edpo
-
Items
116 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door edpo
-
Malwarebytes' Anti-Malware 1.45 Malwarebytes Databaseversie: 4011 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 29/04/2010 14:01:54 mbam-log-2010-04-29 (14-01-54).txt Scantype: Snelle scan Objecten gescand: 112024 Verstreken tijd: 6 minuut/minuten, 40 seconde(n) Geheugenprocessen genfecteerd: 0 Geheugenmodulen genfecteerd: 0 Registersleutels genfecteerd: 0 Registerwaarden genfecteerd: 0 Registerdata genfecteerd: 0 Mappen genfecteerd: 0 Bestanden genfecteerd: 0 Geheugenprocessen genfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen genfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels genfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden genfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata genfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen genfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden genfecteerd: (Geen kwaadaardige objecten gedetecteerd) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:03:06, on 29/04/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18904) Boot mode: Normal Running processes: C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\nvraidservice.exe C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe C:\Windows\System32\rundll32.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Acer\Empowering Technology\eLock\autolockprocess\AutoLockProcess.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Acer\Empowering Technology\SysMonitor.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSDTS.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Acer\Empowering Technology\eDataSecurity\x86\MsnVane.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\Eddy\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Avant Browser\avant.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchFilterHost.exe F:\virusprog\HijackThis.exe C:\Users\Eddy\AppData\Local\Google\Update\GoogleUpdate.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediMail.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK & Ireland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK & Ireland R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: &Egis Option Pack - {312105C4-2E13-4E10-AF72-F9D79BA077E6} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDsWebmailtb.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [lxbkbmgr.exe] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [AutoLockProcess] C:\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PrinterShare] C:\Program Files\PrinterShare\paConsole.exe -minimized O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Eddy\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM') O4 - HKUS\S-1-5-18\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe O4 - Global Startup: MBCameraMonitor.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\Program Files\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/NL/TechConsole/x86/RescueControl.cab O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.be/s/v/59.20/uploader2.cab O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game09.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BitDefender Arrakis-server (Arrakis3) - BitDefender S.R.L. Antivirus software - BitDefender - The future of security now! - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop-updateservice (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- End of file - 15891 bytes
-
Ik heb dat alles gedaan....uitgenomen NERO geinstaleerd, dergelijke programmas die zich vast bijten in mijn systeem kan ik missen! Maar de popup is er nog steeds.
-
Ik instaleerde de Lite versie van NERO 9, maar nu krijg ik gedurig een POPup venster hier bij gevoegd. Ik heb reeds Nero eraf gegooid en terug opgezet... zonder resultaat. Wat is hier het probleem ? Ik stuur ook maar een hijjackthis.log mee voor de specialisten.... mvg Eddy hijackthis.log
-
Alles is verdwenen.... het probleem is opgelost. Bedankt.
