Ziggendl
-
Items
4 -
Registratiedatum
-
Laatst bezocht
Ziggendl's prestaties
-
Pop ups van Ad.Server & Ad.Doubleclick
Ziggendl reageerde op Ziggendl's topic in Archief Bestrijding malware & virussen
Goede morgen, Het lijkt erop dat het is gelukt, dat zou een goed begin van de week zijn. Vooralsnog zet ik deze vraag dus op opgelost! Ontzettend bedankt zuiderburen, erg blij mee! Werkse! -
Pop ups van Ad.Server & Ad.Doubleclick
Ziggendl reageerde op Ziggendl's topic in Archief Bestrijding malware & virussen
Bedankt, het heeft even geduurd, maar hieronder de log van Combofix: ComboFix 12-10-21.01 - Noor 21-10-2012 15:00:45.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.1979.649 [GMT 2:00] Gestart vanuit: c:\users\Michaël\Desktop\ComboFix.exe AV: BullGuard Antivirus *Disabled/Outdated* {C3CCAC61-52F7-A056-1860-6406566E2578} FW: BullGuard Firewall *Disabled* {FBF72D44-1898-A10E-333F-CD33A8BD6203} SP: BullGuard Antispyware *Disabled/Outdated* {78AD4D85-74CD-AFD8-22D0-5F742DE96FC5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\BrowserCompanion c:\program files (x86)\BrowserCompanion\blabbers-ch.crx c:\program files (x86)\BrowserCompanion\logo.ico c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll_1 c:\program files (x86)\ssnScreenshot1000.exe c:\programdata\0D90EDE14A.sys c:\users\Noor\AppData\Roaming\Noiz c:\users\Noor\AppData\Roaming\Noiz\lyho.pia c:\windows\SysWow64\System32\MASetupCleaner.exe c:\windows\SysWow64\System32\muzapp.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-09-21 to 2012-10-21 )))))))))))))))))))))))))))))) . . 2012-10-21 13:11 . 2012-10-21 13:11 -------- d-----w- c:\users\Noor\AppData\Local\temp 2012-10-21 13:11 . 2012-10-21 13:11 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-11 13:51 . 2012-10-11 13:51 -------- d-----w- c:\users\Michaël\AppData\Local\Downloaded Installations 2012-10-11 13:47 . 2012-10-11 13:59 -------- d-----w- c:\users\Michaël\AppData\Local\Research In Motion 2012-10-11 13:47 . 2012-10-11 13:49 -------- d-----w- c:\users\Michaël\AppData\Roaming\Research In Motion 2012-10-11 13:37 . 2011-07-20 11:58 44032 ----a-w- c:\windows\system32\drivers\RimSerial_AMD64.sys 2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\Third_party 2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\programdata\Research In Motion 2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\DesktopHelperModules 2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\DeviceData 2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\InstallerUtils 2012-10-11 13:36 . 2012-10-11 13:39 -------- d-----w- c:\program files (x86)\nl 2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\Modules 2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\Common Files\XCPCSync.OEM 2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\Codecs 2012-10-11 13:20 . 2012-10-11 13:20 -------- d-----w- c:\program files (x86)\Research In Motion Limited 2012-10-11 13:20 . 2012-10-11 13:54 -------- d-----w- c:\program files (x86)\Common Files\Research In Motion 2012-10-10 07:50 . 2012-08-20 18:38 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-10-10 07:49 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll 2012-10-10 07:49 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll 2012-10-10 07:49 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll 2012-10-10 07:49 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-10-10 07:49 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-10-10 07:49 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-10-10 07:49 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-10-10 07:49 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-10-04 15:00 . 2012-10-04 15:09 -------- d-----w- C:\SnelStart 2012-10-04 14:30 . 2012-10-04 14:30 -------- d-----w- c:\users\Michaël\AppData\Local\Hewlett-Packard 2012-10-04 14:26 . 2012-10-04 14:26 -------- d-----w- c:\users\Michaël\AppData\Roaming\Hewlett-Packard 2012-10-04 11:11 . 2012-10-04 11:11 -------- d-----w- c:\program files (x86)\UBL 2012-10-04 11:05 . 2012-10-04 11:05 -------- d-----w- c:\program files (x86)\EPSON 2012-10-04 11:03 . 