Ga naar inhoud

sdm

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    5

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Berichten die geplaatst zijn door sdm

    Trage PC

    in Archief Windows Algemeen

    Geplaatst:

    Beste,

    PC krijg ik eigenlijk alleen nog deftig (naar snelheid toe) opgestart in veilige modus.

    Hierbij de gevraagde logs.

    Malwarebytes Anti-Malware 1.60.1.1000

    www.malwarebytes.org

    Database version: v2012.02.07.07

    Windows 7 Service Pack 1 x86 NTFS (Safe Mode/Networking)

    Internet Explorer 9.0.8112.16421

    annick :: VDW-WIN7-2 [limited]

    14/03/2012 13:41:18

    mbam-log-2012-03-14 (13-41-18).txt

    Scan type: Quick scan

    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

    Scan options disabled: P2P

    Objects scanned: 140469

    Time elapsed: 1 minute(s), 56 second(s)

    Memory Processes Detected: 0

    (No malicious items detected)

    Memory Modules Detected: 0

    (No malicious items detected)

    Registry Keys Detected: 0

    (No malicious items detected)

    Registry Values Detected: 16

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|0 (Security.Hijack) -> Data: msseces.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|1 (Security.Hijack) -> Data: MSASCui.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|2 (Security.Hijack) -> Data: ekrn.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|3 (Security.Hijack) -> Data: egui.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|4 (Security.Hijack) -> Data: avgnt.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|5 (Security.Hijack) -> Data: avcenter.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|6 (Security.Hijack) -> Data: avscan.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|7 (Security.Hijack) -> Data: avgfrw.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|8 (Security.Hijack) -> Data: avgui.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|9 (Security.Hijack) -> Data: avgtray.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|10 (Security.Hijack) -> Data: avgscanx.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|11 (Security.Hijack) -> Data: avgcfgex.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|12 (Security.Hijack) -> Data: avgemc.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|13 (Security.Hijack) -> Data: avgchsvx.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|14 (Security.Hijack) -> Data: avgcmgr.exe -> Delete on reboot.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|15 (Security.Hijack) -> Data: avgwdsvc.exe -> Delete on reboot.

    Registry Data Items Detected: 0

    (No malicious items detected)

    Folders Detected: 0

    (No malicious items detected)

    Files Detected: 0

    (No malicious items detected)

    (end)

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 13:52:39, on 14/03/2012

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v9.00 (9.00.8112.16421)

    Boot mode: Safe mode with network support

    Running processes:

    C:\Windows\Explorer.EXE

    C:\Windows\system32\ctfmon.exe

    C:\Windows\helppane.exe

    F:\drivers\Spyware\HijackThis.exe

    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vdwalle.be/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

    O1 - Hosts: 172.31.243.198 RB_TEMPO

    O1 - Hosts: 212.79.93.10 my.nateus.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 pro.nateus.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 login.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 loans.nateus.nateusgroep.portima

    O1 - Hosts: 212.79.94.52 fws.axa.be

    O1 - Hosts: 212.79.94.41 www.fe.axa.be

    O1 - Hosts: 212.79.93.10 my.audi.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 pro.audi.nateusgroep.portima

    O1 - Hosts: 212.79.94.193 Webfs2.agf.be

    O1 - Hosts: 212.79.94.194 hydrafs2.agf.be

    O1 - Hosts: 212.79.93.10 pro.nateus.be

    O1 - Hosts: 212.79.93.10 login.nateus.be

    O1 - Hosts: 212.79.94.41 www.front-office.rp.axa.portima

    O1 - Hosts: 212.79.94.41 www.front-office.axa.be

    O1 - Hosts: 212.79.94.41 www.phoenixiard.rp.axa.portima

    O1 - Hosts: 212.79.94.36 www.efl.axa.be

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow

    O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\RunOnce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq

    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

    O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\Windows\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f

    O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN

    O4 - HKCU\..\Run: [Express ClickYes] C:\Program Files\Express ClickYes\ClickYes.exe

    O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

    O4 - HKCU\..\Run: [ASP] "C:\ProgramData\f5730f\AntivirusSP.exe" /s

    O4 - Global Startup: ASWeb.lnk = C:\AnetLP\Assurnet\AsWeb\AsWebNotifier.exe

    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O15 - Trusted Zone: http://www.agf.assurnet