-
Nee het schijnt opgelost te zijn.....10000000000 x dank. Eddy
-
ComboFix 10-04-19.05 - eveline 21-04-2010 13:39:52.3.2 - x86 Microsoft Windows Vista Home Basic 6.0.6001.1.1252.31.1043.18.893.275 [GMT 2:00] Gestart vanuit: D:\ComboFix.exe gebruikte Opdracht switches :: D:\cfscript.txt..txt SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Aanwezig AV is actief FILE :: "c:\programdata\Google\Google Toolbar\Update\gtbA5D3.tmp.exe" "c:\windows\bk20856.dat" "c:\windows\fs1235.dat" "c:\windows\system32\aokomon.dll" "c:\windows\system32\btw_oko.dll" "c:\windows\system32\drivers\klifoko.sys" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\Google\Google Toolbar\Update\gtbA5D3.tmp.exe c:\windows\bk20856.dat c:\windows\fs1235.dat c:\windows\system32\aokomon.dll c:\windows\system32\btw_oko.dll c:\windows\system32\drivers\klifoko.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_Ftdisoko -------\Service_FltOkoMgr -------\Service_Ftdisoko (((((((((((((((((((( Bestanden Gemaakt van 2010-03-21 to 2010-04-21 )))))))))))))))))))))))))))))) . 2010-04-21 11:56 . 2010-04-21 12:02 -------- d-----w- c:\users\eveline\AppData\Local\temp 2010-04-21 11:56 . 2010-04-21 11:56 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-04-21 11:56 . 2010-04-21 11:56 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-04-21 09:03 . 2010-04-21 09:04 -------- d-----w- C:\sh4ldr 2010-04-21 09:03 . 2010-04-21 09:03 -------- d-----w- c:\program files\Enigma Software Group 2010-04-21 08:59 . 2010-04-21 09:04 -------- d-----w- c:\windows\61D3AAE1D5214CD7939B37813DE8F955.TMP 2010-04-21 08:59 . 2010-04-21 08:59 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2010-04-20 17:15 . 2010-04-20 17:17 -------- d-----w- c:\program files\Crawler 2010-04-20 11:35 . 2010-04-20 11:35 -------- d-----w- c:\users\eveline\AppData\Roaming\Malwarebytes 2010-04-20 11:35 . 2008-10-22 14:10 15504 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-20 11:35 . 2008-10-22 14:10 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-20 11:35 . 2010-04-20 11:35 -------- d-----w- c:\programdata\Malwarebytes 2010-04-20 11:35 . 2010-04-20 12:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-20 11:02 . 2010-04-20 14:17 -------- d-----w- c:\program files\a-squared Free 2010-04-20 10:49 . 2010-04-20 10:49 -------- d-----w- c:\program files\Trend Micro 2010-04-20 10:48 . 2010-04-20 11:01 -------- d-----w- c:\program files\a-squared Anti-Malware 2010-04-20 08:46 . 2010-04-20 08:46 4 ----a-w- c:\windows\system32\aspdict-en.dat 2010-04-20 08:46 . 2010-04-20 08:46 16 ----a-w- c:\windows\system32\asdict.dat 2010-04-20 08:12 . 2010-04-20 08:14 -------- d-----w- c:\users\eveline\AppData\Roaming\BitDefender 2010-04-20 08:12 . 2010-04-20 08:21 -------- d-----w- c:\programdata\BitDefender 2010-04-20 08:12 . 2010-04-20 08:12 -------- d-----w- c:\program files\BitDefender 2010-04-20 08:05 . 2010-04-20 08:12 -------- d-----w- c:\program files\Common Files\BitDefender 2010-04-15 11:16 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-04-15 11:16 . 2010-02-23 11:32 78848 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2010-04-15 11:16 . 2010-02-23 11:32 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2010-04-15 11:16 . 2010-02-23 11:32 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-04-15 11:16 . 2010-02-18 14:49 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-04-15 11:16 . 2010-02-18 14:49 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-04-15 11:15 . 2010-02-18 14:49 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys 2010-04-15 11:15 . 2010-02-18 14:11 190464 ----a-w- c:\windows\system32\iphlpsvc.dll 2010-04-15 11:15 . 2010-02-18 11:52 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys 2010-04-14 18:22 . 2009-12-23 12:43 171520 ----a-w- c:\windows\system32\wintrust.dll 2010-04-14 18:21 . 2010-01-15 00:04 98304 ----a-w- c:\windows\system32\cabview.dll 2010-04-14 18:10 . 2010-04-14 18:10 -------- d-----w- c:\programdata\McAfee 2010-04-14 18:03 . 2010-02-12 10:48 293376 ----a-w- c:\windows\system32\browserchoice.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-21 09:04 . 2010-04-21 09:04 110080 ----a-r- c:\users\eveline\AppData\Roaming\Microsoft\Installer\{61D3AAE1-D521-4CD7-939B-37813DE8F955}\IconD7F16134.exe 2010-04-21 09:04 . 