Ga naar inhoud

via Norton Ghost PC herstarten

PolH

Door PolH
in Archief Hardware algemeen

 Delen

Aanbevolen berichten

clarkie Grootmeester

clarkie

Geplaatst:
Geplaatst:

Je spreekt over een laptop.

Welk merk van laptop heb je?

Heb je een recovery -cd of recovery- partitie op die laptop?

Zo kan je ook je laptop terug zetten naar fabrieksinstellingen.

Dus naar dag 1 van aankoop.

Welke probleem heeft je laptop momenteel, je kan niet opstarten?

Is er sprake van malware?

Link naar reactie
Delen op andere sites
  • Reacties 28
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

PolH Vaste Klant

PolH

Geplaatst:
  • Auteur
Geplaatst:

mijn laptop is een HP maar een rcovery CD heb ik waarschijnlijk niet

het probleem was enorme traagheid en ik dacht ik zet hem terug naar het bijna begin, want op deze laptop staat een boekhoudingspakket waar ik moet voor betalen om het te komen installeren.

als het niet lukt probeer ik terug naar de fabrieksinstellingen te gaan maar hoe doe ik dat.

Link naar reactie
Delen op andere sites
clarkie Grootmeester

clarkie

Geplaatst:
Geplaatst:

Veeel kans dat malware het probleem is.

Start je Pc nog op?

Eventueel via veilige modus.

Herstart hiervoor je laptop.

Dan direct op de F8 tokkelen.

Kies veilige modus met netwerkmogelijkheden.

Voer dan onderstaande uit, een expert kijkt dan je logje na.

Download HijackThis.

Klik bij "HijackThis Downloads" op "Installer".

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Klik op de snelkoppeling om HijackThis te starten

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Link naar reactie
Delen op andere sites
PolH Vaste Klant

PolH

Geplaatst:
  • Auteur
Geplaatst:

door veel te proberen en vinkjes aan te kruisen en niet aan te kruisen ben ik terug op de situatie van 5 dagen terug. Ik blijf natuurlijk met mijn traagheid van mijn pc zitten vooral outlook.

ik heb dus HiJackThis uitgevoerd en ik hoop dat je dit hier terug vind.

ik ga ook het copieren in hier bijvoegen [ATTACH]10838[/ATTACH]

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:31:00, on 17/05/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16766)

Boot mode: Normal

Running processes:

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\PC Tools Utilities\Tools\Defrag\DMDefragSrvProxy.exe

C:\Program Files\PC Tools Utilities\Tools\Repair\DMRepairSrvProxy.exe

C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\windows\system32\igfxsrvc.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Norton Ghost\Agent\VProTray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Belgium Identity Card\beid35gui.exe

C:\Program Files\Fighters\SPAMfighter\sfagent.exe

C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe

C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe

C:\Program Files\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

C:\Program Files\Outlook on the Desktop\OutlookDesktop.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe

C:\Users\Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files\OsaSync\AddInMon.exe

C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe

C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe

C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Program Files\OsaSync\OsaSync.exe

C:\windows\system32\SearchProtocolHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = De Standaard Online

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

R3 - URLSearchHook: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHP1.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll

O2 - BHO: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHP1.dll

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100610060905.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll

O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll

O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHP1.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [Norton Ghost 15.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [signIn] "C:\Program Files\Microsoft Online Services\Sign In\SignIn.exe" /autorun

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"

O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup

O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\SPAMfighter\sfagent.exe

O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup

O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart

O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"

O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Nbtgiq] rundll32 "C:\Users\Pol\AppData\Roaming\oleprn6.dll",Gpfodz

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray

O4 - HKCU\..\Run: [OutlookOnDesktop] C:\Program Files\Outlook on the Desktop\OutlookDesktop.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\windows\system32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\windows\system32\msjava.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O15 - Trusted Zone: *.kbc.be

O15 - Trusted Zone: *.kbcgroup.eu

O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM)

O15 - Trusted Zone: CBC (HKLM)

