lufraki
-
Items
97 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door lufraki
-
-
Beste kape,
Bedankt voor je reactie!
Hierbij de logjes.
Malwarebytes Anti-Malware 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Database version: v2012.06.07.05
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Tijmen :: LUFRAKI-PC [administrator]
7-6-2012 19:51:04
mbam-log-2012-06-07 (19-51-04).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 266171
Time elapsed: 15 minute(s), 52 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:38:10, on 7-6-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
I:\Windows\system32\Dwm.exe
I:\Windows\Explorer.EXE
I:\Windows\system32\taskhost.exe
I:\Program Files\CheckPoint\ZAForceField\ForceField.exe
I:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
I:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
I:\Program Files\AVG\AVG2012\avgtray.exe
I:\Program Files\Microsoft Security Client\msseces.exe
I:\Program Files\Common Files\Java\Java Update\jusched.exe
I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
I:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
I:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
I:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
I:\Users\Tijmen\Downloads\Gw2(1).tmp
I:\Program Files\Mozilla Firefox\firefox.exe
I:\Users\Tijmen\Downloads\Computer Reparatie\HijackThis.exe
I:\Program Files\Mozilla Firefox\plugin-container.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - I:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - I:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - I:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - I:\Users\Tijmen\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - I:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [ZoneAlarm] "I:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "I:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [iSW] I:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKLM\..\Run: [MSC] "i:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all links by FlashGet3 - I:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm
O8 - Extra context menu item: Download by FlashGet3 - I:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - I:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - I:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - I:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: !SASWinLogon - I:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - I:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - I:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - I:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - I:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - I:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - I:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - I:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - I:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - I:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - I:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TomTomHOMEService - TomTom - I:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - I:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - I:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
--
End of file - 8659 bytes
-
Goeden avond,
Wil iemand a.u.b. even dit logje nakijken?
Super bedankt!
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:32:31, on 6-6-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
I:\Windows\system32\taskhost.exe
I:\Windows\system32\Dwm.exe
I:\Windows\Explorer.EXE
I:\Program Files\CheckPoint\ZAForceField\ForceField.exe
I:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
I:\Program Files\AVG\AVG2012\avgtray.exe
I:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
I:\Program Files\Microsoft Security Client\msseces.exe
I:\Program Files\Common Files\Java\Java Update\jusched.exe
I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
I:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
I:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
I:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
I:\Program Files\Mozilla Firefox\firefox.exe
I:\Program Files\Mozilla Firefox\plugin-container.exe
I:\Program Files\Mozilla Firefox\plugin-container.exe
I:\Program Files\Mozilla Firefox\plugin-container.exe
I:\Program Files\Mozilla Firefox\plugin-container.exe
I:\ProgramData\Battle.net\Agent\Agent.998\Agent.exe
I:\Windows\system32\conhost.exe
I:\Program Files\Diablo III\Diablo III.exe
I:\Users\Tijmen\Downloads\Computer Reparatie\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - (no file)
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - I:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - I:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - I:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - I:\Users\Tijmen\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - I:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [ZoneAlarm] "I:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "I:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [iSW] I:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKLM\..\Run: [MSC] "i:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all links by FlashGet3 - I:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm
O8 - Extra context menu item: Download by FlashGet3 - I:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - I:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - I:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - I:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: !SASWinLogon - I:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - I:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - I:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - I:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - I:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - I:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - I:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - I:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - I:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - I:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - I:\Windows\system32\PnkBstrB.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - I:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TomTomHOMEService - TomTom - I:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - I:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - I:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
--
End of file - 9236 bytes
-
aantal inbraakpogingen hebt je altijd ongeacht of je nu ingebroken wordt of niet.
Je kan best uw router wachtwoord veranderen door een moeilijke zoals 12lk$$54
Bij draadloos gedeelte kan je best de naam van SSID wijzigen en ook de netwerksleutel wijzigen.
Nu moet je wel met ieder pc of laptop dat draadloos is opnieuw een verbinding maken met de router en sleutel ingeven.
Test dan of je nog ingebroken wordt.
Is het dan nog zo dan kan het zijn dat je een bepaalde programma de toelating hebt gegeven.
Maar het kan ook evengoed een virus zijn.
Rare is juist dat het tot voor kort dus nooit een inbraakpoging had geregistreerd.
Bovendien heb ik net in mijn ZoneAlarm firewall dit gezien:
[TABLE][TR]
[TD]
[/TD][/TR]
[TR]
[TD] The ZoneAlarm firewall blocked an outgoing communication from your computer to port 47337 on a remote computer whose IP address is 46.175.163.20. This might have occurred because a program on your computer tried connect to the Internet before ZoneAlarm was fully started.[/TD]
[/TR]
[/TABLE]
Het Ip-adres dat wordt aangegeven ligt in Oekraïne :|
Door even verder te zoeken vindt ik deze informatie over het ip-adres:
-
Ik heb een paar dingen gezien die mij doen denken dat er een kwaadwillig persoon met mij aan het spelen is ...
Ten eerste staat er bij Netwerk-Infrastructuur een onbekende router ..
Ten tweede zijn er "unknown devices" met mijn netwerk verbonden (zie bijlage)
En ten derde zie ik ineens (nooit eerder gezien), bij inbraakdetectie een aantal inbraakpogingen staan
Ik wil graag vragen of iemand mij hiermee kan helpen, en of mijn wachtwoorden misschien in gevaar zijn (keyloggers ofzo). Kan ik de computer ook nog normaal gebruiken totdat hij gefixt is? En is hier wel iets aan de hand? Het kan er mee te maken hebben dat ik laatst met de instellingen heb lopen sjoemelen om streaming met media servers mogelijk te maken. Bovendien heeft het internet de afgelopen tijd er een paar keer om onbekende reden uitgelegen en heb ik de router opnieuw aan moeten melden. Ik hoop dat iemand mij hiermee kan helpen want dit ziet er zeker niet goed uit. Er staat gewoon een wachtwoord op mijn router maar zover ik weet kunnen de aanvallen ook op de bedrade modem gericht zijn (als dat kan).
Dus: wat is het gevaar en hoe los ik het op?
Alvast bedankt,
lufraki
-
Jammer, geen succes op die manier
-
Bedankt voor het nakijken van mijn HJT-logje,
Raar genoeg kan ik nog steeds geen herstelpunten aanmaken, ik heb voor het gemak een bijlage toegevoegd waarin je kunt zien wat er gebeurd als ik rstrui.exe (Systeem herstel) opstart (het is genummerd op chronologische volgorde).
Alvast bedankt
-
Hoi kape,
Bedankt voor je reactie:
Malwarebytes Anti-Malware 1.60.0.1800
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Database version: v2012.01.05.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Tijmen :: LUFRAKI-PC [administrator]
5-1-2012 10:33:48
mbam-log-2012-01-05 (10-33-48).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 231374
Time elapsed: 17 minute(s), 30 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
I:\Users\lufraki\AppData\Roaming\HBLite (Adware.Hotbar) -> Quarantined and deleted successfully.
Files Detected: 1
I:\Windows\explorer.backup (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
(end)
HiJackThis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:02:22, on 5-1-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
I:\Program Files\CheckPoint\ZAForceField\ForceField.exe
I:\Windows\system32\Dwm.exe
I:\Windows\system32\taskhost.exe
I:\Windows\Explorer.EXE
I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
I:\Program Files\Microsoft Security Client\msseces.exe
I:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
I:\Program Files\AVG\AVG2012\avgtray.exe
I:\Program Files\Mozilla Firefox\firefox.exe
I:\Windows\system32\NOTEPAD.EXE
I:\Users\Tijmen\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - I:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - I:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - I:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - I:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - I:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [startCCC] "I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MSC] "i:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [iSW] I:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKLM\..\Run: [ZoneAlarm] "I:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "I:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKCU\..\Run: [Google Update] "I:\Users\Tijmen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - I:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - I:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: !SASWinLogon - I:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - I:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: AMD External Events Utility - AMD - I:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - I:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - I:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service - Unknown owner - I:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - I:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - I:\Program Files\Common Files\Desura\desura_service.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - I:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Unknown owner - I:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - I:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - I:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - I:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - I:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
--
End of file - 8012 bytes
-
Goedendag,
Ik wil graag een expert vragen om mijn HJT-logje een keer na te kijken. Ik kan namelijk geen herstelpunten meer aanmaken en ik zie ook sporen van allerlei irritante ongewenste toolbars (babylon, limewire etc.) in mijn logje.
