Ga naar inhoud

perry

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    14

  • Registratiedatum

  • Laatst bezocht

perry's prestaties

Groentje

Groentje (2/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. perry
    Oke, en wat bedoel je precies met "Doe nu hetzelfde voor het logboek toepassingen en noem bestanden AppLog.txt en AppError.txt." ? Dat ik het zelfde moet doen met toepassingen snap ik maar hoe kom ik dan applog.txt en apperror.txt?
  2. perry
    Is hier geen iets wat makkelijkere manier voor om dit te kopieren? Ik heb net even zitten kijken en ik kom rond de 6000 dingen tegen die ik dan moet kopieeren in een kladblok bestandje, dan ben ik volgende week nog aan het kopieeren en plakken
  3. perry
    Hierbij de printscreen van de prompt na het voltooien van de scan.
  4. perry
    Ik heb zojuist opnieuw de scan gedaan maar, ik krijg echt geen melding als de scan is afgelopen
  5. perry
    Ik heb een cdrom gevonden en de prompt uitgevoerd, echter krijgt ik aan het eind geen overzicht van de resultaten en een verwijzing naar een CBS logbestand. Wat nu?
  6. perry
    Ik heb geen installatie cd bij de hand helaas en hij vraagt er wel om, wat nu?
  7. perry
    De pc valt eigen altijd uit als ik op facebook zit en even niets doe, zolang ik bezig ben op facebook is er niets aan de hand. Ik krijg ook geen foutmelden of zoiets Ik heb Speccy gedownload en uitgevoerd maar krijg dit te zien: Besturingssysteem: Het programma waarin deze service wordt uitgevoerd, brengt de service niet tot uitvoer. Het enige tabje waar iets komt te staan is Randapparatuur
  8. perry
    Ik heb een idee dat het toch niet helemaal opgelost is helaas. Mijn pc valt vaak gewoon ineens uit. Wat kan er nog mis zijn? Groeten Perry
  9. perry
    Pc reboot en tot op heden nog geen melding gehad xD Mag ik je hartelijk bedanken
  10. perry
    Hierbij het ComboFix logje, ComboFix 13-02-02.05 - Administrator 02-02-2013 15:29:29.1.2 - x86 Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\PowerReg Scheduler V3.exe c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\Registration .LNK c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\runctf.lnk c:\documents and settings\Administrator\WINDOWS C:\LOG147D.tmp C:\LOG16ED.tmp C:\LOG16F1.tmp C:\LOG1703.tmp C:\LOG1A4F.tmp C:\LOG1B82.tmp C:\LOG1D62.tmp C:\LOG1E20.tmp C:\LOG2772.tmp C:\LOG2773.tmp C:\LOG2BDD.tmp C:\LOG2C28.tmp C:\LOG2E1D.tmp C:\LOG4D64.tmp C:\LOG50DB.tmp C:\LOG55.tmp C:\LOG73.tmp C:\LOG7712.tmp C:\LOG7792.tmp C:\LOG779F.tmp c:\windows\system32\asycfilt.dll.tmp c:\windows\system32\olepro32.dll.tmp c:\windows\system32\URTTemp c:\windows\system32\URTTemp\fusion.dll c:\windows\system32\URTTemp\mscoree.dll c:\windows\system32\URTTemp\mscoree.dll.local c:\windows\system32\URTTemp\mscorsn.dll c:\windows\system32\URTTemp\mscorwks.dll c:\windows\system32\URTTemp\msvcr71.dll c:\windows\system32\URTTemp\regtlib.exe c:\windows\wininit.ini F:\resycled G:\resycled . . (((((((((((((((((((( Bestanden Gemaakt van 2013-01-02 to 2013-02-02 )))))))))))))))))))))))))))))) . . 2013-02-02 10:38 . 2013-02-02 10:28 24064 ----a-w- c:\windows\zoek-delete.exe 2013-02-02 09:57 . 2013-02-02 09:57 388096 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-02-02 09:56 . 