O15 - Trusted Zone: Welcome to Isabel (HKLM)

O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM)

O15 - Trusted Zone: Welcome to Isabel (HKLM)

O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM)

O15 - Trusted Zone: KBC (HKLM)

O15 - Trusted Zone: KBC Asset Management (HKLM)

O15 - Trusted Zone: http://www.kbcam.com (HKLM)

O15 - Trusted Zone: KBC Merchant Banking (HKLM)

O15 - Trusted Zone: http://*.mcafee.com (HKLM)

O15 - Trusted Zone: McAfee Security-as-a-Service Beta (HKLM)

O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)

O15 - Trusted Zone: McAfee (HKLM)

O15 - Trusted Zone: McAfee SiteAdvisor Software (HKLM)

O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)

O15 - ESC Trusted Zone: McAfee Security-as-a-Service Beta (HKLM)

O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)

O15 - ESC Trusted Zone: McAfee (HKLM)

O15 - ESC Trusted Zone: McAfee SiteAdvisor Software (HKLM)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2) - http://bi.emi-group.com/businessobjects/enterprise115/cp_desktoplaunch/JavaPlugin/Win32/j2re-1_4_2_04-windows-i586-p.exe

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: AdminService for OpenEdge 10.2B (AdminService10.2B) - Unknown owner - C:\Program Files\OpenEdge\bin\AdmSrvc.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\aestsrv.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe

O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Performance Toolkit Disk Defrag Service (DMDefragService) - PC Tools - C:\Program Files\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe

O23 - Service: Performance Toolkit Disk Repair Service (DMRepairService) - PC Tools - C:\Program Files\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe

O23 - Service: GenericMount Helper Service - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: McAfee SiteAdvisor Enterprise Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe

O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe

O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\SPAMfighter\sfus.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe

O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe

--

End of file - 21026 bytes

hijackthis20110517.txt

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop "Application Updater"

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete "Application Updater"

Druk op Enter.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

R3 - URLSearchHook: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHP1.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll

O2 - BHO: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHP1.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHP1.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"

O4 - HKCU\..\Run: [Nbtgiq] rundll32 "C:\Users\Pol\AppData\Roaming\oleprn6.dll",Gpfodz

O4 - Global Startup: Bluetooth.lnk = ?

Klik op 'Fix checked' om de items te verwijderen.

Verwijder Ask Toolbar of Ask.com via Configuratiescherm -> Software (indien aanwezig) of verwijder anders volgende vetgedrukte map : C:\Program Files\Ask.com

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

Link naar reactie
Delen op andere sites
PolH Vaste Klant

PolH

Geplaatst:
  • Auteur
Geplaatst:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Databaseversie: 6607

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

18/05/2011 11:02:37

mbam-log-2011-05-18 (11-02-37).txt

Scantype: Snelle scan

Objecten gescand: 161654

Verstreken tijd: 12 minuut/minuten, 9 seconde(n)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 0

Registerwaarden geïnfecteerd: 0

Registerdata geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 1

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:

c:\Users\Pol\downloads\installer_pdfcreator_pdfcreator-1_0_2_setup_dutch.exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully.

en na het terug opstarten

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Databaseversie: 6607

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

18/05/2011 11:33:43

mbam-log-2011-05-18 (11-33-43).txt

Scantype: Snelle scan

Objecten gescand: 160951

Verstreken tijd: 19 minuut/minuten, 3 seconde(n)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 0

Registerwaarden geïnfecteerd: 0

Registerdata geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:46:05, on 18/05/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16766)

Boot mode: Normal

Running processes:

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\PC Tools Utilities\Tools\Defrag\DMDefragSrvProxy.exe

C:\Program Files\PC Tools Utilities\Tools\Repair\DMRepairSrvProxy.exe

C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Norton Ghost\Agent\VProTray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Belgium Identity Card\beid35gui.exe

C:\Program Files\Fighters\SPAMfighter\sfagent.exe

C:\windows\system32\igfxsrvc.exe

C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe

C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

C:\Program Files\Outlook on the Desktop\OutlookDesktop.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe

C:\Users\Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe

C:\Program Files\OsaSync\AddInMon.exe

C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe

C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Microsoft Office\Office12\MSACCESS.EXE

C:\windows\system32\SearchProtocolHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = De Standaard Online

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100610060905.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll

O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll

O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [Norton Ghost 15.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [signIn] "C:\Program Files\Microsoft Online Services\Sign In\SignIn.exe" /autorun

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"

O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup

O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\SPAMfighter\sfagent.exe

O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup

O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart

O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray

O4 - HKCU\..\Run: [OutlookOnDesktop] C:\Program Files\Outlook on the Desktop\OutlookDesktop.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\windows\system32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\windows\system32\msjava.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O15 - Trusted Zone: *.kbc.be

O15 - Trusted Zone: *.kbcgroup.eu

O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM)

O15 - Trusted Zone: CBC (HKLM)

O15 - Trusted Zone: Welcome to Isabel (HKLM)

O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM)

O15 - Trusted Zone: Welcome to Isabel (HKLM)

O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM)

O15 - Trusted Zone: KBC (HKLM)

O15 - Trusted Zone: KBC Asset Management (HKLM)

O15 - Trusted Zone: http://www.kbcam.com (HKLM)

O15 - Trusted Zone: KBC Merchant Banking (HKLM)

O15 - Trusted Zone: http://*.mcafee.com (HKLM)

O15 - Trusted Zone: McAfee Security-as-a-Service Beta (HKLM)

O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)

O15 - Trusted Zone: McAfee (HKLM)

O15 - Trusted Zone: McAfee SiteAdvisor Software (HKLM)

O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)

O15 - ESC Trusted Zone: McAfee Security-as-a-Service Beta (HKLM)

O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)

O15 - ESC Trusted Zone: McAfee (HKLM)

O15 - ESC Trusted Zone: McAfee SiteAdvisor Software (HKLM)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2) - http://bi.emi-group.com/businessobjects/enterprise115/cp_desktoplaunch/JavaPlugin/Win32/j2re-1_4_2_04-windows-i586-p.exe

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: AdminService for OpenEdge 10.2B (AdminService10.2B) - Unknown owner - C:\Program Files\OpenEdge\bin\AdmSrvc.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\aestsrv.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe

O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Performance Toolkit Disk Defrag Service (DMDefragService) - PC Tools - C:\Program Files\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe

O23 - Service: Performance Toolkit Disk Repair Service (DMRepairService) - PC Tools - C:\Program Files\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe

O23 - Service: GenericMount Helper Service - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: McAfee SiteAdvisor Enterprise Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe

O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe

O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\SPAMfighter\sfus.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe

O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe

--

End of file - 19676 bytes

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop "Application Updater"

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete "Application Updater"

Druk op Enter.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

Klik op 'Fix checked' om de items te verwijderen.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht, samen met een nieuw log van HijackThis.

Link naar reactie
Delen op andere sites
PolH Vaste Klant

PolH

Geplaatst:
  • Auteur
Geplaatst:

Beste Kape,

je hebt nogal werk met mij!

Hier de gevraagde informatie:

ComboFix 11-05-17.01 - Pol 18/05/2011 14:27:20.1.2 - x86

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.1976.627 [GMT 2:00]

Gestart vanuit: c:\users\Pol\Desktop\ComboFix.exe

AV: McAfee® Total Protection™ Service *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfee® Total Protection™ Service *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfee® Total Protection™ Service *Disabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Thumbs.db

c:\windows\system\olepro32.dll

.

c:\windows\system32\userinit.exe . . . is geïnfecteerd!!

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-04-18 to 2011-05-18 ))))))))))))))))))))))))))))))

.

.

