Ga naar inhoud

janneman1961

Lid
  • Items

    7
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door janneman1961

  1. Ik heb een hijack log gedaan en daarna ook een Kunnen jullie kijken wat er fout is of goed file of Trend Micro HijackThis v2.0.2 Scan saved at 8:53:06, on 24-7-2013 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v10.0 (10.00.9200.16635) Boot mode: Normal Running processes: C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\WinZip\zipsendservice.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- en ook deze voor en na het verwijderen # AdwCleaner v2.306 - Verslag gemaakt op 03/08/2013 om 08:40:00 # Geactualiseerd op 19/07/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : lida - ACER5336 # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\lida\Downloads\adwcleaner.exe # Optie [Zoeken] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Aanwezig : C:\Users\lida\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\ftdownloader4@ftdownloader.com.xpi File Aanwezig : C:\Users\lida\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi Map Aanwezig : C:\Users\lida\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf Map Aanwezig : C:\Users\lida\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk ***** [Register] ***** Sleutel Aanwezig : HKCU\Software\1ClickDownload Sleutel Aanwezig : HKCU\Software\APN PIP Sleutel Aanwezig : HKLM\Software\PIP ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v22.0 (nl) File : C:\Users\lida\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. File : C:\Users\lida\AppData\Roaming\Mozilla\Firefox\Profiles\4d26s7ug.default\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v [Onmogelijk de versie te verkrijgen] File : C:\Users\lida\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoe na verwijdering dit # AdwCleaner v2.306 - Verslag gemaakt op 03/08/2013 om 08:42:56 # Geactualiseerd op 19/07/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : lida - ACER5336 # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\lida\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijderd : C:\Users\lida\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\ftdownloader4@ftdownloader.com.xpi File Verwijderd : C:\Users\lida\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi Map Verwijderd : C:\Users\lida\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf Map Verwijderd : C:\Users\lida\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk ***** [Register] ***** Sleutel Verwijderd : HKCU\Software\1ClickDownload Sleutel Verwijderd : HKCU\Software\APN PIP Sleutel Verwijderd : HKLM\Software\PIP ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v22.0 (nl) File : C:\Users\lida\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. File : C:\Users\lida\AppData\Roaming\Mozilla\Firefox\Profiles\4d26s7ug.default\prefs.js C:\Users\lida\AppData\Roaming\Mozilla\Firefox\Profiles\4d26s7ug.default\user.js ... Verwijderd ! [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v [Onmogelijk de versie te verkrijgen] File : C:\Users\lida\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer.
  2. Heb boven op de laptop ook hijack gedaan en ook adwcleaner en daarna weer hijack. Kunnen jullie kijken wat er goed is en fout is. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 13:23:22, on 19-7-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\DOCUME~1\jan\LOCALS~1\Temp\ISSCAN\PskSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Sitecom\Common\RegistryWriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\jan\Local Settings\Temporary Internet Files\Content.IE5\59GJRBF1\HijackThis[2].exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O1 - Hosts: ::1 localhost O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file) O3 - Toolbar: FrostWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1272752944543 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Hitman Pro 3.5 Crusader (Boot) (HitmanPro35CrusaderBoot) - Unknown owner - C:\Documents and Settings\jan\Bureaublad\HitmanPro35.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: PskSvcRetailInst - Panda Security, S.L. - C:\DOCUME~1\jan\LOCALS~1\Temp\ISSCAN\PskSvc.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Sitecom\Common\RegistryWriter.