Tanawat
-
Items
25 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Tanawat
-
Bedank voor u hulp!
-
Ik kan geen 1 herstel punt vinden bij mij Systeem beveiliging o.o?
-
Volgens mij nog steeds het zelfde..
-
ComboFix 12-07-13.01 - Scoth 13-07-2012 14:19:40.7.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3038.2150 [GMT 2:00] Gestart vanuit: c:\users\Scoth\Downloads\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\isRS-000.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-13 to 2012-07-13 )))))))))))))))))))))))))))))) . . 2012-07-13 12:27 . 2012-07-13 12:28 -------- d-----w- c:\users\Scoth\AppData\Local\temp 2012-07-13 12:27 . 2012-07-13 12:27 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-13 08:49 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{59762C8F-C49D-408D-9DF0-1967EC7C10D5}\mpengine.dll 2012-07-12 10:25 . 2012-06-13 13:40 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-07-12 10:19 . 2012-06-02 08:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-07-12 10:19 . 2012-06-02 09:08 140920 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2012-07-12 10:19 . 2012-06-02 08:22 194560 ----a-w- c:\program files\Internet Explorer\ieproxy.dll 2012-07-12 10:19 . 2012-06-02 08:21 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll 2012-07-11 09:35 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-07-11 09:35 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 09:35 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-07-11 09:35 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-11 09:35 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll 2012-07-11 09:35 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-08 13:19 . 2012-07-13 12:13 -------- d-----w- c:\users\Scoth\AppData\Roaming\Skype 2012-07-08 13:18 . 2012-07-08 13:20 -------- d-----r- c:\program files\Skype 2012-07-08 13:18 . 2012-07-08 13:18 -------- d-----w- c:\program files\Common Files\Skype 2012-07-08 13:18 . 2012-07-08 13:20 -------- d-----w- c:\programdata\Skype 2012-07-01 18:11 . 2012-07-01 18:11 -------- d-----w- c:\program files\iPod 2012-07-01 18:00 . 2012-07-01 18:00 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll 2012-07-01 18:00 . 2012-07-01 18:00 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll 2012-07-01 18:00 . 2012-07-01 18:00 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll 2012-07-01 18:00 . 2012-07-01 18:00 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll 2012-07-01 18:00 . 2012-07-01 18:00 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll 2012-07-01 18:00 . 2012-07-01 18:00 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll 2012-07-01 18:00 . 2012-07-01 18:00 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll 2012-07-01 17:59 . 2012-07-01 18:00 -------- d-----w- c:\program files\QuickTime 2012-06-29 17:03 . 2012-06-29 17:04 562032 ----a-w- c:\program files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor13.dll 2012-06-26 15:31 . 2012-06-26 15:31 18912 ----a-w- c:\program files\Mozilla Firefox\AccessibleMarshal.dll 2012-06-26 15:31 . 2012-06-26 15:31 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2012-06-26 15:31 . 2012-06-26 15:31 85472 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2012-06-26 15:31 . 2012-06-26 15:31 117728 ----a-w- c:\program files\Mozilla Firefox\crashreporter.exe 2012-06-26 15:31 . 2012-06-26 15:31 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll 2012-06-26 15:31 . 2012-06-26 15:31 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll 2012-06-22 14:28 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-22 14:28 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-22 14:28 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-22 14:28 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-22 14:28 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-22 14:28 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-22 14:28 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-22 14:27 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-22 14:27 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-19 15:35 . 2012-06-19 15:35 4967624 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2012-06-16 08:38 . 2012-06-16 08:38 -------- d-----w- c:\program files\Recuva 2012-06-16 08:33 . 2012-06-16 08:33 -------- d-----w- c:\program files\Common Files\Java 2012-06-16 08:32 . 2012-06-16 08:32 -------- d-----w- c:\program files\Oracle 2012-06-16 08:31 . 2012-05-04 17:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-06-15 15:50 . 2012-06-15 15:52 249 ----a-w- c:\users\Public\BackupHistorie.vbs 2012-06-15 14:43 . 2012-07-12 10:15 -------- d-----w- c:\program files\CCleaner 2012-06-13 16:32 . 2012-04-23 16:00 984064 ----a-w- c:\windows\system32\crypt32.dll 2012-06-13 16:32 . 2012-04-23 16:00 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-13 16:32 . 2012-04-23 16:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-13 16:31 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-12 11:28 . 2012-03-30 13:20 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-12 11:28 . 2011-06-15 15:27 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-10 16:17 . 2011-06-20 15:44 139424 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-07-10 16:17 . 2011-06-20 15:43 76888 ----a-w- c:\windows\system32\PnkBstrA.exe 2012-07-10 16:17 . 2011-06-20 15:46 282104 ----a-w- c:\windows\system32\PnkBstrB.xtr 2012-07-10 16:17 . 