Als ik dit doe:
Click to open System.
In the left pane, click System protection. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
Om system restore weer aan te zetten, krijg ik een foutmelding:
There was an unexpected error in the property page:
System Restore encountered an error. Please try to run System Restore
again. (0x81000203)
Please close the property page and try again.
Bij deze mijn HJT logje
Logfile of Trend Micro HijackThis v2.0.4Scan saved at 17:39:29, on 4-1-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
I:\Windows\system32\taskhost.exe
I:\Windows\system32\Dwm.exe
I:\Windows\Explorer.EXE
I:\Program Files\CheckPoint\ZAForceField\ForceField.exe
I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
I:\Program Files\Microsoft Security Client\msseces.exe
I:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
I:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
I:\Program Files\PC Tools Security\BDT\FGuard.exe
I:\Program Files\Mozilla Firefox\firefox.exe
I:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
I:\Users\Tijmen\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com Nederland - De andere zoekmachine
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - I:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
F2 - REG:system.ini: UserInit=I:\Windows\system32\userinit.exe
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - I:\Program Files\BrowserCompanion\jsloader.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - I:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - I:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - I:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - I:\Program Files\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - I:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - I:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - I:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - I:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - I:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [startCCC] "I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MSC] "i:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [iSW] I:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKLM\..\Run: [ZoneAlarm] "I:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PCTools FGuard] I:\Program Files\PC Tools Security\BDT\FGuard.exe
O4 - HKCU\..\Run: [Google Update] "I:\Users\Tijmen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - I:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - I:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - I:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - I:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: !SASWinLogon - I:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - I:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: AMD External Events Utility - AMD - I:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - I:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - I:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service - Unknown owner - I:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - I:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - I:\Program Files\Common Files\Desura\desura_service.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - I:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - I:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - I:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - I:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - I:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - I:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
--
End of file - 9443 bytes
-
Hoi Jean-Pierre, bedankt voor je antwoord. Mijn muis is bedraad (usb kabeltje), ik heb hem ook al een keer in een ander USB-slot gestoken maar dat maakte geen verschil. Ik weet niet precies hoe oud de muis is maar zeker niet oud genoeg om kapot te gaan.
Groetjes,
lufraki
-
Hoi iedereen, ik hjeb een probleem wat al geruime tijd aan de gang is: mijn muis registreert niet alle kliks en ik moet dus vaak twee/drie keer klikken voordat bijvoorbeeld het startmenu openspringt, een folder opent, ik dingen in spelletjes aan kan klikken enz enz enz. Dit is heel erg vervelend en ik vroeg me dus af of iemand mij hiermee kan helpen? Voor de rest heb ik geen problemen. Hier is een HJT-logje:
Bedankt!
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:15:50, on 23-8-2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
I:\Windows\system32\taskhost.exe
I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
I:\Windows\system32\Dwm.exe
I:\Windows\Explorer.EXE
I:\Program Files\Microsoft Security Client\msseces.exe
I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
I:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
I:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
I:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
I:\Windows\system32\wuauclt.exe
I:\Program Files\Mozilla Firefox\firefox.exe
I:\Program Files\Mozilla Firefox\plugin-container.exe
I:\Program Files\Mozilla Firefox\plugin-container.exe
I:\Users\lufraki\Downloads\HijackThis(2).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Downloads - Programmadownloads zijn gecheckt tegen virus en spyware
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [startCCC] "I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MSC] "i:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [ZoneAlarm Client] "I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "I:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Overwolf] I:\Program Files\Overwolf\Overwolf.exe -silent
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: i:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - I:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AMD External Events Utility - AMD - I:\Windows\system32\atiesrxx.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - I:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - I:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - I:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - I:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - I:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: PnkBstrA - Unknown owner - I:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - I:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - I:\Windows\System32\ZoneLabs\vsmon.exe
--
End of file - 6775 bytes
-
Anders kun je altijd nog kijken op Verify Email Address Online ~ Free Email Verifier ~ Free Email Address Verification, dan weet je gelijk of het email-adres waar je iets naar probeert te versturen ook echt bestaat, waarschijnlijk bestaat het namelijk niet.
-
Er zijn laptops die geen verbinding kunnen maken met draadloos netwerk omdat ze de benodigde chip niet hebben:
Daarnaast dient u te beschikken over een laptop voorzien van een chip die verbinding kan maken met een draadloos netwerk.Misschien kunt u daar even naar kijken?
-
Probeer tijdens het spelen van spellen downloads uit te zetten en kijk eens of er misschien in de achtergrond programma's uit worden gevoerd die je ping omlaaghalen d.m.v. dingen te uploaden/downloaden/updaten whatever.
-
Ik ga waarschijnlijk voor de 5770. Ben alleen nog aan het kijken op een ander forum hoe dit precies moet. Topic opgelost. Bedankt!
-
Hallo,
Ik wil graag een betere snelheid in mijn spellen zodat ik voortaan de nieuwste spellen op bv. high kan gaan spelen. Mijn budget ligt rond de €65. Wat is er allemaal voor leuks te koop op dit gebied wat ook écht een upgrade zou zijn? Hierbij[ATTACH]10295[/ATTACH]gevoegd mijn dxdiag
-
Ik heb een Laptop met een NVIDIA GeForce 8200M G Grafische kaart. Nu heb ik wat op het internet gelezen en heb ik m.b.v. een HDMI kabel het scherm van de laptop op de tv kunnen krijgen, enige probleem is: ik kan wel geluid via de laptop laten komen, maar geen geluid via de tv (via HDMI kabel). Hoe komt dit?
Bij mijn geluidsdrivers staan:
Conexant High Definton SmartAudio 221: als ik die aanzet dan komt het geluid via de laptop.
NVIDIDA HDMI OUTPUT : als ik deze aanzet (en als standaard instel) en die andere uitschakel, dan komt er helemaal GEEN geluid.
(eronder staat in het grijs bijgeschreven NVIDIA High Defenition Audio)
SUPER BEDANKT als je mij kunt helpen
Groetjes, lufraki
-
Gewoon een super gezonde seed/peer ratio
---------- Post toegevoegd om 07:24 ---------- Vorige post was om 07:22 ----------
probeer Bitlord eens, of Bitcomethet kan toch ook iets met de poorten te maken hebben? dan heb je zo'n geel rondje bij je Utorrent.
Bedankt voor je reactie, maar Bitcomet --> zelfde probleem
De poorten heb ik ook gecheckt en die zijn gewoon open.
OPLOSSING: Het lag dus toch aan mijn verbinding. Deze is omlaag gegaan zonder dat wij het wisten.
-
Het is niet de downloadmanager die mijn snelheid laag houd, ik heb al verschillende geprobeerd zoals Vuze, utorrent, Bittorrent, FlashGet etc; allemaal met hetzelfde resultaat: raakt nooit de 900kb/sec. Ook zijn de instellingen niet het probleem.
Het ligt ook niet aan de site zelf omdat alle .torrents dezelfde snelheid aanhouden (rond de 800 maar NOOIT 900)
Er zijn geen beperkingen bij Utorrent (gebruik ik op het moment) ik kon er vroeger gewoon 1,5 MB/sec mee krijgen, nu dus niet meer.