2010-04-21 09:04 110080 ----a-r- c:\users\eveline\AppData\Roaming\Microsoft\Installer\{61D3AAE1-D521-4CD7-939B-37813DE8F955}\IconF7A21AF7.exe 2010-04-20 12:06 . 2010-04-20 12:06 2967799 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-04-20 10:50 . 2006-11-02 16:07 667352 ----a-w- c:\windows\system32\perfh013.dat 2010-04-20 10:50 . 2006-11-02 16:07 126854 ----a-w- c:\windows\system32\perfc013.dat 2010-04-18 13:48 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-04-17 11:00 . 2007-11-20 13:20 -------- d-----w- c:\programdata\Microsoft Help 2010-04-13 09:43 . 2007-07-19 14:22 112976 ----a-w- c:\users\eveline\AppData\Local\GDIPFONTCACHEV1.DAT 2010-02-24 09:16 . 2009-10-04 18:22 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-02-23 06:39 . 2010-03-31 07:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-23 06:33 . 2010-03-31 07:00 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-02-23 06:33 . 2010-03-31 07:00 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-02-23 04:55 . 2010-03-31 07:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-02-03 10:57 . 2010-02-03 10:57 153448 ----a-w- c:\windows\system32\drivers\bdfm.sys 2010-02-03 10:56 . 2010-02-03 10:56 106464 ----a-w- c:\windows\system32\drivers\bdhv.sys 2010-01-25 12:48 . 2010-02-25 13:12 472576 ----a-w- c:\windows\system32\secproc_isv.dll 2010-01-25 12:48 . 2010-02-25 13:12 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-01-25 12:48 . 2010-02-25 13:12 151040 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-01-25 12:48 . 2010-02-25 13:12 472064 ----a-w- c:\windows\system32\secproc.dll 2010-01-25 12:45 . 2010-02-25 13:12 329216 ----a-w- c:\windows\system32\msdrm.dll 2010-01-25 08:35 . 2010-02-25 13:12 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-01-25 08:35 . 2010-02-25 13:12 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-01-25 08:34 . 2010-02-25 13:12 511488 ----a-w- c:\windows\system32\RMActivate.exe 2010-01-25 08:34 . 2010-02-25 13:12 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-01-23 09:44 . 2010-02-25 13:13 2048 ----a-w- c:\windows\system32\tzres.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2006-11-13 413696] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-06 39408] "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472] "Google Update"="c:\users\eveline\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-03-24 136176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-14 149280] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-14 411768] "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2006-12-14 493688] "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2006-12-11 530552] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 90112] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-01 3772416] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-27 815104] "TOSHIBA Volume Indicator"="c:\program files\Toshiba\Utilities\VolControl.exe" [2006-12-13 94208] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-12-21 155648] "topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2006-12-15 577536] "Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2006-12-13 554640] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "hpqSRMon"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2010-01-20 1120704] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-10-19 71152] "a-squared"="c:\program files\a-squared Anti-Malware\a2guard.exe" [2010-01-02 3280712] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-9 147456] hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-9 28672] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664] R3 Arrakis3;BitDefender Arrakis-server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-10-19 183880] R3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-02-03 153448] R3 ZDPSp60;ZDPSp60 NDIS Protocol Driver;c:\windows\system32\Drivers\ZDPSp60.sys [x] S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [2009-10-19 72200] S2 a2AntiMalware;a-squared Anti-Malware Service;c:\program files\a-squared Anti-Malware\a2service.exe [2009-10-01 1858144] S2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [2008-06-11 380016] S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [2009-09-22 