Information\_restore{122AFC27-D0E9-44E0-A531-A45BAFC3A909}\RP2376 Trojan.StartPage.1505 Verwijderd.
A0875739.reg C:\System Volume Information\_restore{122AFC27-D0E9-44E0-A531-A45BAFC3A909}\RP2379 Trojan.StartPage.1505 Verwijderd.
A0875913.reg C:\System Volume Information\_restore{122AFC27-D0E9-44E0-A531-A45BAFC3A909}\RP2380 Trojan.StartPage.1505 Verwijderd.
A0876200.reg C:\System Volume Information\_restore{122AFC27-D0E9-44E0-A531-A45BAFC3A909}\RP2383 Trojan.StartPage.1505 Verwijderd.
A0899446.exe C:\System Volume Information\_restore{122AFC27-D0E9-44E0-A531-A45BAFC3A909}\RP2448 Tool.Prockill Verplaatst.
A0899530.exe C:\System Volume Information\_restore{122AFC27-D0E9-44E0-A531-A45BAFC3A909}\RP2448 Tool.Prockill Verplaatst.
A0901807.exe\SDFix\apps\Process.exe C:\System Volume Information\_restore{122AFC27-D0E9-44E0-A531-A45BAFC3A909}\RP2465\A0901807.exe Tool.Prockill
A0901807.exe C:\System Volume Information\_restore{122AFC27-D0E9-44E0-A531-A45BAFC3A909}\RP2465 Archief bevat geïnfecteerde objecten Verplaatst.
A0901808.exe C:\System Volume Information\_restore{122AFC27-D0E9-44E0-A531-A45BAFC3A909}\RP2465 Tool.Prockill Verplaatst.
A0901809.exe\data014 C:\System Volume Information\_restore{122AFC27-D0E9-44E0-A531-A45BAFC3A909}\RP2465\A0901809.exe Adware.MyWay
A0901809.exe\data015 C:\System Volume Information\_restore{122AFC27-D0E9-44E0-A531-A45BAFC3A909}\RP2465\A0901809.exe Adware.MyWay
A0901809.exe\data016 C:\System Volume Information\_restore{122AFC27-D0E9-44E0-A531-A45BAFC3A909}\RP2465\A0901809.exe Adware.MyWay
A0901809.exe C:\System Volume Information\_restore{122AFC27-D0E9-44E0-A531-A45BAFC3A909}\RP2465 Archief bevat geïnfecteerde objecten Verplaatst

gilbereke
12 juli 2009, 22:29
en het hijackthis file:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:28:49, on 12/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.e xe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = De Tijd: Homepage (http://www.tijd.be/)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com (http://go.microsoft.com/fwlink/?LinkId=69157)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing (http://go.microsoft.com/fwlink/?LinkId=54896)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing (http://go.microsoft.com/fwlink/?LinkId=54896)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com (http://go.microsoft.com/fwlink/?LinkId=69157)
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\s wg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab34120.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136832828843
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://spacevandennis87.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) - http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab37625.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BC18E6DF-BE57-4580-93E8-F228F9A133AA} (MaxisSimCity4LotTeleX Control) - http://simcity.ea.com/exchange/lots/teleport/MaxisSimCity4LotTeleX.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab35645.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Update Service (gupdate1c989f85dc731c0) (gupdate1c989f85dc731c0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 9355 bytes


Adaware is wel even verwijderd doordat het blokeerde.

Jurgenv1
13 juli 2009, 19:43
En heb je nog steeds hetzelfde probleem?

gilbereke
14 juli 2009, 16:49
Er is enige verbetering merkbaar, maar de pc blijft algemeen traag.
Ik vermoed dat het gewoon de ouderdom van het beestje is.
+ ik heb de kas van de pc eens opengedaan en daar zat echt immens veel stof in. Ik heb dit er nu wel zoveel mogelijk uitgedaan, maar ik denk dat er stof in de pc zelf (processor enzo, die dingen waar ik niet bij kon enzo.. ik heb alles maar laten zitten zoals het was daar ik er nu ook niet zoveel van ken)

Ik denk dus dat dat stof ook wel een boosdoener kan zijn.

Jurgenv1
15 juli 2009, 22:42
Er is enige verbetering merkbaar, maar de pc blijft algemeen traag.
Ik vermoed dat het gewoon de ouderdom van het beestje is.
+ ik heb de kas van de pc eens opengedaan en daar zat echt immens veel stof in. Ik heb dit er nu wel zoveel mogelijk uitgedaan, maar ik denk dat er stof in de pc zelf (processor enzo, die dingen waar ik niet bij kon enzo.. ik heb alles maar laten zitten zoals het was daar ik er nu ook niet zoveel van ken)

Ik denk dus dat dat stof ook wel een boosdoener kan zijn.

Zal idd een groot aandeel hebben van je probleem, blaas er anders met een compressor ofzo eens het stof er goed uit, gebruik geen stofzuiger!

gilbereke
15 juli 2009, 23:02
Zal idd een groot aandeel hebben van je probleem, blaas er anders met een compressor ofzo eens het stof er goed uit, gebruik geen stofzuiger!

Waarom geen stofzuiger?