    O15 - Trusted Zone: http://www.agf2.assurnet

    O15 - Trusted Zone: http://*.aginsurance.portima

    O15 - Trusted Zone: http://*.allianz.assurnet

    O15 - Trusted Zone: http://www.allianz2.assurnet

    O15 - Trusted Zone: http://*.allianz2.assurnet

    O15 - Trusted Zone: http://*.aragb2b.be

    O15 - Trusted Zone: http://*.avero.be

    O15 - Trusted Zone: http://*.axa.be

    O15 - Trusted Zone: http://*.axa.portima

    O15 - Trusted Zone: http://demo.brio.be

    O15 - Trusted Zone: http://*.brio.be

    O15 - Trusted Zone: http://*.brioplus.be

    O15 - Trusted Zone: http://*.das.be

    O15 - Trusted Zone: http://*.feprabel.be

    O15 - Trusted Zone: http://*.fortisag.assurnet

    O15 - Trusted Zone: http://*.foyer.lu

    O15 - Trusted Zone: http://*.nateus.be

    O15 - Trusted Zone: http://*.nateusgroep.portima

    O15 - Trusted Zone: http://*.port-e-key.be

    O15 - Trusted Zone: http://*.portigate.be

    O15 - Trusted Zone: http://briotraining.portima.be

    O15 - Trusted Zone: http://*.portima.be

    O15 - Trusted Zone: http://*.portima.com

    O15 - Trusted Zone: http://www.prolinknet.assurnet

    O15 - Trusted Zone: http://*.vivium.be

    O15 - Trusted Zone: http://*.vivium.portima

    O15 - Trusted Zone: http://*.mcafee.com (HKLM)

    O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)

    O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)

    O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)

    O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)

    O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)

    O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)

    O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)

    O16 - DPF: Mercator.Portal.CA.Client.CAB - https://registratie.mercator.be/Mercator.Portal.CA.Client.CAB

    O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://srvvdw.vandewalle.local:4343/officescan/console/ClientInstall/WinNTChk.cab

    O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://srvvdw.vandewalle.local:4343/officescan/console/ClientInstall/setup.cab

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O17 - HKLM\Software\..\Telephony: DomainName = Vandewalle.local

    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

    O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

    O23 - Service: Portima Middleware Server Engine ASWeb (PortimaMiddlewareServerEngineASWeb) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe

    O23 - Service: Portima Middleware Server Engine AuthProxy (PortimaMiddlewareServerEngineAuthProxy) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe

    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

    O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

    O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe

    O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe

    O23 - Service: Trend Micro Client/Server Security Agent Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe

    O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe

    --

    End of file - 9051 bytes

    Trage PC

    in Archief Windows Algemeen

    Geplaatst:

    Beste,

    PC is op een paar dagen tijd heel traag geworden.

    Diverse antivirussen gedraaid, één en ander verwijderd, hij blijft traag.

    Kan u de HijackLog eens bekijken? Alvast bedankt.

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 17:48:47, on 13/03/2012

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v9.00 (9.00.8112.16421)

    Boot mode: Safe mode with network support

    Running processes:

    C:\Windows\Explorer.EXE

    C:\Windows\system32\ctfmon.exe

    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

    F:\drivers\Spyware\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vdwalle.be/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    O1 - Hosts: 172.31.243.198 RB_TEMPO

    O1 - Hosts: 212.79.93.10 my.nateus.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 pro.nateus.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 login.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 loans.nateus.nateusgroep.portima

    O1 - Hosts: 212.79.94.52 fws.axa.be

    O1 - Hosts: 212.79.94.41 www.fe.axa.be

    O1 - Hosts: 212.79.93.10 my.audi.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 pro.audi.nateusgroep.portima

    O1 - Hosts: 212.79.94.193 Webfs2.agf.be

    O1 - Hosts: 212.79.94.194 hydrafs2.agf.be

    O1 - Hosts: 212.79.93.10 pro.nateus.be

    O1 - Hosts: 212.79.93.10 login.nateus.be

    O1 - Hosts: 212.79.94.41 www.front-office.rp.axa.portima

    O1 - Hosts: 212.79.94.41 www.front-office.axa.be

    O1 - Hosts: 212.79.94.41 www.phoenixiard.rp.axa.portima

    O1 - Hosts: 212.79.94.36 www.efl.axa.be

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow

    O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\RunOnce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq

    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

    O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\Windows\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f

