cvhattem
-
Items
10 -
Registratiedatum
-
Laatst bezocht
cvhattem's prestaties
-
Het bureaublad achtergrond is zwart.
-
Ik heb nu alleen nog geen plaatjes/foto's bij bureaubladachtergrond. (via configuratiescherm) Dit blijven lege vakjes. Alleen de kleuren zijn er. Alle andere categorieen blijven witte vakken.
-
En is naast dit probleem de rest weer goed? Kan ik dan alles wat ik gedownload heb laten staan of moet ik dat verwijderen?
-
Hij geeft de afbeeldingen niet weer. Alleen een leeg vak.
-
Ik krijg een langer bericht. Your files should now be visible.If you are still missing........ Ik heb wel de pictogrammen maar de achtergrond kleur is zwart. Deze had eerst een fot. Ik weet niet of het erg is ,maar ik vermeld het alleen even. waarschijnlijk kan ik het zelf weer aanpassen.
-
ComboFix 12-08-22.03 - van hattem 23-08-2012 20:01:08.2.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3037.1730 [GMT 2:00] Gestart vanuit: c:\users\van hattem\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\van hattem\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0E9D3E4D-3FAD-4B76-A3CF-A499F2744C7E}\MpKsl0cb15d9e.sys ERROR(0x00000005)" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Web Assistant c:\program files\Web Assistant\Extension32.dll c:\program files\Web Assistant\ExtensionUpdaterService.exe c:\program files\Web Assistant\Firefox\chrome.manifest c:\program files\Web Assistant\Firefox\chrome\content\libraries\DataExchangeScript.js c:\program files\Web Assistant\Firefox\chrome\content\main.js c:\program files\Web Assistant\Firefox\chrome\content\main.xul c:\program files\Web Assistant\Firefox\chrome\content\resources\localscript.js c:\program files\Web Assistant\Firefox\chrome\locale\en-US\overlay.dtd c:\program files\Web Assistant\Firefox\chrome\skin\overlay.css c:\program files\Web Assistant\Firefox\defaults\preferences\defaults.js c:\program files\Web Assistant\Firefox\install.rdf c:\program files\Web Assistant\InstallerHelper.dll c:\program files\Web Assistant\libraries\DataExchangeScript.js c:\program files\Web Assistant\resources\localscript.js c:\program files\Web Assistant\source.crx c:\program files\Web Assistant\unins000.dat c:\program files\Web Assistant\unins000.exe c:\programdata\CodecPack Manager c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.dll c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.settings c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\501fe1d00_20211a6.dmp c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\501fe1d00_20211a6.gz c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\5029169f0_20211a6.dmp c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\5029169f0_20211a6.gz c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\502e22240_20211a6.dmp c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\502e22240_20211a6.gz c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\5031c4610_20211a6.dmp c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\5031c4610_20211a6.gz c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\503507940_20211a6.dmp c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\503507940_20211a6.gz c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\5035c9240_20211a6.dmp c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\5035c9240_20211a6.gz c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\chrome.manifest c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-10.0.2.dll c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-11.0.dll c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-12.0.dll c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-13.0.dll c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-14.0.1.dll c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-3.6.dll c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-3.6.xpt c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-5.0.dll c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-6.0.2.dll c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-7.0.1.dll c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-8.0.1.dll c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-9.0.1.dll c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\bprotector.js c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\overlay.xul c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\install.rdf c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00 c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01 c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02 c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10 c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11 c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12 c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20 c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21 c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22 c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\Uninstall Babylon Manager.exe C:\searchplugins c:\users\van hattem\AppData\Roaming\inst.exe c:\users\van hattem\AppData\Roaming\log.txt c:\users\van hattem\AppData\Roaming\vso_ts_preview.xml c:\users\van hattem\searchplugins c:\windows\system32\muzapp.exe c:\windows\system32\roboot.exe c:\windows\system32\searchplugins . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_CodecPack Manager -------\Service_Web Assistant Updater . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-23 to 2012-08-23 )))))))))))))))))))))))))))))) . . 2012-08-23 18:12 . 2012-08-23 18:19 -------- d-----w- c:\users\van hattem\AppData\Local\temp 2012-08-23 18:12 . 2012-08-23 18:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-23 16:28 . 2012-08-01 22:51 7023536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C489F9C-5591-4371-B6A3-AF958DF397AF}\mpengine.dll ERROR(0x00000005) 2012-08-23 12:56 . 2012-08-23 12:56 -------- d-----w- c:\users\carolien 2012-08-23 06:25 . 2012-08-23 06:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-08-23 06:25 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-21 17:48 . 2012-08-01 22:51 7023536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll ERROR(0x00000005) 2012-08-16 20:29 . 2012-08-16 20:31 -------- d-----w- C:\278f2e7aa4d7f0588ef1dbc6f48dc156 2012-08-16 05:41 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll 2012-08-16 05:41 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-08-16 05:41 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll 2012-08-16 05:41 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-16 05:41 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll 2012-08-16 05:41 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll 2012-08-16 05:41 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll 2012-08-06 18:51 . 2011-06-02 05:47 136808 ----a-w- c:\windows\system32\drivers\ssadmdm.sys 2012-08-06 18:51 . 2011-06-02 05:47 12776 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys 2012-08-06 18:51 . 2011-06-02 05:47 121064 ----a-w- c:\windows\system32\drivers\ssadbus.sys 2012-08-06 18:51 . 2011-06-02 05:47 10472 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys 2012-08-06 18:51 . 2011-06-02 05:47 10344 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys 2012-08-06 18:46 . 2010-12-21 05:55 14920 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys 2012-08-06 18:46 . 2010-12-21 05:55 132424 ----a-w- c:\windows\system32\drivers\sscdmdm.sys 2012-08-06 18:46 . 2010-12-21 05:55 12616 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys 2012-08-06 18:46 . 2010-12-21 05:55 12616 ----a-w- c:\windows\system32\drivers\sscdcm.sys 2012-08-06 18:46 . 2010-12-21 05:55 12488 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys 2012-08-06 18:46 . 2010-12-21 05:55 12488 ----a-w- c:\windows\system32\drivers\sscdwh.sys 2012-08-06 18:46 . 2010-12-21 05:55 104648 ----a-w- c:\windows\system32\drivers\sscdbus.sys 2012-08-06 07:56 . 2012-08-06 07:56 -------- d-----w- c:\program files\CCleaner 2012-07-29 14:45 . 2012-07-29 14:45 -------- d-----w- c:\program files\uTorrent 2012-07-29 14:30 . 2012-07-29 14:34 657600 ----a-w- c:\program files\Uninstall Information\ib_uninst_532\uninstall.exe 2012-07-29 14:29 . 2012-07-29 14:29 -------- d-----w- c:\windows\system32\Extensions 2012-07-29 14:29 . 2012-07-29 14:34 657600 ----a-w- c:\program files\Uninstall Information\ib_uninst_383\uninstall.exe 2012-07-29 14:28 . 2012-08-06 08:34 -------- d-----w- c:\users\van hattem\AppData\Roaming\uTorrent 2012-07-29 14:08 . 2012-07-29 14:29 657600 ----a-w- c:\program files\Uninstall Information\ib_uninst_518\uninstall.exe 2012-07-29 14:08 . 2012-07-29 14:35 -------- d-----w- c:\program files\ffdshow 2012-07-29 14:08 . 2012-07-29 14:08 657600 ----a-w- c:\program files\Uninstall Information\ib_uninst_540\uninstall.exe 2012-07-29 14:08 . 2012-07-29 14:34 657600 ----a-w- c:\program files\Uninstall Information\ib_uninst_519\uninstall.exe 2012-07-29 14:08 . 2012-07-29 14:08 -------- d-----w- c:\program files\Haali 2012-07-29 14:08 . 2012-07-29 14:34 657600 ----a-w- c:\program files\Uninstall Information\ib_uninst_0\uninstall.exe 2012-07-25 17:44 . 2012-07-25 17:44 -------- d-----w- c:\program files\TuneUpMedia 2012-07-25 17:44 . 2012-07-25 17:44 -------- d-----w- c:\users\van hattem\AppData\Roaming\TuneUpMedia . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-15 17:09 . 2012-06-11 09:28 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-15 17:09 . 2011-05-21 11:42 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-30 05:16 . 2012-01-31 17:15 330240 ----a-w- c:\windows\MASetupCaller.dll 2012-07-30 05:16 . 2012-01-31 17:15 45320 ----a-w- c:\windows\system32\MAMACExtract.dll 2012-06-06 05:05 . 2012-07-11 17:00 1390080 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 05:05 . 2012-07-11 17:00 1236992 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 05:03 . 2012-07-11 17:00 805376 ----a-w- c:\windows\system32\cdosys.dll 2012-06-02 22:19 . 2012-06-21 06:17 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 06:17 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 06:16 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 06:16 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-21 06:17 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:12 . 2012-06-21 06:17 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12 . 