HennieJ
-
Items
4 -
Registratiedatum
-
Laatst bezocht
HennieJ's prestaties
-
Allereerst nogmaals hartelijke dank voor de fantastische snelle hulp en reacties. Ik heb ComboFix uninstalled en CCleaner gedraaid. Het geheel draait weer een stuk sneller.
-
De snelheid is een stuk beter geworden , hartelijk dank voor de hulp. Ik kan nu weer facebooken onderweg op vakantie.
-
Hallo, bedankt voor de hulp en adviezen. Ik heb de 5 items aangevinked in HiJackthis en gefixed. Daarna combobox gedownload en geinstalleerd met het volgende als resultaat: ComboFix 13-07-18.04 - Hennie 19-07-2013 19:27:00.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1022.454 [GMT 2:00] Gestart vanuit: c:\software\ComboFix.exe AV: AVG Internet Security 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Internet Security 2013 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . ADS - system32: deleted 40 bytes in 1 streams. ADS - WINDOWS: deleted 24 bytes in 1 streams. . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\Hennie\Mijn documenten\~WRL0001.tmp c:\windows\IsUn0413.exe c:\windows\iun6002.exe c:\windows\system32\Cache c:\windows\system32\Cache\26c630d098e22dd5.fb c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\287204568329e189.fb c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\31a0997e9a5b5eb3.fb c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\3917078cb68ec657.fb c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\610289e025a3ee9a.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\86069f0eb1756376.fb c:\windows\system32\Cache\95f567698be8a182.fb c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d2e94710a5708128.fb c:\windows\system32\Cache\d79b9dfe81484ec4.fb c:\windows\system32\Cache\f998975c9cc711ee.fb c:\windows\system32\PowerToyReadme.htm c:\windows\system32\SET66F.tmp c:\windows\system32\SET67B.tmp D:\AUTORUN.INF . . (((((((((((((((((((( Bestanden Gemaakt van 2013-06-19 to 2013-07-19 )))))))))))))))))))))))))))))) . . 2013-07-14 20:23 . 2013-07-14 20:30 -------- d-----w- c:\windows\system32\MRT 2013-07-12 11:26 . 2013-07-18 14:34 -------- d--h--r- c:\documents and settings\Hennie\Onlangs geopend 2013-07-12 06:51 . 2013-07-18 14:30 -------- d-----w- C:\foto 2013 2013-06-30 19:17 . 2008-04-14 16:39 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2013-06-30 19:17 . 2008-04-14 16:39 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2013-06-30 19:16 . 2008-04-14 17:02 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2013-06-30 19:16 . 2008-04-14 17:02 21504 ----a-w- c:\windows\system32\hidserv.dll 2013-06-24 10:34 . 2013-06-24 10:34 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2013-06-24 10:34 . 2013-06-26 13:21 -------- d-----w- c:\program files\AVG Secure Search 2013-06-24 10:20 . 2013-06-24 10:39 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2013 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-24 11:03 . 2012-05-03 09:50 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-06-24 11:03 . 2011-08-31 00:33 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-06-08 01:23 . 2004-08-04 12:00 920064 ----a-w- c:\windows\system32\wininet.dll 2013-06-07 21:53 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-06-07 21:53 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-06-07 18:27 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec 2013-06-05 09:08 . 2004-08-04 12:00 1876864 ----a-w- c:\windows\system32\win32k.sys 2013-06-04 07:22 . 2004-08-04 12:00 563200 ----a-w- c:\windows\system32\qedit.dll 2013-05-08 09:58 . 2006-10-18 19:47 1543680 ------w- c:\windows\system32\wmvdecod.dll 2013-05-03 05:39 . 2004-08-04 00:58 2074496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-05-03 05:39 . 2004-08-04 12:00 2197888 ----a-w- c:\windows\system32\ntoskrnl.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nwiz"="c:\windows\system32\nwiz.exe" [2009-01-30 1657376] "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768] "HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2012-05-29 61440] "CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480] "LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2005-03-16 204800] "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2005-11-08 81920] "AGRSMMSG"="c:\windows\AGRSMMSG.exe" [2005-08-24 88203] "RemoteControl"="c:\program files\Home Cinema\PowerDVD\PDVDServ.exe" [2005-01-12 32768] "PCMService"="c:\program files\Home Cinema\PowerCinema\PCMService.exe" [2006-03-30 147456] "PPMemCheck"="c:\progra~1\PESTPA~1\PPMemCheck.exe" [2004-04-02 148480] "CookiePatrol"="c:\progra~1\PESTPA~1\CookiePatrol.exe" [2005-01-10 73728] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "InstantOn"="c:\program files\CyberLink\PowerCinema Linux\ion_install.exe" [2005-09-22 93640] "QuickFinder Scheduler"="c:\program files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [2007-01-02 83568] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 13594624] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "RTHDCPL"="RTHDCPL.EXE" [2009-10-02 18749440] "UVS10 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe" [2006-08-09 36864] "ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-07-29 296096] "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-04-28 4408368] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-06-26 2236080] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696] Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-3-14 2938184] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe /startup [2008-5-26 123904] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\fxsclnt.exe"= "c:\\Program Files\\NetMeeting\\Conf.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\VINCO\\VOG2\\vogshell.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\RhinoSoft.com\\FTP Voyager\\FTPVoyager.exe"= "c:\\Program Files\\RhinoSoft.com\\FTP Voyager\\FVScheduler.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\11nRouter\\Smart Setup\\Router.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"= . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19-4-2012 4:50 60216] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [8-2-2013 4:37 245048] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16-3-2011 16:03 39224] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23-12-2011 13:32 208184] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23-12-2011 13:32 22328] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-1-2011 6:41 170808] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [5-4-2011 0:59 182072] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [24-6-2013 12:34 37664] R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2013\avgfws.exe [10-4-2013 11:07 1428472] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [14-5-2013 0:54 4937264] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [18-4-2013 4:34 283136] R2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [26-6-2013 15:21 1598128] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [17-4-2006 12:57 826752] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12-1-2012 19:52 30944] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?] S1 mailKmd;mailKmd; [x] S2 sdAuxService;PC Tools Auxiliary Service; [x] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2-10-2009 20:35 1684736] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12-1-2012 19:52 30944] S3 L6UX2;Service - Line 6 UX2;c:\windows\system32\Drivers\L6UX2.sys --> c:\windows\system32\Drivers\L6UX2.sys [?] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?] S3 uxddrv;Dynamically loaded UxdDrv;\??\f:\winstress pro\uxddrv.sys --> f:\winstress pro\uxddrv.sys [?] S3 WDM_Capture_220A;DVB-T TV Receiver;c:\windows\system32\drivers\WDM_Capture_220A.sys [11-8-2007 13:33 18432] S3 WDM_Loader_220A;DVB-T TV Loader;c:\windows\system32\drivers\WDM_Loader_220A.sys [11-8-2007 13:33 15488] . Inhoud van de 'Gedeelde Taken' map . 2013-07-19 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-03 11:03] . 2013-06-24 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2013-07-19 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-958266149-2393807221-55561644-1007.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-06-21 10:00] . 2013-06-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-958266149-2393807221-55561644-1007.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-06-21 10:00] . 2013-07-16 c:\windows\Tasks\ReclaimerUpdateFiles_Hennie.job - c:\documents and settings\Hennie\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-06-24 10:39] . 2013-07-17 c:\windows\Tasks\ReclaimerUpdateXML_Hennie.job - c:\documents and settings\Hennie\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-06-24 10:39] . 2013-07-19 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Hennie.job - c:\documents and settings\Hennie\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-06-24 10:39] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nl-plaza.nl/start IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Open with WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta Trusted Zone: line6.net TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab DPF: {E9790C6C-DCAA-4E4F-8048-FFEC3B62DFED} - hxxp://216.32.89.203/activex/vogweb29.cab FF - ProfilePath - c:\documents and settings\Hennie\Application Data\Mozilla\Firefox\Profiles\kc09dxz0.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.ampl.nl/start FF - prefs.js: keyword.URL - hxxp://search.avg.com/?d=4e2c2fb6&i=23&tp=ab&nt=1&q= FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: R-kiosk: {4D498D0A-05AD-4fdb-97B5-8A0AABC1FC5B} - %profile%\extensions\{4D498D0A-05AD-4fdb-97B5-8A0AABC1FC5B} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-07-19 19:47 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140211900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . Voltooingstijd: 2013-07-19 19:56:28 ComboFix-quarantined-files.txt 2013-07-19 17:56 . Pre-Run: 25.585.729.536 bytes beschikbaar Post-Run: 25.835.999.232 bytes beschikbaar . - - End Of File - - 449E4BD38DA6F9C32B12B87463381B51 60898284F02BC46247A3484DE39F868C
-
Hallo, Op mijn laptop met XP kan ik bijna nits meer doen op Facebook. Pagina's traag, plaatjes duren lang of komen niet enz. Ik heb de log bijgevoegd, graag hulp. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 7:47:32, on 19-7-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) FIREFOX: 3.6.8 (nl) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2013\avgrsx.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\AVG2013\avgfws.exe C:\Program Files\AVG\AVG2013\avgidsagent.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\Wbutton.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe C:\Program Files\Home Cinema\PowerCinema\PCMService.exe C:\PROGRA~1\PESTPA~1\PPMemCheck.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\PESTPA~1\CookiePatrol.exe C:\Program Files\AVG\AVG2013\avgnsx.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\StkASv2K.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe C:\program files\real\realplayer\update\realsched.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Program Files\AVG Secure Search\vprot.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe C:\WINDOWS\system32\SearchIndexer.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Software\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina NL-Plaza R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = tropal.net R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [nwiz] "C:\WINDOWS\system32\nwiz.exe" /install O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe" O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [AGRSMMSG] "C:\WINDOWS\AGRSMMSG.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [PPMemCheck] c:\PROGRA~1\PESTPA~1\PPMemCheck.exe O4 - HKLM\..\Run: [CookiePatrol] c:\PROGRA~1\PESTPA~1\CookiePatrol.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName O4 - HKLM\..\Run: [instantOn] "C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe" /c O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [uVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.line6.net O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1145273288187 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1358245444327 O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab O16 - DPF: {E9790C6C-DCAA-4E4F-8048-FFEC3B62DFED} (VOGWeb2 Class) - http://216.32.89.203/activex/vogweb29.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Syntek STK1160 Service (StkASSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkASv2K.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: vToolbarUpdater15.3.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 13711 bytes