Ik heb een stofzuiger gebruikt, maar weliswaar enkel om het stof in de kas zelf op te zuigen. Dus ik heb niet echt zitten stofzuigen tussen de dragen en chipkaarten enzo.

Compressor heb ik niet direct bij de hand. Ik zal eens moeten rondvragen dan.

Jurgenv1
18 juli 2009, 13:34
Waarom geen stofzuiger?

Ik heb een stofzuiger gebruikt, maar weliswaar enkel om het stof in de kas zelf op te zuigen. Dus ik heb niet echt zitten stofzuigen tussen de dragen en chipkaarten enzo.

Compressor heb ik niet direct bij de hand. Ik zal eens moeten rondvragen dan.

Omdat het een risico vormt dat je onderdelen op het moederbord zult beschadigen, dus rechtstreeks stofzuigen op het moederbord is uit den boze.

gilbereke
19 juli 2009, 16:25
Omdat het een risico vormt dat je onderdelen op het moederbord zult beschadigen, dus rechtstreeks stofzuigen op het moederbord is uit den boze.

ahzo,
dat wist ik niet.

Maar alvast bedankt voor al uw hulp.

Ik heb de indruk dat de pc terug iets beter werkt, nog altijd niet 100% maarja het is al een oud beestje en er kan misschien nog wat stof inzitten.

maximvdb
19 juli 2009, 19:02
ahzo,
dat wist ik niet.

Maar alvast bedankt voor al uw hulp.

Ik heb de indruk dat de pc terug iets beter werkt, nog altijd niet 100% maarja het is al een oud beestje en er kan misschien nog wat stof inzitten.

Sry dak hier even in het Hijackthis gedeelte kom...

Je zegt dat je PC traag is... Welke specs heb je ? En welke programma's laat je er op los. Zou je ook even je PC temperaturen kunnen posten. Dan zal ik je weten te vertellen wat normaal is en wat niet.

(quote deze post want ik zit niet veel op hijackthis ;) )

Jurgenv1
20 juli 2009, 13:49
ahzo,
dat wist ik niet.

Maar alvast bedankt voor al uw hulp.

Ik heb de indruk dat de pc terug iets beter werkt, nog altijd niet 100% maarja het is al een oud beestje en er kan misschien nog wat stof inzitten.

Aan de ouderdom kan je niet veel doen hé, dus je zal er moeten leren mee leven vrees ik. ;)

gilbereke
20 juli 2009, 16:49
Wat de specs betreft:
(dat wattage op de voeding moet ik nog is aflezen wanneer ik die kas kan opendoen)

-------------------------
CPU-Z version 1.51
-------------------------

Processors Map
------------------------------------------------------------------------------------

Number of processors 1
Number of threads 1

Processor 0
-- Core 0
-- Thread 0


Processors Information
------------------------------------------------------------------------------------

Processor 1 (ID = 0)
Number of cores 1 (max 1)
Number of threads 1 (max 1)
Name Intel Pentium 4
Codename Northwood
Specification Intel(R) Pentium(R) 4 CPU 2.66GHz
Package Socket 478 mPGA (platform ID = 2h)
CPUID F.2.7
Extended CPUID F.2
Brand ID 9
Core Stepping C1
Technology 0.13 um
Core Speed 2660.0 MHz (20.0 x 133.0 MHz)
Rated Bus speed 532.0 MHz
Stock frequency 2666 MHz
Instructions sets MMX, SSE, SSE2
L1 Data cache 8 KBytes, 4-way set associative, 64-byte line size
Trace cache 12 Kuops, 8-way set associative
L2 cache 512 KBytes, 8-way set associative, 64-byte line size
FID/VID Control no
Features


Thread dumps
------------------------------------------------------------------------------------

CPU Thread 0
APIC ID 0
Topology Processor ID 0, Core ID 0, Thread ID 0
Type 01001001h
Max CPUID level 00000002h
Max CPUID ext. level 80000004h

Function eax ebx ecx edx
0x00000000 0x00000002 0x756E6547 0x6C65746E 0x49656E69
0x00000001 0x00000F27 0x00010809 0x00004400 0xBFEBFBFF
0x00000002 0x665B5101 0x00000000 0x00000000 0x007B7040
0x80000000 0x80000004 0x00000000 0x00000000 0x00000000
0x80000001 0x00000000 0x00000000 0x00000000 0x00000000
0x80000002 0x20202020 0x20202020 0x20202020 0x6E492020
0x80000003 0x286C6574 0x50202952 0x69746E65 0x52286D75
0x80000004 0x20342029 0x20555043 0x36362E32 0x007A4847

Cache descriptor Level 2 U 512 KB 1 thread(s)
Cache descriptor Level 1 T 12 KB 1 thread(s)
Cache descriptor Level 1 D 8 KB 1 thread(s)

MSR 0x0000001B edx = 0x00000000 eax = 0xFEE00900
MSR 0x00000017 edx = 0x000A0000 eax = 0x00000000
MSR 0x0000002C edx = 0x00000000 eax = 0x14110014
MSR 0x000001A0 edx = 0x00000000 eax = 0x000000C9


Chipset
------------------------------------------------------------------------------