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 7057 bytes # AdwCleaner v2.305 - Verslag gemaakt op 19/07/2013 om 13:28:33 # Geactualiseerd op 11/07/2013 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruiker : jan - KOVACEVIC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Documents and Settings\jan\Bureaublad\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Verwijderd : C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia Map Verwijderd : C:\Documents and Settings\jan\Local Settings\Application Data\AskToolbar Map Verwijderd : C:\Documents and Settings\jan\Local Settings\Application Data\Conduit Map Verwijderd : C:\Program Files\Ask.com Map Verwijderd : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} ***** [Register] ***** Data Verwijderd : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll Data Verwijderd : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll Sleutel Verwijderd : HKCU\Software\AppDataLow\AskToolbarInfo Sleutel Verwijderd : HKCU\Software\Ask.com Sleutel Verwijderd : HKCU\Software\AskToolbar Sleutel Verwijderd : HKCU\Software\DataMngr Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Conduit.Engine Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Sleutel Verwijderd : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2102399 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Sleutel Verwijderd : HKLM\Software\DataMngr Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\44375bfaddc2bb762ac14d07bb2f0c4d Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0974BA1E-64EC-11DE-B2A5-E43756D89593}] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] ***** [browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Het register bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R1].txt - [6677 octets] - [19/07/2013 13:26:49] AdwCleaner[s1].txt - [6411 octets] - [19/07/2013 13:28:33] ########## EOF - C:\AdwCleaner[s1].txt - [6471 octets] ########## Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 13:41:56, on 19-7-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\DOCUME~1\jan\LOCALS~1\Temp\ISSCAN\PskSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Sitecom\Common\RegistryWriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\jan\Bureaublad\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1272752944543 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O20 - AppInit_DLLs: O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Hitman Pro 3.5 Crusader (Boot) (HitmanPro35CrusaderBoot) - Unknown owner - C:\Documents and Settings\jan\Bureaublad\HitmanPro35.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: PskSvcRetailInst - Panda Security, S.L. - C:\DOCUME~1\jan\LOCALS~1\Temp\ISSCAN\PskSvc.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Sitecom\Common\RegistryWriter.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 6528 bytes - - - Updated - - - Heb boven op de laptop ook hijack gedaan en ook adwcleaner en daarna weer hijack. Kunnen jullie kijken wat er goed is en fout is. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 13:23:22, on 19-7-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\DOCUME~1\jan\LOCALS~1\Temp\ISSCAN\PskSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Sitecom\Common\RegistryWriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\jan\Local Settings\Temporary Internet Files\Content.IE5\59GJRBF1\HijackThis[2].exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O1 - Hosts: ::1 localhost O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file) O3 - Toolbar: FrostWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1272752944543 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Hitman Pro 3.5 Crusader (Boot) (HitmanPro35CrusaderBoot) - Unknown owner - C:\Documents and Settings\jan\Bureaublad\HitmanPro35.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: PskSvcRetailInst - Panda Security, S.L. - C:\DOCUME~1\jan\LOCALS~1\Temp\ISSCAN\PskSvc.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Sitecom\Common\RegistryWriter.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 7057 bytes # AdwCleaner v2.305 - Verslag gemaakt op 19/07/2013 om 13:28:33 # Geactualiseerd op 11/07/2013 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruiker : jan - KOVACEVIC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Documents and Settings\jan\Bureaublad\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Verwijderd : C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia Map Verwijderd : C:\Documents and Settings\jan\Local Settings\Application Data\AskToolbar Map Verwijderd : C:\Documents and Settings\jan\Local Settings\Application Data\Conduit Map Verwijderd : C:\Program Files\Ask.com Map Verwijderd : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} ***** [Register] ***** Data Verwijderd : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll Data Verwijderd : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll Sleutel Verwijderd : HKCU\Software\AppDataLow\AskToolbarInfo Sleutel Verwijderd : HKCU\Software\Ask.com Sleutel Verwijderd : HKCU\Software\AskToolbar Sleutel Verwijderd : HKCU\Software\DataMngr Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Conduit.Engine Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Sleutel Verwijderd : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2102399 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Sleutel Verwijderd : HKLM\Software\DataMngr Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\44375bfaddc2bb762ac14d07bb2f0c4d Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0974BA1E-64EC-11DE-B2A5-E43756D89593}] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] ***** [browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Het register bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R1].txt - [6677 octets] - [19/07/2013 13:26:49] AdwCleaner[s1].txt - [6411 octets] - [19/07/2013 13:28:33] ########## EOF - C:\AdwCleaner[s1].txt - [6471 octets] ########## Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 13:41:56, on 19-7-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\DOCUME~1\jan\LOCALS~1\Temp\ISSCAN\PskSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Sitecom\Common\RegistryWriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\jan\Bureaublad\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1272752944543 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O20 - AppInit_DLLs: O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Hitman Pro 3.5 Crusader (Boot) (HitmanPro35CrusaderBoot) - Unknown owner - C:\Documents and Settings\jan\Bureaublad\HitmanPro35.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: PskSvcRetailInst - Panda Security, S.L. - C:\DOCUME~1\jan\LOCALS~1\Temp\ISSCAN\PskSvc.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Sitecom\Common\RegistryWriter.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 6528 bytes
  3. Heb een acer laptop die heb ik op een draadloze verbinding staan op kpn. Nu had ik voor de eerste keer per ongeluk een verkeerde naam gegeven nu zie ik staan in me lijst me verbinding die goed is en beveiligd en de andere die ik fout had gedaan staat er ook nog in hoe krijg ik die weg dan staat er bij onbeveiligd
  4. slag gemaakt op 15/07/2013 om 07:32:16 # Geactualiseerd op 11/07/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : lida - ACER5336 # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\lida\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UR5I41Q\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Verwijderd : C:\Program Files (x86)\Ask.com Map Verwijderd : C:\Program Files (x86)\AskPartnerNetwork Map Verwijderd : C:\Program Files (x86)\Conduit Map Verwijderd : C:\Program Files (x86)\Desk 365 Map Verwijderd : C:\Program Files (x86)\ExpressFiles Map Verwijderd : C:\Program Files (x86)\Gophoto.it Map Verwijderd : C:\Program Files (x86)\RegClean Pro Map Verwijderd : C:\Program Files (x86)\TornTV.com Map Verwijderd : C:\Program Files (x86)\Wondershare Map Verwijderd : C:\Program Files (x86)\Yontoo Map Verwijderd : C:\ProgramData\APN Map Verwijderd : C:\ProgramData\Ask Map Verwijderd : C:\ProgramData\AskPartnerNetwork Map Verwijderd : C:\ProgramData\Babylon Map Verwijderd : C:\ProgramData\BBroowsee2save Map Verwijderd : C:\ProgramData\eSafe Map Verwijderd : C:\ProgramData\InstallMate Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare Map Verwijderd : C:\ProgramData\Partner Map Verwijderd : C:\ProgramData\Premium Map Verwijderd : C:\ProgramData\SoftSafe Map Verwijderd : C:\ProgramData\Tarma Installer Map Verwijderd : C:\Users\lida\AppData\Local\AskPartnerNetwork Map Verwijderd : C:\Users\lida\AppData\Local\Conduit Map Verwijderd : C:\Users\lida\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf Map Verwijderd : C:\Users\lida\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk Map Verwijderd : C:\Users\lida\AppData\Local\PutLockerDownloader Map Verwijderd : C:\Users\lida\AppData\Local\Wondershare Map Verwijderd : C:\Users\lida\AppData\LocalLow\AskToolbar Map Verwijderd : C:\Users\lida\AppData\LocalLow\Conduit Map Verwijderd : C:\Users\lida\AppData\LocalLow\PriceGong Map Verwijderd : C:\Users\lida\AppData\LocalLow\searchquband Map Verwijderd : C:\Users\lida\AppData\LocalLow\searchresultstb Map Verwijderd : C:\Users\lida\AppData\Roaming\BabSolution Map Verwijderd : C:\Users\lida\AppData\Roaming\Babylon Map Verwijderd : C:\Users\lida\AppData\Roaming\Desk 365 Map Verwijderd : C:\Users\lida\AppData\Roaming\ExpressFiles Map Verwijderd : C:\Users\lida\AppData\Roaming\OpenCandy Map Verwijderd : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} ***** [Register] ***** Sleutel Verwijderd : HKCU\Software\1ClickDownload Sleutel Verwijderd : HKCU\Software\APN Sleutel Verwijderd : HKCU\Software\APN PIP Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\AskToolbar Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\searchqutoolbar Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijderd : HKCU\Software\AppDataLow\SProtector Sleutel Verwijderd : HKCU\Software\Ask.com Sleutel Verwijderd : HKCU\Software\AskPartnerNetwork Sleutel Verwijderd : HKCU\Software\BabSolution Sleutel Verwijderd : HKCU\Software\DataMngr Sleutel Verwijderd : HKCU\Software\ExpressFiles Sleutel Verwijderd : HKCU\Software\ilivid Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Sleutel Verwijderd : HKCU\Software\9ed88ae634e449 Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} Sleutel Verwijderd : HKLM\Software\APN Sleutel Verwijderd : HKLM\Software\AskPartnerNetwork Sleutel Verwijderd : HKLM\Software\AskToolbar Sleutel Verwijderd : HKLM\Software\Babylon Sleutel Verwijderd : HKLM\Software\Bandoo Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Sleutel Verwijderd : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Api Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Sleutel Verwijderd : HKLM\Software\Conduit Sleutel Verwijderd : HKLM\Software\DataMngr Sleutel Verwijderd : HKLM\Software\ExpressFiles Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijderd : HKLM\Software\PIP Sleutel Verwijderd : HKLM\Software\SProtector Sleutel Verwijderd : HKLM\Software\systweak Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Sleutel Verwijderd : HKLM\SOFTWARE\Software Sleutel Verwijderd : HKLM\SOFTWARE\Tarma Installer Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}] Waarde Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Waarde Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v [Onmogelijk de versie te verkrijgen] File : C:\Users\lida\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R1].txt - [15152 octets] - [15/07/2013 07:31:19] AdwCleaner[s1].txt - [15026 octets] - [15/07/2013 07:32:16] ########## EOF - C:\AdwCleaner[s1].txt - [15087 octets] ########## En nu heb ik het opnieuw gedaan en dan krijg ik dit # AdwCleaner v2.305 - Verslag gemaakt op 16/07/2013 om 09:15:21 # Geactualiseerd op 11/07/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : lida - ACER5336 # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\lida\Downloads\adwcleaner.exe # Optie [Zoeken] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Aanwezig : C:\Users\lida\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf Map Aanwezig : C:\Users\lida\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk ***** [Register] ***** ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v [Onmogelijk de versie te verkrijgen] File : C:\Users\lida\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R1].txt - [15152 octets] - [15/07/2013 07:31:19] AdwCleaner[R2].txt - [1266 octets] - [15/07/2013 09:46:28] AdwCleaner[R3].txt - [1326 octets] - [16/07/2013 07:09:52] AdwCleaner[R4].txt - [1196 octets] - [16/07/2013 09:15:21] AdwCleaner[s1].txt - [15085 octets] - [15/07/2013 07:32:16] ########## EOF - C:\AdwCleaner[R4].txt - [1317 octets] ########## En ook als ik me internet explorer opent zegt hij altijd het tabblad is gesloten vanwege - - - Updated - - - Deze hijack log heb ik als administrator uitgevoerd Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:24:44, on 16-7-2013 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v10.0 (10.00.9200.16635) Boot mode: Normal Running processes: C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9792 bytes
  5. Dit is me nieuwe hijack en wil ook vragen wat kan er aan of uit staan bij me C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Users\lida\Downloads\adwcleaner.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9411 bytes Ja HKCU:Run Skype Skype Technologies S.A. lida "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun Nee HKCU:Run Skype Skype Technologies S.A. Alle gebruikers "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun Ja HKLM:Run Acer ePower Management Acer Incorporated Alle gebruikers C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe Ja HKLM:Run Adobe ARM Adobe Systems Incorporated Alle gebruikers "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" Ja HKLM:Run BackupManagerTray NewTech Infosystems, Inc. Alle gebruikers "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k Nee HKLM:Run EgisTecPMMUpdate Egis Technology Inc. Alle gebruikers "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" Nee HKLM:Run EgisUpdate Egis Technology Inc. Alle gebruikers "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d Ja HKLM:Run ETDWare ELAN Microelectronic Corp. Alle gebruikers %ProgramFiles%\Elantech\ETDCtrl.exe Ja HKLM:Run HotKeysCmds Intel Corporation Alle gebruikers C:\Windows\system32\hkcmd.exe Ja HKLM:Run IAStorIcon Intel Corporation Alle gebruikers C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe Ja HKLM:Run IgfxTray Intel Corporation Alle gebruikers C:\Windows\system32\igfxtray.exe Ja HKLM:Run LManager Dritek System Inc. Alle gebruikers C:\Program Files (x86)\Launch Manager\LManager.exe Ja HKLM:Run Monitor PixArt Imaging Incorporation Alle gebruikers C:\Windows\PixArt\PAC207\Monitor.exe Nee HKLM:Run mwlDaemon Egis Technology Inc. Alle gebruikers C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe Ja HKLM:Run NBKeyScan Nero AG Alle gebruikers "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" Ja HKLM:Run OOTag Microsoft Alle gebruikers C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe Ja HKLM:Run Persistence Intel Corporation Alle gebruikers C:\Windows\system32\igfxpers.exe Nee HKLM:Run RegUse Honlyn (Macao Commercial Offshore) Limited Alle gebruikers C:\Program Files (x86)\RegUse\RegUse.exe Nee HKLM:Run SuiteTray Egis Technology Inc. Alle gebruikers "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" Nee HKLM:Run SunJavaUpdateSched Alle gebruikers "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" Ja HKLM:Run SynTPEnh Synaptics Incorporated Alle gebruikers %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe Ja HKLM:Run Windows Mobile Device Center Microsoft Corporation Alle gebruikers %windir%\WindowsMobile\wmdc.exe Nee Startup User Socialbox.lnk lida C:\Program Files (x86)\Socialbox\Socialbox.exe