83208] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bdx REG_MULTI_SZ scan meetsvc REG_MULTI_SZ FltOkoMgr . Inhoud van de 'Gedeelde Taken' map 2010-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 08:52] 2010-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 08:52] 2010-04-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1559559633-8451345-1067505570-1000Core.job - c:\users\eveline\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-20 12:04] 2010-04-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1559559633-8451345-1067505570-1000UA.job - c:\users\eveline\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-20 12:04] 2010-04-20 c:\windows\Tasks\User_Feed_Synchronization-{F0F4AC52-D5A5-4A83-B8B9-4627A971A1F3}.job - c:\windows\system32\msfeedssync.exe [2010-03-31 04:54] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.ocmwzedelgem.be/website/1-www.html/ mStart Page = hxxp://breedband.telenet.be mWindow Title = Telenet Internet IE: Crawler Search - tbr:iemenu IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-04-21 14:03 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i??????6T7t`?? ?\?H?\???\???\??? scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . ------------------------ Andere Aktieve Processen ------------------------ . c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Enigma Software Group\SpyHunter\Spyhunter4.exe c:\windows\system32\conime.exe c:\windows\system32\agrsmsvc.exe c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe c:\program files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe c:\windows\RtHDVCpl.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\TODDSrv.exe c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\msiexec.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\BitDefender\BitDefender 2010\seccenter.exe c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe . ************************************************************************** . Voltooingstijd: 2010-04-21 14:12:48 - machine werd herstart ComboFix-quarantined-files.txt 2010-04-21 12:12 ComboFix2.txt 2010-04-21 08:12 ComboFix3.txt 2010-04-20 15:44 Pre-Run: 7.702.003.712 bytes beschikbaar Post-Run: 7.583.481.856 bytes beschikbaar - - End Of File - - CE49E84D5A8A585C6429CA7C7FF441FB Na dit alles kan ik nu terug updates ophalen bij Bitdefender....wat voorheen NIET kon! Zou het gelukt zijn ?
-
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:22:52, on 21-4-2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18904) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Windows\RtHDVCpl.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\Utilities\VolControl.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Synaptics\SynTP\SynToshiba.exe C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Windows\System32\mobsync.exe C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = OCMW Sociaal Huis Zedelgem R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Internet Explorer Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = Search Assistant R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [TOSHIBA Volume Indicator] "C:\Program Files\Toshiba\Utilities\VolControl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe" O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [Google Update] "C:\Users\eveline\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: BitDefender Arrakis-server (Arrakis3) - BitDefender S.R.L. Antivirus software - BitDefender - The future of security now! - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: BitDefender Desktop-updateservice (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- End of file - 10690 bytes ComboFix 10-04-19.05 - eveline 21-04-2010 9:40.2.2 - x86 Microsoft Windows Vista Home Basic 6.0.6001.1.1252.31.1043.18.893.274 [GMT 2:00] Gestart vanuit: D:\ComboFix.exe SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Aanwezig AV is actief . (((((((((((((((((((( Bestanden Gemaakt van 2010-03-21 to 2010-04-21 )))))))))))))))))))))))))))))) . 2010-04-21 08:00 . 2010-04-21 08:00 -------- d-----w- c:\users\eveline\AppData\Local\temp 2010-04-21 08:00 . 2010-04-21 08:00 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-04-20 17:15 . 2010-04-20 17:17 -------- d-----w- c:\program files\Crawler 2010-04-20 17:15 . 