Ga naar inhoud

sdm

Lid
  • Items

    5
  • Registratiedatum

  • Laatst bezocht

sdm's prestaties

  1. sdm

    Trage PC

    Beste, PC krijg ik eigenlijk alleen nog deftig (naar snelheid toe) opgestart in veilige modus. Hierbij de gevraagde logs. Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.02.07.07 Windows 7 Service Pack 1 x86 NTFS (Safe Mode/Networking) Internet Explorer 9.0.8112.16421 annick :: VDW-WIN7-2 [limited] 14/03/2012 13:41:18 mbam-log-2012-03-14 (13-41-18).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 140469 Time elapsed: 1 minute(s), 56 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 16 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|0 (Security.Hijack) -> Data: msseces.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|1 (Security.Hijack) -> Data: MSASCui.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|2 (Security.Hijack) -> Data: ekrn.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|3 (Security.Hijack) -> Data: egui.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|4 (Security.Hijack) -> Data: avgnt.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|5 (Security.Hijack) -> Data: avcenter.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|6 (Security.Hijack) -> Data: avscan.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|7 (Security.Hijack) -> Data: avgfrw.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|8 (Security.Hijack) -> Data: avgui.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|9 (Security.Hijack) -> Data: avgtray.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|10 (Security.Hijack) -> Data: avgscanx.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|11 (Security.Hijack) -> Data: avgcfgex.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|12 (Security.Hijack) -> Data: avgemc.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|13 (Security.Hijack) -> Data: avgchsvx.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|14 (Security.Hijack) -> Data: avgcmgr.exe -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|15 (Security.Hijack) -> Data: avgwdsvc.exe -> Delete on reboot. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:52:39, on 14/03/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Safe mode with network support Running processes: C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe C:\Windows\helppane.exe F:\drivers\Spyware\HijackThis.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vdwalle.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN O1 - Hosts: 172.31.243.198 RB_TEMPO O1 - Hosts: 212.79.93.10 my.nateus.nateusgroep.portima O1 - Hosts: 212.79.93.10 pro.nateus.nateusgroep.portima O1 - Hosts: 212.79.93.10 login.nateusgroep.portima O1 - Hosts: 212.79.93.10 loans.nateus.nateusgroep.portima O1 - Hosts: 212.79.94.52 fws.axa.be O1 - Hosts: 212.79.94.41 www.fe.axa.be O1 - Hosts: 212.79.93.10 my.audi.nateusgroep.portima O1 - Hosts: 212.79.93.10 pro.audi.nateusgroep.portima O1 - Hosts: 212.79.94.193 Webfs2.agf.be O1 - Hosts: 212.79.94.194 hydrafs2.agf.be O1 - Hosts: 212.79.93.10 pro.nateus.be O1 - Hosts: 212.79.93.10 login.nateus.be O1 - Hosts: 212.79.94.41 www.front-office.rp.axa.portima O1 - Hosts: 212.79.94.41 www.front-office.axa.be O1 - Hosts: 212.79.94.41 www.phoenixiard.rp.axa.portima O1 - Hosts: 212.79.94.36 www.efl.axa.be O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\Windows\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN O4 - HKCU\..\Run: [Express ClickYes] C:\Program Files\Express ClickYes\ClickYes.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ASP] "C:\ProgramData\f5730f\AntivirusSP.exe" /s O4 - Global Startup: ASWeb.lnk = C:\AnetLP\Assurnet\AsWeb\AsWebNotifier.