2012-06-21 06:16 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-21 06:16 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:12 . 2012-06-21 06:16 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 04:45 . 2012-07-11 17:00 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 04:45 . 2012-07-11 17:00 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 04:40 . 2012-07-11 17:00 369336 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 04:40 . 2012-07-11 17:00 225280 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 04:39 . 2012-07-11 17:00 219136 ----a-w- c:\windows\system32\ncrypt.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-22 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2009-08-05 413696] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-16 13797992] "MDS_Menu"="c:\program files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408] "LMgrVolOSD"="c:\program files\Launch Manager\OSD.exe" [2009-07-07 343552] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904] "HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2009-08-19 192000] "fspuip"="c:\program files\FSP\fspuip.exe" [2009-11-12 3342336] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2011-04-25 305088] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux6"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2012-05-30 18:06 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader] 2007-12-01 23:40 483144 ----a-w- c:\program files\Corel\Corel MediaOne\Corel Photo Downloader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-06-07 17:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] 2012-08-06 07:16 21432 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload] 2012-08-06 07:16 960440 ----a-w- c:\program files\Samsung\Kies\Kies.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] 2012-08-06 07:16 3524536 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2] 2010-05-25 17:16 619008 ----a-w- c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart] 2010-03-04 13:10 2192672 ----a-w- c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-10-24 13:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr] 2012-02-07 19:17 53160 ----a-w- c:\progra~1\Raptr\raptrstub.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchEngineProtection] 2010-07-05 15:12 544768 ----a-w- c:\program files\GamesBar\SearchEngineProtection.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2012-01-23 04:43 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe . R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 ogmservice;Online Games Manager;c:\program files\Online Games Manager\ogmservice.exe [x] S3 fspad_wlh32;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh32;c:\windows\system32\DRIVERS\fspad_wlh32.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [x] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] S3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [x] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2012-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 17:09] . 2012-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-21 12:54] . 2012-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-21 12:54] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ mSearch Bar = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\Uninstall Babylon Manager.exe AddRemove-{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 - c:\program files\Web Assistant\unins000.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Microsoft Security Client\MsMpEng.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\system32\nvvsvc.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\PSIService.exe c:\program files\CyberLink\Shared files\RichVideo.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac c:\program files\Citrix\ICA Client\wfcrun32.exe . ************************************************************************** . Voltooingstijd: 2012-08-23 20:25:35 - machine werd herstart ComboFix-quarantined-files.txt 2012-08-23 18:25 ComboFix2.txt 2012-08-23 16:22 . Pre-Run: 204.954.378.240 bytes beschikbaar Post-Run: 204.712.968.192 bytes beschikbaar . - - End Of File - - 47D5FB70F267AEFC5218E79A5C6B003A Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:33:03, on 23-8-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files\Launch Manager\WButton.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\FSP\FspUip.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Windows\Explorer.exe C:\Windows\system32\notepad.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\van hattem\Downloads\HijackThis (1).exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\MediaShow4" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1" O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [fspuip] "C:\Program Files\FSP\fspuip.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - https://mijn.rijnja.nl/aurigma/ImageUploader5.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files\Online Games Manager\ogmservice.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe -- End of file - 10287 bytes Mijn bureaublad heeft nu wel een zwarte achtergrond?!
