lufraki

Er zijn geen problemen met de PC, was meer een voorzorgsmaatregel. In ieder geval bedankt voor de snelle hulp!

Beste kape, Bedankt voor je reactie! Hierbij de logjes. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:38:10, on 7-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: I:\Windows\system32\Dwm.exe I:\Windows\Explorer.EXE I:\Windows\system32\taskhost.exe I:\Program Files\CheckPoint\ZAForceField\ForceField.exe I:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe I:\Program Files\CheckPoint\ZoneAlarm\zatray.exe I:\Program Files\AVG\AVG2012\avgtray.exe I:\Program Files\Microsoft Security Client\msseces.exe I:\Program Files\Common Files\Java\Java Update\jusched.exe I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe I:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe I:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe I:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe I:\Users\Tijmen\Downloads\Gw2(1).tmp I:\Program Files\Mozilla Firefox\firefox.exe I:\Users\Tijmen\Downloads\Computer Reparatie\HijackThis.exe I:\Program Files\Mozilla Firefox\plugin-container.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - I:\Program Files\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - I:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - I:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - I:\Users\Tijmen\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - I:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O4 - HKLM\..\Run: [ZoneAlarm] "I:\Program Files\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [AVG_TRAY] "I:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [iSW] I:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden" O4 - HKLM\..\Run: [MSC] "i:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: CurseClientStartup.ccip O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Download all links by FlashGet3 - I:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm O8 - Extra context menu item: Download by FlashGet3 - I:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - I:\Program Files\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - I:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - I:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: !SASWinLogon - I:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - I:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - I:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - I:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - I:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - I:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - I:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - I:\Program Files\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - I:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: PnkBstrA - Unknown owner - I:\Windows\system32\PnkBstrA.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - I:\Program Files\Skype\Updater\Updater.exe O23 - Service: TomTomHOMEService - TomTom - I:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - I:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - I:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- End of file - 8659 bytes

Goeden avond, Wil iemand a.u.b. even dit logje nakijken? Super bedankt! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:32:31, on 6-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: I:\Windows\system32\taskhost.exe I:\Windows\system32\Dwm.exe I:\Windows\Explorer.EXE I:\Program Files\CheckPoint\ZAForceField\ForceField.exe I:\Program Files\CheckPoint\ZoneAlarm\zatray.exe I:\Program Files\AVG\AVG2012\avgtray.exe I:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe I:\Program Files\Microsoft Security Client\msseces.exe I:\Program Files\Common Files\Java\Java Update\jusched.exe I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe I:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe I:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe I:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe I:\Program Files\Mozilla Firefox\firefox.exe I:\Program Files\Mozilla Firefox\plugin-container.exe I:\Program Files\Mozilla Firefox\plugin-container.exe I:\Program Files\Mozilla Firefox\plugin-container.exe I:\Program Files\Mozilla Firefox\plugin-container.exe I:\ProgramData\Battle.net\Agent\Agent.998\Agent.exe I:\Windows\system32\conhost.exe I:\Program Files\Diablo III\Diablo III.exe I:\Users\Tijmen\Downloads\Computer Reparatie\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - (no file) O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - I:\Program Files\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - I:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - I:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - I:\Users\Tijmen\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - I:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O4 - HKLM\..\Run: [ZoneAlarm] "I:\Program Files\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [AVG_TRAY] "I:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [iSW] I:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden" O4 - HKLM\..\Run: [MSC] "i:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: CurseClientStartup.ccip O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Download all links by FlashGet3 - I:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm O8 - Extra context menu item: Download by FlashGet3 - I:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - I:\Program Files\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - I:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - I:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: !SASWinLogon - I:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - I:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - I:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - I:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - I:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - I:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - I:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - I:\Program Files\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - I:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: PnkBstrA - Unknown owner - I:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - I:\Windows\system32\PnkBstrB.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - I:\Program Files\Skype\Updater\Updater.exe O23 - Service: TomTomHOMEService - TomTom - I:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - I:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - I:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- End of file - 9236 bytes

Rare is juist dat het tot voor kort dus nooit een inbraakpoging had geregistreerd. Bovendien heb ik net in mijn ZoneAlarm firewall dit gezien: [TABLE] [TR] [TD][/TD] [/TR] [TR] [TD] The ZoneAlarm firewall blocked an outgoing communication from your computer to port 47337 on a remote computer whose IP address is 46.175.163.20. This might have occurred because a program on your computer tried connect to the Internet before ZoneAlarm was fully started.[/TD] [/TR] [/TABLE] Het Ip-adres dat wordt aangegeven ligt in Oekraïne :| Door even verder te zoeken vindt ik deze informatie over het ip-adres: http://www.projecthoneypot.org/ip_46.175.163.20

Ik heb een paar dingen gezien die mij doen denken dat er een kwaadwillig persoon met mij aan het spelen is ... Ten eerste staat er bij Netwerk-Infrastructuur een onbekende router .. Ten tweede zijn er "unknown devices" met mijn netwerk verbonden (zie bijlage) En ten derde zie ik ineens (nooit eerder gezien), bij inbraakdetectie een aantal inbraakpogingen staan Ik wil graag vragen of iemand mij hiermee kan helpen, en of mijn wachtwoorden misschien in gevaar zijn (keyloggers ofzo). Kan ik de computer ook nog normaal gebruiken totdat hij gefixt is? En is hier wel iets aan de hand? Het kan er mee te maken hebben dat ik laatst met de instellingen heb lopen sjoemelen om streaming met media servers mogelijk te maken. Bovendien heeft het internet de afgelopen tijd er een paar keer om onbekende reden uitgelegen en heb ik de router opnieuw aan moeten melden. Ik hoop dat iemand mij hiermee kan helpen want dit ziet er zeker niet goed uit. Er staat gewoon een wachtwoord op mijn router maar zover ik weet kunnen de aanvallen ook op de bedrade modem gericht zijn (als dat kan). Dus: wat is het gevaar en hoe los ik het op? Alvast bedankt, lufraki

Jammer, geen succes op die manier

Bedankt voor het nakijken van mijn HJT-logje, Raar genoeg kan ik nog steeds geen herstelpunten aanmaken, ik heb voor het gemak een bijlage toegevoegd waarin je kunt zien wat er gebeurd als ik rstrui.exe (Systeem herstel) opstart (het is genummerd op chronologische volgorde). Alvast bedankt

Hoi kape, Bedankt voor je reactie: HiJackThis

Goedendag, Ik wil graag een expert vragen om mijn HJT-logje een keer na te kijken. Ik kan namelijk geen herstelpunten meer aanmaken en ik zie ook sporen van allerlei irritante ongewenste toolbars (babylon, limewire etc.) in mijn logje. Als ik dit doe: Om system restore weer aan te zetten, krijg ik een foutmelding: Bij deze mijn HJT logje

Hoi Jean-Pierre, bedankt voor je antwoord. Mijn muis is bedraad (usb kabeltje), ik heb hem ook al een keer in een ander USB-slot gestoken maar dat maakte geen verschil. Ik weet niet precies hoe oud de muis is maar zeker niet oud genoeg om kapot te gaan. Groetjes, lufraki