2011-05-18 12:48 . 2011-05-18 12:48 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-05-18 12:22 . 2011-05-18 12:22 12568 ----a-w- c:\windows\system32\drivers\PROCEXP113.SYS

2011-05-18 08:45 . 2011-05-18 08:45 -------- d-----w- c:\users\Pol\AppData\Roaming\Malwarebytes

2011-05-18 08:45 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-18 08:45 . 2011-05-18 08:45 -------- d-----w- c:\programdata\Malwarebytes

2011-05-18 08:45 . 2011-05-18 08:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-05-18 08:45 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-17 16:29 . 2011-05-17 16:29 -------- d-----w- c:\users\Pol\AppData\Local\Symantec

2011-05-11 13:49 . 2011-05-11 13:49 -------- d-----w- c:\program files\CCleaner

2011-05-10 09:51 . 2011-05-10 09:51 388096 ----a-r- c:\users\Pol\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-05-10 09:51 . 2011-05-10 09:51 -------- d-----w- c:\program files\Trend Micro

2011-05-06 07:50 . 2011-05-06 07:50 -------- d-----w- c:\programdata\AVS4YOU

2011-05-06 07:50 . 2011-05-06 07:50 -------- d-----w- c:\users\Pol\AppData\Roaming\AVS4YOU

2011-05-06 07:49 . 2011-05-06 07:49 -------- d-----w- c:\program files\Common Files\AVSMedia

2011-05-06 07:49 . 2011-05-06 07:49 -------- d-----w- c:\program files\AVS4YOU

2011-05-06 07:49 . 2011-01-11 09:53 1700352 ----a-w- c:\windows\system32\GdiPlus.dll

2011-05-06 07:49 . 2011-01-11 09:53 24576 ----a-w- c:\windows\system32\msxml3a.dll

2011-05-06 07:34 . 2011-05-06 07:34 88 --sh--r- c:\programdata\BF31EC6D50.sys

2011-05-06 07:34 . 2011-05-06 07:34 -------- d-----w- c:\users\Pol\AppData\Roaming\Corel

2011-05-06 07:34 . 2011-05-06 07:34 2828 --sha-w- c:\programdata\KGyGaAvL.sys

2011-04-26 19:30 . 2011-04-26 19:30 -------- d-----w- c:\program files\File Scavenger 3.2

2011-04-22 11:17 . 2011-05-12 08:04 -------- d-----w- c:\users\Pol\AppData\Local\Microsoft Games

2011-04-21 13:36 . 2011-04-21 18:47 -------- d-----w- c:\users\Pol\AppData\Local\Meshin

2011-04-21 13:29 . 2011-04-21 13:29 -------- d-----w- c:\program files\PARC

2011-04-21 13:19 . 2011-04-21 13:19 -------- d-----w- c:\program files\Outlook on the Desktop

2011-04-21 13:18 . 2011-05-11 13:47 -------- d-----w- C:\Download

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\system32\GPhotos.scr

2011-03-17 07:18 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-03-11 05:40 . 2011-04-15 19:32 1137664 ----a-w- c:\windows\system32\mfc42.dll

2011-03-11 05:40 . 2011-04-15 19:32 1164288 ----a-w- c:\windows\system32\mfc42u.dll

2011-03-08 05:38 . 2011-04-15 19:32 740864 ----a-w- c:\windows\system32\inetcomm.dll

2011-03-03 05:29 . 2011-04-15 19:33 132608 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-03-03 05:27 . 2011-04-15 19:33 28672 ----a-w- c:\windows\system32\dnscacheugc.exe

2011-03-03 03:31 . 2011-04-15 19:32 2331136 ----a-w- c:\windows\system32\win32k.sys

2011-02-24 05:32 . 2011-04-15 19:32 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-02-24 05:32 . 2011-04-15 19:33 981504 ----a-w- c:\windows\system32\wininet.dll

2011-02-24 05:30 . 2011-04-15 19:32 44544 ----a-w- c:\windows\system32\licmgr10.dll

2011-02-24 04:23 . 2011-04-15 19:32 386048 ----a-w- c:\windows\system32\html.iec

2011-02-24 03:50 . 2011-04-15 19:32 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-02-23 05:06 . 2011-04-15 19:33 311296 ----a-w- c:\windows\system32\drivers\srv.sys