-
IK heb het vooral over legale .torrents van gratis online MMOs zoals Archlord en Perfect World, dus deze werken niet zonder downloadmanager. De snelheden zien er vind ik zelf goed uit en geen reden voor een max download speed van 899
Download Speed: 22789 kbps (2848.6 KB/sec transfer rate)
Upload Speed: 848 kbps (106 KB/sec transfer rate)
Latency: 37 ms
-
Wat ik ook download, maakt niet uit wat, maakt niet uit met welke download manager,
mijn download snelheid gaat NOOIT hoger dan 899 kb/sec, terwijl hij vroeger wel eens de 1,5 MB/sec haalde, ik ben niet op de hoogte van een of andere snelheids-block van mijn ISP ofzo dus ik vind het heel raar.
Alvast bedankt voor de oplossing
lufraki:top:
-
Het is weer weg
Super bedankt, maar aangezien dit al de 2e infectie is, kun je mij misschien vertellen wat ik precies voor een probleem had, om verder te voorkomen>? -
Goeiemorgen
ComboFix 11-01-08.01 - lufraki 08-01-2011 22:33:57.4.4 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1033.18.3326.2209 [GMT 1:00]
Gestart vanuit: i:\users\lufraki\Downloads\ComboFix.exe
gebruikte Opdracht switches :: i:\users\lufraki\Desktop\CFScript.txt
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
FILE ::
"i:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP"
"i:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP"
"i:\windows\system32\XDva296.sys"
"i:\windows\system32\XDva327.sys"
"i:\windows\system32\XDva332.sys"
"i:\windows\system32\XDva336.sys"
"i:\windows\system32\XDva337.sys"
"i:\windows\system32\XDva359.sys"
"i:\windows\system32\XDva367.sys"
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_XDVA296
-------\Legacy_XDVA327
-------\Legacy_XDVA332
-------\Legacy_XDVA336
-------\Legacy_XDVA337
-------\Legacy_XDVA359
-------\Legacy_XDVA367
-------\Service_XDva296
-------\Service_XDva327
-------\Service_XDva332
-------\Service_XDva336
-------\Service_XDva337
-------\Service_XDva359
-------\Service_XDva367
(((((((((((((((((((( Bestanden Gemaakt van 2010-12-08 to 2011-01-08 ))))))))))))))))))))))))))))))
.
2011-01-08 21:40 . 2011-01-08 21:40 -------- d-----w- i:\users\Public\AppData\Local\temp
2011-01-08 21:40 . 2011-01-08 21:40 -------- d-----w- i:\users\Default\AppData\Local\temp
2011-01-08 20:30 . 2011-01-08 21:54 -------- d-----w- i:\users\lufraki\AppData\Local\temp
2011-01-08 19:17 . 2011-01-08 19:17 -------- d-----w- i:\program files\Vogster Entertainment
2011-01-08 18:56 . 2011-01-08 18:56 -------- d-----w- i:\users\lufraki\AppData\Roaming\InstallShield Installation Information
2011-01-08 18:56 . 2011-01-08 18:56 -------- d-----w- i:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2011-01-08 16:20 . 2010-10-05 20:26 109240 ----a-w- i:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll
2011-01-08 16:20 . 2010-10-05 20:27 150200 ----a-w- i:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
2011-01-08 12:55 . 2011-01-08 12:55 -------- d-----w- i:\users\lufraki\AppData\Roaming\Need for Speed World
2011-01-08 12:15 . 2011-01-08 12:15 -------- d-----w- i:\users\lufraki\AppData\Local\Electronic_Arts_Inc
2011-01-08 12:15 . 2011-01-08 12:15 -------- d-----w- i:\programdata\Electronic Arts
2011-01-08 12:15 . 2011-01-08 12:15 -------- d-----w- i:\program files\Electronic Arts
2011-01-08 12:08 . 2011-01-08 12:16 97859 ----a-w- i:\windows\system32\drivers\klick.dat
2011-01-08 12:08 . 2011-01-08 12:16 114243 ----a-w- i:\windows\system32\drivers\klin.dat
2011-01-08 12:07 . 2011-01-08 21:42 -------- d-----w- i:\programdata\Kaspersky Lab
2011-01-08 12:07 . 2011-01-08 12:07 -------- d-----w- i:\program files\Kaspersky Lab
2011-01-08 12:05 . 2011-01-08 12:05 -------- d-----w- i:\programdata\Kaspersky Lab Setup Files
2011-01-08 10:17 . 2011-01-08 10:17 -------- d-----w- i:\program files\Perfect Uninstaller
2011-01-07 20:42 . 2010-11-16 11:01 6273872 ----a-w- i:\programdata\Microsoft\Windows Defender\Definition Updates\{45347193-E21A-4E4D-8555-2A4CE3C34C96}\mpengine.dll
2011-01-07 20:13 . 2011-01-07 20:15 -------- d-----w- i:\program files\Common Files\BitDefender
2011-01-07 19:58 . 2010-10-19 09:41 222080 ------w- i:\windows\system32\MpSigStub.exe
2011-01-07 19:56 . 2010-04-09 07:24 240008 ----a-w- i:\windows\system32\drivers\netio.sys
2011-01-07 19:40 . 2011-01-07 19:40 -------- d-----w- i:\program files\Webroot
2011-01-07 19:39 . 2011-01-07 19:39 -------- d-----w- i:\programdata\Webroot
2011-01-07 19:39 . 2011-01-07 19:39 -------- d-----w- i:\users\lufraki\AppData\Local\PackageAware
2011-01-07 19:31 . 2011-01-08 12:14 134789 ----a-w- i:\programdata\bdinstall.bin
2011-01-01 19:52 . 2011-01-01 19:52 -------- d-----w- i:\program files\uTorrent
2011-01-01 19:51 . 2011-01-08 11:58 -------- d-----w- i:\users\lufraki\AppData\Roaming\uTorrent
2011-01-01 11:52 . 2011-01-01 11:56 -------- d-----w- i:\programdata\SpeedBit
2011-01-01 11:31 . 2011-01-01 11:54 -------- d-----w- i:\users\lufraki\AppData\Roaming\BitComet
2011-01-01 11:31 . 2011-01-07 19:54 -------- d-----w- i:\program files\BitComet
2010-12-31 18:31 . 2011-01-07 19:16 -------- d-----w- i:\users\lufraki\AppData\Roaming\QuickScan
2010-12-31 17:57 . 2010-12-31 17:57 -------- d-----w- i:\program files\FlashGet Network
2010-12-31 17:56 . 2010-12-31 17:57 -------- d-----w- i:\program files\FlashGet
2010-12-31 16:37 . 2010-12-31 16:37 -------- d-----w- i:\program files\opensub
2010-12-31 15:02 . 2010-12-31 18:22 -------- d-----w- i:\users\lufraki\AppData\Roaming\ViGlance
2010-12-30 10:55 . 2010-12-30 10:55 -------- d-----w- i:\program files\Hitman Pro 3.5
2010-12-30 10:23 . 2011-01-08 18:51 16968 ----a-w- i:\windows\system32\drivers\hitmanpro35.sys
2010-12-30 10:23 . 2010-12-30 10:27 -------- d-----w- i:\programdata\Hitman Pro
2010-12-29 11:33 . 2011-01-07 19:36 -------- d-----w- i:\programdata\Alwil Software
2010-12-29 11:33 . 2010-12-29 11:33 -------- d-----w- i:\program files\Alwil Software
2010-12-28 19:26 . 2010-12-28 19:26 -------- d-----w- i:\program files\AMD
2010-12-28 19:26 . 2010-12-28 19:32 -------- d-----w- i:\users\lufraki\AppData\Local\Downloaded Installations
2010-12-28 18:26 . 2010-12-28 18:26 -------- d-----w- i:\users\lufraki\AppData\Roaming\TightVNC
2010-12-28 18:26 . 2010-12-28 18:26 -------- d-----w- i:\program files\TightVNC
2010-12-28 13:46 . 2010-12-28 13:46 -------- d-----w- i:\programdata\ATI
2010-12-28 13:43 . 2010-12-28 13:43 -------- d-----w- I:\AMD
2010-12-26 14:24 . 2010-12-26 14:24 -------- d-----w- i:\program files\Phyxion.net
2010-12-24 15:45 . 2011-01-03 10:14 139128 ----a-w- i:\windows\system32\drivers\PnkBstrK.sys
2010-12-24 15:44 . 2010-12-25 08:43 75136 ----a-w- i:\windows\system32\PnkBstrA.exe
2010-12-24 15:44 . 2010-12-24 15:44 2434856 ----a-w- i:\windows\system32\pbsvc_bc2.exe
2010-12-21 19:21 . 2010-12-21 19:35 -------- d-----w- i:\users\lufraki\AppData\Local\Temporary Projects
2010-12-21 18:49 . 2010-12-21 18:49 -------- d-----w- i:\program files\Game Maker 8 Pro Edition
2010-12-21 18:37 . 2010-12-21 19:58 -------- d-----w- i:\program files\001