Northbridge Intel i865P/PE/G/i848P rev. A2
Southbridge Intel 82801EB (ICH5) rev. 02
Graphic Interface AGP
AGP Revision 3.0
AGP Transfer Rate 8x
AGP SBA supported, enabled
Memory Type DDR
Memory Size 512 MBytes
Channels Dual
Memory Frequency 166.3 MHz (4:5)
CAS# 2.5
RAS# to CAS# 3
RAS# Precharge 3
Cycle Time (tRAS) 7
Performance Mode enabled


MCHBAR dump
-----------

Base address 0x0FECF0000
Size 256

0 1 2 3 4 5 6 7 8 9 A B C D E F
000 08 08 08 08 08 08 08 08 00 00 00 00 00 00 00 00
010 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
060 85 0D 00 57 C6 42 14 00 71 62 30 20 81 83 63 00
070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0 30 08 04 00 08 04 41 00 08 04 41 00 28 08 02 00
0C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00


Memory SPD
------------------------------------------------------------------------------

DIMM #1

General
Memory type DDR
Manufacturer (ID) Hyundai Electronics (AD00000000000000)
Size 256 MBytes
Max bandwidth PC2700 (166 MHz)
Part number HYMD232 646A8J-J
Serial number 1F11733C
Manufacturing date Week 48/Year 03

Attributes
Number of banks 1
Data width 64 bits
Correction None
Registered no
Buffered no
Nominal Voltage 2.50 Volts
EPP no
XMP no

Timings table
Frequency (MHz) 133 166
CAS# 2.0 2.5
RAS# to CAS# delay 3 3
RAS# Precharge 3 3
TRAS 6 7


DIMM #2

General
Memory type DDR
Manufacturer (ID) Hyundai Electronics (AD00000000000000)
Size 256 MBytes
Max bandwidth PC2700 (166 MHz)
Part number HYMD232 646A8J-J
Serial number 1F117436
Manufacturing date Week 48/Year 03

Attributes
Number of banks 1
Data width 64 bits
Correction None
Registered no
Buffered no
Nominal Voltage 2.50 Volts
EPP no
XMP no

Timings table
Frequency (MHz) 133 166
CAS# 2.0 2.5
RAS# to CAS# delay 3 3
RAS# Precharge 3 3
TRAS 6 7


Dump Module #1
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 80 08 07 0D 0A 01 40 00 04 60 70 00 82 08 00 01
10 0E 04 0C 01 02 20 C0 75 70 00 00 48 30 48 2A 40
20 75 75 45 45 00 00 00 00 00 3C 48 30 2D 55 00 00
30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
40 AD 00 00 00 00 00 00 00 04 48 59 4D 44 32 33 32
50 20 36 34 36 41 38 4A 2D 4A 20 20 41 41 03 30 1F
60 11 73 3C 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00


Dump Module #2
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 80 08 07 0D 0A 01 40 00 04 60 70 00 82 08 00 01
10 0E 04 0C 01 02 20 C0 75 70 00 00 48 30 48 2A 40
20 75 75 45 45 00 00 00 00 00 3C 48 30 2D 55 00 00
30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
40 AD 00 00 00 00 00 00 00 04 48 59 4D 44 32 33 32
50 20 36 34 36 41 38 4A 2D 4A 20 20 41 41 03 30 1F
60 11 74 36 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

gilbereke
20 juli 2009, 16:49
En het 2de deel:

Monitoring
------------------------------------------------------------------------------

LPCIO
-----------------------------------------------------
Vendor SMSC
Vendor ID 0x55
Chip ID 0x14
Config Mode I/O address 0x2E

Dump config mode register space, LDN = 0xA
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 00 00 00 00 00 00 00 0A 00 00 00 00 00 00 00 00
10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
20 14 04 29 00 44 00 2E 00 05 01 00 00 00 00 00 00
30 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
60 0C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00


PCI Device List
------------------------------------------------------------------------------

Host Bridge
bus 0 (0x00), device 0 (0x00), function 0 (0x00)
Common header
Vendor ID 0x8086
Model ID 0x2570
Revision ID 0x02
PI 0x00
SubClass 0x00
BaseClass 0x06
Cache Line 0x00
Latency 0x00
Header 0x00
PCI header
Address 0 (memory) 0xE8000000
Subvendor ID 0x1028
Subsystem ID 0x0155
Int. Line 0x00
Int. Pin 0x00
Capabilities
Vendor Dependant Capability
Offset E4h
AGP Capability
Offset A0h
Version 3.0
Status enabled
Transfer rate 8x (max 8x)
Queue lenght 1 (max 32)
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 70 25 06 01 90 20 02 00 00 06 00 00 00 00
10 08 00 00 E8 00 00 00 00 00 00 00 00 00 00 00 00
20 00 00 00 00 00 00 00 00 00 00 00 00 28 10 55 01
30 00 00 00 00 E4 00 00 00 00 00 00 00 00 00 00 00
40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
50 00 02 0A 00 40 80 1C 00 00 00 00 00 00 00 00 00
60 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 10 11 11 11 11 11 11 00 00 00 00 00 00 0A 38 00
A0 02 00 30 00 1B 4A 00 1F 12 0B 00 00 00 00 00 00
B0 80 00 00 00 20 00 00 00 00 00 06 00 20 10 00 00
C0 00 00 00 00 00 20 0D 04 00 00 00 00 00 00 00 00
D0 02 28 04 0E 0B 0D 00 00 00 00 00 00 00 00 20 01
E0 00 00 00 00 09 A0 06 21 00 02 00 00 00 00 00 00
F0 00 00 00 00 02 00 00 00 68 0F 03 00 00 00 00 00