-
ComboFix 12-08-22.03 - van hattem 23-08-2012 18:09:38.1.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3037.1845 [GMT 2:00] Gestart vanuit: c:\users\van hattem\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\DealPly c:\program files\DealPly\DealPlyTune.dll c:\program files\Incredibar.com c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe c:\program files\Incredibar.com\incredibar\1.5.11.14\inCRedibartlbr.dll c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe c:\program files\Savings Sidekick c:\program files\Savings Sidekick\Savings Sidekick.exe c:\program files\Savings Sidekick\Savings Sidekick.ico c:\program files\Savings Sidekick\Savings Sidekick.ini c:\program files\Savings Sidekick\Savings SidekickGui.exe c:\program files\Savings Sidekick\Savings SidekickInstaller.log c:\program files\Savings Sidekick\Uninstall.exe c:\users\van hattem\AppData\Local\Savings Sidekick c:\users\van hattem\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx c:\users\van hattem\WINDOWS c:\windows\IsUn0413.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-23 to 2012-08-23 )))))))))))))))))))))))))))))) . . 2012-08-23 16:20 . 2012-08-23 16:20 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-23 16:06 . 2012-08-23 16:06 -------- d-----w- C:\searchplugins 2012-08-23 15:57 . 2012-08-23 15:57 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0E9D3E4D-3FAD-4B76-A3CF-A499F2744C7E}\MpKsl0cb15d9e.sys ERROR(0x00000005) 2012-08-23 15:11 . 2012-08-23 15:11 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0E9D3E4D-3FAD-4B76-A3CF-A499F2744C7E}\offreg.dll ERROR(0x00000005) 2012-08-23 12:56 . 2012-08-23 12:56 -------- d-----w- c:\users\carolien 2012-08-23 06:25 . 2012-08-23 06:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-08-23 06:25 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-22 18:42 . 2012-08-01 22:51 7023536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0E9D3E4D-3FAD-4B76-A3CF-A499F2744C7E}\mpengine.dll ERROR(0x00000005) 2012-08-21 17:48 . 2012-08-01 22:51 7023536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll ERROR(0x00000005) 2012-08-16 20:29 . 2012-08-16 20:31 -------- d-----w- C:\278f2e7aa4d7f0588ef1dbc6f48dc156 2012-08-16 05:41 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll 2012-08-16 05:41 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-08-16 05:41 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll 2012-08-16 05:41 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-16 05:41 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll 2012-08-16 05:41 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll 2012-08-16 05:41 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll 2012-08-06 18:51 . 2011-06-02 05:47 136808 ----a-w- c:\windows\system32\drivers\ssadmdm.sys 2012-08-06 18:51 . 2011-06-02 05:47 12776 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys 2012-08-06 18:51 . 2011-06-02 05:47 121064 ----a-w- c:\windows\system32\drivers\ssadbus.sys 2012-08-06 18:51 . 2011-06-02 05:47 10472 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys 2012-08-06 18:51 . 2011-06-02 05:47 10344 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys 2012-08-06 18:46 . 2010-12-21 05:55 14920 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys 2012-08-06 18:46 . 2010-12-21 05:55 132424 ----a-w- c:\windows\system32\drivers\sscdmdm.sys 2012-08-06 18:46 . 2010-12-21 05:55 12616 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys 2012-08-06 18:46 . 2010-12-21 05:55 12616 ----a-w- c:\windows\system32\drivers\sscdcm.sys 2012-08-06 18:46 . 2010-12-21 05:55 12488 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys 2012-08-06 18:46 . 2010-12-21 05:55 12488 ----a-w- c:\windows\system32\drivers\sscdwh.sys 2012-08-06 18:46 . 2010-12-21 05:55 104648 ----a-w- c:\windows\system32\drivers\sscdbus.sys 2012-08-06 07:56 . 2012-08-06 07:56 -------- d-----w- c:\program files\CCleaner 2012-07-30 09:14 . 2012-07-30 09:14 -------- d-----w- c:\users\van hattem\searchplugins 2012-07-29 14:45 . 2012-07-29 14:45 -------- d-----w- c:\program files\uTorrent 2012-07-29 14:30 . 2012-07-29 14:34 657600 ----a-w- c:\program files\Uninstall Information\ib_uninst_532\uninstall.exe 2012-07-29 14:29 . 2012-07-29 14:29 -------- d-----w- c:\windows\system32\Extensions 2012-07-29 14:29 . 2012-07-29 14:29 -------- d-----w- c:\windows\system32\searchplugins 2012-07-29 14:29 . 2012-07-29 14:34 657600 ----a-w- c:\program files\Uninstall Information\ib_uninst_383\uninstall.exe 2012-07-29 14:28 . 2012-08-06 08:34 -------- d-----w- c:\users\van hattem\AppData\Roaming\uTorrent 2012-07-29 14:08 . 2012-07-29 14:29 657600 ----a-w- c:\program files\Uninstall Information\ib_uninst_518\uninstall.exe 2012-07-29 14:08 . 