Hoi iedereen, ik hjeb een probleem wat al geruime tijd aan de gang is: mijn muis registreert niet alle kliks en ik moet dus vaak twee/drie keer klikken voordat bijvoorbeeld het startmenu openspringt, een folder opent, ik dingen in spelletjes aan kan klikken enz enz enz. Dit is heel erg vervelend en ik vroeg me dus af of iemand mij hiermee kan helpen? Voor de rest heb ik geen problemen. Hier is een HJT-logje: Bedankt! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:15:50, on 23-8-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: I:\Windows\system32\taskhost.exe I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe I:\Windows\system32\Dwm.exe I:\Windows\Explorer.EXE I:\Program Files\Microsoft Security Client\msseces.exe I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe I:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe I:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe I:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe I:\Windows\system32\wuauclt.exe I:\Program Files\Mozilla Firefox\firefox.exe I:\Program Files\Mozilla Firefox\plugin-container.exe I:\Program Files\Mozilla Firefox\plugin-container.exe I:\Users\lufraki\Downloads\HijackThis(2).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Downloads - Programmadownloads zijn gecheckt tegen virus en spyware R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [startCCC] "I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [MSC] "i:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [ZoneAlarm Client] "I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "I:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Overwolf] I:\Program Files\Overwolf\Overwolf.exe -silent O4 - Startup: CurseClientStartup.ccip O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - I:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: AMD External Events Utility - AMD - I:\Windows\system32\atiesrxx.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - I:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - I:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - I:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - I:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - I:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: PnkBstrA - Unknown owner - I:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - I:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - I:\Windows\System32\ZoneLabs\vsmon.exe -- End of file - 6775 bytes

Anders kun je altijd nog kijken op Verify Email Address Online ~ Free Email Verifier ~ Free Email Address Verification, dan weet je gelijk of het email-adres waar je iets naar probeert te versturen ook echt bestaat, waarschijnlijk bestaat het namelijk niet.

Er zijn laptops die geen verbinding kunnen maken met draadloos netwerk omdat ze de benodigde chip niet hebben: Misschien kunt u daar even naar kijken?

Probeer tijdens het spelen van spellen downloads uit te zetten en kijk eens of er misschien in de achtergrond programma's uit worden gevoerd die je ping omlaaghalen d.m.v. dingen te uploaden/downloaden/updaten whatever.

Ik ga waarschijnlijk voor de 5770. Ben alleen nog aan het kijken op een ander forum hoe dit precies moet. Topic opgelost. Bedankt!

Hallo, Ik wil graag een betere snelheid in mijn spellen zodat ik voortaan de nieuwste spellen op bv. high kan gaan spelen. Mijn budget ligt rond de €65. Wat is er allemaal voor leuks te koop op dit gebied wat ook écht een upgrade zou zijn? Hierbij[ATTACH]10295[/ATTACH]gevoegd mijn dxdiag DxDiag.txt

Ik heb een Laptop met een NVIDIA GeForce 8200M G Grafische kaart. Nu heb ik wat op het internet gelezen en heb ik m.b.v. een HDMI kabel het scherm van de laptop op de tv kunnen krijgen, enige probleem is: ik kan wel geluid via de laptop laten komen, maar geen geluid via de tv (via HDMI kabel). Hoe komt dit? Bij mijn geluidsdrivers staan: Conexant High Definton SmartAudio 221: als ik die aanzet dan komt het geluid via de laptop. NVIDIDA HDMI OUTPUT : als ik deze aanzet (en als standaard instel) en die andere uitschakel, dan komt er helemaal GEEN geluid. (eronder staat in het grijs bijgeschreven NVIDIA High Defenition Audio) SUPER BEDANKT als je mij kunt helpen Groetjes, lufraki

Gewoon een super gezonde seed/peer ratio ---------- Post toegevoegd om 07:24 ---------- Vorige post was om 07:22 ---------- Bedankt voor je reactie, maar Bitcomet --> zelfde probleem De poorten heb ik ook gecheckt en die zijn gewoon open. OPLOSSING: Het lag dus toch aan mijn verbinding. Deze is omlaag gegaan zonder dat wij het wisten.

Het is niet de downloadmanager die mijn snelheid laag houd, ik heb al verschillende geprobeerd zoals Vuze, utorrent, Bittorrent, FlashGet etc; allemaal met hetzelfde resultaat: raakt nooit de 900kb/sec. Ook zijn de instellingen niet het probleem. Het ligt ook niet aan de site zelf omdat alle .torrents dezelfde snelheid aanhouden (rond de 800 maar NOOIT 900) Er zijn geen beperkingen bij Utorrent (gebruik ik op het moment) ik kon er vroeger gewoon 1,5 MB/sec mee krijgen, nu dus niet meer.

IK heb het vooral over legale .torrents van gratis online MMOs zoals Archlord en Perfect World, dus deze werken niet zonder downloadmanager. De snelheden zien er vind ik zelf goed uit en geen reden voor een max download speed van 899 Download Speed: 22789 kbps (2848.6 KB/sec transfer rate) Upload Speed: 848 kbps (106 KB/sec transfer rate) Latency: 37 ms

Wat ik ook download, maakt niet uit wat, maakt niet uit met welke download manager, mijn download snelheid gaat NOOIT hoger dan 899 kb/sec, terwijl hij vroeger wel eens de 1,5 MB/sec haalde, ik ben niet op de hoogte van een of andere snelheids-block van mijn ISP ofzo dus ik vind het heel raar. Alvast bedankt voor de oplossing lufraki:top:

Het is weer weg Super bedankt, maar aangezien dit al de 2e infectie is, kun je mij misschien vertellen wat ik precies voor een probleem had, om verder te voorkomen>?