2010-04-20 17:15 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys 2010-04-20 17:15 . 2010-04-20 19:50 -------- d-----w- c:\users\eveline\AppData\Roaming\Spyware Terminator 2010-04-20 17:15 . 2010-04-20 17:39 -------- d-----w- c:\programdata\Spyware Terminator 2010-04-20 17:15 . 2010-04-20 17:38 -------- d-----w- c:\program files\Spyware Terminator 2010-04-20 11:35 . 2010-04-20 11:35 -------- d-----w- c:\users\eveline\AppData\Roaming\Malwarebytes 2010-04-20 11:35 . 2008-10-22 14:10 15504 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-20 11:35 . 2008-10-22 14:10 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-20 11:35 . 2010-04-20 11:35 -------- d-----w- c:\programdata\Malwarebytes 2010-04-20 11:35 . 2010-04-20 12:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-20 11:02 . 2010-04-20 14:17 -------- d-----w- c:\program files\a-squared Free 2010-04-20 10:49 . 2010-04-20 10:49 -------- d-----w- c:\program files\Trend Micro 2010-04-20 10:48 . 2010-04-20 11:01 -------- d-----w- c:\program files\a-squared Anti-Malware 2010-04-20 08:46 . 2010-04-20 08:46 4 ----a-w- c:\windows\system32\aspdict-en.dat 2010-04-20 08:46 . 2010-04-20 08:46 16 ----a-w- c:\windows\system32\asdict.dat 2010-04-20 08:12 . 2010-04-20 08:14 -------- d-----w- c:\users\eveline\AppData\Roaming\BitDefender 2010-04-20 08:12 . 2010-04-20 08:21 -------- d-----w- c:\programdata\BitDefender 2010-04-20 08:12 . 2010-04-20 08:12 -------- d-----w- c:\program files\BitDefender 2010-04-20 08:05 . 2010-04-20 08:12 -------- d-----w- c:\program files\Common Files\BitDefender 2010-04-20 07:49 . 2010-04-20 14:52 6009 ----a-w- c:\windows\fs1235.dat 2010-04-19 18:08 . 2010-04-19 18:08 40 ----a-w- c:\windows\bk20856.dat 2010-04-15 11:16 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-04-15 11:16 . 2010-02-23 11:32 78848 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2010-04-15 11:16 . 2010-02-23 11:32 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2010-04-15 11:16 . 2010-02-23 11:32 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-04-15 11:16 . 2010-02-18 14:49 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-04-15 11:16 . 2010-02-18 14:49 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-04-15 11:15 . 2010-02-18 14:49 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys 2010-04-15 11:15 . 2010-02-18 14:11 190464 ----a-w- c:\windows\system32\iphlpsvc.dll 2010-04-15 11:15 . 2010-02-18 11:52 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys 2010-04-14 18:22 . 2009-12-23 12:43 171520 ----a-w- c:\windows\system32\wintrust.dll 2010-04-14 18:21 . 2010-01-15 00:04 98304 ----a-w- c:\windows\system32\cabview.dll 2010-04-14 18:10 . 2010-04-14 18:10 -------- d-----w- c:\programdata\McAfee 2010-04-14 18:03 . 2010-02-12 10:48 293376 ----a-w- c:\windows\system32\browserchoice.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-20 17:15 . 2010-04-20 17:15 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe 2010-04-20 17:15 . 2010-04-20 17:15 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys 2010-04-20 12:06 . 2010-04-20 12:06 2967799 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-04-20 10:50 . 2006-11-02 16:07 667352 ----a-w- c:\windows\system32\perfh013.dat 2010-04-20 10:50 . 2006-11-02 16:07 126854 ----a-w- c:\windows\system32\perfc013.dat 2010-04-18 13:48 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-04-17 11:00 . 2007-11-20 13:20 -------- d-----w- c:\programdata\Microsoft Help 2010-04-13 09:43 . 2007-07-19 14:22 112976 ----a-w- c:\users\eveline\AppData\Local\GDIPFONTCACHEV1.DAT 2010-02-24 09:16 . 2009-10-04 18:22 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-02-23 06:39 . 2010-03-31 07:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-23 06:33 . 2010-03-31 07:00 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-02-23 06:33 . 2010-03-31 07:00 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-02-23 04:55 . 2010-03-31 07:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-02-18 15:49 . 2009-07-04 23:48 133632 ----a-w- c:\windows\system32\aokomon.dll 2010-02-18 15:49 . 2009-06-30 00:30 32768 ----a-w- c:\windows\system32\drivers\klifoko.sys 2010-02-18 15:49 . 2009-06-30 00:30 134656 ----a-w- c:\windows\system32\btw_oko.dll 2010-02-03 10:57 . 