2010-12-21 18:35 . 2010-12-21 18:35 -------- d-----w- i:\programdata\001
2010-12-21 18:23 . 2010-12-21 18:23 -------- d-----w- i:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2010-12-21 18:23 . 2010-12-21 18:27 -------- d-----w- i:\program files\GStudio8
2010-12-18 14:54 . 2010-12-18 14:54 -------- d-----w- I:\dell
2010-12-18 13:48 . 2010-12-18 13:48 -------- d-----w- i:\windows\system32\RTCOM
2010-12-17 16:44 . 2010-12-17 16:44 80416 ----a-w- i:\windows\system32\RtNicProp32.dll
2010-12-17 16:44 . 2010-12-17 16:44 322664 ----a-w- i:\windows\system32\drivers\Rt86win7.sys
2010-12-17 16:12 . 2010-12-17 16:12 -------- d-----w- I:\Drivers
2010-12-17 16:09 . 2010-12-17 16:09 -------- d-----w- i:\users\lufraki\AppData\Roaming\Easeware
2010-12-17 16:09 . 2010-12-17 16:09 -------- d-----w- i:\program files\Easeware
2010-12-17 15:56 . 2010-12-17 15:56 -------- d-----w- i:\programdata\Innovative Solutions
2010-12-17 15:56 . 2010-12-17 15:56 -------- d-----w- i:\users\lufraki\AppData\Local\Innovative Solutions
2010-12-17 15:11 . 2010-12-17 15:11 -------- d-----w- i:\users\lufraki\AppData\Roaming\SUPERAntiSpyware.com
2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\programdata\IObit
2010-12-17 08:20 . 2011-01-07 17:13 -------- d-----w- i:\program files\Application Updater
2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\program files\IObit Toolbar
2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\program files\IObit
2010-12-16 17:38 . 2010-12-16 17:38 -------- d-----w- i:\users\lufraki\AppData\Roaming\TS3Client
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-03 10:14 . 2010-08-25 10:54 215128 ----a-w- i:\windows\system32\PnkBstrB.exe
2011-01-03 10:14 . 2010-03-15 15:43 215128 ----a-w- i:\windows\system32\PnkBstrB.xtr
2011-01-03 10:10 . 2010-08-25 10:54 215128 ----a-w- i:\windows\system32\PnkBstrB.ex0
2010-12-24 15:45 . 2010-03-15 15:41 138056 ----a-w- i:\users\lufraki\AppData\Roaming\PnkBstrK.sys
2010-12-20 17:09 . 2010-11-30 13:58 38224 ----a-w- i:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 17:08 . 2010-11-30 13:57 20952 ----a-w- i:\windows\system32\drivers\mbam.sys
2010-12-17 16:44 . 2009-12-03 08:27 100896 ----a-w- i:\windows\system32\RTNUninst32.dll
2010-11-26 04:19 . 2010-11-26 04:19 6650368 ----a-w- i:\windows\system32\drivers\atikmdag.sys
2010-11-26 03:02 . 2010-11-26 03:02 16702976 ----a-w- i:\windows\system32\atioglxx.dll
2010-11-26 02:58 . 2010-11-26 02:58 143360 ----a-w- i:\windows\system32\atiapfxx.exe
2010-11-26 02:58 . 2010-08-03 23:54 550400 ----a-w- i:\windows\system32\aticfx32.dll
2010-11-26 02:54 . 2010-11-26 02:54 462848 ----a-w- i:\windows\system32\ATIDEMGX.dll
2010-11-26 02:54 . 2010-11-26 02:54 393216 ----a-w- i:\windows\system32\atieclxx.exe
2010-11-26 02:54 . 2010-11-26 02:54 176128 ----a-w- i:\windows\system32\atiesrxx.exe
2010-11-26 02:52 . 2010-11-26 02:52 159744 ----a-w- i:\windows\system32\atitmmxx.dll
2010-11-26 02:52 . 2010-11-26 02:52 356352 ----a-w- i:\windows\system32\atipdlxx.dll
2010-11-26 02:52 . 2010-11-26 02:52 278528 ----a-w- i:\windows\system32\Oemdspif.dll
2010-11-26 02:52 . 2010-11-26 02:52 15872 ----a-w- i:\windows\system32\atimuixx.dll
2010-11-26 02:52 . 2010-11-26 02:52 43520 ----a-w- i:\windows\system32\ati2edxx.dll
2010-11-26 02:49 . 2010-08-03 23:46 4066816 ----a-w- i:\windows\system32\atidxx32.dll
2010-11-26 02:30 . 2010-11-26 02:30 4122624 ----a-w- i:\windows\system32\atiumdag.dll
2010-11-26 02:30 . 2010-11-26 02:30 46080 ----a-w- i:\windows\system32\aticalrt.dll
2010-11-26 02:30 . 2010-11-26 02:30 44032 ----a-w- i:\windows\system32\aticalcl.dll
2010-11-26 02:28 . 2010-11-26 02:28 5441024 ----a-w- i:\windows\system32\aticaldd.dll
2010-11-26 02:24 . 2010-08-03 23:23 52736 ----a-w- i:\windows\system32\coinst.dll
2010-11-26 02:22 . 2010-11-26 02:22 3460096 ----a-w- i:\windows\system32\atiumdva.dll
2010-11-26 02:17 . 2010-11-26 02:17 249856 ----a-w- i:\windows\system32\atiadlxx.dll
2010-11-26 02:17 . 2010-11-26 02:17 12800 ----a-w- i:\windows\system32\atiglpxx.dll
2010-11-26 02:16 . 2010-11-26 02:16 27136 ----a-w- i:\windows\system32\atigktxx.dll
2010-11-26 02:16 . 2010-11-26 02:16 231936 ----a-w- i:\windows\system32\drivers\atikmpag.sys
2010-11-26 02:15 . 2010-08-03 23:15 30720 ----a-w- i:\windows\system32\atiuxpag.dll
2010-11-26 02:15 . 2010-11-26 02:15 28672 ----a-w- i:\windows\system32\atiu9pag.dll
2010-11-26 02:15 . 2010-11-26 02:15 53248 ----a-w- i:\windows\system32\drivers\ati2erec.dll
2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- i:\windows\system32\atimpc32.dll
2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- i:\windows\system32\amdpcom32.dll
2010-11-23 20:57 . 2010-11-09 17:22 12288 ----a-w- i:\windows\impborl.dll
2010-11-23 16:16 . 2010-12-01 16:12 31552 ----a-w- i:\windows\system32\TURegOpt.exe
2010-11-23 16:11 . 2010-12-01 16:12 21312 ----a-w- i:\windows\system32\authuitu.dll
2010-11-23 16:11 . 2010-12-01 16:12 29504 ----a-w- i:\windows\system32\uxtuneup.dll
2010-11-17 17:15 . 2010-11-17 17:15 235 ----a-w- i:\windows\system32\nxEuUninstall.bat
2010-11-17 17:15 . 2010-02-18 08:27 446464 ----a-w- i:\windows\NEXON_EU_DownloaderUpdater.exe
2010-11-17 12:04 . 2010-11-17 12:04 101392 ----a-w- i:\windows\system32\drivers\AtihdW73.sys
2010-11-14 17:08 . 2010-03-06 18:50 47360 ----a-w- i:\users\lufraki\AppData\Roaming\pcouffin.sys
2010-11-12 17:53 . 2010-08-20 16:25 472808 ----a-w- i:\windows\system32\deployJava1.dll
2010-10-26 10:22 . 2010-10-26 10:22 45056 ----a-w- i:\windows\system32\ATIODCLI.exe
2010-10-26 10:22 . 2010-10-26 10:22 294912 ----a-w- i:\windows\system32\ATIODE.exe
2010-10-25 11:47 . 2010-10-25 11:47 1060864 ----a-w- i:\windows\system32\mfc71.dll
2010-10-19 14:12 . 2010-10-19 13:36 21840 ----atw- i:\windows\system32\SIntfNT.dll
2010-10-19 14:12 . 2010-10-19 13:36 17212 ----atw- i:\windows\system32\SIntf32.dll
2010-10-19 14:12 . 2010-10-19 13:36 12067 ----atw- i:\windows\system32\SIntf16.dll
2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- i:\windows\system32\xlive.dll
2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- i:\windows\system32\xlivefnt.dll
1997-02-17 10:37 . 1999-06-23 20:24 171520 ----a-w- i:\program files\CNCS32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="i:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="i:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"AVP"="i:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2011-01-08 365336]
i:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - i:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=i:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKLM\~\startupfolder\I:^Users^lufraki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip]
path=i:\users\lufraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
backup=i:\windows\pss\CurseClientStartup.ccip.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\I:^Users^lufraki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^iRotate.lnk]