2012-07-29 14:35 -------- d-----w- c:\program files\ffdshow 2012-07-29 14:08 . 2012-07-29 14:08 657600 ----a-w- c:\program files\Uninstall Information\ib_uninst_540\uninstall.exe 2012-07-29 14:08 . 2012-07-29 14:34 657600 ----a-w- c:\program files\Uninstall Information\ib_uninst_519\uninstall.exe 2012-07-29 14:08 . 2012-07-29 14:08 -------- d-----w- c:\program files\Haali 2012-07-29 14:08 . 2012-07-29 14:34 657600 ----a-w- c:\program files\Uninstall Information\ib_uninst_0\uninstall.exe 2012-07-25 17:44 . 2012-07-25 17:44 -------- d-----w- c:\program files\TuneUpMedia 2012-07-25 17:44 . 2012-07-25 17:44 -------- d-----w- c:\users\van hattem\AppData\Roaming\TuneUpMedia 2012-07-25 17:41 . 2012-07-25 17:41 -------- d-----w- c:\program files\Web Assistant . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-15 17:09 . 2012-06-11 09:28 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-15 17:09 . 2011-05-21 11:42 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-30 05:16 . 2012-01-31 17:15 330240 ----a-w- c:\windows\MASetupCaller.dll 2012-07-30 05:16 . 2012-01-31 17:15 45320 ----a-w- c:\windows\system32\MAMACExtract.dll 2012-06-06 05:05 . 2012-07-11 17:00 1390080 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 05:05 . 2012-07-11 17:00 1236992 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 05:03 . 2012-07-11 17:00 805376 ----a-w- c:\windows\system32\cdosys.dll 2012-06-02 22:19 . 2012-06-21 06:17 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 06:17 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 06:16 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 06:16 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-21 06:17 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:12 . 2012-06-21 06:17 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12 . 2012-06-21 06:16 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-21 06:16 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:12 . 2012-06-21 06:16 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 04:45 . 2012-07-11 17:00 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 04:45 . 2012-07-11 17:00 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 04:40 . 2012-07-11 17:00 369336 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 04:40 . 2012-07-11 17:00 225280 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 04:39 . 2012-07-11 17:00 219136 ----a-w- c:\windows\system32\ncrypt.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-22 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2009-08-05 413696] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-16 13797992] "MDS_Menu"="c:\program files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408] "LMgrVolOSD"="c:\program files\Launch Manager\OSD.exe" [2009-07-07 343552] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904] "HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2009-08-19 192000] "fspuip"="c:\program files\FSP\fspuip.exe" [2009-11-12 3342336] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2011-04-25 305088] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~2\CODECP~1\22529~1.166\{16CDF~1\codecmngr.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux6"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2012-05-30 18:06 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader] 2007-12-01 23:40 483144 ----a-w- c:\program files\Corel\Corel MediaOne\Corel Photo Downloader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-06-07 17:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] 2012-08-06 07:16 21432 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload] 2012-08-06 07:16 960440 ----a-w- c:\program files\Samsung\Kies\Kies.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] 2012-08-06 07:16 3524536 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2] 2010-05-25 17:16 619008 ----a-w- c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart] 2010-03-04 13:10 2192672 ----a-w- c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-10-24 13:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr] 2012-02-07 19:17 53160 ----a-w- c:\progra~1\Raptr\raptrstub.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchEngineProtection] 2010-07-05 15:12 544768 ----a-w- c:\program files\GamesBar\SearchEngineProtection.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2012-01-23 04:43 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe . R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x] R2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x] S1 MpKsl0cb15d9e;MpKsl0cb15d9e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0E9D3E4D-3FAD-4B76-A3CF-A499F2744C7E}\MpKsl0cb15d9e.