PCI to PCI Bridge
bus 0 (0x00), device 1 (0x01), function 0 (0x00)
Common header
Vendor ID 0x8086
Model ID 0x2571
Revision ID 0x02
PI 0x00
SubClass 0x04
BaseClass 0x06
Cache Line 0x00
Latency 0x40
Header 0x01
PCI header
Primary bus 0x00
Secondary bus 0x01
Int. Line 0x00
Int. Pin 0x00
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 71 25 07 01 A0 00 02 00 04 06 00 40 01 00
10 00 00 00 00 00 00 00 00 00 01 01 40 F0 00 A0 22
20 00 FD A0 FE 00 F0 F0 F7 00 00 00 00 00 00 00 00
30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 00
40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 68 0F 03 00 00 00 00 00


USB Controller (UHCI)
bus 0 (0x00), device 29 (0x1D), function 0 (0x00)
Common header
Vendor ID 0x8086
Model ID 0x24D2
Revision ID 0x02
PI 0x00
SubClass 0x03
BaseClass 0x0C
Cache Line 0x00
Latency 0x00
Header 0x80
PCI header
Address 4 (port) 0x0000FF80
Subvendor ID 0x1028
Subsystem ID 0x0155
Int. Line 0x10
Int. Pin 0x01
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 D2 24 05 00 80 02 02 00 03 0C 00 00 80 00
10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
20 81 FF 00 00 00 00 00 00 00 00 00 00 28 10 55 01
30 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00
40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
60 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 2F 00 00 03 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 66 0F 04 00 00 00 00 00


USB Controller (UHCI)
bus 0 (0x00), device 29 (0x1D), function 1 (0x01)
Common header
Vendor ID 0x8086
Model ID 0x24D4
Revision ID 0x02
PI 0x00
SubClass 0x03
BaseClass 0x0C
Cache Line 0x00
Latency 0x00
Header 0x00
PCI header
Address 4 (port) 0x0000FF60
Subvendor ID 0x1028
Subsystem ID 0x0155
Int. Line 0x13
Int. Pin 0x02
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 D4 24 05 00 80 02 02 00 03 0C 00 00 00 00
10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
20 61 FF 00 00 00 00 00 00 00 00 00 00 28 10 55 01
30 00 00 00 00 00 00 00 00 00 00 00 00 13 02 00 00
40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
60 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 2F 00 00 03 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 66 0F 04 00 00 00 00 00


USB Controller (UHCI)
bus 0 (0x00), device 29 (0x1D), function 2 (0x02)
Common header
Vendor ID 0x8086
Model ID 0x24D7
Revision ID 0x02
PI 0x00
SubClass 0x03
BaseClass 0x0C
Cache Line 0x00
Latency 0x00
Header 0x00
PCI header
Address 4 (port) 0x0000FF40
Subvendor ID 0x1028
Subsystem ID 0x0155
Int. Line 0x12
Int. Pin 0x03
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 D7 24 05 00 80 02 02 00 03 0C 00 00 00 00
10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
20 41 FF 00 00 00 00 00 00 00 00 00 00 28 10 55 01
30 00 00 00 00 00 00 00 00 00 00 00 00 12 03 00 00
40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
60 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 2F 00 00 03 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 66 0F 04 00 00 00 00 00


USB Controller (UHCI)
bus 0 (0x00), device 29 (0x1D), function 3 (0x03)
Common header
Vendor ID 0x8086
Model ID 0x24DE
Revision ID 0x02
PI 0x00
SubClass 0x03
BaseClass 0x0C
Cache Line 0x00
Latency 0x00
Header 0x00
PCI header
Address 4 (port) 0x0000FF20
Subvendor ID 0x1028
Subsystem ID 0x0155
Int. Line 0x10
Int. Pin 0x01
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 DE 24 05 00 80 02 02 00 03 0C 00 00 00 00
10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
20 21 FF 00 00 00 00 00 00 00 00 00 00 28 10 55 01
30 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00
40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
60 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 2F 00 00 03 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 66 0F 04 00 00 00 00 00


USB 2.0 Controller (EHCI)
bus 0 (0x00), device 29 (0x1D), function 7 (0x07)
Common header
Vendor ID 0x8086
Model ID 0x24DD
Revision ID 0x02
PI 0x20
SubClass 0x03
BaseClass 0x0C
Cache Line 0x00
Latency 0x00
Header 0x00
PCI header
Address 0 (memory) 0xFEBFF800
Subvendor ID 0x1028
Subsystem ID 0x0155
Int. Line 0x17
Int. Pin 0x04
Capabilities
Power Management Capability
Offset 50h
Version 1.1
Debug Port Capability
Offset 58h
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 DD 24 06 01 90 02 02 20 03 0C 00 00 00 00
10 00 F8 BF FE 00 00 00 00 00 00 00 00 00 00 00 00
20 00 00 00 00 00 00 00 00 00 00 00 00 28 10 55 01
30 00 00 00 00 50 00 00 00 00 00 00 00 17 04 00 00
40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
50 01 58 C2 C9 00 00 00 00 0A 00 A0 20 00 00 00 00
60 20 20 FF 01 00 00 00 00 01 00 00 00 00 00 00 C0
70 00 00 E7 3F 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 55 55 00 00 00 00 2A 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 80 00 00 88 83 40 00 66 0F 04 00 06 14 00 00