2010-02-03 10:57 153448 ----a-w- c:\windows\system32\drivers\bdfm.sys 2010-02-03 10:56 . 2010-02-03 10:56 106464 ----a-w- c:\windows\system32\drivers\bdhv.sys 2010-01-29 08:32 . 2010-01-29 08:32 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbA5D3.tmp.exe 2010-01-25 12:48 . 2010-02-25 13:12 472576 ----a-w- c:\windows\system32\secproc_isv.dll 2010-01-25 12:48 . 2010-02-25 13:12 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-01-25 12:48 . 2010-02-25 13:12 151040 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-01-25 12:48 . 2010-02-25 13:12 472064 ----a-w- c:\windows\system32\secproc.dll 2010-01-25 12:45 . 2010-02-25 13:12 329216 ----a-w- c:\windows\system32\msdrm.dll 2010-01-25 08:35 . 2010-02-25 13:12 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-01-25 08:35 . 2010-02-25 13:12 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-01-25 08:34 . 2010-02-25 13:12 511488 ----a-w- c:\windows\system32\RMActivate.exe 2010-01-25 08:34 . 2010-02-25 13:12 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-01-23 09:44 . 2010-02-25 13:13 2048 ----a-w- c:\windows\system32\tzres.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2006-11-13 413696] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-06 39408] "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472] "Google Update"="c:\users\eveline\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-03-24 136176] "SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-04-20 3037696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-14 149280] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-14 411768] "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2006-12-14 493688] "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2006-12-11 530552] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 90112] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-01 3772416] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-27 815104] "TOSHIBA Volume Indicator"="c:\program files\Toshiba\Utilities\VolControl.exe" [2006-12-13 94208] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-12-21 155648] "topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2006-12-15 577536] "Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2006-12-13 554640] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "hpqSRMon"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2010-01-20 1120704] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-10-19 71152] "a-squared"="c:\program files\a-squared Anti-Malware\a2guard.exe" [2010-01-02 3280712] "SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-20 2176512] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-9 147456] hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-9 28672] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664] R3 Arrakis3;BitDefender Arrakis-server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-10-19 183880] R3 ZDPSp60;ZDPSp60 NDIS Protocol Driver;c:\windows\system32\Drivers\ZDPSp60.sys [x] S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [2009-10-19 72200] S1 Ftdisoko;Channel DesktopContext AutoComplete Hook PostAgent;c:\windows\system32\drivers\klifoko.sys [2010-02-18 32768] S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-04-20 142592] S2 a2AntiMalware;a-squared Anti-Malware Service;c:\program files\a-squared Anti-Malware\a2service.exe [2009-10-01 1858144] S2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [2008-06-11 380016] S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [2009-09-22 83208] S2 FltOkoMgr;VMware Monitor CD ACPI Terminal List;c:\windows\system32\svchost.exe [2008-01-19 21504] S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-02-03 153448] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bdx REG_MULTI_SZ scan meetsvc REG_MULTI_SZ FltOkoMgr . Inhoud van de 'Gedeelde Taken' map 2010-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 08:52] 2010-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 08:52] 2010-04-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1559559633-8451345-1067505570-1000Core.job - c:\users\eveline\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-20 12:04] 2010-04-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1559559633-8451345-1067505570-1000UA.job - c:\users\eveline\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-20 12:04] 2010-04-20 c:\windows\Tasks\User_Feed_Synchronization-{F0F4AC52-D5A5-4A83-B8B9-4627A971A1F3}.job - c:\windows\system32\msfeedssync.exe [2010-03-31 04:54] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.ocmwzedelgem.be/website/1-www.html mStart Page = hxxp://breedband.telenet.be mWindow Title = Telenet Internet IE: Crawler Search - tbr:iemenu IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-04-21 10:00 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i??????6T7t`?? ?