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 CodecPack Manager;CodecPack Manager;c:\programdata\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 ogmservice;Online Games Manager;c:\program files\Online Games Manager\ogmservice.exe [x] S3 fspad_wlh32;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh32;c:\windows\system32\DRIVERS\fspad_wlh32.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [x] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] S3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [x] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSL0CB15D9E . Inhoud van de 'Gedeelde Taken' map . 2012-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 17:09] . 2012-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-21 12:54] . 2012-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-21 12:54] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ mSearch Bar = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) SafeBoot-BsScanner MSConfigStartUp-KiesHelper - c:\program files\Samsung\Kies\KiesHelper.exe MSConfigStartUp-Optimizer Pro - c:\program files\Optimizer Pro\OptProLauncher.exe AddRemove-incredibar - c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - c:\program files\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4} AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-08-23 18:22:45 ComboFix-quarantined-files.txt 2012-08-23 16:22 . Pre-Run: 204.981.166.080 bytes beschikbaar Post-Run: 204.896.346.112 bytes beschikbaar . - - End Of File - - B7D9FCCEF9C06323B47DCCA7E56B366C Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:26:42, on 23-8-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files\Launch Manager\WButton.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\FSP\FspUip.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\ProgramData\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe c:\PROGRA~1\MICROS~4\msseces.exe C:\Windows\system32\notepad.exe C:\Windows\explorer.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\van hattem\Downloads\HijackThis (1).exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\MediaShow4" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1" O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [fspuip] "C:\Program Files\FSP\fspuip.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - https://mijn.rijnja.nl/aurigma/ImageUploader5.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O20 - AppInit_DLLs: c:\progra~2\codecp~1\22529~1.166\{16cdf~1\codecm~1.dll c:\progra~2\codecp~1\22529~1.166\{16cdf~1\codecmngr.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CodecPack Manager - Unknown owner - C:\ProgramData\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files\Online Games Manager\ogmservice.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe -- End of file - 10785 bytes
-
Nu nog een keer geprobeerd maar niet alle, hier boven genoemde kon ik nog terug vinden. Dit is een nieuwe log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:00:57, on 23-8-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Launch Manager\WButton.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\FSP\FspUip.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\van hattem\Downloads\HijackThis (1).exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\MediaShow4" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1" O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [fspuip] "C:\Program Files\FSP\fspuip.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - https://mijn.rijnja.nl/aurigma/ImageUploader5.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O20 - AppInit_DLLs: c:\progra~2\codecp~1\22529~1.166\{16cdf~1\codecm~1.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CodecPack Manager - Unknown owner - C:\ProgramData\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files\Online Games Manager\ogmservice.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe -- End of file - 11204 bytes
-
Dit zijn de logjes: 2012/08/23 08:39:30 +0200 VANHATTEM-PC van hattem MESSAGE Starting protection 2012/08/23 08:39:34 +0200 VANHATTEM-PC van hattem MESSAGE Protection started successfully 2012/08/23 08:39:37 +0200 VANHATTEM-PC van hattem MESSAGE Starting IP protection 2012/08/23 08:39:42 +0200 VANHATTEM-PC van hattem MESSAGE IP Protection started successfully 2012/08/23 08:39:42 +0200 VANHATTEM-PC van hattem MESSAGE Stopping IP protection 2012/08/23 08:44:39 +0200 VANHATTEM-PC van hattem MESSAGE IP Protection stopped 2012/08/23 09:10:40 +0200 VANHATTEM-PC van hattem DETECTION C:\Program Files\Savings Sidekick\Savings Sidekick.exe Adware.GamePlayLabs ALLOW 2012/08/23 09:44:08 +0200 VANHATTEM-PC van hattem DETECTION C:\Program Files\Savings Sidekick\Savings Sidekick.exe Adware.GamePlayLabs ALLOW 2012/08/23 09:44:09 +0200 VANHATTEM-PC van hattem DETECTION C:\Program Files\Savings Sidekick\Savings SidekickGui.exe Adware.GamePlayLabs ALLOW 2012/08/23 09:44:09 +0200 VANHATTEM-PC van hattem DETECTION C:\Program Files\Savings Sidekick\Uninstall.exe Adware.GamePlayLabs ALLOW Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Databaseversie: v2012.08.23.02 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 van hattem :: VANHATTEM-PC [administrator] 23-8-2012 8:28:43 mbam-log-2012-08-23 (08-28-43).