PCI to PCI Bridge
bus 0 (0x00), device 30 (0x1E), function 0 (0x00)
Common header
Vendor ID 0x8086
Model ID 0x244E
Revision ID 0xC2
PI 0x00
SubClass 0x04
BaseClass 0x06
Cache Line 0x00
Latency 0x00
Header 0x01
PCI header
Primary bus 0x00
Secondary bus 0x02
Int. Line 0x00
Int. Pin 0x00
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 4E 24 07 01 80 00 C2 00 04 06 00 00 01 00
10 00 00 00 00 00 00 00 00 00 02 02 20 D0 D0 80 22
20 F0 FC F0 FC F0 FF 00 00 00 00 00 00 00 00 00 00
30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00
40 02 28 30 76 00 00 00 00 00 00 00 00 00 00 00 00
50 02 64 73 00 00 00 00 00 50 01 34 00 00 00 00 00
60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 01 00 02 00 00 00 C0 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 66 0F 04 00 00 00 55 31


PCI to ISA Bridge
bus 0 (0x00), device 31 (0x1F), function 0 (0x00)
Common header
Vendor ID 0x8086
Model ID 0x24D0
Revision ID 0x02
PI 0x00
SubClass 0x01
BaseClass 0x06
Cache Line 0x00
Latency 0x00
Header 0x80
PCI header
Subvendor ID 0x0000
Subsystem ID 0x0000
Int. Line 0x00
Int. Pin 0x00
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 D0 24 0F 01 80 02 02 00 01 06 00 00 80 00
10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
40 01 08 00 00 10 00 00 00 00 00 00 00 00 00 02 00
50 00 00 00 00 00 00 00 00 81 08 00 00 10 00 00 00
60 8B 83 89 8A 90 00 00 00 83 8A 85 85 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 FF FC 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 10 02 00 00 38 00 00 00 0D 00 00 00 00 03 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 04 08 00 00 00 00 00 00 01 00 00 00
D0 86 21 02 00 02 0F 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 C0 01 0C 0D 34 33 22 11 00 00 00 67 45
F0 00 00 60 00 04 00 00 00 66 0F 04 3E 00 00 00 00


IDE Controller
bus 0 (0x00), device 31 (0x1F), function 1 (0x01)
Common header
Vendor ID 0x8086
Model ID 0x24DB
Revision ID 0x02
PI 0x8A
SubClass 0x01
BaseClass 0x01
Cache Line 0x00
Latency 0x00
Header 0x00
PCI header
Address 0 (port) 0x000001F0
Address 1 (port) 0x000003F4
Address 2 (port) 0x00000170
Address 3 (port) 0x00000374
Address 4 (port) 0x0000FFA0
Address 5 (memory) 0xFEBFFC00
Subvendor ID 0x1028
Subsystem ID 0x0155
Int. Line 0x09
Int. Pin 0x01
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 DB 24 07 00 80 02 02 8A 01 01 00 00 00 00
10 F1 01 00 00 F5 03 00 00 71 01 00 00 75 03 00 00
20 A1 FF 00 00 00 FC BF FE 00 00 00 00 28 10 55 01
30 00 00 00 00 00 00 00 00 00 00 00 00 09 01 00 00
40 07 E3 33 E3 B0 00 00 00 0D 00 01 22 00 00 00 00
50 00 00 00 00 11 10 00 00 00 00 00 00 00 00 00 00
60 08 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 66 0F 04 00 00 00 00 00


IDE Controller
bus 0 (0x00), device 31 (0x1F), function 2 (0x02)
Common header
Vendor ID 0x8086
Model ID 0x24D1
Revision ID 0x02
PI 0x8F
SubClass 0x01
BaseClass 0x01
Cache Line 0x00
Latency 0x00
Header 0x00
PCI header
Address 0 (port) 0x0000FE00
Address 1 (port) 0x0000FE10
Address 2 (port) 0x0000FE20
Address 3 (port) 0x0000FE30
Address 4 (port) 0x0000FEA0
Subvendor ID 0x1028
Subsystem ID 0x0155
Int. Line 0x12
Int. Pin 0x01
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 D1 24 05 00 A0 02 02 8F 01 01 00 00 00 00
10 01 FE 00 00 11 FE 00 00 21 FE 00 00 31 FE 00 00
20 A1 FE 00 00 00 00 00 00 00 00 00 00 28 10 55 01
30 00 00 00 00 00 00 00 00 00 00 00 00 12 01 00 00
40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 01 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00
80 05 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 68 00 00 00 00 03 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 66 0F 04 00 00 00 00 00