Goeiemorgen ComboFix 11-01-08.01 - lufraki 08-01-2011 22:33:57.4.4 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1033.18.3326.2209 [GMT 1:00] Gestart vanuit: i:\users\lufraki\Downloads\ComboFix.exe gebruikte Opdracht switches :: i:\users\lufraki\Desktop\CFScript.txt AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt FILE :: "i:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP" "i:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP" "i:\windows\system32\XDva296.sys" "i:\windows\system32\XDva327.sys" "i:\windows\system32\XDva332.sys" "i:\windows\system32\XDva336.sys" "i:\windows\system32\XDva337.sys" "i:\windows\system32\XDva359.sys" "i:\windows\system32\XDva367.sys" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_XDVA296 -------\Legacy_XDVA327 -------\Legacy_XDVA332 -------\Legacy_XDVA336 -------\Legacy_XDVA337 -------\Legacy_XDVA359 -------\Legacy_XDVA367 -------\Service_XDva296 -------\Service_XDva327 -------\Service_XDva332 -------\Service_XDva336 -------\Service_XDva337 -------\Service_XDva359 -------\Service_XDva367 (((((((((((((((((((( Bestanden Gemaakt van 2010-12-08 to 2011-01-08 )))))))))))))))))))))))))))))) . 2011-01-08 21:40 . 2011-01-08 21:40 -------- d-----w- i:\users\Public\AppData\Local\temp 2011-01-08 21:40 . 2011-01-08 21:40 -------- d-----w- i:\users\Default\AppData\Local\temp 2011-01-08 20:30 . 2011-01-08 21:54 -------- d-----w- i:\users\lufraki\AppData\Local\temp 2011-01-08 19:17 . 2011-01-08 19:17 -------- d-----w- i:\program files\Vogster Entertainment 2011-01-08 18:56 . 2011-01-08 18:56 -------- d-----w- i:\users\lufraki\AppData\Roaming\InstallShield Installation Information 2011-01-08 18:56 . 2011-01-08 18:56 -------- d-----w- i:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP 2011-01-08 16:20 . 2010-10-05 20:26 109240 ----a-w- i:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll 2011-01-08 16:20 . 2010-10-05 20:27 150200 ----a-w- i:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll 2011-01-08 12:55 . 2011-01-08 12:55 -------- d-----w- i:\users\lufraki\AppData\Roaming\Need for Speed World 2011-01-08 12:15 . 2011-01-08 12:15 -------- d-----w- i:\users\lufraki\AppData\Local\Electronic_Arts_Inc 2011-01-08 12:15 . 2011-01-08 12:15 -------- d-----w- i:\programdata\Electronic Arts 2011-01-08 12:15 . 2011-01-08 12:15 -------- d-----w- i:\program files\Electronic Arts 2011-01-08 12:08 . 2011-01-08 12:16 97859 ----a-w- i:\windows\system32\drivers\klick.dat 2011-01-08 12:08 . 2011-01-08 12:16 114243 ----a-w- i:\windows\system32\drivers\klin.dat 2011-01-08 12:07 . 2011-01-08 21:42 -------- d-----w- i:\programdata\Kaspersky Lab 2011-01-08 12:07 . 2011-01-08 12:07 -------- d-----w- i:\program files\Kaspersky Lab 2011-01-08 12:05 . 2011-01-08 12:05 -------- d-----w- i:\programdata\Kaspersky Lab Setup Files 2011-01-08 10:17 . 2011-01-08 10:17 -------- d-----w- i:\program files\Perfect Uninstaller 2011-01-07 20:42 . 2010-11-16 11:01 6273872 ----a-w- i:\programdata\Microsoft\Windows Defender\Definition Updates\{45347193-E21A-4E4D-8555-2A4CE3C34C96}\mpengine.dll 2011-01-07 20:13 . 2011-01-07 20:15 -------- d-----w- i:\program files\Common Files\BitDefender 2011-01-07 19:58 . 2010-10-19 09:41 222080 ------w- i:\windows\system32\MpSigStub.exe 2011-01-07 19:56 . 2010-04-09 07:24 240008 ----a-w- i:\windows\system32\drivers\netio.sys 2011-01-07 19:40 . 2011-01-07 19:40 -------- d-----w- i:\program files\Webroot 2011-01-07 19:39 . 2011-01-07 19:39 -------- d-----w- i:\programdata\Webroot 2011-01-07 19:39 . 2011-01-07 19:39 -------- d-----w- i:\users\lufraki\AppData\Local\PackageAware 2011-01-07 19:31 . 2011-01-08 12:14 134789 ----a-w- i:\programdata\bdinstall.bin 2011-01-01 19:52 . 2011-01-01 19:52 -------- d-----w- i:\program files\uTorrent 2011-01-01 19:51 . 2011-01-08 11:58 -------- d-----w- i:\users\lufraki\AppData\Roaming\uTorrent 2011-01-01 11:52 . 2011-01-01 11:56 -------- d-----w- i:\programdata\SpeedBit 2011-01-01 11:31 . 2011-01-01 11:54 -------- d-----w- i:\users\lufraki\AppData\Roaming\BitComet 2011-01-01 11:31 . 2011-01-07 19:54 -------- d-----w- i:\program files\BitComet 2010-12-31 18:31 . 2011-01-07 19:16 -------- d-----w- i:\users\lufraki\AppData\Roaming\QuickScan 2010-12-31 17:57 . 2010-12-31 17:57 -------- d-----w- i:\program files\FlashGet Network 2010-12-31 17:56 . 2010-12-31 17:57 -------- d-----w- i:\program files\FlashGet 2010-12-31 16:37 . 2010-12-31 16:37 -------- d-----w- i:\program files\opensub 2010-12-31 15:02 . 2010-12-31 18:22 -------- d-----w- i:\users\lufraki\AppData\Roaming\ViGlance 2010-12-30 10:55 . 2010-12-30 10:55 -------- d-----w- i:\program files\Hitman Pro 3.5 2010-12-30 10:23 . 2011-01-08 18:51 16968 ----a-w- i:\windows\system32\drivers\hitmanpro35.sys 2010-12-30 10:23 . 2010-12-30 10:27 -------- d-----w- i:\programdata\Hitman Pro 2010-12-29 11:33 . 2011-01-07 19:36 -------- d-----w- i:\programdata\Alwil Software 2010-12-29 11:33 . 2010-12-29 11:33 -------- d-----w- i:\program files\Alwil Software 2010-12-28 19:26 . 2010-12-28 19:26 -------- d-----w- i:\program files\AMD 2010-12-28 19:26 . 2010-12-28 19:32 -------- d-----w- i:\users\lufraki\AppData\Local\Downloaded Installations 2010-12-28 18:26 . 2010-12-28 18:26 -------- d-----w- i:\users\lufraki\AppData\Roaming\TightVNC 2010-12-28 18:26 . 2010-12-28 18:26 -------- d-----w- i:\program files\TightVNC 2010-12-28 13:46 . 2010-12-28 13:46 -------- d-----w- i:\programdata\ATI 2010-12-28 13:43 . 2010-12-28 13:43 -------- d-----w- I:\AMD 2010-12-26 14:24 . 2010-12-26 14:24 -------- d-----w- i:\program files\Phyxion.net 2010-12-24 15:45 . 2011-01-03 10:14 139128 ----a-w- i:\windows\system32\drivers\PnkBstrK.sys 2010-12-24 15:44 . 2010-12-25 08:43 75136 ----a-w- i:\windows\system32\PnkBstrA.exe 2010-12-24 15:44 . 2010-12-24 15:44 2434856 ----a-w- i:\windows\system32\pbsvc_bc2.exe 2010-12-21 19:21 . 2010-12-21 19:35 -------- d-----w- i:\users\lufraki\AppData\Local\Temporary Projects 2010-12-21 18:49 . 2010-12-21 18:49 -------- d-----w- i:\program files\Game Maker 8 Pro Edition 2010-12-21 18:37 . 2010-12-21 19:58 -------- d-----w- i:\program files\001 2010-12-21 18:35 . 2010-12-21 18:35 -------- d-----w- i:\programdata\001 2010-12-21 18:23 . 2010-12-21 18:23 -------- d-----w- i:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP 2010-12-21 18:23 . 2010-12-21 18:27 -------- d-----w- i:\program files\GStudio8 2010-12-18 14:54 . 2010-12-18 14:54 -------- d-----w- I:\dell 2010-12-18 13:48 . 2010-12-18 13:48 -------- d-----w- i:\windows\system32\RTCOM 2010-12-17 16:44 . 2010-12-17 16:44 80416 ----a-w- i:\windows\system32\RtNicProp32.dll 2010-12-17 16:44 . 2010-12-17 16:44 322664 ----a-w- i:\windows\system32\drivers\Rt86win7.sys 2010-12-17 16:12 . 2010-12-17 16:12 -------- d-----w- I:\Drivers 2010-12-17 16:09 . 2010-12-17 16:09 -------- d-----w- i:\users\lufraki\AppData\Roaming\Easeware 2010-12-17 16:09 . 2010-12-17 16:09 -------- d-----w- i:\program files\Easeware 2010-12-17 15:56 . 2010-12-17 15:56 -------- d-----w- i:\programdata\Innovative Solutions 2010-12-17 15:56 . 2010-12-17 15:56 -------- d-----w- i:\users\lufraki\AppData\Local\Innovative Solutions 2010-12-17 15:11 . 2010-12-17 15:11 -------- d-----w- i:\users\lufraki\AppData\Roaming\SUPERAntiSpyware.com 2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\programdata\IObit 2010-12-17 08:20 . 2011-01-07 17:13 -------- d-----w- i:\program files\Application Updater 2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\program files\IObit Toolbar 2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\program files\IObit 2010-12-16 17:38 . 2010-12-16 17:38 -------- d-----w- i:\users\lufraki\AppData\Roaming\TS3Client . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-03 10:14 . 2010-08-25 10:54 215128 ----a-w- i:\windows\system32\PnkBstrB.exe 2011-01-03 10:14 . 2010-03-15 15:43 215128 ----a-w- i:\windows\system32\PnkBstrB.xtr 2011-01-03 10:10 . 2010-08-25 10:54 215128 ----a-w- i:\windows\system32\PnkBstrB.ex0 2010-12-24 15:45 . 2010-03-15 15:41 138056 ----a-w- i:\users\lufraki\AppData\Roaming\PnkBstrK.sys 2010-12-20 17:09 . 2010-11-30 13:58 38224 ----a-w- i:\windows\system32\drivers\mbamswissarmy.sys 2010-12-20 17:08 . 2010-11-30 13:57 20952 ----a-w- i:\windows\system32\drivers\mbam.sys 2010-12-17 16:44 . 2009-12-03 08:27 100896 ----a-w- i:\windows\system32\RTNUninst32.dll 2010-11-26 04:19 . 2010-11-26 04:19 6650368 ----a-w- i:\windows\system32\drivers\atikmdag.sys 2010-11-26 03:02 . 2010-11-26 03:02 16702976 ----a-w- i:\windows\system32\atioglxx.dll 2010-11-26 02:58 . 2010-11-26 02:58 143360 ----a-w- i:\windows\system32\atiapfxx.exe 2010-11-26 02:58 . 2010-08-03 23:54 550400 ----a-w- i:\windows\system32\aticfx32.dll 2010-11-26 02:54 . 2010-11-26 02:54 462848 ----a-w- i:\windows\system32\ATIDEMGX.dll 2010-11-26 02:54 . 2010-11-26 02:54 393216 ----a-w- i:\windows\system32\atieclxx.exe 2010-11-26 02:54 . 2010-11-26 02:54 176128 ----a-w- i:\windows\system32\atiesrxx.exe 2010-11-26 02:52 . 2010-11-26 02:52 159744 ----a-w- i:\windows\system32\atitmmxx.dll 2010-11-26 02:52 . 2010-11-26 02:52 356352 ----a-w- i:\windows\system32\atipdlxx.dll 2010-11-26 02:52 . 2010-11-26 02:52 278528 ----a-w- i:\windows\system32\Oemdspif.dll 2010-11-26 02:52 . 2010-11-26 02:52 15872 ----a-w- i:\windows\system32\atimuixx.dll 2010-11-26 02:52 . 2010-11-26 02:52 43520 ----a-w- i:\windows\system32\ati2edxx.dll 2010-11-26 02:49 . 2010-08-03 23:46 4066816 ----a-w- i:\windows\system32\atidxx32.dll 2010-11-26 02:30 . 2010-11-26 02:30 4122624 ----a-w- i:\windows\system32\atiumdag.dll 2010-11-26 02:30 . 2010-11-26 02:30 46080 ----a-w- i:\windows\system32\aticalrt.dll 2010-11-26 02:30 . 2010-11-26 02:30 44032 ----a-w- i:\windows\system32\aticalcl.dll 2010-11-26 02:28 . 2010-11-26 02:28 5441024 ----a-w- i:\windows\system32\aticaldd.dll 2010-11-26 02:24 . 2010-08-03 23:23 52736 ----a-w- i:\windows\system32\coinst.dll 2010-11-26 02:22 . 