    O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN

    O4 - HKCU\..\Run: [Express ClickYes] C:\Program Files\Express ClickYes\ClickYes.exe

    O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

    O4 - HKCU\..\Run: [ASP] "C:\ProgramData\f5730f\AntivirusSP.exe" /s

    O4 - Global Startup: ASWeb.lnk = C:\AnetLP\Assurnet\AsWeb\AsWebNotifier.exe

    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O15 - Trusted Zone: http://www.agf.assurnet

    O15 - Trusted Zone: http://www.agf2.assurnet

    O15 - Trusted Zone: http://*.aginsurance.portima

    O15 - Trusted Zone: http://*.allianz.assurnet

    O15 - Trusted Zone: http://www.allianz2.assurnet

    O15 - Trusted Zone: http://*.allianz2.assurnet

    O15 - Trusted Zone: http://*.aragb2b.be

    O15 - Trusted Zone: http://*.avero.be

    O15 - Trusted Zone: http://*.axa.be

    O15 - Trusted Zone: http://*.axa.portima

    O15 - Trusted Zone: http://demo.brio.be

    O15 - Trusted Zone: http://*.brio.be

    O15 - Trusted Zone: http://*.brioplus.be

    O15 - Trusted Zone: http://*.das.be

    O15 - Trusted Zone: http://*.feprabel.be

    O15 - Trusted Zone: http://*.fortisag.assurnet

    O15 - Trusted Zone: http://*.foyer.lu

    O15 - Trusted Zone: http://*.nateus.be

    O15 - Trusted Zone: http://*.nateusgroep.portima

    O15 - Trusted Zone: http://*.port-e-key.be

    O15 - Trusted Zone: http://*.portigate.be

    O15 - Trusted Zone: http://briotraining.portima.be

    O15 - Trusted Zone: http://*.portima.be

    O15 - Trusted Zone: http://*.portima.com

    O15 - Trusted Zone: http://www.prolinknet.assurnet

    O15 - Trusted Zone: http://*.vivium.be

    O15 - Trusted Zone: http://*.vivium.portima

    O15 - Trusted Zone: http://*.mcafee.com (HKLM)

    O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)

    O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)

    O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)

    O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)

    O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)

    O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)

    O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)

    O16 - DPF: Mercator.Portal.CA.Client.CAB - https://registratie.mercator.be/Mercator.Portal.CA.Client.CAB

    O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://srvvdw.vandewalle.local:4343/officescan/console/ClientInstall/WinNTChk.cab

    O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://srvvdw.vandewalle.local:4343/officescan/console/ClientInstall/setup.cab

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O17 - HKLM\Software\..\Telephony: DomainName = Vandewalle.local

    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

    O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

    O23 - Service: Portima Middleware Server Engine ASWeb (PortimaMiddlewareServerEngineASWeb) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe

    O23 - Service: Portima Middleware Server Engine AuthProxy (PortimaMiddlewareServerEngineAuthProxy) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe

    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

    O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

    O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe

    O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe

    O23 - Service: Trend Micro Client/Server Security Agent Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe

    O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe

    --

    End of file - 9101 bytes

    Ecops virus

    in Archief Windows Algemeen

    Geplaatst:

    Beste

    alvast dank voor uw interventie. Hierbij de gevraagde logs.

    Log Malware

    Malwarebytes Anti-Malware 1.60.1.1000

    www.malwarebytes.org

    Databaseversie: v2012.03.09.02

    Windows 7 Service Pack 1 x86 NTFS

    Internet Explorer 9.0.8112.16421

    sdm :: VDW-PORT-1 [administrator]

    09/03/2012 08:51:13

    mbam-log-2012-03-09 (08-51-13).txt

    Scantype: Snelle scan

    Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

    Uitgeschakelde scanopties: P2P

    Objecten gescand: 250176

    Verstreken tijd: 10 minuut/minuten, 21 seconde(n)

    Geheugenprocessen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    (einde)

    Log Hijackthis

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 09:04:12, on 09/03/2012

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v9.00 (9.00.8112.16421)

    Boot mode: Normal

    Running processes:

    C:\windows\system32\taskhost.exe

    C:\Program Files\TeamViewer\Version7\TeamViewer.exe

    C:\windows\system32\Dwm.exe

    C:\windows\system32\taskmgr.exe

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\windows\system32\winver.exe