\?H?\???\???\??? scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'Explorer.exe'(1608) c:\windows\system32\authui.dll c:\windows\system32\pnidui.dll . Voltooingstijd: 2010-04-21 10:12:19 ComboFix-quarantined-files.txt 2010-04-21 08:12 ComboFix2.txt 2010-04-20 15:44 Pre-Run: 8.365.957.120 bytes beschikbaar Post-Run: 8.224.104.448 bytes beschikbaar - - End Of File - - 59FD0109D96D23D720F7991C5ECF3722
-
De Notebook van mijn dochter krijgt het op zijn heupen... gedurig meldingen dat er visussen aanwezig zijn, ik heb de PC gescand en niets is te vinden... Er komt nu en dan een scherm op van WINDOWS met melding Windows has detected serios threats to your PC security. en dan moet ik iets downloaden, wat ik nog niet deed... mag dat ? Ik heb Bitdefender 2010 er op geinstaleerd maar die vind na een scan niets, maar ik kan ook Bitdefende niet updaten online... ik kan naar geen enkele site waar er updates te krijgen zijn voor gelijkwelke scanner.... Wat is hier het probleem ? Ik stuur de hijackthis log mee van deze Notebook Alvast bedankt Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:01:18, on 20-4-2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18904) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\Utilities\VolControl.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Synaptics\SynTP\SynToshiba.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ocmwzedelgem.be/website/1-www.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://breedband.telenet.be R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [TOSHIBA Volume Indicator] "C:\Program Files\Toshiba\Utilities\VolControl.exe" O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe" O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [Google Update] "C:\Users\eveline\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?NL (file missing) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: BitDefender Arrakis-server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: BitDefender Desktop-updateservice (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- End of file - 9999 bytes hijackthis.log
-
Bedoel je dit ? Logboeknaam: Application Bron: Application Hang Datum: 4/03/2010 16:00:09 Gebeurtenis-id:1002 Taakcategorie: (101) Niveau: Fout Trefwoorden: Klassiek Gebruiker: n.v.t. Computer: ACERPC Beschrijving: Programma mmc.exe, versie 6.0.6002.18005 reageert niet meer op Windows en is afgesloten. Als u wilt zien of meer informatie over het probleem beschikbaar is, kunt u de probleemgeschiedenis in onderdeel Probleemrapporten en -oplossingen in het Configuratiescherm controleren. Proces-id: 1ea8 Starttijd: 01cabbaa4c5467ef Eindtijd: 17 Gebeurtenis-XML: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Application Hang" /> <EventID Qualifiers="0">1002</EventID> <Level>2</Level> <Task>101</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2010-03-04T15:00:09.000Z" /> <EventRecordID>67941</EventRecordID> <Channel>Application</Channel> <Computer>ACERPC</Computer> <Security /> </System> <EventData> <Data>mmc.exe</Data> <Data>6.0.6002.18005</Data> <Data>1ea8</Data> <Data>01cabbaa4c5467ef</Data> <Data>17</Data> <Binary>430072006F00730073002D0074006800720065006100640000000000</Binary> </EventData> </Event>
-
Dir komt voor met meerdere programmas,bv Avant Browser, Winamp, Incredimail....
-
Sinds een paar dagen krijg ik nu en dan een foutmelding, Windows-hostproces (Rundll32) werkt niet meer. Wat is daar de oorzaak van ? en wat kan ik er tegen doen ? zie het bijgevoegde knipsel. Eddy
-
een vraagje..... hoe kan ik dit filetje openen in excel ?
-
Ja maar... als de volgende serie verbeterd wordt moet de waarde blijven staan waar hij stond, nu verdwijnd deze iedere keer.