2010-11-26 02:22 3460096 ----a-w- i:\windows\system32\atiumdva.dll 2010-11-26 02:17 . 2010-11-26 02:17 249856 ----a-w- i:\windows\system32\atiadlxx.dll 2010-11-26 02:17 . 2010-11-26 02:17 12800 ----a-w- i:\windows\system32\atiglpxx.dll 2010-11-26 02:16 . 2010-11-26 02:16 27136 ----a-w- i:\windows\system32\atigktxx.dll 2010-11-26 02:16 . 2010-11-26 02:16 231936 ----a-w- i:\windows\system32\drivers\atikmpag.sys 2010-11-26 02:15 . 2010-08-03 23:15 30720 ----a-w- i:\windows\system32\atiuxpag.dll 2010-11-26 02:15 . 2010-11-26 02:15 28672 ----a-w- i:\windows\system32\atiu9pag.dll 2010-11-26 02:15 . 2010-11-26 02:15 53248 ----a-w- i:\windows\system32\drivers\ati2erec.dll 2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- i:\windows\system32\atimpc32.dll 2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- i:\windows\system32\amdpcom32.dll 2010-11-23 20:57 . 2010-11-09 17:22 12288 ----a-w- i:\windows\impborl.dll 2010-11-23 16:16 . 2010-12-01 16:12 31552 ----a-w- i:\windows\system32\TURegOpt.exe 2010-11-23 16:11 . 2010-12-01 16:12 21312 ----a-w- i:\windows\system32\authuitu.dll 2010-11-23 16:11 . 2010-12-01 16:12 29504 ----a-w- i:\windows\system32\uxtuneup.dll 2010-11-17 17:15 . 2010-11-17 17:15 235 ----a-w- i:\windows\system32\nxEuUninstall.bat 2010-11-17 17:15 . 2010-02-18 08:27 446464 ----a-w- i:\windows\NEXON_EU_DownloaderUpdater.exe 2010-11-17 12:04 . 2010-11-17 12:04 101392 ----a-w- i:\windows\system32\drivers\AtihdW73.sys 2010-11-14 17:08 . 2010-03-06 18:50 47360 ----a-w- i:\users\lufraki\AppData\Roaming\pcouffin.sys 2010-11-12 17:53 . 2010-08-20 16:25 472808 ----a-w- i:\windows\system32\deployJava1.dll 2010-10-26 10:22 . 2010-10-26 10:22 45056 ----a-w- i:\windows\system32\ATIODCLI.exe 2010-10-26 10:22 . 2010-10-26 10:22 294912 ----a-w- i:\windows\system32\ATIODE.exe 2010-10-25 11:47 . 2010-10-25 11:47 1060864 ----a-w- i:\windows\system32\mfc71.dll 2010-10-19 14:12 . 2010-10-19 13:36 21840 ----atw- i:\windows\system32\SIntfNT.dll 2010-10-19 14:12 . 2010-10-19 13:36 17212 ----atw- i:\windows\system32\SIntf32.dll 2010-10-19 14:12 . 2010-10-19 13:36 12067 ----atw- i:\windows\system32\SIntf16.dll 2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- i:\windows\system32\xlive.dll 2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- i:\windows\system32\xlivefnt.dll 1997-02-17 10:37 . 1999-06-23 20:24 171520 ----a-w- i:\program files\CNCS32.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="i:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="i:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "AVP"="i:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2011-01-08 365336] i:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - i:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=i:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKLM\~\startupfolder\I:^Users^lufraki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip] path=i:\users\lufraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip backup=i:\windows\pss\CurseClientStartup.ccip.Startup backupExtension=.Startup [HKLM\~\startupfolder\I:^Users^lufraki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^iRotate.lnk] path=i:\users\lufraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iRotate.lnk backup=i:\windows\pss\iRotate.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeleteDir[b04] WIPE_B04.TMP] RD [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-09-20 21:07 932288 ----a-r- i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2009-10-30 11:57 369200 ----a-w- i:\program files\DAEMON Tools Lite\DTLite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 10:44 31072 ----a-w- i:\program files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-09-22 22:47 4240760 ----a-w- i:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC] c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [bU] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 09:44 248552 ----a-w- i:\program files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2010-12-14 20:02 2424560 ----a-w- i:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "msnmsgr"="i:\program files\Windows Live\Messenger\msnmsgr.exe" /background "SUPERAntiSpyware"=i:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe "Steam"="i:\program files\Steam\Steam.exe" -silent "Pando Media Booster"=i:\program files\Pando Networks\Media Booster\PMB.exe "RGSC"=i:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="i:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "HP Software Update"=i:\program files\HP\HP Software Update\HPWuSchd2.exe "Zboard"=i:\program files\Ideazon\ZEngine\Zboard.exe "ATICustomerCare"="i:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" "StartCCC"="i:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "RtHDVCpl"=i:\program files\Realtek\Audio\HDA\RtHDVCpl.exe -s "Adobe ARM"="i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SearchSettings"="i:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" "Malwarebytes' Anti-Malware (reboot)"="i:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript "AVG_TRAY"=i:\program files\AVG\AVG10\avgtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;i:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 AVGIDSShim;AVGIDSShim;i:\windows\system32\DRIVERS\AVGIDSShim.Sys [x] R3 EagleXNt;EagleXNt;i:\windows\system32\drivers\EagleXNt.sys [x] R3 npggsvc;nProtect GameGuard Service;i:\windows\system32\GameMon.des [2010-03-21 3601544] R3 SCREAMINGBDRIVER;Screaming Bee Audio;i:\windows\system32\drivers\ScreamingBAudio.sys [2009-11-25 34384] R3 WatAdminSvc;Windows Activation Technologies-service;i:\windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1343400] R4 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832] S0 sptd;sptd;i:\windows\System32\Drivers\sptd.sys [2010-02-13 691696] S1 kl2;kl2;i:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;i:\windows\system32\DRIVERS\klim6.sys [2010-04-22 22104] S2 Akamai;Akamai NetSession Interface;i:\windows\System32\svchost.exe [2009-07-14 20992] S2 AMD External Events Utility;AMD External Events Utility;i:\windows\system32\atiesrxx.exe [2010-11-26 176128] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;i:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-11-23 1483072] S3 amdkmdag;amdkmdag;i:\windows\system32\DRIVERS\atikmdag.sys [2010-11-26 6650368] S3 amdkmdap;amdkmdap;i:\windows\system32\DRIVERS\atikmpag.sys [2010-11-26 231936] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;i:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392] S3 klmouflt;Kaspersky Lab KLMOUFLT;i:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;i:\windows\system32\Drivers\RtsUStor.sys [2010-06-04 189784] S3 RTL8167;Realtek 8167 NT Driver;i:\windows\system32\DRIVERS\Rt86win7.sys [2010-12-17 322664] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;i:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064] S3 WVKeyboardService;Wayontec Virtual Keyboard Driver;i:\windows\system32\Drivers\wvkeybd.sys [2010-06-18 10568] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc Akamai REG_MULTI_SZ Akamai HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map 2011-01-03 i:\windows\Tasks\DriverEasy Scheduled Scan.job - i:\program files\Easeware\DriverEasy\DriverEasy.exe [2010-12-17 19:55] . . ------- Bijkomende Scan ------- . IE: Add to Anti-Banner - i:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm IE: E&xport to Microsoft Excel - i:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab FF - ProfilePath - i:\users\lufraki\AppData\Roaming\Mozilla\Firefox\Profiles\1oatxjms.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://countdown.free-and-online.com/?timer=2456 FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=0&v=6.010.023.001&i=23&tp=ab&iy=&ychte=nl&lng=nl&q= FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - i:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - i:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - i:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - i:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - i:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - i:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - i:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\npggsvc] "ImagePath"="i:\windows\system32\GameMon.des -service" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-2838343270-200650475-273469060-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:d5,4f,f0,3a,75,22,7c,05,a7,8e,ba,99,97,b3,a1,e3,ba,ae,66,82,7c,d3,e4, 13,dd,21,3c,98,ec,35,14,a8,e1,8a,45,83,58,d7,42,73,9e,aa,d5,87,dd,d0,59,f0,\ "??"=hex:d3,5d,4a,97,68,f9,aa,1b,29,0d,aa,a8,22,84,59,9a [HKEY_USERS\S-1-5-21-2838343270-200650475-273469060-1001\Software\SecuROM\License information*] "datasecu"=hex:e6,8e,84,56,c0,a0,2a,ef,88,2a,54,89,7e,c0,cd,b7,cf,17,a2,5c,fa, 58,9c,e3,ad,fb,20,ce,fe,75,46,84,fa,91,15,1a,cb,d5,a8,f6,ee,55,bf,62,72,f1,\ "rkeysecu"=hex:ba,76,e9,0a,e3,97,f2,eb,93,d5,91,41,36,38,c1,ee [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . i:\windows\system32\atieclxx.exe i:\windows\system32\PnkBstrA.exe i:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE i:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe i:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe i:\windows\system32\taskhost.exe i:\program files\IObit\Game Booster\GameBox.exe i:\windows\system32\conhost.exe i:\program files\Windows Media Player\wmpnscfg.exe i:\program files\Windows Media Player\wmpnscfg.exe . ************************************************************************** . Voltooingstijd: 2011-01-08 22:56:56 - machine werd herstart ComboFix-quarantined-files.txt 2011-01-08 21:56 ComboFix2.txt 2011-01-08 20:30 ComboFix3.txt 2009-05-09 16:48 ComboFix4.txt 2009-04-07 17:04 Pre-Run: 471.623.446.528 bytes beschikbaar Post-Run: 471.394.656.256 bytes beschikbaar - - End Of File - - CBD7369F101CA71707E8DEC0FF5D9622