path=i:\users\lufraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iRotate.lnk
backup=i:\windows\pss\iRotate.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeleteDir[b04] WIPE_B04.TMP]
RD [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- i:\program files\DAEMON Tools Lite\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- i:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-09-22 22:47 4240760 ----a-w- i:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [bU]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- i:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-12-14 20:02 2424560 ----a-w- i:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="i:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"SUPERAntiSpyware"=i:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
"Steam"="i:\program files\Steam\Steam.exe" -silent
"Pando Media Booster"=i:\program files\Pando Networks\Media Booster\PMB.exe
"RGSC"=i:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="i:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"HP Software Update"=i:\program files\HP\HP Software Update\HPWuSchd2.exe
"Zboard"=i:\program files\Ideazon\ZEngine\Zboard.exe
"ATICustomerCare"="i:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
"StartCCC"="i:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"RtHDVCpl"=i:\program files\Realtek\Audio\HDA\RtHDVCpl.exe -s
"Adobe ARM"="i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SearchSettings"="i:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe"
"Malwarebytes' Anti-Malware (reboot)"="i:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"AVG_TRAY"=i:\program files\AVG\AVG10\avgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;i:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AVGIDSShim;AVGIDSShim;i:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]
R3 EagleXNt;EagleXNt;i:\windows\system32\drivers\EagleXNt.sys [x]
R3 npggsvc;nProtect GameGuard Service;i:\windows\system32\GameMon.des [2010-03-21 3601544]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;i:\windows\system32\drivers\ScreamingBAudio.sys [2009-11-25 34384]
R3 WatAdminSvc;Windows Activation Technologies-service;i:\windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1343400]
R4 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832]
S0 sptd;sptd;i:\windows\System32\Drivers\sptd.sys [2010-02-13 691696]
S1 kl2;kl2;i:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;i:\windows\system32\DRIVERS\klim6.sys [2010-04-22 22104]
S2 Akamai;Akamai NetSession Interface;i:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;i:\windows\system32\atiesrxx.exe [2010-11-26 176128]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;i:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-11-23 1483072]
S3 amdkmdag;amdkmdag;i:\windows\system32\DRIVERS\atikmdag.sys [2010-11-26 6650368]
S3 amdkmdap;amdkmdap;i:\windows\system32\DRIVERS\atikmpag.sys [2010-11-26 231936]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;i:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
S3 klmouflt;Kaspersky Lab KLMOUFLT;i:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;i:\windows\system32\Drivers\RtsUStor.sys [2010-06-04 189784]
S3 RTL8167;Realtek 8167 NT Driver;i:\windows\system32\DRIVERS\Rt86win7.sys [2010-12-17 322664]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;i:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
S3 WVKeyboardService;Wayontec Virtual Keyboard Driver;i:\windows\system32\Drivers\wvkeybd.sys [2010-06-18 10568]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
Akamai REG_MULTI_SZ Akamai
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhoud van de 'Gedeelde Taken' map
2011-01-03 i:\windows\Tasks\DriverEasy Scheduled Scan.job
- i:\program files\Easeware\DriverEasy\DriverEasy.exe [2010-12-17 19:55]
.
.
------- Bijkomende Scan -------
.
IE: Add to Anti-Banner - i:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - i:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab
FF - ProfilePath - i:\users\lufraki\AppData\Roaming\Mozilla\Firefox\Profiles\1oatxjms.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://countdown.free-and-online.com/?timer=2456
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=0&v=6.010.023.001&i=23&tp=ab&iy=&ychte=nl&lng=nl&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - i:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - i:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - i:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - i:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - i:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - i:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - i:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\npggsvc]
"ImagePath"="i:\windows\system32\GameMon.des -service"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_USERS\S-1-5-21-2838343270-200650475-273469060-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:d5,4f,f0,3a,75,22,7c,05,a7,8e,ba,99,97,b3,a1,e3,ba,ae,66,82,7c,d3,e4,
13,dd,21,3c,98,ec,35,14,a8,e1,8a,45,83,58,d7,42,73,9e,aa,d5,87,dd,d0,59,f0,\
"??"=hex:d3,5d,4a,97,68,f9,aa,1b,29,0d,aa,a8,22,84,59,9a
[HKEY_USERS\S-1-5-21-2838343270-200650475-273469060-1001\Software\SecuROM\License information*]
"datasecu"=hex:e6,8e,84,56,c0,a0,2a,ef,88,2a,54,89,7e,c0,cd,b7,cf,17,a2,5c,fa,
58,9c,e3,ad,fb,20,ce,fe,75,46,84,fa,91,15,1a,cb,d5,a8,f6,ee,55,bf,62,72,f1,\
"rkeysecu"=hex:ba,76,e9,0a,e3,97,f2,eb,93,d5,91,41,36,38,c1,ee
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
i:\windows\system32\atieclxx.exe
i:\windows\system32\PnkBstrA.exe
i:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
i:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
i:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
i:\windows\system32\taskhost.exe
i:\program files\IObit\Game Booster\GameBox.exe
i:\windows\system32\conhost.exe
i:\program files\Windows Media Player\wmpnscfg.exe
i:\program files\Windows Media Player\wmpnscfg.exe
.
**************************************************************************
.
Voltooingstijd: 2011-01-08 22:56:56 - machine werd herstart
ComboFix-quarantined-files.txt 2011-01-08 21:56
ComboFix2.txt 2011-01-08 20:30
ComboFix3.txt 2009-05-09 16:48
ComboFix4.txt 2009-04-07 17:04
Pre-Run: 471.623.446.528 bytes beschikbaar
Post-Run: 471.394.656.256 bytes beschikbaar
- - End Of File - - CBD7369F101CA71707E8DEC0FF5D9622
-
De meldingen zijn weer weg
ComboFix 11-01-08.01 - lufraki 08-01-2011 21:21:26.3.4 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1033.18.3326.2427 [GMT 1:00]
Gestart vanuit: i:\users\lufraki\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
I:\install.exe
i:\users\lufraki\AppData\Roaming\inst.exe
i:\windows\system32\NL-NLW.DLL
i:\windows\system32\system
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-12-08 to 2011-01-08 ))))))))))))))))))))))))))))))
.