2005-02-02 10:05 8704 ----a-w- c:\windows\system32\E_GCINST.DLL 2012-10-04 11:03 . 2005-06-08 23:02 119808 ----a-w- c:\windows\system32\E_ILMACE.DLL 2012-10-04 11:03 . 2005-04-10 23:01 86528 ----a-w- c:\windows\system32\E_IBCBACE.DLL 2012-10-04 11:03 . 2012-10-04 11:03 -------- d-----w- c:\programdata\EPSON 2012-10-04 09:55 . 2012-10-04 09:56 -------- d-----w- c:\users\Michaël\AppData\Local\Google 2012-10-04 09:54 . 2012-10-04 09:54 -------- d-----w- c:\users\Michaël\AppData\Local\Apps 2012-10-04 09:54 . 2012-10-04 09:55 -------- d-----w- c:\users\Michaël\AppData\Local\Deployment 2012-10-04 09:41 . 2012-10-05 11:50 -------- d-----w- c:\users\Michaël\AppData\Roaming\Adobe 2012-09-26 07:12 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2012-09-24 09:35 . 2012-09-24 09:35 -------- d-----w- c:\users\Noor\Scans . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-11 07:31 . 2011-07-14 16:32 65309168 ----a-w- c:\windows\system32\MRT.exe 2012-09-17 09:31 . 2012-09-17 09:31 55464 ----a-w- c:\program files (x86)\UseInNet.VbRun.dll 2012-09-17 09:31 . 2012-09-17 09:31 17064 ----a-w- c:\program files (x86)\UseInNet.Vba.dll 2012-09-17 09:31 . 2012-09-17 09:31 22192 ----a-w- c:\program files (x86)\UseInNet.StdOle2.dll 2012-09-17 09:31 . 2012-09-17 09:31 19120 ----a-w- c:\program files (x86)\UseInNet.StdFormat.dll 2012-09-17 09:31 . 2012-09-17 09:31 43192 ----a-w- c:\program files (x86)\UseInNet.ssNetwerk1000.dll 2012-09-17 09:31 . 2012-09-17 09:31 92344 ----a-w- c:\program files (x86)\UseInNet.ssMethods1000.dll 2012-09-17 09:31 . 2012-09-17 09:31 100544 ----a-w- c:\program files (x86)\UseInNet.ssDbToegang1000.dll 2012-09-17 09:31 . 2012-09-17 09:31 260288 ----a-w- c:\program files (x86)\UseInNet.SnelStartGateWay.dll 2012-09-17 09:31 . 2012-09-17 09:31 39088 ----a-w- c:\program files (x86)\UseInNet.Scripting.dll 2012-09-17 09:31 . 2012-09-17 09:31 190632 ----a-w- c:\program files (x86)\UseInNet.msXml4.dll 2012-09-17 09:31 . 2012-09-17 09:31 39088 ----a-w- c:\program files (x86)\UseInNet.msmapi32.dll 2012-09-17 09:30 . 2012-09-17 09:30 10416 ----a-w- c:\program files (x86)\UseInNet.MsDataSrc.dll 2012-09-17 09:30 . 2012-09-17 09:30 108712 ----a-w- c:\program files (x86)\UseInNet.AdoDb.dll 2012-09-17 09:30 . 2012-09-17 09:30 481440 ----a-w- c:\program files (x86)\ssBackup6.exe 2012-09-17 09:30 . 2012-09-17 09:30 33968 ----a-w- c:\program files (x86)\SnelStartCompress.dll 2012-09-17 09:30 . 2012-09-17 09:30 34976 ----a-w- c:\program files (x86)\LayCSupp.dll 2012-09-17 09:30 . 2012-09-17 09:30 30880 ----a-w- c:\program files (x86)\ssnZip1000.dll 2012-09-17 09:30 . 2012-09-17 09:30 1238712 ----a-w- c:\program files (x86)\ssnSoapCommunicatie1000.dll 2012-09-17 09:30 . 2012-09-17 09:30 357544 ----a-w- c:\program files (x86)\ssnPeriode1000.dll 2012-09-17 09:30 . 2012-09-17 09:30 323752 ----a-w- c:\program files (x86)\ssnMethods1000.dll 2012-09-17 09:30 . 2012-09-17 09:30 658088 ----a-w- c:\program files (x86)\ssnFolder1000.dll 2012-09-17 09:30 . 2012-09-17 09:30 46256 ----a-w- c:\program files (x86)\ssnFileReeks1000.dll 2012-09-17 09:30 . 2012-09-17 09:30 18080 ----a-w- c:\program files (x86)\ssnFase1000.dll 2012-09-17 09:30 . 2012-09-17 09:30 146600 ----a-w- c:\program files (x86)\ssnControls1000.dll 2012-09-17 09:30 . 2012-09-17 09:30 112816 ----a-w- c:\program files (x86)\ssnBankieren1000.dll 2012-09-17 09:30 . 2012-09-17 09:30 183464 ----a-w- c:\program files (x86)\ssnBackup1000.dll 2012-09-17 09:30 . 2012-09-17 09:30 276648 ----a-w- c:\program files (x86)\ssVkProces1000.dll 2012-09-17 09:30 . 2012-09-17 09:30 1112232 ----a-w- c:\program files (x86)\ssVerkoop1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 440472 ----a-w- c:\program files (x86)\ssTool7.dll 2012-09-17 09:29 . 2012-09-17 09:29 567464 ----a-w- c:\program files (x86)\ssTelebank1000.ocx 2012-09-17 09:29 . 