De meldingen zijn weer weg ComboFix 11-01-08.01 - lufraki 08-01-2011 21:21:26.3.4 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1033.18.3326.2427 [GMT 1:00] Gestart vanuit: i:\users\lufraki\Downloads\ComboFix.exe AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . I:\install.exe i:\users\lufraki\AppData\Roaming\inst.exe i:\windows\system32\NL-NLW.DLL i:\windows\system32\system . (((((((((((((((((((( Bestanden Gemaakt van 2010-12-08 to 2011-01-08 )))))))))))))))))))))))))))))) . 2011-01-08 20:28 . 2011-01-08 20:28 -------- d-----w- i:\users\Public\AppData\Local\temp 2011-01-08 20:28 . 2011-01-08 20:28 -------- d-----w- i:\users\Default\AppData\Local\temp 2011-01-08 20:28 . 2011-01-08 20:28 -------- d-----w- i:\users\lufraki\AppData\Local\temp 2011-01-08 19:17 . 2011-01-08 19:17 -------- d-----w- i:\program files\Vogster Entertainment 2011-01-08 18:56 . 2011-01-08 18:56 -------- d-----w- i:\users\lufraki\AppData\Roaming\InstallShield Installation Information 2011-01-08 18:56 . 2011-01-08 18:56 -------- d-----w- i:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP 2011-01-08 16:20 . 2010-10-05 20:26 109240 ----a-w- i:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll 2011-01-08 16:20 . 2010-10-05 20:27 150200 ----a-w- i:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll 2011-01-08 12:55 . 2011-01-08 12:55 -------- d-----w- i:\users\lufraki\AppData\Roaming\Need for Speed World 2011-01-08 12:15 . 2011-01-08 12:15 -------- d-----w- i:\users\lufraki\AppData\Local\Electronic_Arts_Inc 2011-01-08 12:15 . 2011-01-08 12:15 -------- d-----w- i:\programdata\Electronic Arts 2011-01-08 12:15 . 2011-01-08 12:15 -------- d-----w- i:\program files\Electronic Arts 2011-01-08 12:08 . 2011-01-08 12:16 97859 ----a-w- i:\windows\system32\drivers\klick.dat 2011-01-08 12:08 . 2011-01-08 12:16 114243 ----a-w- i:\windows\system32\drivers\klin.dat 2011-01-08 12:07 . 2011-01-08 19:00 -------- d-----w- i:\programdata\Kaspersky Lab 2011-01-08 12:07 . 2011-01-08 12:07 -------- d-----w- i:\program files\Kaspersky Lab 2011-01-08 12:05 . 2011-01-08 12:05 -------- d-----w- i:\programdata\Kaspersky Lab Setup Files 2011-01-08 10:17 . 2011-01-08 10:17 -------- d-----w- i:\program files\Perfect Uninstaller 2011-01-07 20:42 . 2010-11-16 11:01 6273872 ----a-w- i:\programdata\Microsoft\Windows Defender\Definition Updates\{45347193-E21A-4E4D-8555-2A4CE3C34C96}\mpengine.dll 2011-01-07 20:13 . 2011-01-07 20:15 -------- d-----w- i:\program files\Common Files\BitDefender 2011-01-07 19:58 . 2010-10-19 09:41 222080 ------w- i:\windows\system32\MpSigStub.exe 2011-01-07 19:56 . 2010-04-09 07:24 240008 ----a-w- i:\windows\system32\drivers\netio.sys 2011-01-07 19:40 . 2011-01-07 19:40 -------- d-----w- i:\program files\Webroot 2011-01-07 19:39 . 2011-01-07 19:39 -------- d-----w- i:\programdata\Webroot 2011-01-07 19:39 . 2011-01-07 19:39 -------- d-----w- i:\users\lufraki\AppData\Local\PackageAware 2011-01-07 19:31 . 2011-01-08 12:14 134789 ----a-w- i:\programdata\bdinstall.bin 2011-01-01 19:52 . 2011-01-01 19:52 -------- d-----w- i:\program files\uTorrent 2011-01-01 19:51 . 2011-01-08 11:58 -------- d-----w- i:\users\lufraki\AppData\Roaming\uTorrent 2011-01-01 11:52 . 2011-01-01 11:56 -------- d-----w- i:\programdata\SpeedBit 2011-01-01 11:31 . 2011-01-01 11:54 -------- d-----w- i:\users\lufraki\AppData\Roaming\BitComet 2011-01-01 11:31 . 2011-01-07 19:54 -------- d-----w- i:\program files\BitComet 2010-12-31 18:31 . 2011-01-07 19:16 -------- d-----w- i:\users\lufraki\AppData\Roaming\QuickScan 2010-12-31 17:57 . 2010-12-31 17:57 -------- d-----w- i:\program files\FlashGet Network 2010-12-31 17:56 . 2010-12-31 17:57 -------- d-----w- i:\program files\FlashGet 2010-12-31 16:37 . 2010-12-31 16:37 -------- d-----w- i:\program files\opensub 2010-12-31 15:02 . 2010-12-31 18:22 -------- d-----w- i:\users\lufraki\AppData\Roaming\ViGlance 2010-12-30 10:55 . 2010-12-30 10:55 -------- d-----w- i:\program files\Hitman Pro 3.5 2010-12-30 10:23 . 2011-01-08 18:51 16968 ----a-w- i:\windows\system32\drivers\hitmanpro35.sys 2010-12-30 10:23 . 2010-12-30 10:27 -------- d-----w- i:\programdata\Hitman Pro 2010-12-29 11:33 . 2011-01-07 19:36 -------- d-----w- i:\programdata\Alwil Software 2010-12-29 11:33 . 2010-12-29 11:33 -------- d-----w- i:\program files\Alwil Software 2010-12-28 19:26 . 2010-12-28 19:26 -------- d-----w- i:\program files\AMD 2010-12-28 19:26 . 2010-12-28 19:32 -------- d-----w- i:\users\lufraki\AppData\Local\Downloaded Installations 2010-12-28 18:26 . 2010-12-28 18:26 -------- d-----w- i:\users\lufraki\AppData\Roaming\TightVNC 2010-12-28 18:26 . 2010-12-28 18:26 -------- d-----w- i:\program files\TightVNC 2010-12-28 13:46 . 2010-12-28 13:46 -------- d-----w- i:\programdata\ATI 2010-12-28 13:43 . 2010-12-28 13:43 -------- d-----w- I:\AMD 2010-12-26 14:24 . 2010-12-26 14:24 -------- d-----w- i:\program files\Phyxion.net 2010-12-24 15:45 . 2011-01-03 10:14 139128 ----a-w- i:\windows\system32\drivers\PnkBstrK.sys 2010-12-24 15:44 . 2010-12-25 08:43 75136 ----a-w- i:\windows\system32\PnkBstrA.exe 2010-12-24 15:44 . 2010-12-24 15:44 2434856 ----a-w- i:\windows\system32\pbsvc_bc2.exe 2010-12-21 19:21 . 2010-12-21 19:35 -------- d-----w- i:\users\lufraki\AppData\Local\Temporary Projects 2010-12-21 18:49 . 2010-12-21 18:49 -------- d-----w- i:\program files\Game Maker 8 Pro Edition 2010-12-21 18:37 . 2010-12-21 19:58 -------- d-----w- i:\program files\001 2010-12-21 18:35 . 2010-12-21 18:35 -------- d-----w- i:\programdata\001 2010-12-21 18:23 . 2010-12-21 18:23 -------- d-----w- i:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP 2010-12-21 18:23 . 2010-12-21 18:27 -------- d-----w- i:\program files\GStudio8 2010-12-18 14:54 . 2010-12-18 14:54 -------- d-----w- I:\dell 2010-12-18 13:48 . 2010-12-18 13:48 -------- d-----w- i:\windows\system32\RTCOM 2010-12-17 16:44 . 2010-12-17 16:44 80416 ----a-w- i:\windows\system32\RtNicProp32.dll 2010-12-17 16:44 . 2010-12-17 16:44 322664 ----a-w- i:\windows\system32\drivers\Rt86win7.sys 2010-12-17 16:12 . 2010-12-17 16:12 -------- d-----w- I:\Drivers 2010-12-17 16:09 . 2010-12-17 16:09 -------- d-----w- i:\users\lufraki\AppData\Roaming\Easeware 2010-12-17 16:09 . 2010-12-17 16:09 -------- d-----w- i:\program files\Easeware 2010-12-17 15:56 . 2010-12-17 15:56 -------- d-----w- i:\programdata\Innovative Solutions 2010-12-17 15:56 . 2010-12-17 15:56 -------- d-----w- i:\users\lufraki\AppData\Local\Innovative Solutions 2010-12-17 15:11 . 2010-12-17 15:11 -------- d-----w- i:\users\lufraki\AppData\Roaming\SUPERAntiSpyware.com 2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\programdata\IObit 2010-12-17 08:20 . 2011-01-07 17:13 -------- d-----w- i:\program files\Application Updater 2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\program files\IObit Toolbar 2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\program files\IObit 2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\program files\Common Files\Spigot 2010-12-16 17:38 . 2010-12-16 17:38 -------- d-----w- i:\users\lufraki\AppData\Roaming\TS3Client . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-03 10:14 . 2010-08-25 10:54 215128 ----a-w- i:\windows\system32\PnkBstrB.exe 2011-01-03 10:14 . 2010-03-15 15:43 215128 ----a-w- i:\windows\system32\PnkBstrB.xtr 2011-01-03 10:10 . 2010-08-25 10:54 215128 ----a-w- i:\windows\system32\PnkBstrB.ex0 2010-12-24 15:45 . 2010-03-15 15:41 138056 ----a-w- i:\users\lufraki\AppData\Roaming\PnkBstrK.sys 2010-12-20 17:09 . 2010-11-30 13:58 38224 ----a-w- i:\windows\system32\drivers\mbamswissarmy.sys 2010-12-20 17:08 . 2010-11-30 13:57 20952 ----a-w- i:\windows\system32\drivers\mbam.sys 2010-12-17 16:44 . 2009-12-03 08:27 100896 ----a-w- i:\windows\system32\RTNUninst32.dll 2010-11-26 04:19 . 2010-11-26 04:19 6650368 ----a-w- i:\windows\system32\drivers\atikmdag.sys 2010-11-26 03:02 . 2010-11-26 03:02 16702976 ----a-w- i:\windows\system32\atioglxx.dll 2010-11-26 02:58 . 2010-11-26 02:58 143360 ----a-w- i:\windows\system32\atiapfxx.exe 2010-11-26 02:58 . 2010-08-03 23:54 550400 ----a-w- i:\windows\system32\aticfx32.dll 2010-11-26 02:54 . 2010-11-26 02:54 462848 ----a-w- i:\windows\system32\ATIDEMGX.dll 2010-11-26 02:54 . 2010-11-26 02:54 393216 ----a-w- i:\windows\system32\atieclxx.exe 2010-11-26 02:54 . 2010-11-26 02:54 176128 ----a-w- i:\windows\system32\atiesrxx.exe 2010-11-26 02:52 . 2010-11-26 02:52 159744 ----a-w- i:\windows\system32\atitmmxx.dll 2010-11-26 02:52 . 2010-11-26 02:52 356352 ----a-w- i:\windows\system32\atipdlxx.dll 2010-11-26 02:52 . 2010-11-26 02:52 278528 ----a-w- i:\windows\system32\Oemdspif.dll 2010-11-26 02:52 . 2010-11-26 02:52 15872 ----a-w- i:\windows\system32\atimuixx.dll 2010-11-26 02:52 . 2010-11-26 02:52 43520 ----a-w- i:\windows\system32\ati2edxx.dll 2010-11-26 02:49 . 2010-08-03 23:46 4066816 ----a-w- i:\windows\system32\atidxx32.dll 2010-11-26 02:30 . 2010-11-26 02:30 4122624 ----a-w- i:\windows\system32\atiumdag.dll 2010-11-26 02:30 . 2010-11-26 02:30 46080 ----a-w- i:\windows\system32\aticalrt.dll 2010-11-26 02:30 . 2010-11-26 02:30 44032 ----a-w- i:\windows\system32\aticalcl.dll 2010-11-26 02:28 . 2010-11-26 02:28 5441024 ----a-w- i:\windows\system32\aticaldd.dll 2010-11-26 02:24 . 2010-08-03 23:23 52736 ----a-w- i:\windows\system32\coinst.dll 2010-11-26 02:22 . 2010-11-26 02:22 3460096 ----a-w- i:\windows\system32\atiumdva.dll 2010-11-26 02:17 . 2010-11-26 02:17 249856 ----a-w- i:\windows\system32\atiadlxx.dll 2010-11-26 02:17 . 2010-11-26 02:17 12800 ----a-w- i:\windows\system32\atiglpxx.dll 2010-11-26 02:16 . 2010-11-26 02:16 27136 ----a-w- i:\windows\system32\atigktxx.dll 2010-11-26 02:16 . 2010-11-26 02:16 231936 ----a-w- i:\windows\system32\drivers\atikmpag.sys 2010-11-26 02:15 . 2010-08-03 23:15 30720 ----a-w- i:\windows\system32\atiuxpag.dll 2010-11-26 02:15 . 2010-11-26 02:15 28672 ----a-w- i:\windows\system32\atiu9pag.dll 2010-11-26 02:15 . 2010-11-26 02:15 53248 ----a-w- i:\windows\system32\drivers\ati2erec.dll 2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- i:\windows\system32\atimpc32.dll 2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- i:\windows\system32\amdpcom32.dll 2010-11-23 20:57 . 2010-11-09 17:22 12288 ----a-w- i:\windows\impborl.dll 2010-11-23 16:16 . 2010-12-01 16:12 31552 ----a-w- i:\windows\system32\TURegOpt.exe 2010-11-23 16:11 . 2010-12-01 16:12 21312 ----a-w- i:\windows\system32\authuitu.dll 2010-11-23 16:11 . 2010-12-01 16:12 29504 ----a-w- i:\windows\system32\uxtuneup.dll 2010-11-17 17:15 . 2010-11-17 17:15 235 ----a-w- i:\windows\system32\nxEuUninstall.bat 2010-11-17 17:15 . 2010-02-18 08:27 446464 ----a-w- i:\windows\NEXON_EU_DownloaderUpdater.exe 2010-11-17 12:04 . 2010-11-17 12:04 101392 ----a-w- i:\windows\system32\drivers\AtihdW73.sys 2010-11-14 17:08 . 2010-03-06 18:50 47360 ----a-w- i:\users\lufraki\AppData\Roaming\pcouffin.sys 2010-11-12 17:53 . 2010-08-20 16:25 472808 ----a-w- i:\windows\system32\deployJava1.dll 2010-10-26 10:22 . 2010-10-26 10:22 45056 ----a-w- i:\windows\system32\ATIODCLI.exe 2010-10-26 10:22 . 2010-10-26 10:22 294912 ----a-w- i:\windows\system32\ATIODE.exe 2010-10-25 11:47 . 2010-10-25 11:47 1060864 ----a-w- i:\windows\system32\mfc71.dll 2010-10-19 14:12 . 2010-10-19 13:36 21840 ----atw- i:\windows\system32\SIntfNT.dll 2010-10-19 14:12 . 2010-10-19 13:36 17212 ----atw- i:\windows\system32\SIntf32.dll 2010-10-19 14:12 . 2010-10-19 13:36 12067 ----atw- i:\windows\system32\SIntf16.dll 2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- i:\windows\system32\xlive.dll 2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- i:\windows\system32\xlivefnt.dll 1997-02-17 10:37 . 1999-06-23 20:24 171520 ----a-w- i:\program files\CNCS32.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="i:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="i:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "AVP"="i:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2011-01-08 365336] i:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - i:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=i:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKLM\~\startupfolder\I:^Users^lufraki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip] path=i:\users\lufraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip backup=i:\windows\pss\CurseClientStartup.ccip.Startup backupExtension=.Startup [HKLM\~\startupfolder\I:^Users^lufraki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^iRotate.lnk] path=i:\users\lufraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iRotate.lnk backup=i:\windows\pss\iRotate.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeleteDir[b04] WIPE_B04.TMP] RD [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-09-20 21:07 932288 ----a-r- i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2009-10-30 11:57 369200 ----a-w- i:\program files\DAEMON Tools Lite\DTLite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 10:44 31072 ----a-w- i:\program files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-09-22 22:47 4240760 ----a-w- i:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC] c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [bU] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 09:44 248552 ----a-w- i:\program files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2010-12-14 20:02 2424560 ----a-w- i:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "msnmsgr"="i:\program files\Windows Live\Messenger\msnmsgr.exe" /background "SUPERAntiSpyware"=i:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe "Steam"="i:\program files\Steam\Steam.exe" -silent "Pando Media Booster"=i:\program files\Pando Networks\Media Booster\PMB.exe "RGSC"=i:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="i:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "HP Software Update"=i:\program files\HP\HP Software Update\HPWuSchd2.exe "Zboard"=i:\program files\Ideazon\ZEngine\Zboard.exe "ATICustomerCare"="i:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" "StartCCC"="i:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "RtHDVCpl"=i:\program files\Realtek\Audio\HDA\RtHDVCpl.exe -s "Adobe