2011-01-08 20:28 . 2011-01-08 20:28 -------- d-----w- i:\users\Public\AppData\Local\temp
2011-01-08 20:28 . 2011-01-08 20:28 -------- d-----w- i:\users\Default\AppData\Local\temp
2011-01-08 20:28 . 2011-01-08 20:28 -------- d-----w- i:\users\lufraki\AppData\Local\temp
2011-01-08 19:17 . 2011-01-08 19:17 -------- d-----w- i:\program files\Vogster Entertainment
2011-01-08 18:56 . 2011-01-08 18:56 -------- d-----w- i:\users\lufraki\AppData\Roaming\InstallShield Installation Information
2011-01-08 18:56 . 2011-01-08 18:56 -------- d-----w- i:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2011-01-08 16:20 . 2010-10-05 20:26 109240 ----a-w- i:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll
2011-01-08 16:20 . 2010-10-05 20:27 150200 ----a-w- i:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
2011-01-08 12:55 . 2011-01-08 12:55 -------- d-----w- i:\users\lufraki\AppData\Roaming\Need for Speed World
2011-01-08 12:15 . 2011-01-08 12:15 -------- d-----w- i:\users\lufraki\AppData\Local\Electronic_Arts_Inc
2011-01-08 12:15 . 2011-01-08 12:15 -------- d-----w- i:\programdata\Electronic Arts
2011-01-08 12:15 . 2011-01-08 12:15 -------- d-----w- i:\program files\Electronic Arts
2011-01-08 12:08 . 2011-01-08 12:16 97859 ----a-w- i:\windows\system32\drivers\klick.dat
2011-01-08 12:08 . 2011-01-08 12:16 114243 ----a-w- i:\windows\system32\drivers\klin.dat
2011-01-08 12:07 . 2011-01-08 19:00 -------- d-----w- i:\programdata\Kaspersky Lab
2011-01-08 12:07 . 2011-01-08 12:07 -------- d-----w- i:\program files\Kaspersky Lab
2011-01-08 12:05 . 2011-01-08 12:05 -------- d-----w- i:\programdata\Kaspersky Lab Setup Files
2011-01-08 10:17 . 2011-01-08 10:17 -------- d-----w- i:\program files\Perfect Uninstaller
2011-01-07 20:42 . 2010-11-16 11:01 6273872 ----a-w- i:\programdata\Microsoft\Windows Defender\Definition Updates\{45347193-E21A-4E4D-8555-2A4CE3C34C96}\mpengine.dll
2011-01-07 20:13 . 2011-01-07 20:15 -------- d-----w- i:\program files\Common Files\BitDefender
2011-01-07 19:58 . 2010-10-19 09:41 222080 ------w- i:\windows\system32\MpSigStub.exe
2011-01-07 19:56 . 2010-04-09 07:24 240008 ----a-w- i:\windows\system32\drivers\netio.sys
2011-01-07 19:40 . 2011-01-07 19:40 -------- d-----w- i:\program files\Webroot
2011-01-07 19:39 . 2011-01-07 19:39 -------- d-----w- i:\programdata\Webroot
2011-01-07 19:39 . 2011-01-07 19:39 -------- d-----w- i:\users\lufraki\AppData\Local\PackageAware
2011-01-07 19:31 . 2011-01-08 12:14 134789 ----a-w- i:\programdata\bdinstall.bin
2011-01-01 19:52 . 2011-01-01 19:52 -------- d-----w- i:\program files\uTorrent
2011-01-01 19:51 . 2011-01-08 11:58 -------- d-----w- i:\users\lufraki\AppData\Roaming\uTorrent
2011-01-01 11:52 . 2011-01-01 11:56 -------- d-----w- i:\programdata\SpeedBit
2011-01-01 11:31 . 2011-01-01 11:54 -------- d-----w- i:\users\lufraki\AppData\Roaming\BitComet
2011-01-01 11:31 . 2011-01-07 19:54 -------- d-----w- i:\program files\BitComet
2010-12-31 18:31 . 2011-01-07 19:16 -------- d-----w- i:\users\lufraki\AppData\Roaming\QuickScan
2010-12-31 17:57 . 2010-12-31 17:57 -------- d-----w- i:\program files\FlashGet Network
2010-12-31 17:56 . 2010-12-31 17:57 -------- d-----w- i:\program files\FlashGet
2010-12-31 16:37 . 2010-12-31 16:37 -------- d-----w- i:\program files\opensub
2010-12-31 15:02 . 2010-12-31 18:22 -------- d-----w- i:\users\lufraki\AppData\Roaming\ViGlance
2010-12-30 10:55 . 2010-12-30 10:55 -------- d-----w- i:\program files\Hitman Pro 3.5
2010-12-30 10:23 . 2011-01-08 18:51 16968 ----a-w- i:\windows\system32\drivers\hitmanpro35.sys
2010-12-30 10:23 . 2010-12-30 10:27 -------- d-----w- i:\programdata\Hitman Pro
2010-12-29 11:33 . 2011-01-07 19:36 -------- d-----w- i:\programdata\Alwil Software
2010-12-29 11:33 . 2010-12-29 11:33 -------- d-----w- i:\program files\Alwil Software
2010-12-28 19:26 . 2010-12-28 19:26 -------- d-----w- i:\program files\AMD
2010-12-28 19:26 . 2010-12-28 19:32 -------- d-----w- i:\users\lufraki\AppData\Local\Downloaded Installations
2010-12-28 18:26 . 2010-12-28 18:26 -------- d-----w- i:\users\lufraki\AppData\Roaming\TightVNC
2010-12-28 18:26 . 2010-12-28 18:26 -------- d-----w- i:\program files\TightVNC
2010-12-28 13:46 . 2010-12-28 13:46 -------- d-----w- i:\programdata\ATI
2010-12-28 13:43 . 2010-12-28 13:43 -------- d-----w- I:\AMD
2010-12-26 14:24 . 2010-12-26 14:24 -------- d-----w- i:\program files\Phyxion.net
2010-12-24 15:45 . 2011-01-03 10:14 139128 ----a-w- i:\windows\system32\drivers\PnkBstrK.sys
2010-12-24 15:44 . 2010-12-25 08:43 75136 ----a-w- i:\windows\system32\PnkBstrA.exe
2010-12-24 15:44 . 2010-12-24 15:44 2434856 ----a-w- i:\windows\system32\pbsvc_bc2.exe
2010-12-21 19:21 . 2010-12-21 19:35 -------- d-----w- i:\users\lufraki\AppData\Local\Temporary Projects
2010-12-21 18:49 . 2010-12-21 18:49 -------- d-----w- i:\program files\Game Maker 8 Pro Edition
2010-12-21 18:37 . 2010-12-21 19:58 -------- d-----w- i:\program files\001
2010-12-21 18:35 . 2010-12-21 18:35 -------- d-----w- i:\programdata\001
2010-12-21 18:23 . 2010-12-21 18:23 -------- d-----w- i:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2010-12-21 18:23 . 2010-12-21 18:27 -------- d-----w- i:\program files\GStudio8
2010-12-18 14:54 . 2010-12-18 14:54 -------- d-----w- I:\dell
2010-12-18 13:48 . 2010-12-18 13:48 -------- d-----w- i:\windows\system32\RTCOM
2010-12-17 16:44 . 2010-12-17 16:44 80416 ----a-w- i:\windows\system32\RtNicProp32.dll
2010-12-17 16:44 . 2010-12-17 16:44 322664 ----a-w- i:\windows\system32\drivers\Rt86win7.sys
2010-12-17 16:12 . 2010-12-17 16:12 -------- d-----w- I:\Drivers
2010-12-17 16:09 . 2010-12-17 16:09 -------- d-----w- i:\users\lufraki\AppData\Roaming\Easeware
2010-12-17 16:09 . 2010-12-17 16:09 -------- d-----w- i:\program files\Easeware
2010-12-17 15:56 . 2010-12-17 15:56 -------- d-----w- i:\programdata\Innovative Solutions
2010-12-17 15:56 . 2010-12-17 15:56 -------- d-----w- i:\users\lufraki\AppData\Local\Innovative Solutions
2010-12-17 15:11 . 2010-12-17 15:11 -------- d-----w- i:\users\lufraki\AppData\Roaming\SUPERAntiSpyware.com
2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\programdata\IObit
2010-12-17 08:20 . 2011-01-07 17:13 -------- d-----w- i:\program files\Application Updater
2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\program files\IObit Toolbar
2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\program files\IObit
2010-12-17 08:20 . 2010-12-17 08:20 -------- d-----w- i:\program files\Common Files\Spigot
2010-12-16 17:38 . 2010-12-16 17:38 -------- d-----w- i:\users\lufraki\AppData\Roaming\TS3Client
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-03 10:14 . 2010-08-25 10:54 215128 ----a-w- i:\windows\system32\PnkBstrB.exe
2011-01-03 10:14 . 2010-03-15 15:43 215128 ----a-w- i:\windows\system32\PnkBstrB.xtr
2011-01-03 10:10 . 2010-08-25 10:54 215128 ----a-w- i:\windows\system32\PnkBstrB.ex0
2010-12-24 15:45 . 2010-03-15 15:41 138056 ----a-w- i:\users\lufraki\AppData\Roaming\PnkBstrK.sys
2010-12-20 17:09 . 2010-11-30 13:58 38224 ----a-w- i:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 17:08 . 2010-11-30 13:57 20952 ----a-w- i:\windows\system32\drivers\mbam.sys
2010-12-17 16:44 . 2009-12-03 08:27 100896 ----a-w- i:\windows\system32\RTNUninst32.dll
2010-11-26 04:19 . 2010-11-26 04:19 6650368 ----a-w- i:\windows\system32\drivers\atikmdag.sys
2010-11-26 03:02 . 2010-11-26 03:02 16702976 ----a-w- i:\windows\system32\atioglxx.dll
2010-11-26 02:58 . 2010-11-26 02:58 143360 ----a-w- i:\windows\system32\atiapfxx.exe
2010-11-26 02:58 . 2010-08-03 23:54 550400 ----a-w- i:\windows\system32\aticfx32.dll
2010-11-26 02:54 . 2010-11-26 02:54 462848 ----a-w- i:\windows\system32\ATIDEMGX.dll