2012-09-17 09:29 67760 ----a-w- c:\program files (x86)\ssSyntaxAnalys1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 186536 ----a-w- c:\program files (x86)\ssSessie1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 108712 ----a-w- c:\program files (x86)\ssRechten1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 170144 ----a-w- c:\program files (x86)\ssPrx1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 252072 ----a-w- c:\program files (x86)\ssPrinter1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 80032 ----a-w- c:\program files (x86)\ssOrder1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 121000 ----a-w- c:\program files (x86)\ssNetwerk1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 30896 ----a-w- c:\program files (x86)\ssNetInterface1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 342184 ----a-w- c:\program files (x86)\ssMethods1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 121000 ----a-w- c:\program files (x86)\ssManager1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 63664 ----a-w- c:\program files (x86)\ssLijstControl1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 333984 ----a-w- c:\program files (x86)\ssLijst1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 739496 ----a-w- c:\program files (x86)\ssLayoutUI1000.dll 2012-09-17 09:29 . 2012-09-17 09:29 1403048 ----a-w- c:\program files (x86)\ssLayout1000.ocx 2012-09-17 09:28 . 2012-09-17 09:28 465056 ----a-w- c:\program files (x86)\ssKaart1000.ocx 2012-09-17 09:28 . 2012-09-17 09:28 444584 ----a-w- c:\program files (x86)\ssInkoop1000.dll 2012-09-17 09:28 . 2012-09-17 09:28 252072 ----a-w- c:\program files (x86)\ssImport1000.dll 2012-09-17 09:28 . 2012-09-17 09:28 174248 ----a-w- c:\program files (x86)\ssIkProces1000.dll 2012-09-17 09:28 . 2012-09-17 09:28 657648 ----a-w- c:\program files (x86)\ssGarage1000.dll 2012-09-17 09:28 . 2012-09-17 09:28 178344 ----a-w- c:\program files (x86)\ssFuncDLL1000.dll 2012-09-17 09:28 . 2012-09-17 09:28 276656 ----a-w- c:\program files (x86)\ssExporteren1000.ocx 2012-09-17 09:28 . 2012-09-17 09:28 39080 ----a-w- c:\program files (x86)\ssDialog1000.dll 2012-09-17 09:28 . 2012-09-17 09:28 518312 ----a-w- c:\program files (x86)\ssDeclares1000.dll 2012-09-17 09:28 . 2012-09-17 09:28 59568 ----a-w- c:\program files (x86)\ssDdeVerbinding1000.dll 2012-09-17 09:28 . 2012-09-17 09:28 874664 ----a-w- c:\program files (x86)\ssDbVersie1000.dll 2012-09-17 09:28 . 2012-09-17 09:28 510120 ----a-w- c:\program files (x86)\ssDbToegang1000.dll 2012-09-17 09:28 . 2012-09-17 09:28 59560 ----a-w- c:\program files (x86)\ssDbSchema1000.dll 2012-09-17 09:28 . 2012-09-17 09:28 104624 ----a-w- c:\program files (x86)\ssDbRecordTree1000.dll 2012-09-17 09:28 . 2012-09-17 09:28 1489064 ----a-w- c:\program files (x86)\ssControls1000.ocx 2012-09-17 09:27 . 2012-09-17 09:27 51376 ----a-w- c:\program files (x86)\ssCommunicatie1000.dll 2012-09-17 09:27 . 2012-09-17 09:27 436384 ----a-w- c:\program files (x86)\ssBtw1000.dll 2012-09-17 09:27 . 2012-09-17 09:27 686240 ----a-w- c:\program files (x86)\ssBoek1000.dll 2012-09-17 09:27 . 2012-09-17 09:27 690336 ----a-w- c:\program files (x86)\ssBasis1000.dll 2012-09-17 09:27 . 2012-09-17 09:27 239776 ----a-w- c:\program files (x86)\ssBapi1000.dll 2012-09-17 09:27 . 2012-09-17 09:27 469160 ----a-w- c:\program files (x86)\ssArtikel1000.dll 2012-09-17 09:27 . 2012-09-17 09:27 141496 ----a-w- c:\program files (x86)\UseInNet.ssDeclares1000.dll 2012-09-17 09:27 . 2012-09-17 09:27 399536 ----a-w- c:\program files (x86)\SnelStartGateWay.dll 2012-09-17 09:27 . 2012-09-17 09:27 7043232 ----a-w- c:\program files (x86)\SnelStart.exe 2012-09-17 09:12 . 2012-09-17 09:12 33792 ----a-w- c:\program files (x86)\ssnSerialCommunication1000.dll 2012-09-04 11:04 . 2012-09-04 11:04 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-09-04 11:04 . 2012-09-04 11:05 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-09-04 11:04 . 2010-07-15 04:45 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-08-27 23:49 . 2012-09-04 06:31 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{90E79E5C-E9A6-45C1-9D39-1B33EB3B60C9}\mpengine.dll 2012-08-22 18:12 . 2012-09-12 10:10 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-08-22 18:12 . 2012-09-12 10:10 950128 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-08-22 18:12 . 2012-09-12 10:10 376688 ----a-w- c:\windows\system32\drivers\netio.sys 2012-08-22 18:12 . 