ARM"="i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SearchSettings"="i:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" "Malwarebytes' Anti-Malware (reboot)"="i:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript "AVG_TRAY"=i:\program files\AVG\AVG10\avgtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;i:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 AVGIDSShim;AVGIDSShim;i:\windows\system32\DRIVERS\AVGIDSShim.Sys [x] R3 EagleXNt;EagleXNt;i:\windows\system32\drivers\EagleXNt.sys [x] R3 npggsvc;nProtect GameGuard Service;i:\windows\system32\GameMon.des [2010-03-21 3601544] R3 SCREAMINGBDRIVER;Screaming Bee Audio;i:\windows\system32\drivers\ScreamingBAudio.sys [2009-11-25 34384] R3 WatAdminSvc;Windows Activation Technologies-service;i:\windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1343400] R3 XDva296;XDva296;i:\windows\system32\XDva296.sys [x] R3 XDva327;XDva327;i:\windows\system32\XDva327.sys [x] R3 XDva332;XDva332;i:\windows\system32\XDva332.sys [x] R3 XDva336;XDva336;i:\windows\system32\XDva336.sys [x] R3 XDva337;XDva337;i:\windows\system32\XDva337.sys [x] R3 XDva359;XDva359;i:\windows\system32\XDva359.sys [x] R3 XDva367;XDva367;i:\windows\system32\XDva367.sys [x] R4 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832] S0 sptd;sptd;i:\windows\System32\Drivers\sptd.sys [2010-02-13 691696] S1 kl2;kl2;i:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;i:\windows\system32\DRIVERS\klim6.sys [2010-04-22 22104] S2 Akamai;Akamai NetSession Interface;i:\windows\System32\svchost.exe [2009-07-14 20992] S2 AMD External Events Utility;AMD External Events Utility;i:\windows\system32\atiesrxx.exe [2010-11-26 176128] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;i:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-11-23 1483072] S3 amdkmdag;amdkmdag;i:\windows\system32\DRIVERS\atikmdag.sys [2010-11-26 6650368] S3 amdkmdap;amdkmdap;i:\windows\system32\DRIVERS\atikmpag.sys [2010-11-26 231936] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;i:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392] S3 klmouflt;Kaspersky Lab KLMOUFLT;i:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;i:\windows\system32\Drivers\RtsUStor.sys [2010-06-04 189784] S3 RTL8167;Realtek 8167 NT Driver;i:\windows\system32\DRIVERS\Rt86win7.sys [2010-12-17 322664] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;i:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064] S3 WVKeyboardService;Wayontec Virtual Keyboard Driver;i:\windows\system32\Drivers\wvkeybd.sys [2010-06-18 10568] --- Andere Services/Drivers In Geheugen --- *NewlyCreated* - EAGLEXNT [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc Akamai REG_MULTI_SZ Akamai HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map 2011-01-03 i:\windows\Tasks\DriverEasy Scheduled Scan.job - i:\program files\Easeware\DriverEasy\DriverEasy.exe [2010-12-17 19:55] . . ------- Bijkomende Scan ------- . uStart Page = about:blank mStart Page = about:blank IE: Add to Anti-Banner - i:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm IE: E&xport to Microsoft Excel - i:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab FF - ProfilePath - i:\users\lufraki\AppData\Roaming\Mozilla\Firefox\Profiles\1oatxjms.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://countdown.free-and-online.com/?timer=2456 FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=0&v=6.010.023.001&i=23&tp=ab&iy=&ychte=nl&lng=nl&q= FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - i:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - i:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - i:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - i:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - i:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - i:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - i:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . - - - - ORPHANS VERWIJDERD - - - - MSConfigStartUp-BitTorrent - i:\program files\BitTorrent\bittorrent.exe MSConfigStartUp-FlashPlayerUpdate - i:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe MSConfigStartUp-QuickTime Task - i:\program files\QuickTime\QTTask.exe MSConfigStartUp-Steam - c:\program files\Steam\Steam.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\npggsvc] "ImagePath"="i:\windows\system32\GameMon.des -service" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-2838343270-200650475-273469060-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:d5,4f,f0,3a,75,22,7c,05,a7,8e,ba,99,97,b3,a1,e3,ba,ae,66,82,7c,d3,e4, 13,dd,21,3c,98,ec,35,14,a8,e1,8a,45,83,58,d7,42,73,9e,aa,d5,87,dd,d0,59,f0,\ "??"=hex:d3,5d,4a,97,68,f9,aa,1b,29,0d,aa,a8,22,84,59,9a [HKEY_USERS\S-1-5-21-2838343270-200650475-273469060-1001\Software\SecuROM\License information*] "datasecu"=hex:e6,8e,84,56,c0,a0,2a,ef,88,2a,54,89,7e,c0,cd,b7,cf,17,a2,5c,fa, 58,9c,e3,ad,fb,20,ce,fe,75,46,84,fa,91,15,1a,cb,d5,a8,f6,ee,55,bf,62,72,f1,\ "rkeysecu"=hex:ba,76,e9,0a,e3,97,f2,eb,93,d5,91,41,36,38,c1,ee [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-01-08 21:30:01 ComboFix-quarantined-files.txt 2011-01-08 20:30 ComboFix2.txt 2009-05-09 16:48 ComboFix3.txt 2009-04-07 17:04 Pre-Run: 471.476.756.480 bytes beschikbaar Post-Run: 471.593.652.224 bytes beschikbaar - - End Of File - - 4D137C010D62CB64BC70D1D88124470D Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:59:21, on 8-1-2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: I:\Windows\system32\taskhost.exe I:\Windows\system32\taskeng.exe I:\Windows\system32\Dwm.exe I:\Program Files\IObit\Game Booster\GameBox.exe I:\Program Files\Common Files\Java\Java Update\jusched.exe I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe I:\Program Files\Windows Sidebar\sidebar.exe I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe I:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe I:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe I:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe I:\Windows\system32\notepad.exe I:\Windows\explorer.exe I:\Program Files\Mozilla Firefox\firefox.exe I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe I:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe I:\Users\lufraki\Downloads\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVP] "I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" O4 - HKCU\..\Run: [sidebar] I:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Anti-Banner - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - I:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: I:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,I:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - I:\Windows\System32\DreamScene.dll O23 - Service: AMD External Events Utility - AMD - I:\Windows\system32\atiesrxx.exe O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Macromedia Licensing Service - Unknown owner - I:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - I:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - I:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - I:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- End of file - 6181 bytes