SMBus Controller
bus 0 (0x00), device 31 (0x1F), function 3 (0x03)
Common header
Vendor ID 0x8086
Model ID 0x24D3
Revision ID 0x02
PI 0x00
SubClass 0x05
BaseClass 0x0C
Cache Line 0x00
Latency 0x00
Header 0x00
PCI header
Address 4 (port) 0x0000EFE0
Subvendor ID 0x1028
Subsystem ID 0x0155
Int. Line 0x03
Int. Pin 0x02
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 D3 24 01 00 80 02 02 00 05 0C 00 00 00 00
10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
20 E1 EF 00 00 00 00 00 00 00 00 00 00 28 10 55 01
30 00 00 00 00 00 00 00 00 00 00 00 00 03 02 00 00
40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 66 0F 04 00 00 00 00 00


VGA Controller
bus 1 (0x01), device 0 (0x00), function 0 (0x00)
Common header
Vendor ID 0x10DE
Model ID 0x0322
Revision ID 0xA1
PI 0x00
SubClass 0x00
BaseClass 0x03
Cache Line 0x00
Latency 0xF8
Header 0x00
PCI header
Address 0 (memory) 0xFD000000
Address 1 (memory) 0xF0000000
Subvendor ID 0x10DE
Subsystem ID 0x01B9
Int. Line 0x10
Int. Pin 0x01
Capabilities
Power Management Capability
Offset 60h
Version 1.1
AGP Capability
Offset 44h
Version 3.0
Status enabled
Transfer rate 8x (max 8x)
Queue lenght 1 (max 32)
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 DE 10 22 03 07 00 B0 02 A1 00 00 03 00 F8 00 00
10 00 00 00 FD 08 00 00 F0 00 00 00 00 00 00 00 00
20 00 00 00 00 00 00 00 00 00 00 00 00 DE 10 B9 01
30 00 00 00 00 60 00 00 00 00 00 00 00 10 01 05 01
40 DE 10 B9 01 02 00 30 00 1B 0E 00 1F 12 43 00 1F
50 01 00 00 00 01 00 00 00 CE D6 23 00 0F 00 00 00
60 01 44 02 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00


Audio device
bus 2 (0x02), device 0 (0x00), function 0 (0x00)
Common header
Vendor ID 0x1102
Model ID 0x0006
Revision ID 0x00
PI 0x00
SubClass 0x01
BaseClass 0x04
Cache Line 0x00
Latency 0x40
Header 0x80
PCI header
Address 0 (port) 0x0000DF20
Subvendor ID 0x1102
Subsystem ID 0x1003
Int. Line 0x15
Int. Pin 0x01
Capabilities
Power Management Capability
Offset DCh
Version 1.1
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 02 11 06 00 05 01 90 02 00 00 01 04 00 40 80 00
10 21 DF 00 00 00 00 00 00 00 00 00 00 00 00 00 00
20 00 00 00 00 00 00 00 00 00 00 00 00 02 11 03 10
30 00 00 00 00 DC 00 00 00 00 00 00 00 15 01 02 14
40 00 00 00 00 00 00 00 00 00 00 00 00 00 82 00 00
50 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00
60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 01 00 22 06
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00


Input Device
bus 2 (0x02), device 0 (0x00), function 1 (0x01)
Common header
Vendor ID 0x1102
Model ID 0x7004
Revision ID 0x00
PI 0x00
SubClass 0x80
BaseClass 0x09
Cache Line 0x00
Latency 0x40
Header 0x80
PCI header
Address 0 (port) 0x0000DF10
Subvendor ID 0x1102
Subsystem ID 0x1003
Int. Line 0x00
Int. Pin 0x00
Capabilities
Power Management Capability
Offset DCh
Version 1.1
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 02 11 04 70 05 01 90 02 00 00 80 09 00 40 80 00
10 11 DF 00 00 00 00 00 00 00 00 00 00 00 00 00 00
20 00 00 00 00 00 00 00 00 00 00 00 00 02 11 03 10
30 00 00 00 00 DC 00 00 00 00 00 00 00 00 00 00 00
40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 01 00 22 06
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00


Communication Device
bus 2 (0x02), device 1 (0x01), function 0 (0x00)
Common header
Vendor ID 0x14F1
Model ID 0x2702
Revision ID 0x01
PI 0x00
SubClass 0x80
BaseClass 0x07
Cache Line 0x00
Latency 0x40
Header 0x00
PCI header
Address 0 (memory) 0xFCFF0000
Address 1 (port) 0x0000DF18
Subvendor ID 0x1043
Subsystem ID 0x8D89
Int. Line 0x05
Int. Pin 0x01
Capabilities
Power Management Capability
Offset 40h
Version 1.1
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 F1 14 02 27 07 01 90 02 01 00 80 07 00 40 00 00
10 00 00 FF FC 19 DF 00 00 00 00 00 00 00 00 00 00
20 00 00 00 00 00 00 00 00 00 00 00 00 43 10 89 8D
30 00 00 00 00 40 00 00 00 00 00 00 00 05 01 00 00
40 01 00 22 C0 00 00 00 00 52 12 01 00 01 00 00 00
50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00