    C:\windows\System32\msiexec.exe

    C:\windows\System32\rundll32.exe

    C:\HijackThis\HijackThis.exe

    C:\windows\system32\NOTEPAD.EXE

    C:\windows\system32\spool\DRIVERS\W32X86\3\hpmup094.bin

    C:\windows\notepad.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Homepage: De Tijd

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    O1 - Hosts: 172.31.0.104 HASPROPAD99 #PRE

    O1 - Hosts: 172.31.0.72 MAILANET1 #PRE

    O1 - Hosts: 172.31.0.73 MAILANET2 #PRE

    O1 - Hosts: 172.31.0.74 MAILANET3 #PRE

    O1 - Hosts: 172.31.0.80 ESDANET1 #PRE

    O1 - Hosts: 172.31.0.81 ESDANET2 #PRE

    O1 - Hosts: 172.31.0.82 ESDANET3 #PRE

    O1 - Hosts: 172.31.0.146 HASPROTAR01 #PRE

    O1 - Hosts: 172.31.0.121 HTSASWAN1 #PRE

    O1 - Hosts: 172.31.243.198 RB_TEMPO

    O1 - Hosts: 212.79.87.30 HASPROCES01

    O1 - Hosts: 212.79.87.30 pop.portima.be

    O1 - Hosts: 212.79.84.49 HASPROPAR04 #PRE

    O1 - Hosts: 212.79.84.50 HASPROPAR03 #PRE

    O1 - Hosts: 212.79.87.140 HASPROXY

    O1 - Hosts: 212.79.84.63 Ben.portima.be

    O1 - Hosts: 212.79.84.63 E-support.portima.be

    O1 - Hosts: 212.79.84.37 prod.asweb.portima.be

    O1 - Hosts: 212.79.93.10 my.nateus.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 pro.nateus.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 login.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 loans.nateus.nateusgroep.portima

    O1 - Hosts: 212.79.94.41 www.front-office.rp.axa.portima

    O1 - Hosts: 212.79.94.41 www.front-office.axa.be

    O1 - Hosts: 212.79.94.41 www.phoenixiard.rp.axa.portima

    O1 - Hosts: 212.79.94.52 fws.axa.be

    O1 - Hosts: 212.79.94.41 www.fe.axa.be

    O1 - Hosts: 212.79.93.10 my.audi.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 pro.audi.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 pro.nateus.be

    O1 - Hosts: 212.79.93.10 login.nateus.be

    O1 - Hosts: 212.79.94.36 www.efl.axa.be

    O1 - Hosts: 212.79.87.152 smtp.portima.be

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

    O2 - BHO: EgisPBIE - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

    O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

    O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

    O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

    O4 - HKLM\..\Run: [iMSS] "C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"

    O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow

    O4 - HKLM\..\Run: [HP Connection Manager.exe] "C:\Program Files\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe"

    O4 - HKLM\..\Run: [PTNMWND] "C:\Program Files\Brother\ES Status Monitor\ptnmwnd.exe" Brother QL-580N /AUTORUN

    O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

    O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet

    O4 - HKLM\..\Run: [isaKbcCertUpdate] C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe

    O4 - HKLM\..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

    O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden

    O4 - HKLM\..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden

    O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files\EgisTec IPS\PmmUpdate.exe"

    O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d

    O4 - HKLM\..\Run: [VitaKeyTSR] C:\Program Files\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

    O4 - HKCU\..\Run: [Express ClickYes] C:\Program Files\Express ClickYes\ClickYes.exe

    O4 - HKCU\..\Run: [beid] C:\Program Files\Belgium Identity Card\beid35gui.exe

    O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

    O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

    O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe

    O4 - HKCU\..\Run: [spotify] "C:\Users\sdm\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

    O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

    O4 - Startup: CRMDocumentPreview - Snelkoppeling.lnk = C:\Program Files\crm\insusoft\docpreview\CRMDocumentPreview.exe

    O4 - Startup: Dropbox.lnk = C:\Users\sdm\AppData\Roaming\Dropbox\bin\Dropbox.exe

    O4 - Startup: Insusoft.lnk = C:\Program Files\crm\insusoft\Insusoft.exe

    O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

    O4 - Global Startup: ASWeb.lnk = C:\AnetLP\Assurnet\AsWeb\AsWebNotifier.exe

    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

    O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll

    O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O15 - Trusted Zone: http://www.agf.assurnet