2012-09-12 10:10 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-08-20 17:38 . 2012-10-10 07:51 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-08-20 17:01 . 2012-08-20 17:01 111064 ----a-w- c:\windows\system32\BgGamingMonitor.dll 2012-08-20 17:01 . 2012-08-20 17:01 100216 ----a-w- c:\windows\SysWow64\BgGamingMonitor.dll 2012-08-02 17:58 . 2012-09-12 10:10 574464 ----a-w- c:\windows\system32\d3d10level9.dll 2012-08-02 16:57 . 2012-09-12 10:10 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2012-08-02 14:12 . 2012-08-02 14:12 63840 ----a-w- c:\windows\system32\BGLsp.dll 2012-08-02 14:12 . 2012-08-02 14:12 54624 ----a-w- c:\windows\SysWow64\BGLsp.dll 2012-07-11 10:49 . 2012-07-11 10:49 50264 ----a-w- c:\program files (x86)\Rim.Desktop.HttpServerSetup.exe 2012-07-11 10:49 . 2012-07-11 10:49 26712 ----a-w- c:\program files (x86)\Rim.Desktop.HttpServerSetup.FirewallInterop.dll 2012-07-11 10:49 . 2012-07-11 10:49 21080 ----a-w- c:\program files (x86)\Rim.Transcoder.exe 2012-07-11 10:48 . 2012-07-11 10:48 752216 ----a-w- c:\program files (x86)\Rim.DesktopHelper.exe 2012-07-11 10:48 . 2012-07-11 10:48 58456 ----a-w- c:\program files (x86)\Rim.Desktop.Services.Native.dll 2012-07-11 10:48 . 2012-07-11 10:48 56408 ----a-w- c:\program files (x86)\Rim.Desktop.Services.Tasks.dll 2012-07-11 10:48 . 2012-07-11 10:48 52312 ----a-w- c:\program files (x86)\System.Windows.Interactivity.dll 2012-07-11 10:48 . 2012-07-11 10:48 31832 ----a-w- c:\program files (x86)\Rim.Desktop.Services.Logging.dll 2012-07-11 10:48 . 2012-07-11 10:48 27224 ----a-w- c:\program files (x86)\Rim.Desktop.Services.WindowState.dll 2012-07-11 10:48 . 2012-07-11 10:48 2167384 ----a-w- c:\program files (x86)\Rim.Desktop.Themes.dll 2012-07-11 10:48 . 2012-07-11 10:48 188504 ----a-w- c:\program files (x86)\zlibwapi.dll 2012-07-11 10:48 . 2012-07-11 10:48 13912 ----a-w- c:\program files (x86)\Rim.DesktopHelper.common.dll 2012-07-11 10:48 . 2012-07-11 10:48 933464 ----a-w- c:\program files (x86)\Rim.Desktop.AutoUpdate.exe 2012-07-11 10:48 . 2012-07-11 10:48 93272 ----a-w- c:\program files (x86)\Rim.Common.Utilities.dll 2012-07-11 10:48 . 2012-07-11 10:48 770648 ----a-w- c:\program files (x86)\MailServerMAPIProxy64.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-09 1712184] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568] "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-06-29 602168] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\System32\BgGamingMonitor.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-01-03 157160] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-01-03 16872] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-01-03 177128] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-09 1255736] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S1 AFW;Agnitum Firewall Driver;c:\windows\system32\DRIVERS\afw.sys [2012-07-03 38528] S1 BdSpy;BdSpy;c:\windows\system32\DRIVERS\BdSpy.sys [2012-07-03 66272] S1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\DRIVERS\NSKernel.sys [2012-07-03 256072] S1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\DRIVERS\NSNetmon.sys [2012-07-03 25160] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] S2 BsBackup;BullGuard backup service;c:\windows\System32\SvcHost.exe [2009-07-14 27136] S2 BsBhvScan;BullGuard Behavioural Detection;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2012-08-20 368480] S2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe [2009-07-14 27136] S2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe [2009-07-14 27136] S2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe [2009-07-14 27136] S2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe [2009-07-14 27136] S2 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2012-08-20 201056] S2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2012-08-20 379744] S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560] S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-06-29 27192] S2 lxbl_device;lxbl_device;c:\windows\system32\lxblcoms.exe [2007-04-20 566704] S2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-04-19 315392] S3 afwcore;afwcore;c:\windows\system32\DRIVERS\afwcore.sys [2012-07-03 445568] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-23 347680] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-02-05 1093152] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-05-19 08:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-407698090-1951942328-2400364001-1001Core.job - c:\users\Noor\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-04 12:41] . 