2010-11-26 02:54 . 2010-11-26 02:54 393216 ----a-w- i:\windows\system32\atieclxx.exe
2010-11-26 02:54 . 2010-11-26 02:54 176128 ----a-w- i:\windows\system32\atiesrxx.exe
2010-11-26 02:52 . 2010-11-26 02:52 159744 ----a-w- i:\windows\system32\atitmmxx.dll
2010-11-26 02:52 . 2010-11-26 02:52 356352 ----a-w- i:\windows\system32\atipdlxx.dll
2010-11-26 02:52 . 2010-11-26 02:52 278528 ----a-w- i:\windows\system32\Oemdspif.dll
2010-11-26 02:52 . 2010-11-26 02:52 15872 ----a-w- i:\windows\system32\atimuixx.dll
2010-11-26 02:52 . 2010-11-26 02:52 43520 ----a-w- i:\windows\system32\ati2edxx.dll
2010-11-26 02:49 . 2010-08-03 23:46 4066816 ----a-w- i:\windows\system32\atidxx32.dll
2010-11-26 02:30 . 2010-11-26 02:30 4122624 ----a-w- i:\windows\system32\atiumdag.dll
2010-11-26 02:30 . 2010-11-26 02:30 46080 ----a-w- i:\windows\system32\aticalrt.dll
2010-11-26 02:30 . 2010-11-26 02:30 44032 ----a-w- i:\windows\system32\aticalcl.dll
2010-11-26 02:28 . 2010-11-26 02:28 5441024 ----a-w- i:\windows\system32\aticaldd.dll
2010-11-26 02:24 . 2010-08-03 23:23 52736 ----a-w- i:\windows\system32\coinst.dll
2010-11-26 02:22 . 2010-11-26 02:22 3460096 ----a-w- i:\windows\system32\atiumdva.dll
2010-11-26 02:17 . 2010-11-26 02:17 249856 ----a-w- i:\windows\system32\atiadlxx.dll
2010-11-26 02:17 . 2010-11-26 02:17 12800 ----a-w- i:\windows\system32\atiglpxx.dll
2010-11-26 02:16 . 2010-11-26 02:16 27136 ----a-w- i:\windows\system32\atigktxx.dll
2010-11-26 02:16 . 2010-11-26 02:16 231936 ----a-w- i:\windows\system32\drivers\atikmpag.sys
2010-11-26 02:15 . 2010-08-03 23:15 30720 ----a-w- i:\windows\system32\atiuxpag.dll
2010-11-26 02:15 . 2010-11-26 02:15 28672 ----a-w- i:\windows\system32\atiu9pag.dll
2010-11-26 02:15 . 2010-11-26 02:15 53248 ----a-w- i:\windows\system32\drivers\ati2erec.dll
2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- i:\windows\system32\atimpc32.dll
2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- i:\windows\system32\amdpcom32.dll
2010-11-23 20:57 . 2010-11-09 17:22 12288 ----a-w- i:\windows\impborl.dll
2010-11-23 16:16 . 2010-12-01 16:12 31552 ----a-w- i:\windows\system32\TURegOpt.exe
2010-11-23 16:11 . 2010-12-01 16:12 21312 ----a-w- i:\windows\system32\authuitu.dll
2010-11-23 16:11 . 2010-12-01 16:12 29504 ----a-w- i:\windows\system32\uxtuneup.dll
2010-11-17 17:15 . 2010-11-17 17:15 235 ----a-w- i:\windows\system32\nxEuUninstall.bat
2010-11-17 17:15 . 2010-02-18 08:27 446464 ----a-w- i:\windows\NEXON_EU_DownloaderUpdater.exe
2010-11-17 12:04 . 2010-11-17 12:04 101392 ----a-w- i:\windows\system32\drivers\AtihdW73.sys
2010-11-14 17:08 . 2010-03-06 18:50 47360 ----a-w- i:\users\lufraki\AppData\Roaming\pcouffin.sys
2010-11-12 17:53 . 2010-08-20 16:25 472808 ----a-w- i:\windows\system32\deployJava1.dll
2010-10-26 10:22 . 2010-10-26 10:22 45056 ----a-w- i:\windows\system32\ATIODCLI.exe
2010-10-26 10:22 . 2010-10-26 10:22 294912 ----a-w- i:\windows\system32\ATIODE.exe
2010-10-25 11:47 . 2010-10-25 11:47 1060864 ----a-w- i:\windows\system32\mfc71.dll
2010-10-19 14:12 . 2010-10-19 13:36 21840 ----atw- i:\windows\system32\SIntfNT.dll
2010-10-19 14:12 . 2010-10-19 13:36 17212 ----atw- i:\windows\system32\SIntf32.dll
2010-10-19 14:12 . 2010-10-19 13:36 12067 ----atw- i:\windows\system32\SIntf16.dll
2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- i:\windows\system32\xlive.dll
2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- i:\windows\system32\xlivefnt.dll
1997-02-17 10:37 . 1999-06-23 20:24 171520 ----a-w- i:\program files\CNCS32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="i:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="i:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"AVP"="i:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2011-01-08 365336]
i:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - i:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=i:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKLM\~\startupfolder\I:^Users^lufraki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip]
path=i:\users\lufraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
backup=i:\windows\pss\CurseClientStartup.ccip.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\I:^Users^lufraki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^iRotate.lnk]
path=i:\users\lufraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iRotate.lnk
backup=i:\windows\pss\iRotate.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeleteDir[b04] WIPE_B04.TMP]
RD [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- i:\program files\DAEMON Tools Lite\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- i:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-09-22 22:47 4240760 ----a-w- i:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [bU]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- i:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-12-14 20:02 2424560 ----a-w- i:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="i:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"SUPERAntiSpyware"=i:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
"Steam"="i:\program files\Steam\Steam.exe" -silent
"Pando Media Booster"=i:\program files\Pando Networks\Media Booster\PMB.exe
"RGSC"=i:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="i:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"HP Software Update"=i:\program files\HP\HP Software Update\HPWuSchd2.exe
"Zboard"=i:\program files\Ideazon\ZEngine\Zboard.exe
"ATICustomerCare"="i:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
"StartCCC"="i:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"RtHDVCpl"=i:\program files\Realtek\Audio\HDA\RtHDVCpl.exe -s
"Adobe ARM"="i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SearchSettings"="i:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe"
"Malwarebytes' Anti-Malware (reboot)"="i:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"AVG_TRAY"=i:\program files\AVG\AVG10\avgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;i:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AVGIDSShim;AVGIDSShim;i:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]
R3 EagleXNt;EagleXNt;i:\windows\system32\drivers\EagleXNt.sys [x]
R3 npggsvc;nProtect GameGuard Service;i:\windows\system32\GameMon.des [2010-03-21 3601544]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;i:\windows\system32\drivers\ScreamingBAudio.sys [2009-11-25 34384]
R3 WatAdminSvc;Windows Activation Technologies-service;i:\windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1343400]
R3 XDva296;XDva296;i:\windows\system32\XDva296.sys [x]
R3 XDva327;XDva327;i:\windows\system32\XDva327.sys [x]
R3 XDva332;XDva332;i:\windows\system32\XDva332.sys [x]
R3 XDva336;XDva336;i:\windows\system32\XDva336.sys [x]
R3 XDva337;XDva337;i:\windows\system32\XDva337.sys [x]
R3 XDva359;XDva359;i:\windows\system32\XDva359.sys [x]
R3 XDva367;XDva367;i:\windows\system32\XDva367.sys [x]
R4 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832]
S0 sptd;sptd;i:\windows\System32\Drivers\sptd.sys [2010-02-13 691696]
S1 kl2;kl2;i:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;i:\windows\system32\DRIVERS\klim6.sys [2010-04-22 22104]
S2 Akamai;Akamai NetSession Interface;i:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;i:\windows\system32\atiesrxx.exe [2010-11-26 176128]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;i:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-11-23 1483072]
S3 amdkmdag;amdkmdag;i:\windows\system32\DRIVERS\atikmdag.sys [2010-11-26 6650368]
S3 amdkmdap;amdkmdap;i:\windows\system32\DRIVERS\atikmpag.sys [2010-11-26 231936]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;i:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