Ethernet Controller
bus 2 (0x02), device 8 (0x08), function 0 (0x00)
Common header
Vendor ID 0x8086
Model ID 0x1050
Revision ID 0x02
PI 0x00
SubClass 0x00
BaseClass 0x02
Cache Line 0x10
Latency 0x40
Header 0x00
PCI header
Address 0 (memory) 0xFCFEF000
Address 1 (port) 0x0000DF40
Subvendor ID 0x1028
Subsystem ID 0x0155
Int. Line 0x14
Int. Pin 0x01
Capabilities
Power Management Capability
Offset DCh
Version 1.1
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 50 10 17 01 90 02 02 00 00 02 10 40 00 00
10 00 F0 FE FC 41 DF 00 00 00 00 00 00 00 00 00 00
20 00 00 00 00 00 00 00 00 00 00 00 00 28 10 55 01
30 00 00 00 00 DC 00 00 00 00 00 00 00 14 01 08 38
40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 00 00 00 00 01 00 22 FE
E0 00 41 00 3A 00 00 00 00 00 00 00 00 00 00 00 00
F0 00 00 00 00 00 00 00 00 66 0F 04 00 00 00 00 00


System Device
bus 0 (0x00), device 6 (0x06), function 0 (0x00)
Common header
Vendor ID 0x8086
Model ID 0x2576
Revision ID 0x02
PI 0x00
SubClass 0x80
BaseClass 0x08
Cache Line 0x00
Latency 0x00
Header 0x00
PCI header
Address 0 (memory) 0xFECF0000
Subvendor ID 0x0000
Subsystem ID 0x0000
Int. Line 0x00
Int. Pin 0x00
Dump
0 1 2 3 4 5 6 7 8 9 A B C D E F
00 86 80 76 25 02 00 80 00 02 00 80 08 00 00 00 00
10 00 00 CF FE 00 00 00 00 00 00 00 00 00 00 00 00
20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
40 40 65 00 04 00 00 00 00 04 00 00 00 00 00 00 00
50 01 00 8F 00 00 00 00 00 00 00 00 00 00 00 00 00
60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
70 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90 00 00 55 05 00 00 00 00 00 00 00 00 00 00 00 00
A0 00 00 00 00 00 00 00 00 00 00 00 00 00 20 08 00
B0 00 00 00 00 F0 43 FC 7D 01 00 00 00 09 00 00 00
C0 00 08 00 00 20 00 00 00 00 00 00 00 00 00 00 00
D0 00 00 00 00 00 00 00 00 FF FF FF FF FF FF FF 3F
E0 00 00 00 00 00 00 01 02 FF 0E 00 00 00 00 04 00
F0 00 0C 02 00 00 00 00 00 68 0F 03 00 74 FC 00 00

gilbereke
20 juli 2009, 16:50
En het derde deel:
DMI
------------------------------------------------------------------------------

DMI BIOS
--------
vendor Dell Computer Corporation
version A03
date 07/21/2003


DMI System Information
----------------------
manufacturer Dell Computer Corporation
product Dimension 4600
version unknown
serial 4K5FT0J
UUID 44454C4C-4B001035-8046B4C0-4F54304A


DMI Baseboard
-------------
vendor Dell Computer Corp.
model unknown
revision unknown
serial .. .


DMI System Enclosure
--------------------
manufacturer Dell Computer Corporation
chassis type Mini Tower
chassis serial 4K5FT0J


DMI Processor
-------------
manufacturer Intel
model unknown
clock speed 2666.0 MHz
FSB speed 533.0 MHz
multiplier 5.0x


DMI Port Connector
------------------
designation PARALLEL (internal)
port type Parallel Port PS/2
connector DB-25 female


DMI Port Connector
------------------
designation SERIAL1 (internal)
port type Serial Port 16550A
connector DB-9 male


DMI Port Connector
------------------
designation KYBD (internal)
port type Keyboard Port
connector PS/2


DMI Port Connector
------------------
designation MOUSE (internal)
port type Mouse Port
connector PS/2


DMI Port Connector
------------------
designation USB1 (internal)
port type USB
connector Access Bus (USB)


DMI Port Connector
------------------
designation USB2 (internal)
port type USB
connector Access Bus (USB)


DMI Port Connector
------------------
designation USB3 (internal)
port type USB
connector Access Bus (USB)


DMI Port Connector
------------------
designation USB4 (internal)
port type USB
connector Access Bus (USB)


DMI Port Connector
------------------
designation USB5 (internal)
port type USB
connector Access Bus (USB)


DMI Port Connector
------------------
designation USB6 (internal)
port type USB
connector Access Bus (USB)


DMI Port Connector
------------------
designation USB7 (internal)
port type USB
connector Access Bus (USB)


DMI Port Connector
------------------
designation USB8 (internal)
port type USB
connector Access Bus (USB)


DMI Port Connector
------------------
designation ENET (internal)
port type Network Port
connector RJ-45


DMI Port Connector
------------------
designation MIC (internal)
port type Audio Port
connector Mini Jack (headphones)


DMI Port Connector
------------------
designation LINE-OUT (internal)
port type Audio Port
connector Mini Jack (headphones)