2011-06-20 15:43 282104 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-07-10 16:13 . 2011-06-20 15:43 234768 ----a-w- c:\windows\system32\PnkBstrB.ex0 2012-07-03 11:46 . 2011-06-29 09:39 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-10 18:23 . 2012-06-10 18:23 388096 ----a-r- c:\users\Scoth\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-05-08 19:12 . 2011-10-19 08:33 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-05-08 19:12 . 2011-10-19 08:33 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys 2012-05-04 17:29 . 2011-06-16 07:31 687504 ----a-w- c:\windows\system32\deployJava1.dll 2012-04-18 18:56 . 2012-04-18 18:56 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-04-18 18:56 . 2012-04-18 18:56 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-06-26 15:31 . 2012-06-26 15:31 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920] "HP Photosmart 6510 series (NET)"="c:\program files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" [2011-05-25 1801064] "Steam"="c:\program files\Steam\Steam.exe" [2012-05-17 1242448] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-03 17417392] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2011-06-15 6295552] "Skytel"="Skytel.exe" [2011-06-15 1826816] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-06-15 835584] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - MBAMSwissArmy . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-07-13 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 11:28] . 2012-07-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-345190158-399435579-1171210204-1000Core.job - c:\users\Scoth\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-16 08:42] . 2012-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-345190158-399435579-1171210204-1000UA.job - c:\users\Scoth\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-16 08:42] . 2012-07-13 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local> IE: Free YouTube Download - c:\users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 FF - ProfilePath - c:\users\Scoth\AppData\Roaming\Mozilla\Firefox\Profiles\6ar9lvb7.default\ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-13 14:28 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EverestDriver] "ImagePath"="\??\c:\users\Scoth\AppData\Local\Temp\RarSFX0\kerneld.wnt" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-07-13 14:30:34 ComboFix-quarantined-files.txt 2012-07-13 12:30 ComboFix2.txt 2012-06-14 15:30 . Pre-Run: 198.545.330.176 bytes beschikbaar Post-Run: 198.735.908.864 bytes beschikbaar . - - End Of File - - 5EAE6819D0B2E16371C20146B98253F2
-
Logje van Malware: Malwarebytes Anti-Malware 1.62.0.1300 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.07.13.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Scoth :: PC_VAN_SCOTH [administrator] Realtime bescherming: Ingeschakeld 13-7-2012 11:58:56 mbam-log-2012-07-13 (11-58-56).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 212779 Verstreken tijd: 12 minuut/minuten, 56 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 1 C:\Program Files\BrowserCompanion (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 3 C:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\BrowserCompanion\logo.ico (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Logje van Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:50:20, on 13-7-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Hotspot Shield\bin\openvpntray.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\System32\mobsync.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN18K311Y605QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Google Update] "C:\Users\Scoth\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Free YouTube Download - C:\Users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9801 bytes
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:19:09, on 12-7-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Steam\Steam.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\rundll32.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Hotspot Shield\bin\openvpntray.exe C:\Windows\system32\taskeng.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN18K311Y605QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Google Update] "C:\Users\Scoth\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Free YouTube Download - C:\Users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10883 bytes Hier is tie!
-
Ping: 15ms Download speed: 23.49 Upload speed: 2.52 Normale Downloads snelheid van Provider: weet ik niet.. Hoe kan ik dat checken? En ik werk met draadloos, hoe doe ik de test met bekabelde verbinding?
-
Hallo! Sinds vorige week laadde video's die wil ik bekijken sloom. Zoals bij youtube en ergens anders ( Alle video's ) Normaal de meeste video's die ik had bekeken heel erg snel en nu is het op eens heel traag geworden. Soms laad die dan beetje snel en dan loopt het halve wegen vast.. en laad soms heel erg lang zaam door.. heb ik een virus? Of iets anders? Mvg, Tanawat
-
oke! Bedank voor u hulp!
-
Nop geen backup denk ik.. En met snelheid gaat het beter ! Alleen.. Ik lagg bij sommige games nog zoals Battlefield Heroes.. ( Ik hoort normaal in dit game niet te laggen).
-
Heb ik al geprobeert.. Resultaat: Niks :I Het leek wel als of tie van aardbodem is verdwenen..