    O15 - Trusted Zone: http://www.agf2.assurnet

    O15 - Trusted Zone: http://*.aginsurance.portima

    O15 - Trusted Zone: http://*.allianz.assurnet

    O15 - Trusted Zone: http://www.allianz2.assurnet

    O15 - Trusted Zone: http://*.allianz2.assurnet

    O15 - Trusted Zone: http://*.aragb2b.be

    O15 - Trusted Zone: http://*.avero.be

    O15 - Trusted Zone: http://*.axa.be

    O15 - Trusted Zone: http://*.axa.portima

    O15 - Trusted Zone: http://demo.brio.be

    O15 - Trusted Zone: http://*.brio.be

    O15 - Trusted Zone: http://*.brioplus.be

    O15 - Trusted Zone: http://*.das.be

    O15 - Trusted Zone: http://*.feprabel.be

    O15 - Trusted Zone: http://*.fortisag.assurnet

    O15 - Trusted Zone: http://*.foyer.lu

    O15 - Trusted Zone: http://*.nateus.be

    O15 - Trusted Zone: http://*.nateusgroep.portima

    O15 - Trusted Zone: http://*.port-e-key.be

    O15 - Trusted Zone: http://*.portigate.be

    O15 - Trusted Zone: http://briotraining.portima.be

    O15 - Trusted Zone: http://*.portima.be

    O15 - Trusted Zone: http://*.portima.com

    O15 - Trusted Zone: http://www.prolinknet.assurnet

    O15 - Trusted Zone: http://*.vivium.be

    O15 - Trusted Zone: http://*.vivium.portima

    O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM)

    O15 - Trusted Zone: CBC (HKLM)

    O15 - Trusted Zone: Welcome to Isabel (HKLM)

    O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM)

    O15 - Trusted Zone: Welcome to Isabel (HKLM)

    O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM)

    O15 - Trusted Zone: KBC (HKLM)

    O15 - Trusted Zone: KBC Asset Management (HKLM)

    O15 - Trusted Zone: http://www.kbcam.com (HKLM)

    O15 - Trusted Zone: KBC Merchant Banking (HKLM)

    O15 - Trusted Zone: KBC Merchant Banking (HKLM)

    O16 - DPF: Mercator.Portal.CA.Client.CAB - https://registratie.mercator.be/Mercator.Portal.CA.Client.CAB

    O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://srvvdw:4343/officescan/console/ClientInstall/WinNTChk.cab

    O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://srvvdw:4343/officescan/console/ClientInstall/setup.cab

    O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab

    O16 - DPF: {9BBB3919-F518-4D06-8209-299FC243FC44} (Encrypt Class) - https://srvvdw:4343/SMB/console/html/root/AtxEnc.cab

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O17 - HKLM\Software\..\Telephony: DomainName = Vandewalle.local

    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

    O20 - Winlogon Notify: EgisNotify - C:\Program Files\Hewlett-Packard\HP SimplePass Identity Protection\EgisNotify.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe

    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

    O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe

    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe

    O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe

    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe

    O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\windows\system32\Hpservice.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

    O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe

    O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe

    O23 - Service: Portima Middleware Server Engine ASWeb (PortimaMiddlewareServerEngineASWeb) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe

    O23 - Service: Portima Middleware Server Engine AuthProxy (PortimaMiddlewareServerEngineAuthProxy) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe

    O23 - Service: Qualcomm Gobi 2000 Download Service (HP) (QDLService2kHP) - QUALCOMM, Inc. - C:\Program Files\QUALCOMM\QDLService2k\QDLService2kHP.exe

    O23 - Service: HP Connection Manager Service (SMManager) - Smith Micro Software, Inc. - C:\Program Files\Hewlett-Packard\HP Connection Manager\SMManager.exe

    O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe

    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

    O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

    O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe

    O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe

    O23 - Service: Trend Micro Client/Server Security Agent Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe

    O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

    O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe

    O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe

    --

    End of file - 19455 bytes

    Ecops virus

    in Archief Windows Algemeen

    Geplaatst:

    Logfile

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 20:45:09, on 08/03/2012

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v9.00 (9.00.8112.16421)

    Boot mode: Normal

    Running processes:

    C:\windows\system32\taskhost.exe

    C:\Program Files\TeamViewer\Version7\TeamViewer.exe

    C:\windows\system32\Dwm.exe

    C:\windows\system32\taskmgr.exe

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\windows\system32\winver.exe