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.agf.assurnet O15 - Trusted Zone: http://www.agf2.assurnet O15 - Trusted Zone: http://*.aginsurance.portima O15 - Trusted Zone: http://*.allianz.assurnet O15 - Trusted Zone: http://www.allianz2.assurnet O15 - Trusted Zone: http://*.allianz2.assurnet O15 - Trusted Zone: http://*.aragb2b.be O15 - Trusted Zone: http://*.avero.be O15 - Trusted Zone: http://*.axa.be O15 - Trusted Zone: http://*.axa.portima O15 - Trusted Zone: http://demo.brio.be O15 - Trusted Zone: http://*.brio.be O15 - Trusted Zone: http://*.brioplus.be O15 - Trusted Zone: http://*.das.be O15 - Trusted Zone: http://*.feprabel.be O15 - Trusted Zone: http://*.fortisag.assurnet O15 - Trusted Zone: http://*.foyer.lu O15 - Trusted Zone: http://*.nateus.be O15 - Trusted Zone: http://*.nateusgroep.portima O15 - Trusted Zone: http://*.port-e-key.be O15 - Trusted Zone: http://*.portigate.be O15 - Trusted Zone: http://briotraining.portima.be O15 - Trusted Zone: http://*.portima.be O15 - Trusted Zone: http://*.portima.com O15 - Trusted Zone: http://www.prolinknet.assurnet O15 - Trusted Zone: http://*.vivium.be O15 - Trusted Zone: http://*.vivium.portima O15 - Trusted Zone: http://*.mcafee.com (HKLM) O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM) O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM) O16 - DPF: Mercator.Portal.CA.Client.CAB - https://registratie.mercator.be/Mercator.Portal.CA.Client.CAB O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://srvvdw.vandewalle.local:4343/officescan/console/ClientInstall/WinNTChk.cab O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://srvvdw.vandewalle.local:4343/officescan/console/ClientInstall/setup.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Vandewalle.local O17 - HKLM\Software\..\Telephony: DomainName = Vandewalle.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Vandewalle.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Vandewalle.local O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Portima Middleware Server Engine ASWeb (PortimaMiddlewareServerEngineASWeb) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe O23 - Service: Portima Middleware Server Engine AuthProxy (PortimaMiddlewareServerEngineAuthProxy) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe O23 - Service: Trend Micro Client/Server Security Agent Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe -- End of file - 9051 bytes
  2. Beste, PC is op een paar dagen tijd heel traag geworden. Diverse antivirussen gedraaid, één en ander verwijderd, hij blijft traag. Kan u de HijackLog eens bekijken? Alvast bedankt. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:48:47, on 13/03/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Safe mode with network support Running processes: C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe F:\drivers\Spyware\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vdwalle.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: 172.31.243.198 RB_TEMPO O1 - Hosts: 212.79.93.10 my.nateus.nateusgroep.portima O1 - Hosts: 212.79.93.10 pro.nateus.nateusgroep.portima O1 - Hosts: 212.79.93.10 login.nateusgroep.portima O1 - Hosts: 212.79.93.10 loans.nateus.nateusgroep.portima O1 - Hosts: 212.79.94.52 fws.axa.be O1 - Hosts: 212.79.94.41 www.fe.axa.be O1 - Hosts: 212.79.93.10 my.audi.nateusgroep.portima O1 - Hosts: 212.79.93.10 pro.audi.nateusgroep.portima O1 - Hosts: 212.79.94.193 Webfs2.agf.be O1 - Hosts: 212.79.94.194 hydrafs2.agf.be O1 - Hosts: 212.79.93.10 pro.nateus.be O1 - Hosts: 212.79.93.10 login.nateus.be O1 - Hosts: 212.79.94.41 www.front-office.rp.axa.portima O1 - Hosts: 212.79.94.41 www.front-office.axa.be O1 - Hosts: 212.79.94.41 www.phoenixiard.rp.axa.portima O1 - Hosts: 212.79.94.36 www.efl.axa.be O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\Windows\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN O4 - HKCU\..\Run: [Express ClickYes] C:\Program Files\Express ClickYes\ClickYes.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ASP] "C:\ProgramData\f5730f\AntivirusSP.exe" /s O4 - Global Startup: ASWeb.lnk = C:\AnetLP\Assurnet\AsWeb\AsWebNotifier.