-
Met een progje? of gewoon via Start en bij mappen enzo?
-
Nog steets niet gevonden maarja.. Het is op eens weg.. Het ligt toch niet aan van Provider wisselen? Want vrijdag had ik mijn internet provider verandert van Xs4all naar UPC..
-
Oja nog 1 vraag.. Als het op Documenten wordt op geslagen zit het bestand dan in Lokaal Station (c:) ? En laptop is opeens weer ong 25% trager geworden nom
-
Bij Recuva. Is daar ook een zoekmachine? Zoals bij Google Chrome dan druk je op ctrl+f. Want ik heb best wel veel bestanden :I en zoeken word dus moeilijk!
-
Hoe precies :I? Ik ben nog niet zo goed met ccleander
-
Op de PC. Bij Tanawat - Documenten.
-
Mijn PC is inderdaad wat sneller geworden! Bedank! Maar.. Ik zie dat er een kladblok bestand van mij verwijderd is... Is er een manier om het terug te halen? Het was wel beetje belangrijk..
-
Bij het stukje: Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Herhaal ik heletijd en verwijder het. Maar er blijft nog steets alleen maar 1 ding hangen.. die niet weg wilt :I! Probleem: Niet gebruikte bestandsextensie. Data:{80b8c23c-1640-4cd8-bbc3-cecec9a78b79} Registersleutel:HKCR/{80b8c23c-1640-4cd8-bbc3-cecec9a78b79} Bedankt! laptop is weer wat sneller en ik lagg niet niet meer
-
ComboFix 12-06-14.01 - Scoth 14-06-2012 17:24:14.6.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3038.1559 [GMT 2:00] Gestart vanuit: c:\users\Scoth\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\pc rider\CFScript.txt AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-14 to 2012-06-14 )))))))))))))))))))))))))))))) . . 2012-06-14 15:29 . 2012-06-14 15:29 -------- d-----w- c:\users\Scoth\AppData\Local\temp 2012-06-14 15:29 . 2012-06-14 15:29 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-13 16:32 . 2012-04-23 16:00 984064 ----a-w- c:\windows\system32\crypt32.dll 2012-06-13 16:32 . 2012-04-23 16:00 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-13 16:32 . 2012-04-23 16:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-13 16:31 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-13 16:31 . 2012-05-15 19:51 2045440 ----a-w- c:\windows\system32\win32k.sys 2012-06-12 15:19 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A5A1CC73-7615-41FC-8D2D-A52CBB61AD8D}\mpengine.dll 2012-06-10 18:23 . 2012-06-10 18:23 388096 ----a-r- c:\users\Scoth\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-10 18:23 . 2012-06-10 18:23 -------- d-----w- c:\program files\Trend Micro 2012-06-10 15:40 . 2012-06-10 15:40 -------- d-----w- c:\users\Scoth\AppData\Local\Macromedia 2012-06-10 12:23 . 2012-06-10 12:23 -------- d-----w- c:\users\Scoth\AppData\Local\VS Revo Group 2012-06-10 12:23 . 2009-12-30 09:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2012-06-10 12:23 . 2012-06-10 12:23 -------- d-----w- c:\program files\VS Revo Group 2012-05-26 21:47 . 2012-05-26 21:47 -------- d-----w- c:\windows\system32\xlive 2012-05-26 21:46 . 2012-05-26 21:47 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2012-05-25 18:09 . 2012-05-25 18:09 -------- d-----w- c:\users\Scoth\AppData\Roaming\LolClient2 2012-05-22 16:11 . 2012-05-22 16:11 -------- d-----w- c:\programdata\hssff 2012-05-22 15:36 . 2012-05-22 15:36 561992 ----a-w- c:\program files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor12.dll 2012-05-17 15:32 . 2012-05-17 15:33 -------- d-----w- c:\users\Scoth\AppData\Local\Skyrim 2012-05-17 13:39 . 2012-06-14 14:53 -------- d-----w- c:\program files\Steam 2012-05-17 13:28 . 2012-05-21 14:09 -------- d-----w- c:\program files\Common Files\Steam . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-13 19:25 . 2011-06-20 15:44 139080 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-06-13 19:24 . 2011-06-20 15:46 270240 ----a-w- c:\windows\system32\PnkBstrB.xtr 2012-06-13 19:24 . 2011-06-20 15:43 270240 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-06-11 16:32 . 2011-06-20 15:43 270240 ----a-w- c:\windows\system32\PnkBstrB.ex0 2012-06-10 11:44 . 2012-03-30 13:20 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-10 11:44 . 2011-06-15 15:27 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-08 19:12 . 2011-10-19 08:33 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-05-08 19:12 . 2011-10-19 08:33 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys 2012-04-11 15:40 . 2012-04-11 15:40 37376 ----a-w- c:\windows\system32\drivers\HssDrv.sys 2012-04-06 18:15 . 2012-04-06 18:15 33512 ----a-w- c:\windows\system32\drivers\taphss.sys 2012-04-04 13:56 . 2011-06-29 09:39 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-03 08:16 . 2012-05-12 10:10 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-03 08:16 . 2012-05-12 10:10 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-30 12:39 . 2012-05-12 10:10 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-20 23:28 . 2012-05-12 10:10 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-04-21 01:18 . 