2011-02-23 05:05 . 2011-04-15 19:33 309760 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-02-23 05:05 . 2011-04-15 19:33 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-02-23 05:05 . 2011-04-15 19:32 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-02-23 05:05 . 2011-04-15 19:32 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-02-23 05:05 . 2011-04-15 19:32 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-02-23 05:05 . 2011-04-15 19:32 69632 ----a-w- c:\windows\system32\drivers\bowser.sys

2011-02-19 05:33 . 2011-03-09 08:11 802304 ----a-w- c:\windows\system32\FntCache.dll

2011-02-19 05:32 . 2011-03-09 08:11 1074176 ----a-w- c:\windows\system32\DWrite.dll

2011-02-19 05:32 . 2011-03-09 08:11 739840 ----a-w- c:\windows\system32\d2d1.dll

2011-02-19 05:32 . 2011-04-15 19:33 34304 ----a-w- c:\windows\system32\atmlib.dll

2011-02-19 03:37 . 2011-04-15 19:33 294912 ----a-w- c:\windows\system32\atmfd.dll

2011-02-18 05:36 . 2011-04-15 19:33 428032 ----a-w- c:\windows\system32\vbscript.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2009-12-09 01:19 94208 ----a-w- c:\users\Pol\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2009-12-09 01:19 94208 ----a-w- c:\users\Pol\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2009-12-09 01:19 94208 ----a-w- c:\users\Pol\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPAdvisorDock"="c:\program files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1515576]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-01-22 2363392]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-11 39408]

"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-01-31 703360]

"OutlookOnDesktop"="c:\program files\Outlook on the Desktop\OutlookDesktop.exe" [2010-08-29 316928]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]

"QLBController"="c:\program files\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-01-28 256056]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2010-01-08 186904]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-11-04 1791272]

"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-09-01 499768]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-12 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-12 175640]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-12 166936]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-01-29 495708]

"Norton Ghost 15.0"="c:\program files\Norton Ghost\Agent\VProTray.exe" [2010-03-03 2598760]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"SignIn"="c:\program files\Microsoft Online Services\Sign In\SignIn.exe" [2010-03-09 1734512]

"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]

"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]

"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2010-08-12 2060288]

"sfagent"="c:\program files\Fighters\SPAMfighter\sfagent.exe" [2010-10-21 760968]

"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-10-20 2192752]

"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-03 1246544]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]

"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-03-09 104416]

"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]

.

c:\users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="c:\windows\explorer.exe,"

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

SecurityProviders credssp.dll, schannel.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfee Managed Services Tray]

2010-02-17 20:07 476480 ----a-w- c:\program files\McAfee\Managed VirusScan\DesktopUI\XTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackup]

2010-05-03 20:48 923480 ----a-w- c:\program files\Symantec\Norton Online Backup\NOBuClient.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]

2010-01-12 19:27 563736 ----a-w- c:\program files\PDF Complete\pdfsty.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2009-10-09 16:26 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather]

2010-10-29 15:12 1652736 ----a-r- c:\program files\AWS\WeatherBug\Weather.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

R2 AdminService10.2B;AdminService for OpenEdge 10.2B;c:\program files\OpenEdge\bin\AdmSrvc.exe [2009-12-14 28672]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-11 136176]

R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usbxp.sys [2004-04-30 24832]

R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]

R3 GenericMount Helper Service;GenericMount Helper Service;c:\program files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [2010-02-12 1574408]

R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-11 136176]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-02-08 83912]

R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-07-26 137600]

R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-07-26 8576]

R3 PCTDMDefrag;PCTDMDefrag;c:\windows\system32\drivers\PCTDMDefrag.sys [2010-08-20 107992]

R3 PCTDSMon;PCTDSMon;c:\windows\system32\drivers\PCTDSMon.sys [2010-08-20 127352]

R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]

R3 stusb2ir;USB 2.0 IrDA Bridge;c:\windows\system32\DRIVERS\stusb2ir.sys [2008-01-19 41728]