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.agf.assurnet O15 - Trusted Zone: http://www.agf2.assurnet O15 - Trusted Zone: http://*.aginsurance.portima O15 - Trusted Zone: http://*.allianz.assurnet O15 - Trusted Zone: http://www.allianz2.assurnet O15 - Trusted Zone: http://*.allianz2.assurnet O15 - Trusted Zone: http://*.aragb2b.be O15 - Trusted Zone: http://*.avero.be O15 - Trusted Zone: http://*.axa.be O15 - Trusted Zone: http://*.axa.portima O15 - Trusted Zone: http://demo.brio.be O15 - Trusted Zone: http://*.brio.be O15 - Trusted Zone: http://*.brioplus.be O15 - Trusted Zone: http://*.das.be O15 - Trusted Zone: http://*.feprabel.be O15 - Trusted Zone: http://*.fortisag.assurnet O15 - Trusted Zone: http://*.foyer.lu O15 - Trusted Zone: http://*.nateus.be O15 - Trusted Zone: http://*.nateusgroep.portima O15 - Trusted Zone: http://*.port-e-key.be O15 - Trusted Zone: http://*.portigate.be O15 - Trusted Zone: http://briotraining.portima.be O15 - Trusted Zone: http://*.portima.be O15 - Trusted Zone: http://*.portima.com O15 - Trusted Zone: http://www.prolinknet.assurnet O15 - Trusted Zone: http://*.vivium.be O15 - Trusted Zone: http://*.vivium.portima O15 - Trusted Zone: http://*.mcafee.com (HKLM) O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM) O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM) O16 - DPF: Mercator.Portal.CA.Client.CAB - https://registratie.mercator.be/Mercator.Portal.CA.Client.CAB O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://srvvdw.vandewalle.local:4343/officescan/console/ClientInstall/WinNTChk.cab O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://srvvdw.vandewalle.local:4343/officescan/console/ClientInstall/setup.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Vandewalle.local O17 - HKLM\Software\..\Telephony: DomainName = Vandewalle.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Vandewalle.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Vandewalle.local O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Portima Middleware Server Engine ASWeb (PortimaMiddlewareServerEngineASWeb) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe O23 - Service: Portima Middleware Server Engine AuthProxy (PortimaMiddlewareServerEngineAuthProxy) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe O23 - Service: Trend Micro Client/Server Security Agent Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe -- End of file - 9101 bytes
  3. Beste, het lijkt allemaal opgelost. Hartelijk dank!
  4. Beste alvast dank voor uw interventie. Hierbij de gevraagde logs. Log Malware Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.03.09.02 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 sdm :: VDW-PORT-1 [administrator] 09/03/2012 08:51:13 mbam-log-2012-03-09 (08-51-13).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 250176 Verstreken tijd: 10 minuut/minuten, 21 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Log Hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:04:12, on 09/03/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\Program Files\TeamViewer\Version7\TeamViewer.exe C:\windows\system32\Dwm.exe C:\windows\system32\taskmgr.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\windows\system32\winver.exe C:\windows\System32\msiexec.exe C:\windows\System32\rundll32.exe C:\HijackThis\HijackThis.exe C:\windows\system32\NOTEPAD.EXE C:\windows\system32\spool\DRIVERS\W32X86\3\hpmup094.bin C:\windows\notepad.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Homepage: De Tijd R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: 172.31.0.104 HASPROPAD99 #PRE O1 - Hosts: 172.31.0.72 MAILANET1 #PRE O1 - Hosts: 172.31.0.73 MAILANET2 #PRE O1 - Hosts: 172.31.0.74 MAILANET3 #PRE O1 - Hosts: 172.31.0.80 ESDANET1 #PRE O1 - Hosts: 172.31.0.81 ESDANET2 #PRE O1 - Hosts: 172.31.0.82 ESDANET3 #PRE O1 - Hosts: 172.31.0.146 HASPROTAR01 #PRE O1 - Hosts: 172.31.0.121 HTSASWAN1 #PRE O1 - Hosts: 172.31.243.198 RB_TEMPO O1 - Hosts: 212.79.87.30 HASPROCES01 O1 - Hosts: 212.79.87.30 pop.portima.be O1 - Hosts: 212.79.84.49 HASPROPAR04 #PRE O1 - Hosts: 212.79.84.50 HASPROPAR03 #PRE O1 - Hosts: 212.79.87.140 HASPROXY O1 - Hosts: 212.79.84.63 Ben.portima.be O1 - Hosts: 212.79.84.63 E-support.portima.be O1 - Hosts: 212.79.84.37 prod.asweb.portima.be O1 - Hosts: 212.79.93.10 my.nateus.nateusgroep.portima O1 - Hosts: 212.79.93.10 pro.nateus.nateusgroep.portima O1 - Hosts: 212.79.93.10 login.nateusgroep.portima O1 - Hosts: 212.79.93.10 loans.nateus.nateusgroep.portima O1 - Hosts: 