Gedaan BTW: O15 - Trusted Zone: http://software.kuaiche.com is voor de 3e keer teruggekeert in het logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:43:30, on 8-1-2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: I:\Windows\system32\taskhost.exe I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe I:\Program Files\BitDefender\BitDefender 2011\bdagent.exe I:\Windows\system32\Dwm.exe I:\Windows\Explorer.EXE I:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe I:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe I:\Program Files\Common Files\Java\Java Update\jusched.exe I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe I:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe I:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe I:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe I:\Program Files\Mozilla Firefox\firefox.exe I:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe I:\Users\lufraki\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - I:\Users\lufraki\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - I:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "I:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" O4 - HKLM\..\Run: [bDAgent] "I:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Download all by FlashGet3 - I:\Users\lufraki\AppData\Roaming\FlashGetBHO\GetAllUrl.htm O8 - Extra context menu item: Download by FlashGet3 - I:\Users\lufraki\AppData\Roaming\FlashGetBHO\GetUrl.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O15 - Trusted Zone: http://software.kuaiche.com O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - I:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - I:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: I:\Windows\System32\avgrsstx.dll O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - I:\Windows\System32\DreamScene.dll O23 - Service: AMD External Events Utility - AMD - I:\Windows\system32\atiesrxx.exe O23 - Service: AODService - Unknown owner - I:\Program Files\AMD\OverDrive\AODAssist.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - I:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Macromedia Licensing Service - Unknown owner - I:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - I:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - I:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - I:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - I:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - I:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - I:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- End of file - 6904 bytes