R3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2009-07-14 7168]

R3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys [2007-06-28 1310720]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-14 1343400]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-02-08 160912]

S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20110510.001\IDSvix86.sys [2010-09-15 287792]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\aestsrv.exe [2009-03-03 81920]

S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2011-01-28 387072]

S2 DMDefragService;Performance Toolkit Disk Defrag Service;c:\program files\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [2010-08-26 1034208]

S2 DMRepairService;Performance Toolkit Disk Repair Service;c:\program files\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [2010-08-26 1021920]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]

S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-01-28 265272]

S2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]

S2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;c:\program files\McAfee\SiteAdvisor Enterprise\McSACore.exe [2009-08-07 222528]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-02-08 141792]

S2 myAgtSvc;McAfee Virus and Spyware Protection Service;c:\program files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [2010-02-17 282824]

S2 NOBU;Norton Online Backup;c:\program files\Symantec\Norton Online Backup\NOBuAgent.exe service [x]

S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-03-09 583648]

S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2010-01-12 635416]

S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\Fighters\SPAMfighter\sfus.exe service [x]

S2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [2010-10-21 1130120]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-09 105592]

S3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys [2010-02-12 57840]

S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-09 122880]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]

S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-01-20 996896]

S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008]

S3 SymSnapService;SymSnapService;c:\program files\Norton Ghost\Shared\Drivers\SymSnapService.exe [2010-02-11 1964528]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - COMHOST

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2010-01-22 18:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2011-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-11 08:34]

.

2011-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-11 08:34]

.

2011-04-19 c:\windows\Tasks\HPCeeScheduleForPol.job

- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.destandaard.be/

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

Trusted Zone: kbc.be

Trusted Zone: kbcgroup.eu

Trusted Zone: //about.htm/

Trusted Zone: //Exclude.htm/

Trusted Zone: //FWEvent.htm/

Trusted Zone: //LanguageSelection.htm/

Trusted Zone: //Message.htm/

Trusted Zone: //MyAgttryCmd.htm/

Trusted Zone: //MyAgttryNag.htm/

Trusted Zone: //MyNotification.htm/

Trusted Zone: //NOCLessUpdate.htm/

Trusted Zone: //quarantine.htm/

Trusted Zone: //ScanNow.htm/

Trusted Zone: //strings.vbs/

Trusted Zone: //Template.htm/

Trusted Zone: //Update.htm/

Trusted Zone: //VirFound.htm/

Trusted Zone: cbc.be\cbc-pdf

Trusted Zone: cbc.be\cbconline

Trusted Zone: cbc.be\static

Trusted Zone: cbc.be\www

Trusted Zone: cbc.eu\www

Trusted Zone: isabel.be\*.IBS6

Trusted Zone: isabel.be\gotoIBS6

Trusted Zone: isabel.be\pki

Trusted Zone: isabel.be\www

Trusted Zone: isabel.eu\upgrade

Trusted Zone: isabel.eu\www

Trusted Zone: kbc.be\kbc-pdf

Trusted Zone: kbc.be\kbconline

Trusted Zone: kbc.be\static

Trusted Zone: kbc.be\www

Trusted Zone: kbc.com\www

Trusted Zone: kbc.eu\www

Trusted Zone: kbcam.be\www

Trusted Zone: kbcam.com\www

Trusted Zone: kbcbankingforbusiness.com\www

Trusted Zone: kbcgroup.eu\multimediafiles

Trusted Zone: kbcgroup.eu\www

Trusted Zone: kbcmerchantbanking.com\www

Trusted Zone: mcafee.com\*

Trusted Zone: mcafeeasap.com\betavscan

Trusted Zone: mcafeeasap.com\vs

Trusted Zone: mcafeeasap.com\www

Trusted Zone: siteadvisor.com\www

DPF: Microsoft XML Parser for Java - file:///C:/windows/Java/classes/xmldso.cab

FF - ProfilePath - c:\users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{46735DEE-F862-49D1-876D-6382794DC625} - (no file)

WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)

HKLM-Run-UDC Integration - (no file)

AddRemove-LSI Soft Modem - c:\windows\agrsmdel

AddRemove-McAfee Managed Firewall - c:\program files\McAfee\Managed VirusScan\Agent\myinx

AddRemove-MVS - c:\program files\McAfee\Managed VirusScan\Agent\myinx

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]

"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2011-05-18 14:52:35

ComboFix-quarantined-files.txt 2011-05-18 12:52

.