S3 klmouflt;Kaspersky Lab KLMOUFLT;i:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;i:\windows\system32\Drivers\RtsUStor.sys [2010-06-04 189784]
S3 RTL8167;Realtek 8167 NT Driver;i:\windows\system32\DRIVERS\Rt86win7.sys [2010-12-17 322664]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;i:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
S3 WVKeyboardService;Wayontec Virtual Keyboard Driver;i:\windows\system32\Drivers\wvkeybd.sys [2010-06-18 10568]
--- Andere Services/Drivers In Geheugen ---
*NewlyCreated* - EAGLEXNT
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
Akamai REG_MULTI_SZ Akamai
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhoud van de 'Gedeelde Taken' map
2011-01-03 i:\windows\Tasks\DriverEasy Scheduled Scan.job
- i:\program files\Easeware\DriverEasy\DriverEasy.exe [2010-12-17 19:55]
.
.
------- Bijkomende Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: Add to Anti-Banner - i:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - i:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab
FF - ProfilePath - i:\users\lufraki\AppData\Roaming\Mozilla\Firefox\Profiles\1oatxjms.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://countdown.free-and-online.com/?timer=2456
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=0&v=6.010.023.001&i=23&tp=ab&iy=&ychte=nl&lng=nl&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - i:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - i:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - i:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - i:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - i:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - i:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - i:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHANS VERWIJDERD - - - -
MSConfigStartUp-BitTorrent - i:\program files\BitTorrent\bittorrent.exe
MSConfigStartUp-FlashPlayerUpdate - i:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe
MSConfigStartUp-QuickTime Task - i:\program files\QuickTime\QTTask.exe
MSConfigStartUp-Steam - c:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\npggsvc]
"ImagePath"="i:\windows\system32\GameMon.des -service"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_USERS\S-1-5-21-2838343270-200650475-273469060-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:d5,4f,f0,3a,75,22,7c,05,a7,8e,ba,99,97,b3,a1,e3,ba,ae,66,82,7c,d3,e4,
13,dd,21,3c,98,ec,35,14,a8,e1,8a,45,83,58,d7,42,73,9e,aa,d5,87,dd,d0,59,f0,\
"??"=hex:d3,5d,4a,97,68,f9,aa,1b,29,0d,aa,a8,22,84,59,9a
[HKEY_USERS\S-1-5-21-2838343270-200650475-273469060-1001\Software\SecuROM\License information*]
"datasecu"=hex:e6,8e,84,56,c0,a0,2a,ef,88,2a,54,89,7e,c0,cd,b7,cf,17,a2,5c,fa,
58,9c,e3,ad,fb,20,ce,fe,75,46,84,fa,91,15,1a,cb,d5,a8,f6,ee,55,bf,62,72,f1,\
"rkeysecu"=hex:ba,76,e9,0a,e3,97,f2,eb,93,d5,91,41,36,38,c1,ee
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2011-01-08 21:30:01
ComboFix-quarantined-files.txt 2011-01-08 20:30
ComboFix2.txt 2009-05-09 16:48
ComboFix3.txt 2009-04-07 17:04
Pre-Run: 471.476.756.480 bytes beschikbaar
Post-Run: 471.593.652.224 bytes beschikbaar
- - End Of File - - 4D137C010D62CB64BC70D1D88124470D
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:59:21, on 8-1-2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal
Running processes:
I:\Windows\system32\taskhost.exe
I:\Windows\system32\taskeng.exe
I:\Windows\system32\Dwm.exe
I:\Program Files\IObit\Game Booster\GameBox.exe
I:\Program Files\Common Files\Java\Java Update\jusched.exe
I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
I:\Program Files\Windows Sidebar\sidebar.exe
I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
I:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
I:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
I:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
I:\Windows\system32\notepad.exe
I:\Windows\explorer.exe
I:\Program Files\Mozilla Firefox\firefox.exe
I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
I:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
I:\Users\lufraki\Downloads\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVP] "I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKCU\..\Run: [sidebar] I:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Anti-Banner - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - I:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: I:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,I:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - I:\Windows\System32\DreamScene.dll
O23 - Service: AMD External Events Utility - AMD - I:\Windows\system32\atiesrxx.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - I:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - I:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - I:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - I:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
--
End of file - 6181 bytes
-
Gedaan
BTW:
O15 - Trusted Zone: http://software.kuaiche.com
is voor de 3e keer teruggekeert in het logje
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:43:30, on 8-1-2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal
Running processes:
I:\Windows\system32\taskhost.exe
I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
I:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
I:\Windows\system32\Dwm.exe
I:\Windows\Explorer.EXE
I:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
I:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
I:\Program Files\Common Files\Java\Java Update\jusched.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
I:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
I:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
I:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
I:\Program Files\Mozilla Firefox\firefox.exe
I:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
I:\Users\lufraki\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - I:\Users\lufraki\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - I:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll
O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "I:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"
O4 - HKLM\..\Run: [bDAgent] "I:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all by FlashGet3 - I:\Users\lufraki\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - I:\Users\lufraki\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - I:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - I:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: I:\Windows\System32\avgrsstx.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - I:\Windows\System32\DreamScene.dll
O23 - Service: AMD External Events Utility - AMD - I:\Windows\system32\atiesrxx.exe
O23 - Service: AODService - Unknown owner - I:\Program Files\AMD\OverDrive\AODAssist.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - I:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - I:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - I:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - I:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - I:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - I:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - I:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - I:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - I:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
--
End of file - 6904 bytes
[TABLE]
Graag logje nakijken
in Archief Bestrijding malware & virussen
Geplaatst:
Er zijn geen problemen met de PC, was meer een voorzorgsmaatregel.
In ieder geval bedankt voor de snelle hulp!