212.79.94.41 www.front-office.rp.axa.portima O1 - Hosts: 212.79.94.41 www.front-office.axa.be O1 - Hosts: 212.79.94.41 www.phoenixiard.rp.axa.portima O1 - Hosts: 212.79.94.52 fws.axa.be O1 - Hosts: 212.79.94.41 www.fe.axa.be O1 - Hosts: 212.79.93.10 my.audi.nateusgroep.portima O1 - Hosts: 212.79.93.10 pro.audi.nateusgroep.portima O1 - Hosts: 212.79.93.10 pro.nateus.be O1 - Hosts: 212.79.93.10 login.nateus.be O1 - Hosts: 212.79.94.36 www.efl.axa.be O1 - Hosts: 212.79.87.152 smtp.portima.be O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: EgisPBIE - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [iMSS] "C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [HP Connection Manager.exe] "C:\Program Files\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe" O4 - HKLM\..\Run: [PTNMWND] "C:\Program Files\Brother\ES Status Monitor\ptnmwnd.exe" Brother QL-580N /AUTORUN O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [isaKbcCertUpdate] C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe O4 - HKLM\..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden O4 - HKLM\..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [VitaKeyTSR] C:\Program Files\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [Express ClickYes] C:\Program Files\Express ClickYes\ClickYes.exe O4 - HKCU\..\Run: [beid] C:\Program Files\Belgium Identity Card\beid35gui.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe O4 - HKCU\..\Run: [spotify] "C:\Users\sdm\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: CRMDocumentPreview - Snelkoppeling.lnk = C:\Program Files\crm\insusoft\docpreview\CRMDocumentPreview.exe O4 - Startup: Dropbox.lnk = C:\Users\sdm\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Insusoft.lnk = C:\Program Files\crm\insusoft\Insusoft.exe O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: ASWeb.lnk = C:\AnetLP\Assurnet\AsWeb\AsWebNotifier.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.agf.assurnet O15 - Trusted Zone: http://www.agf2.assurnet O15 - Trusted Zone: http://*.aginsurance.portima O15 - Trusted Zone: http://*.allianz.assurnet O15 - Trusted Zone: http://www.allianz2.assurnet O15 - Trusted Zone: http://*.allianz2.assurnet O15 - Trusted Zone: http://*.aragb2b.be O15 - Trusted Zone: http://*.avero.be O15 - Trusted Zone: http://*.axa.be O15 - Trusted Zone: http://*.axa.portima O15 - Trusted Zone: http://demo.brio.be O15 - Trusted Zone: http://*.brio.be O15 - Trusted Zone: http://*.brioplus.be O15 - Trusted Zone: http://*.das.be O15 - Trusted Zone: http://*.feprabel.be O15 - Trusted Zone: http://*.fortisag.assurnet O15 - Trusted Zone: http://*.foyer.lu O15 - Trusted Zone: http://*.nateus.be O15 - Trusted Zone: http://*.nateusgroep.portima O15 - Trusted Zone: http://*.port-e-key.be O15 - Trusted Zone: http://*.portigate.be O15 - Trusted Zone: http://briotraining.portima.be O15 - Trusted Zone: http://*.portima.be O15 - Trusted Zone: http://*.portima.com O15 - Trusted Zone: http://www.prolinknet.assurnet O15 - Trusted Zone: http://*.vivium.be O15 - Trusted Zone: http://*.vivium.portima O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM) O15 - Trusted Zone: CBC (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM) O15 - Trusted Zone: KBC (HKLM) O15 - Trusted Zone: KBC Asset Management (HKLM) O15 - Trusted Zone: http://www.kbcam.com (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O16 - DPF: Mercator.Portal.CA.Client.CAB - https://registratie.mercator.be/Mercator.Portal.CA.Client.CAB O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://srvvdw:4343/officescan/console/ClientInstall/WinNTChk.cab O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://srvvdw:4343/officescan/console/ClientInstall/setup.cab O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab O16 - DPF: {9BBB3919-F518-4D06-8209-299FC243FC44} (Encrypt Class) - https://srvvdw:4343/SMB/console/html/root/AtxEnc.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Vandewalle.local O17 - HKLM\Software\..\Telephony: DomainName = Vandewalle.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Vandewalle.