2012-06-04 17:45 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920] "HP Photosmart 6510 series (NET)"="c:\program files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" [2011-05-25 1801064] "Steam"="c:\program files\Steam\Steam.exe" [2012-05-17 1242448] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2011-06-15 6295552] "Skytel"="Skytel.exe" [2011-06-15 1826816] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-06-15 835584] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe [2008-01-18 21504] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-10 257224] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 11:44] . 2012-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-345190158-399435579-1171210204-1000Core.job - c:\users\Scoth\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-16 08:42] . 2012-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-345190158-399435579-1171210204-1000UA.job - c:\users\Scoth\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-16 08:42] . 2012-06-14 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local> IE: Free YouTube Download - c:\users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to iPod Converter - c:\users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm IE: Free YouTube to MP3 Converter - c:\users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.178.1 FF - ProfilePath - c:\users\Scoth\AppData\Roaming\Mozilla\Firefox\Profiles\6ar9lvb7.default\ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-06-14 17:29 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EverestDriver] "ImagePath"="\??\c:\users\Scoth\AppData\Local\Temp\RarSFX0\kerneld.wnt" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-06-14 17:30:32 ComboFix-quarantined-files.txt 2012-06-14 15:30 ComboFix2.txt 2012-06-14 15:08 ComboFix3.txt 2012-06-13 17:52 . Pre-Run: 196.939.960.320 bytes beschikbaar Post-Run: 196.910.948.352 bytes beschikbaar . - - End Of File - - D823AE533D3500FA80EDBC290F2D704A
-
Hmm mijn laptop is nu nog slomer geworden:I Komt het door die Combofix progje?
-
Hier nieuwe Logs: ComboFix 12-06-13.03 - Scoth 13-06-2012 19:45:36.3.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3038.1800 [GMT 2:00] Gestart vanuit: c:\users\Scoth\Downloads\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-13 to 2012-06-13 )))))))))))))))))))))))))))))) . . 2012-06-13 17:50 . 2012-06-13 17:50 -------- d-----w- c:\users\Scoth\AppData\Local\temp 2012-06-13 17:50 . 2012-06-13 17:50 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-12 15:19 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A5A1CC73-7615-41FC-8D2D-A52CBB61AD8D}\mpengine.dll 2012-06-10 18:23 . 2012-06-10 18:23 388096 ----a-r- c:\users\Scoth\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-10 18:23 . 2012-06-10 18:23 -------- d-----w- c:\program files\Trend Micro 2012-06-10 15:40 . 2012-06-10 15:40 -------- d-----w- c:\users\Scoth\AppData\Local\Macromedia 2012-06-10 12:23 . 2012-06-10 12:23 -------- d-----w- c:\users\Scoth\AppData\Local\VS Revo Group 2012-06-10 12:23 . 2009-12-30 09:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2012-06-10 12:23 . 2012-06-10 12:23 -------- d-----w- c:\program files\VS Revo Group 2012-05-31 13:47 . 2012-05-31 13:47 -------- d-----w- c:\users\Scoth\jagexcache 2012-05-26 21:47 . 2012-05-26 21:47 -------- d-----w- c:\windows\system32\xlive 2012-05-26 21:46 . 2012-05-26 21:47 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2012-05-25 18:09 . 2012-05-25 18:09 -------- d-----w- c:\users\Scoth\AppData\Roaming\LolClient2 2012-05-22 16:11 . 2012-05-22 16:11 -------- d-----w- c:\programdata\hssff 2012-05-22 15:36 . 2012-05-22 15:36 561992 ----a-w- c:\program files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor12.dll 2012-05-17 15:32 . 2012-05-17 15:33 -------- d-----w- c:\users\Scoth\AppData\Local\Skyrim 2012-05-17 13:39 . 2012-06-13 16:38 -------- d-----w- c:\program files\Steam 2012-05-17 13:28 . 2012-05-21 14:09 -------- d-----w- c:\program files\Common Files\Steam . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-11 16:33 . 2011-06-20 15:44 139080 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-06-11 16:32 . 2011-06-20 15:46 270240 ----a-w- c:\windows\system32\PnkBstrB.xtr 2012-06-11 16:32 . 2011-06-20 15:43 270240 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-06-10 11:44 . 2012-03-30 13:20 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-10 11:44 . 2011-06-15 15:27 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-10 08:34 . 2011-06-20 15:43 270240 ----a-w- c:\windows\system32\PnkBstrB.ex0 2012-05-08 19:12 . 2011-10-19 08:33 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-05-08 19:12 . 2011-10-19 08:33 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys 2012-04-11 15:40 . 2012-04-11 15:40 37376 ----a-w- c:\windows\system32\drivers\HssDrv.sys 2012-04-06 18:15 . 2012-04-06 18:15 33512 ----a-w- c:\windows\system32\drivers\taphss.sys 2012-04-04 13:56 . 2011-06-29 09:39 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-03 08:16 . 