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 210418 Verstreken tijd: 7 minuut/minuten, 8 seconde(n) Geheugenprocessen gedetecteerd: 1 C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.BundleInstaller.IB) -> 1968 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 2 C:\Program Files\Savings Sidekick\Savings Sidekick.dll (Adware.GamePlayLabs) -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\ADDICT-THING\bhoclass.dll (PUP.DownloadnSave) -> Zal worden verwijderd tijdens het herstarten. Registersleutels gedetecteerd: 33 HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.BundleInstaller.IB) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service (PUP.BundleInstaller.IB) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{11111111-1111-1111-1111-110011501160} (Adware.GamePlayLabs) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{44444444-4444-4444-4444-440044504460} (Adware.GamePlayLabs) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{55555555-5555-5555-5555-550055505560} (Adware.GamePlayLabs) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0005060.BHO.1 (Adware.GamePlayLabs) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160} (Adware.GamePlayLabs) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160} (Adware.GamePlayLabs) -> Zal worden verwijderd tijdens het herstarten. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160} (Adware.GamePlayLabs) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160} (Adware.GamePlayLabs) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} (Adware.GamePlayLabs) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{6EBF3A14-1557-8560-9C6E-F4080E671D43} (PUP.DownloadnSave) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF3A14-1557-8560-9C6E-F4080E671D43} (PUP.DownloadnSave) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6EBF3A14-1557-8560-9C6E-F4080E671D43} (PUP.DownloadnSave) -> Zal worden verwijderd tijdens het herstarten. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6EBF3A14-1557-8560-9C6E-F4080E671D43} (PUP.DownloadnSave) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC} (PUP.DownloadnSave) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} (PUP.DownloadnSave) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0005060.BHO (PUP.CrossFire.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0005060.BHO.1 (PUP.CrossFire.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0005060.FBApi (PUP.CrossFire.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0005060.FBApi.1 (PUP.CrossFire.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0005060.Sandbox (PUP.CrossFire.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0005060.Sandbox.1 (PUP.CrossFire.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\Cr_Installer\5060 (Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160} (PUP.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{11111111-1111-1111-1111-110011501160} (PUP.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{44444444-4444-4444-4444-440044504460} (PUP.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{55555555-5555-5555-5555-550055505560} (PUP.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160} (PUP.GamePlayLab) -> Zal worden verwijderd tijdens het herstarten. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160} (PUP.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160} (PUP.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} (PUP.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 1 HKCU\Software\InstalledBrowserExtensions\215 Apps|5060 (PUP.CrossFire.SA) -> Data: Savings Sidekick -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 7 C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.BundleInstaller.IB) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\Savings Sidekick\Savings Sidekick.dll (Adware.GamePlayLabs) -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\ADDICT-THING\bhoclass.dll (PUP.DownloadnSave) -> Zal worden verwijderd tijdens het herstarten. C:\Users\van hattem\Downloads\DownloadSetup (1).exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\van hattem\Downloads\DownloadSetup (2).exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\van hattem\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Savings Sidekick\Savings Sidekick.dll (PUP.GamePlayLab) -> Zal worden verwijderd tijdens het herstarten. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:07:19, on 23-8-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Launch Manager\WButton.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\FSP\FspUip.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe C:\Users\van hattem\Downloads\HijackThis (1).exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file) O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll O2 - BHO: (no name) - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - (no file) O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: ADDICT-THING - {84C835B5-5810-4389-978F-7F4D0D1528FC} - C:\ProgramData\ADDICT-THING\bhoclass.dll (file missing) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\2.0.1.78\oberontb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\MediaShow4" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1" O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [fspuip] "C:\Program Files\FSP\fspuip.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay, de wereldwijde online handelsplaats (file missing) O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay, de wereldwijde online handelsplaats (file missing) O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - https://mijn.rijnja.nl/aurigma/ImageUploader5.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O20 - AppInit_DLLs: c:\progra~2\codecp~1\22529~1.166\{16cdf~1\codecm~1.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CodecPack Manager - Unknown owner - C:\ProgramData\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files\Online Games Manager\ogmservice.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe -- End of file - 12617 bytes
-
Ik heb twee problemen op mijn computer. Ik heb zoals meerdere text enhange erop zitten. Ik heb in ieder geval naar aanleiding van het forum al een logbestandje bijgevoegd. Daarnaast geeft hij aan als ik op een site zit en daar een bestand wil openen; internet explore werkt niet meer, er wordt naar een oplossinge gezocht. Deze oplossing komt er helaas niet. Er staat: Deze website wordt niet door Internet Explorer hersteld, omdat er een blijvend probleem is met de website. Het ligt echter niet aan de website want die doet het op andere computers wel gewoon en dan zouden alle sites problemen vertonen. Wie kan mij helpen? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:27:26, on 22-8-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Launch Manager\WButton.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\FSP\FspUip.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\van hattem\Downloads\HijackThis (2).exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: CrossriderApp0005060 - {11111111-1111-1111-1111-110011501160} - C:\Program Files\Savings Sidekick\Savings Sidekick.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file) O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll O2 - BHO: (no name) - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - (no file) O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll O2 - BHO: ADDICT-THING - {6EBF3A14-1557-8560-9C6E-F4080E671D43} - C:\ProgramData\ADDICT-THING\bhoclass.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: ADDICT-THING - {84C835B5-5810-4389-978F-7F4D0D1528FC} - C:\ProgramData\ADDICT-THING\bhoclass.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\2.0.1.78\oberontb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\MediaShow4" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1" O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [fspuip] "C:\Program Files\FSP\fspuip.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay, de wereldwijde online handelsplaats (file missing) O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay, de wereldwijde online handelsplaats (file missing) O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay, de wereldwijde online handelsplaats (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay, de wereldwijde online handelsplaats (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - https://mijn.rijnja.nl/aurigma/ImageUploader5.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O20 - AppInit_DLLs: c:\progra~2\codecp~1\22529~1.166\{16cdf~1\codecm~1.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CodecPack Manager - Unknown owner - C:\ProgramData\CodecPack Manager\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: Updater Service (IBUpdaterService) - Unknown owner - C:\ProgramData\IBUpdaterService\ibsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files\Online Games Manager\ogmservice.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe -- End of file - 13075 bytes