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Vandewalle.local O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = Vandewalle.local O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: EgisNotify - C:\Program Files\Hewlett-Packard\HP SimplePass Identity Protection\EgisNotify.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\windows\system32\Hpservice.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe O23 - Service: Portima Middleware Server Engine ASWeb (PortimaMiddlewareServerEngineASWeb) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe O23 - Service: Portima Middleware Server Engine AuthProxy (PortimaMiddlewareServerEngineAuthProxy) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe O23 - Service: Qualcomm Gobi 2000 Download Service (HP) (QDLService2kHP) - QUALCOMM, Inc. - C:\Program Files\QUALCOMM\QDLService2k\QDLService2kHP.exe O23 - Service: HP Connection Manager Service (SMManager) - Smith Micro Software, Inc. - C:\Program Files\Hewlett-Packard\HP Connection Manager\SMManager.exe O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe O23 - Service: Trend Micro Client/Server Security Agent Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe -- End of file - 19455 bytes
  5. Logfile Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:45:09, on 08/03/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\Program Files\TeamViewer\Version7\TeamViewer.exe C:\windows\system32\Dwm.exe C:\windows\system32\taskmgr.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\windows\system32\winver.exe C:\windows\System32\msiexec.exe C:\windows\System32\rundll32.exe C:\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Homepage: De Tijd R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: Shell=iexplore.exe O1 - Hosts: 172.31.0.104 HASPROPAD99 #PRE O1 - Hosts: 172.31.0.72 MAILANET1 #PRE O1 - Hosts: 172.31.0.73 MAILANET2 #PRE O1 - Hosts: 172.31.0.74 MAILANET3 #PRE O1 - Hosts: 172.31.0.80 ESDANET1 #PRE O1 - Hosts: 172.31.0.81 ESDANET2 #PRE O1 - Hosts: 172.31.0.82 ESDANET3 #PRE O1 - Hosts: 172.31.0.146 HASPROTAR01 #PRE O1 - Hosts: 172.31.0.121 HTSASWAN1 #PRE O1 - Hosts: 172.31.243.198 RB_TEMPO O1 - Hosts: 212.79.87.30 HASPROCES01 O1 - Hosts: 212.79.87.30 pop.portima.be O1 - Hosts: 212.79.84.49 HASPROPAR04 #PRE O1 - Hosts: 212.79.84.50 HASPROPAR03 #PRE O1 - Hosts: 212.79.87.140 HASPROXY O1 - Hosts: 212.79.84.63 Ben.portima.be O1 - Hosts: 212.79.84.63 E-support.portima.be O1 - Hosts: 212.79.84.37 prod.asweb.portima.be O1 - Hosts: 212.79.93.10 my.nateus.nateusgroep.portima O1 - Hosts: 212.79.93.10 pro.nateus.nateusgroep.portima O1 - Hosts: 212.79.93.10 login.nateusgroep.portima O1 - Hosts: 212.79.93.10 loans.nateus.nateusgroep.portima O1 - Hosts: 212.79.94.41 www.front-office.rp.axa.portima O1 - Hosts: 212.79.94.41 www.front-office.axa.be O1 - Hosts: 212.79.94.41 www.phoenixiard.rp.axa.portima O1 - Hosts: 212.79.94.52 fws.axa.be O1 - Hosts: 212.79.94.41 www.fe.axa.be O1 - Hosts: 212.79.93.10 my.audi.nateusgroep.portima O1 - Hosts: 212.79.93.10 pro.audi.nateusgroep.portima O1 - Hosts: 212.79.93.10 pro.nateus.be O1 - Hosts: 212.79.93.10 login.nateus.be O1 - Hosts: 212.79.94.36 www.efl.axa.be O1 - Hosts: 212.79.87.152 smtp.portima.be O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: EgisPBIE - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [iMSS] "C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [HP Connection Manager.exe] "C:\Program Files\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe" O4 - HKLM\..\Run: [PTNMWND] "C:\Program Files\Brother\ES Status Monitor\ptnmwnd.exe" Brother QL-580N /AUTORUN O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [isaKbcCertUpdate] C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe O4 - HKLM\..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden O4 - HKLM\..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [VitaKeyTSR] C:\Program Files\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Express ClickYes] C:\Program Files\Express ClickYes\ClickYes.exe O4 - HKCU\..\Run: [beid] C:\Program Files\Belgium Identity Card\beid35gui.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe O4 - HKCU\..