Pre-Run: 236.762.116.096 bytes beschikbaar

Post-Run: 236.702.089.216 bytes beschikbaar

.

- - End Of File - - 3BD873F44C07D64A6ABA0408AC20E2D1

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:01:06, on 18/05/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16766)

Boot mode: Normal

Running processes:

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\Program Files\PC Tools Utilities\Tools\Defrag\DMDefragSrvProxy.exe

C:\Program Files\PC Tools Utilities\Tools\Repair\DMRepairSrvProxy.exe

C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Norton Ghost\Agent\VProTray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Belgium Identity Card\beid35gui.exe

C:\Program Files\Fighters\SPAMfighter\sfagent.exe

C:\windows\system32\igfxsrvc.exe

C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe

C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

C:\Program Files\Outlook on the Desktop\OutlookDesktop.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe

C:\Program Files\OsaSync\AddInMon.exe

C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe

C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\windows\explorer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = De Standaard Online

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

F2 - REG:system.ini: UserInit=C:\windows\explorer.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100610060905.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll

O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll

O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [Norton Ghost 15.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [signIn] "C:\Program Files\Microsoft Online Services\Sign In\SignIn.exe" /autorun

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"

O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup

O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\SPAMfighter\sfagent.exe

O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup

O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart

O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray

O4 - HKCU\..\Run: [OutlookOnDesktop] C:\Program Files\Outlook on the Desktop\OutlookDesktop.exe

O4 - Startup: Dropbox.lnk = Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\windows\system32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\windows\system32\msjava.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O15 - Trusted Zone: *.kbc.be

O15 - Trusted Zone: *.kbcgroup.eu

O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM)

O15 - Trusted Zone: CBC (HKLM)

O15 - Trusted Zone: Welcome to Isabel (HKLM)

O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM)

O15 - Trusted Zone: Welcome to Isabel (HKLM)

O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM)

O15 - Trusted Zone: KBC (HKLM)

O15 - Trusted Zone: KBC Asset Management (HKLM)

O15 - Trusted Zone: http://www.kbcam.com (HKLM)

O15 - Trusted Zone: KBC Merchant Banking (HKLM)

O15 - Trusted Zone: http://*.mcafee.com (HKLM)

O15 - Trusted Zone: McAfee Security-as-a-Service Beta (HKLM)

O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)

O15 - Trusted Zone: McAfee (HKLM)

O15 - Trusted Zone: McAfee SiteAdvisor Software (HKLM)

O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)

O15 - ESC Trusted Zone: McAfee Security-as-a-Service Beta (HKLM)

O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)

O15 - ESC Trusted Zone: McAfee (HKLM)

O15 - ESC Trusted Zone: McAfee SiteAdvisor Software (HKLM)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2) - http://bi.emi-group.com/businessobjects/enterprise115/cp_desktoplaunch/JavaPlugin/Win32/j2re-1_4_2_04-windows-i586-p.exe

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: AdminService for OpenEdge 10.2B (AdminService10.2B) - Unknown owner - C:\Program Files\OpenEdge\bin\AdmSrvc.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\aestsrv.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe

O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Performance Toolkit Disk Defrag Service (DMDefragService) - PC Tools - C:\Program Files\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe

O23 - Service: Performance Toolkit Disk Repair Service (DMRepairService) - PC Tools - C:\Program Files\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe

O23 - Service: GenericMount Helper Service - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: McAfee SiteAdvisor Enterprise Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe

O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe

O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\SPAMfighter\sfus.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe

O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe

--

End of file - 18385 bytes

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.