-
Even uitlegen… Het gaat om een aantal werkbladen dat de uitslagen van de series bij het schieten bijhoud en verbetert. De schutter schrijft zich in door zijn lidnr op te geven, die wordt in het blad ingeven ingevuld in de kolom lidnr, zijn naam en verdere gegevens verschijnt in de kolom ernaast.(komende uit het ledenbestand) De uiterst linkse kolom is het serienr. Die op de schietkaarten wordt vermeld. (vast) De schutter komt na het schieten terug om zijn serie te verbeteren, de verantwoordelijke die verbetert geeft in het blad verbeteren het serienr in die overeenkomt met de ingave in het blad ingeven en dus ook op de kaarten… De gegevens van de schutter worden automatisch ingevuld. De punten worden ingevuld in de roosters, 200,400 of 600 punten Nu zou ik willen dat de punten die in het blad verbeteren in D17 staan, automatisch naast het juiste SERIEnr In het Blad ingeven zien, en wel in de kolom 200p,400p of 600p, naargelang in het blad verbeteren 1,2 of 3 roosters zijn ingevuld. Dus alle rooster vol is kolom 600. Ik geraak er maar niet.... een verkorte versie van de werkbladen zijn bijgevoegd. Alvast bedabkt aan iedereen die kan helpen.... Eddy voorbeeld.xls
-
Ongelooflijk, maar ik krijg geen toegang tot de HD C en D en hun bestanden maar wel tot de mediabestanden (muziek en films enz....) die op HD D staan.... Moet ik misschien ergens nog de HD's vrij maken ? ze staan wel op delen.
-
Er blijft op de Win7 PC een melding komen dat ik geen toegang heb tot de VISTA PC... ik moet machtiging vragen aan de netwerkbeheerder...
-
Ik zie de andere pc op de beide computers.... maar ik heb geen toegang tot de bestanden op de VISTA PC, omgekeerd kan ik van de VISTA naar de Windows 7 PC wel.... Mis ik nog iets ? Heeeeeeeelp
-
Hoe kan ik een thuisnetwerk + internet verbinding instellen via een BELKIN router tussen een notebook met windows 7 en een pc met vista.
-
Ik heb nog een klein probleempje.... Ik wil de getallen van B3 tot U3, maar ook de getallen van B4 tot U4 terzelfdertijd in 1 reeks sorteren zodat ik de 15 hoogste getallen op de eerste 15 plaatsen bekom. Dit zo voor iedere ingave per lid (gele velden) Ik krijg iedere keer een foutmelding en er gebeurt niets. Wie kan mij helpen ? Eddy testblad2010.xls
-
Bedankt aan al die mij geholpen hebben.... het werkt perfect.
-
Sorry voor het late reageren, maar ik was een hele tijd in het buitenland... inderdaat dat werkt, dat is de bedoeling van mijn vraag... maar waar moet ik dat nu instellen ? Eddy
-
Ik versta de bedoeling niet... ik krijg een leeg werkblad ???
-
Is het mogelijk om ergens een routine te maken zodat bij het invoeren in rooster na ingave horizontaal na de 5de ingave en Enter er naar de 1ste postie van de 2de lijn wordt gesprongen? alvast bedankt Eddy 1 2 3 4 5 6
-
Ik heb sedert enige tijd een probleem met de automatische update van Vista... om de zoveel tijd tracht mijn PC de update van Servicepack 1 te instaleren. Dit lukt niet... iedere keer krijg ik de melding dat dit mislukt is. Wat kan de oorzaak daarvan zijn ? Wat kan ik er aan dopen ? Zir bijgaand knipsel van update. Alvast bedankt Eddy
-
Ik heb een probleem.... ik wil sorteren op meerdere kolommen zie hieronder Naam Club Bruggeling Serie Nr Punten test 1 DSB N 1 158 test 2 VH J 2 147 test 3 SPR N 3 189 test 4 SBZ N 4 175 eerst op kolom 5 (punten) en daarna op kolom 3 (Bruggeling j/n)... ik zou dit in een macro willen. De bedoeling is dat er een puntenrangschikking gemaakt is. Het probleem is, als ik nu manueel (trechter-icoon) wil sorteren en het gehele rekenblad selecteer en niets gesorteert word...??? Doe ik iets verkeerd ? Ik werk met de 2007.