DMI Port Connector
------------------
designation LINE-OUT (internal)
port type Audio Port
connector Mini Jack (headphones)


DMI Port Connector
------------------
designation LINE-OUT (internal)
port type Audio Port
connector Mini Jack (headphones)


DMI Port Connector
------------------
designation LINE-IN (internal)
port type Audio Port
connector Mini Jack (headphones)


DMI Port Connector
------------------
designation HP-OUT (internal)
port type Audio Port
connector Mini Jack (headphones)


DMI Extension Slot
------------------
designation PCI1
type PCI
width 32 bits
populated no


DMI Extension Slot
------------------
designation PCI2
type PCI
width 32 bits
populated no


DMI Extension Slot
------------------
designation PCI3
type PCI
width 32 bits
populated no


DMI Extension Slot
------------------
designation AGP1
type AGP 8x
width 32 bits
populated yes


DMI OEM Strings
------------------
string[0] Dell België - startpagina - Computers, computerapparatuur, electronics en services. (http://www.dell.com)


DMI Physical Memory Array
-------------------------
location Motherboard
usage System Memory
correction None
max capacity 4096 MBytes
max# of devices 4


DMI Memory Device
-----------------
designation CHANNEL A DIMM 0
format DIMM
type SDRAM
total width 64 bits
data width 64 bits
size 256 MBytes


DMI Memory Device
-----------------
designation CHANNEL B DIMM 0
format DIMM
type SDRAM
total width 64 bits
data width 64 bits
size 256 MBytes


DMI Memory Device
-----------------
designation CHANNEL A DIMM 1
format DIMM
type SDRAM
total width 64 bits
data width 64 bits


DMI Memory Device
-----------------
designation CHANNEL B DIMM 1
format DIMM
type SDRAM
total width 64 bits
data width 64 bits



Display API(s)
------------------------------------------------------------------------------
NVIDIA direct I/O API


Display Adapter(s)
------------------------------------------------------------------------------
Device number 0
Name NVIDIA GeForce FX 5200
Vendor ID 0x10DE (0x10DE)
Model ID 0x322 (0x1B9)
Revision ID 0xA1



Display I2C
------------------------------------------------------------------------------


Software
------------------------------------------------------------------------------

Windows Version Microsoft Windows XP Home Edition Service Pack 3 (Build 2600)
DirectX Version 9.0c


Resources
------------------------------------------------------------------------------

Memory I/O Space, BA=0x00000000E8000000
Port I/O Space, BA=0xFF80
Port I/O Space, BA=0xFF60
Port I/O Space, BA=0xFF40
Port I/O Space, BA=0xFF20
Memory I/O Space, BA=0x00000000FEBFF800
Port I/O Space, BA=0x1F0
Port I/O Space, BA=0x3F4
Port I/O Space, BA=0x170
Port I/O Space, BA=0x374
Port I/O Space, BA=0xFFA0
Memory I/O Space, BA=0x00000000FEBFFC00
Port I/O Space, BA=0xFE00
Port I/O Space, BA=0xFE10
Port I/O Space, BA=0xFE20
Port I/O Space, BA=0xFE30
Port I/O Space, BA=0xFEA0
Port I/O Space, BA=0xEFE0
Memory I/O Space, BA=0x00000000FD000000
Memory I/O Space, BA=0x00000000F0000000
Port I/O Space, BA=0xDF20
Port I/O Space, BA=0xDF10
Memory I/O Space, BA=0x00000000FCFF0000
Port I/O Space, BA=0xDF18
Memory I/O Space, BA=0x00000000FCFEF000
Port I/O Space, BA=0xDF40
Port I/O Space, BA=0x808, size=0x4
Memory I/O Space, BA=0x00000000FEE00000, size=0x1000
Memory I/O Space, BA=0x00000000FECF0000, size=0x100
Port I/O Space, BA=0xC00
Port I/O Space, BA=0x2E

gilbereke
20 juli 2009, 16:52
En wat de temperaturen betreft: ik zie alleen 34°C (speedfan)staan, voor de rest zie ik niks staan bij die Cpu-z (daar staat alleen 250mhz en 200mhz)

maximvdb
20 juli 2009, 18:03
Pff dat is redelijk uitgebreid. De graka en CPu waren ook al voldoende geweest xD

Temps lijken mij normaal. Tis wel een oud beesje dus verwacht niet dat het zomaar de nieuwste progjes laat werken zonder probs.

Misschien dat onze Jurgen nog iets slecht vind ivm de spyware/virussen ...

gilbereke
20 juli 2009, 18:12
Ahja

misschien een fout van mij door dat niet eerder te zeggen, maar het is vooral wanneer ik meerdere tabbladen opendoe dat de pc echt traag wordt en vastgeraakt.
Dat valt mij ook trouwens op bij dat programma dat jij had doorgegeven: fanspeed. Als ik daar naar CPU gebruik kijk, dan schiet dat soms echt naar 80-90% wanneer ik verschillende tabbladen opendoe. En vooral als ik paginas open met veel fotos of met een filmke op.

Jurgenv1
22 juli 2009, 22:48
Ik vrees dat ik je niet verder kan helpen, je zal dus naar het software forum moeten gaan. :)