    C:\windows\System32\msiexec.exe

    C:\windows\System32\rundll32.exe

    C:\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Homepage: De Tijd

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    F2 - REG:system.ini: Shell=iexplore.exe

    O1 - Hosts: 172.31.0.104 HASPROPAD99 #PRE

    O1 - Hosts: 172.31.0.72 MAILANET1 #PRE

    O1 - Hosts: 172.31.0.73 MAILANET2 #PRE

    O1 - Hosts: 172.31.0.74 MAILANET3 #PRE

    O1 - Hosts: 172.31.0.80 ESDANET1 #PRE

    O1 - Hosts: 172.31.0.81 ESDANET2 #PRE

    O1 - Hosts: 172.31.0.82 ESDANET3 #PRE

    O1 - Hosts: 172.31.0.146 HASPROTAR01 #PRE

    O1 - Hosts: 172.31.0.121 HTSASWAN1 #PRE

    O1 - Hosts: 172.31.243.198 RB_TEMPO

    O1 - Hosts: 212.79.87.30 HASPROCES01

    O1 - Hosts: 212.79.87.30 pop.portima.be

    O1 - Hosts: 212.79.84.49 HASPROPAR04 #PRE

    O1 - Hosts: 212.79.84.50 HASPROPAR03 #PRE

    O1 - Hosts: 212.79.87.140 HASPROXY

    O1 - Hosts: 212.79.84.63 Ben.portima.be

    O1 - Hosts: 212.79.84.63 E-support.portima.be

    O1 - Hosts: 212.79.84.37 prod.asweb.portima.be

    O1 - Hosts: 212.79.93.10 my.nateus.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 pro.nateus.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 login.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 loans.nateus.nateusgroep.portima

    O1 - Hosts: 212.79.94.41 www.front-office.rp.axa.portima

    O1 - Hosts: 212.79.94.41 www.front-office.axa.be

    O1 - Hosts: 212.79.94.41 www.phoenixiard.rp.axa.portima

    O1 - Hosts: 212.79.94.52 fws.axa.be

    O1 - Hosts: 212.79.94.41 www.fe.axa.be

    O1 - Hosts: 212.79.93.10 my.audi.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 pro.audi.nateusgroep.portima

    O1 - Hosts: 212.79.93.10 pro.nateus.be

    O1 - Hosts: 212.79.93.10 login.nateus.be

    O1 - Hosts: 212.79.94.36 www.efl.axa.be

    O1 - Hosts: 212.79.87.152 smtp.portima.be

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

    O2 - BHO: EgisPBIE - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

    O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

    O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

    O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

    O4 - HKLM\..\Run: [iMSS] "C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"

    O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow

    O4 - HKLM\..\Run: [HP Connection Manager.exe] "C:\Program Files\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe"

    O4 - HKLM\..\Run: [PTNMWND] "C:\Program Files\Brother\ES Status Monitor\ptnmwnd.exe" Brother QL-580N /AUTORUN

    O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

    O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet

    O4 - HKLM\..\Run: [isaKbcCertUpdate] C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe

    O4 - HKLM\..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

    O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden

    O4 - HKLM\..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden

    O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files\EgisTec IPS\PmmUpdate.exe"

    O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d

    O4 - HKLM\..\Run: [VitaKeyTSR] C:\Program Files\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

    O4 - HKCU\..\Run: [Express ClickYes] C:\Program Files\Express ClickYes\ClickYes.exe

    O4 - HKCU\..\Run: [beid] C:\Program Files\Belgium Identity Card\beid35gui.exe

    O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

    O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

    O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe

    O4 - HKCU\..\Run: [spotify] "C:\Users\sdm\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

    O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe

    O4 - HKLM\..\Policies\Explorer\Run: [lytafxhgl] C:\windows\system32\RICHEDK.exe

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

    O4 - Startup: CRMDocumentPreview - Snelkoppeling.lnk = C:\Program Files\crm\insusoft\docpreview\CRMDocumentPreview.exe

    O4 - Startup: Dropbox.lnk = C:\Users\sdm\AppData\Roaming\Dropbox\bin\Dropbox.exe

    O4 - Startup: Insusoft.lnk = C:\Program Files\crm\insusoft\Insusoft.exe

    O4 - Startup: Microsoft Outlook 2010.lnk = ?