\Run: [spotify] "C:\Users\sdm\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKLM\..\Policies\Explorer\Run: [lytafxhgl] C:\windows\system32\RICHEDK.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: CRMDocumentPreview - Snelkoppeling.lnk = C:\Program Files\crm\insusoft\docpreview\CRMDocumentPreview.exe O4 - Startup: Dropbox.lnk = C:\Users\sdm\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Insusoft.lnk = C:\Program Files\crm\insusoft\Insusoft.exe O4 - Startup: Microsoft Outlook 2010.lnk = ? O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: ASWeb.lnk = C:\AnetLP\Assurnet\AsWeb\AsWebNotifier.exe O4 - Global Startup: Bluetooth.lnk = ? O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.agf.assurnet O15 - Trusted Zone: http://www.agf2.assurnet O15 - Trusted Zone: http://*.aginsurance.portima O15 - Trusted Zone: http://*.allianz.assurnet O15 - Trusted Zone: http://www.allianz2.assurnet O15 - Trusted Zone: http://*.allianz2.assurnet O15 - Trusted Zone: http://*.aragb2b.be O15 - Trusted Zone: http://*.avero.be O15 - Trusted Zone: http://*.axa.be O15 - Trusted Zone: http://*.axa.portima O15 - Trusted Zone: http://demo.brio.be O15 - Trusted Zone: http://*.brio.be O15 - Trusted Zone: http://*.brioplus.be O15 - Trusted Zone: http://*.das.be O15 - Trusted Zone: http://*.feprabel.be O15 - Trusted Zone: http://*.fortisag.assurnet O15 - Trusted Zone: http://*.foyer.lu O15 - Trusted Zone: http://*.nateus.be O15 - Trusted Zone: http://*.nateusgroep.portima O15 - Trusted Zone: http://*.port-e-key.be O15 - Trusted Zone: http://*.portigate.be O15 - Trusted Zone: http://briotraining.portima.be O15 - Trusted Zone: http://*.portima.be O15 - Trusted Zone: http://*.portima.com O15 - Trusted Zone: http://www.prolinknet.assurnet O15 - Trusted Zone: http://*.vivium.be O15 - Trusted Zone: http://*.vivium.portima O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM) O15 - Trusted Zone: CBC (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM) O15 - Trusted Zone: KBC (HKLM) O15 - Trusted Zone: KBC Asset Management (HKLM) O15 - Trusted Zone: http://www.kbcam.com (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O16 - DPF: Mercator.Portal.CA.Client.CAB - https://registratie.mercator.be/Mercator.Portal.CA.Client.CAB O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://srvvdw:4343/officescan/console/ClientInstall/WinNTChk.cab O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://srvvdw:4343/officescan/console/ClientInstall/setup.cab O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab O16 - DPF: {9BBB3919-F518-4D06-8209-299FC243FC44} (Encrypt Class) - https://srvvdw:4343/SMB/console/html/root/AtxEnc.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Vandewalle.local O17 - HKLM\Software\..\Telephony: DomainName = Vandewalle.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Vandewalle.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Vandewalle.local O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = Vandewalle.local O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: EgisNotify - C:\Program Files\Hewlett-Packard\HP SimplePass Identity Protection\EgisNotify.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\windows\system32\Hpservice.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe O23 - Service: Portima Middleware Server Engine ASWeb (PortimaMiddlewareServerEngineASWeb) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe O23 - Service: Portima Middleware Server Engine AuthProxy (PortimaMiddlewareServerEngineAuthProxy) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe O23 - Service: Qualcomm Gobi 2000 Download Service (HP) (QDLService2kHP) - QUALCOMM, Inc. - C:\Program Files\QUALCOMM\QDLService2k\QDLService2kHP.exe O23 - Service: HP Connection Manager Service (SMManager) - Smith Micro Software, Inc. - C:\Program Files\Hewlett-Packard\HP Connection Manager\SMManager.exe O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe O23 - Service: Trend Micro Client/Server Security Agent Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe -- End of file - 19579 bytes
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.