  6. heb opnieuw de hijack log gedaan en nu krijg ik dit Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:37:00, on 15-7-2013 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v10.0 (10.00.9200.16635) Boot mode: Normal Running processes: C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Ask Shopping Toolbar BHO - {5347542D-5341-5400-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SGT-SAT\Passport.dll" (file missing) O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9904 bytes
  7. Willen jullie mij helpen mijn laptop is zo traag geworden Dan staat er ook onderin intel rst word niet uitgevoerd Ik heb ook wat anders er bij staan wat kan er uit en aan blijven staan Iedereen bedankt voor de hulp Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:03:05, on 14-7-2013 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v10.0 (10.00.9200.16635) Boot mode: Normal Running processes: C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Users\lida\AppData\Roaming\TorrentStream\updater\tsupdate.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Spotnet\Spotnet.exe C:\Program Files (x86)\Spotnet\SABnzbd.exe C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://nl.woofi.info R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll" (file missing) R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: (no name) - {0734d757-fea6-4637-a7e4-2bd40a7fd8da} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Ask Shopping Toolbar BHO - {5347542D-5341-5400-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SGT-SAT\Passport.dll" (file missing) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: BBroowsee2save - {AB33E7D9-A253-F397-A949-84093DC24BF1} - C:\ProgramData\BBroowsee2save\515fcae02d060.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Ask Shopping Toolbar - {5347542D-5341-5400-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SGT-SAT\Passport.dll" (file missing) O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11535 bytes Ja HKCU:Run Skype Skype Technologies S.A. lida "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun Nee HKCU:Run Skype Skype Technologies S.A. Alle gebruikers "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun Ja HKLM:Run Acer ePower Management Acer Incorporated Alle gebruikers C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe Ja HKLM:Run Adobe ARM Adobe Systems Incorporated Alle gebruikers "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" Nee HKLM:Run ApnUpdater Ask Alle gebruikers "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" Ja HKLM:Run BackupManagerTray NewTech Infosystems, Inc. Alle gebruikers "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k Nee HKLM:Run EgisTecPMMUpdate Egis Technology Inc. Alle gebruikers "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" Nee HKLM:Run EgisUpdate Egis Technology Inc. Alle gebruikers "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d Ja HKLM:Run ETDWare ELAN Microelectronic Corp. Alle gebruikers %ProgramFiles%\Elantech\ETDCtrl.exe Ja HKLM:Run HotKeysCmds Intel Corporation Alle gebruikers C:\Windows\system32\hkcmd.exe Ja HKLM:Run IAStorIcon Intel Corporation Alle gebruikers C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe Ja HKLM:Run IgfxTray Intel Corporation Alle gebruikers C:\Windows\system32\igfxtray.exe Ja HKLM:Run LManager Dritek System Inc. Alle gebruikers C:\Program Files (x86)\Launch Manager\LManager.exe Ja HKLM:Run Monitor PixArt Imaging Incorporation Alle gebruikers C:\Windows\PixArt\PAC207\Monitor.exe Nee HKLM:Run mwlDaemon Egis Technology Inc. Alle gebruikers C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe Ja HKLM:Run NBKeyScan Nero AG Alle gebruikers "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" Ja HKLM:Run OOTag Microsoft Alle gebruikers C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe Ja HKLM:Run Persistence Intel Corporation Alle gebruikers C:\Windows\system32\igfxpers.exe Nee HKLM:Run RegUse Honlyn (Macao Commercial Offshore) Limited Alle gebruikers C:\Program Files (x86)\RegUse\RegUse.exe Nee HKLM:Run SuiteTray Egis Technology Inc. Alle gebruikers "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" Nee HKLM:Run SunJavaUpdateSched Sun Microsystems, Inc. Alle gebruikers "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" Ja HKLM:Run SynTPEnh Synaptics Incorporated Alle gebruikers %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe Ja HKLM:Run Windows Mobile Device Center Microsoft Corporation Alle gebruikers %windir%\WindowsMobile\wmdc.exe Nee Startup User Socialbox.lnk lida C:\Program Files (x86)\Socialbox\Socialbox.exe
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.