    O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

    O4 - Global Startup: ASWeb.lnk = C:\AnetLP\Assurnet\AsWeb\AsWebNotifier.exe

    O4 - Global Startup: Bluetooth.lnk = ?

    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

    O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll

    O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O15 - Trusted Zone: http://www.agf.assurnet

    O15 - Trusted Zone: http://www.agf2.assurnet

    O15 - Trusted Zone: http://*.aginsurance.portima

    O15 - Trusted Zone: http://*.allianz.assurnet

    O15 - Trusted Zone: http://www.allianz2.assurnet

    O15 - Trusted Zone: http://*.allianz2.assurnet

    O15 - Trusted Zone: http://*.aragb2b.be

    O15 - Trusted Zone: http://*.avero.be

    O15 - Trusted Zone: http://*.axa.be

    O15 - Trusted Zone: http://*.axa.portima

    O15 - Trusted Zone: http://demo.brio.be

    O15 - Trusted Zone: http://*.brio.be

    O15 - Trusted Zone: http://*.brioplus.be

    O15 - Trusted Zone: http://*.das.be

    O15 - Trusted Zone: http://*.feprabel.be

    O15 - Trusted Zone: http://*.fortisag.assurnet

    O15 - Trusted Zone: http://*.foyer.lu

    O15 - Trusted Zone: http://*.nateus.be

    O15 - Trusted Zone: http://*.nateusgroep.portima

    O15 - Trusted Zone: http://*.port-e-key.be

    O15 - Trusted Zone: http://*.portigate.be

    O15 - Trusted Zone: http://briotraining.portima.be

    O15 - Trusted Zone: http://*.portima.be

    O15 - Trusted Zone: http://*.portima.com

    O15 - Trusted Zone: http://www.prolinknet.assurnet

    O15 - Trusted Zone: http://*.vivium.be

    O15 - Trusted Zone: http://*.vivium.portima

    O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM)

    O15 - Trusted Zone: CBC (HKLM)

    O15 - Trusted Zone: Welcome to Isabel (HKLM)

    O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM)

    O15 - Trusted Zone: Welcome to Isabel (HKLM)

    O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM)

    O15 - Trusted Zone: KBC (HKLM)

    O15 - Trusted Zone: KBC Asset Management (HKLM)

    O15 - Trusted Zone: http://www.kbcam.com (HKLM)

    O15 - Trusted Zone: KBC Merchant Banking (HKLM)

    O15 - Trusted Zone: KBC Merchant Banking (HKLM)

    O16 - DPF: Mercator.Portal.CA.Client.CAB - https://registratie.mercator.be/Mercator.Portal.CA.Client.CAB

    O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://srvvdw:4343/officescan/console/ClientInstall/WinNTChk.cab

    O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://srvvdw:4343/officescan/console/ClientInstall/setup.cab

    O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab

    O16 - DPF: {9BBB3919-F518-4D06-8209-299FC243FC44} (Encrypt Class) - https://srvvdw:4343/SMB/console/html/root/AtxEnc.cab

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O17 - HKLM\Software\..\Telephony: DomainName = Vandewalle.local

    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = Vandewalle.local

    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

    O20 - Winlogon Notify: EgisNotify - C:\Program Files\Hewlett-Packard\HP SimplePass Identity Protection\EgisNotify.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe

    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

    O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe

    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe

    O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe

    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe

    O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\windows\system32\Hpservice.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

    O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe

    O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe

    O23 - Service: Portima Middleware Server Engine ASWeb (PortimaMiddlewareServerEngineASWeb) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe

    O23 - Service: Portima Middleware Server Engine AuthProxy (PortimaMiddlewareServerEngineAuthProxy) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe

    O23 - Service: Qualcomm Gobi 2000 Download Service (HP) (QDLService2kHP) - QUALCOMM, Inc. - C:\Program Files\QUALCOMM\QDLService2k\QDLService2kHP.exe

    O23 - Service: HP Connection Manager Service (SMManager) - Smith Micro Software, Inc. - C:\Program Files\Hewlett-Packard\HP Connection Manager\SMManager.exe

    O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe

    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

    O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

    O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe

    O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe

    O23 - Service: Trend Micro Client/Server Security Agent Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe

    O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

    O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe

    O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe

    --

    End of file - 19579 bytes

Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.