2012-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-407698090-1951942328-2400364001-1001UA.job - c:\users\Noor\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-04 12:41] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-05-26 6245408] "HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392] "BullGuard"="c:\program files\BullGuard Ltd\BullGuard\bullguard.exe" [2012-09-11 1863008] "EPSON Stylus DX3800 Series"="c:\windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE" [2005-02-08 98304] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\BgGamingMonitor.dll . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uLocal Page = c:\windows\system32\blank.htm mStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\BGLsp.dll TCP: DhcpNameServer = 192.168.2.254 DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab . - - - - ORPHANS VERWIJDERD - - - - . URLSearchHooks-{1c94aa0d-7416-4289-b2ba-834282060870} - (no file) URLSearchHooks-{296aa17d-c89e-4242-a5a4-44bfe76914a2} - (no file) Wow6432Node-HKCU-Run-KiesPDLR - c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Wow6432Node-HKCU-Run-Corel Photo Downloader - c:\program files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe WebBrowser-{1C94AA0D-7416-4289-B2BA-834282060870} - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) WebBrowser-{296AA17D-C89E-4242-A5A4-44BFE76914A2} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-10-21 15:17:04 ComboFix-quarantined-files.txt 2012-10-21 13:17 . Pre-Run: 77.724.774.400 bytes beschikbaar Post-Run: 77.981.110.272 bytes beschikbaar . - - End Of File - - 14D79CB02F37BF0199834BF35AA2563A -
Pop ups van Ad.Server & Ad.Doubleclick
Ziggendl reageerde op Ziggendl's topic in Archief Bestrijding malware & virussen
Goede middag, bedankt! Hieronder volgt de log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:48:32, on 21-10-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\BullGuard Ltd\BullGuard\files32\spamfilter\LittleHook.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Users\Michaël\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michaël\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michaël\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michaël\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michaël\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michaël\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michaël\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Google Update] "C:\Users\Michaël\AppData\Local\Google\Update\GoogleUpdate.exe" /c O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Files32\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - foto afdrukken online - HEMA O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: BgGamingMonitor.dll O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FlipShare Service - Unknown owner - C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HPWMISVC - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxbl_device - - C:\Windows\system32\lxblcoms.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12277 bytes Ik zie de reacties graag tegemoet, alvast bedankt! -
Pop ups van Ad.Server & Ad.Doubleclick
Ziggendl plaatste een topic in Archief Bestrijding malware & virussen
Goede middag, Ik heb sinds kort Google Chrome geinstalleerd en heb de indruk dat sindsdien de problemen met de zeer vervelende en irritante pop-ups zijn ontstaan. Omdat ik veel dezelfde vragen op dit forum zie, zou het fantastisch zijn als jullie mij kunnen helpen. Ik heb al een log gemaakt via Hijackthis. Alvast bedankt ik ben jullie nu al eeuwig dankbaar!