2012-05-12 10:10 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-03 08:16 . 2012-05-12 10:10 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-02 13:36 . 2012-05-12 10:10 2044928 ----a-w- c:\windows\system32\win32k.sys 2012-03-30 12:39 . 2012-05-12 10:10 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-20 23:28 . 2012-05-12 10:10 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-04-21 01:18 . 2012-06-04 17:45 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920] "HP Photosmart 6510 series (NET)"="c:\program files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" [2011-05-25 1801064] "Steam"="c:\program files\Steam\Steam.exe" [2012-05-17 1242448] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2011-06-15 6295552] "Skytel"="Skytel.exe" [2011-06-15 1826816] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-06-15 835584] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "removeSearchqutoolbar"="RD" [X] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe [2008-01-18 21504] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-10 257224] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-06-13 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 11:44] . 2012-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-345190158-399435579-1171210204-1000Core.job - c:\users\Scoth\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-16 08:42] . 2012-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-345190158-399435579-1171210204-1000UA.job - c:\users\Scoth\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-16 08:42] . 2012-06-13 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local> IE: Free YouTube Download - c:\users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to iPod Converter - c:\users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm IE: Free YouTube to MP3 Converter - c:\users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.178.1 FF - ProfilePath - c:\users\Scoth\AppData\Roaming\Mozilla\Firefox\Profiles\6ar9lvb7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms} . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-06-13 19:50 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EverestDriver] "ImagePath"="\??\c:\users\Scoth\AppData\Local\Temp\RarSFX0\kerneld.wnt" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-06-13 19:52:16 ComboFix-quarantined-files.txt 2012-06-13 17:52 ComboFix2.txt 2012-06-13 16:30 . Pre-Run: 197.357.965.312 bytes beschikbaar Post-Run: 197.330.395.136 bytes beschikbaar . - - End Of File - - 8919D277B337BC8C79A6B7B6495FB10D
-
Even opnieuw doen!
-
Nieuwe log van HijackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:21:35, on 12-6-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Steam\Steam.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Windows\system32\RunDll32.exe C:\Program Files\HP\HP Photosmart 6510 series\bin\HPNetworkCommunicator.exe C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Google Update] "C:\Users\Scoth\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN18K311Y605QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Free YouTube Download - C:\Users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10120 bytes Met logje van Malwarebytes bedoel je dus het logje van het snelle scan? dit? : Malwarebytes Anti-Malware 1.61.0.1400 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.06.11.08 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Scoth :: PC_VAN_SCOTH [administrator] Realtime bescherming: Ingeschakeld 12-6-2012 17:23:39 mbam-log-2012-06-12 (17-23-39).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 201636 Verstreken tijd: 12 minuut/minuten, 8 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
-
Hallo! Mijn laptop is 2 dagen geleden op eens traag geworden . Ik heb verschillende virus scannen gedaan maar het help niet . Kan iemand mij a u b helpen? Ik denk dat ik waarschijnlijk een virus heb... Hijackthis Log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:41:08, on 11-6-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Steam\Steam.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Windows\system32\RunDll32.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\rundll32.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Scoth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\HP\HP Photosmart 6510 series\bin\HPNetworkCommunicator.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file) R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\WI371A~1\Datamngr\BROWSE~1.DLL O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Google Update] "C:\Users\Scoth\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN18K311Y605QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk = ? O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Free YouTube Download - C:\Users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Scoth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11648 bytes