2013-02-02 09:56 -------- d-----w- c:\program files\hjt 2013-02-02 09:25 . 2013-02-02 09:25 110080 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{68B9BD86-C5E8-4154-BF38-20A7ACC1FA7E}\IconF7A21AF7.exe 2013-02-02 09:25 . 2013-02-02 09:25 110080 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{68B9BD86-C5E8-4154-BF38-20A7ACC1FA7E}\IconD7F16134.exe 2013-02-02 09:25 . 2013-02-02 09:25 110080 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{68B9BD86-C5E8-4154-BF38-20A7ACC1FA7E}\IconCF33A0CE.exe 2013-02-02 09:25 . 2013-02-02 09:25 -------- d-----w- C:\sh4ldr 2013-02-02 09:25 . 2013-02-02 09:25 -------- d-----w- c:\program files\Enigma Software Group 2013-02-02 09:25 . 2013-02-02 09:25 -------- d-----w- c:\windows\68B9BD86C5E84154BF3820A7ACC1FA7E.TMP 2013-01-31 16:50 . 2013-01-31 16:50 12872 ----a-w- c:\windows\system32\bootdelete.exe 2013-01-31 16:08 . 2013-01-31 16:49 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro 2013-01-27 20:25 . 2013-01-27 20:25 -------- d-----w- c:\documents and settings\Administrator\Application Data\Epson 2013-01-22 17:44 . 2007-09-07 16:33 135168 ----a-w- c:\windows\system32\EEBAPI.dll 2013-01-22 17:44 . 2007-03-28 17:26 65536 ----a-w- c:\windows\system32\EEBUtil.dll 2013-01-22 17:44 . 2006-12-19 17:31 110592 ----a-w- c:\windows\system32\EEBDSCVR.dll 2013-01-22 17:44 . 2006-12-19 17:20 77824 ----a-w- c:\windows\system32\EBAPI.dll 2013-01-22 17:44 . 2003-12-17 00:01 55808 ----a-w- c:\windows\system32\EEBSDKIF.dll 2013-01-22 17:05 . 2013-01-22 17:05 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ABBYY 2013-01-22 17:00 . 2013-01-22 17:06 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint 2013-01-22 17:00 . 2013-01-22 17:00 -------- d-----w- c:\program files\Common Files\ABBYY 2013-01-22 17:00 . 2013-01-22 17:00 -------- d-----w- c:\documents and settings\All Users\Application Data\ABBYY 2013-01-22 16:58 . 2013-01-22 16:58 -------- d-----w- c:\documents and settings\All Users\Application Data\UDL 2013-01-22 16:55 . 2011-08-30 12:39 457780 ----a-w- c:\windows\system32\ensppui.dll 2013-01-22 16:55 . 2011-08-30 12:39 457780 ----a-w- c:\windows\system32\enppui.dll 2013-01-22 16:55 . 2011-08-30 12:38 475496 ----a-w- c:\windows\system32\ensppmon.dll 2013-01-08 17:45 . 2013-01-08 17:45 -------- d-----w- c:\documents and settings\Administrator\Application Data\PopCap Games . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-01-09 11:44 . 2012-04-10 09:37 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-01-09 11:44 . 2011-06-10 07:58 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-12-16 12:31 . 2010-09-08 10:29 290560 ----a-w- c:\windows\system32\atmfd.dll 2012-11-15 10:22 . 2012-04-21 21:01 444952 ----a-w- c:\windows\system32\wrap_oal.dll 2012-11-15 10:22 . 2012-04-21 21:01 109080 ----a-w- c:\windows\system32\OpenAL32.dll 2012-11-13 11:56 . 2010-09-08 10:31 1875584 ----a-w- c:\windows\system32\win32k.sys 2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\system32\msxml4.dll 2012-11-06 02:00 . 2010-09-08 10:31 1446912 ----a-w- c:\windows\system32\msxml6.dll 2013-01-18 22:17 . 2013-01-18 22:17 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-09 39408] "EPLTarget\P0000000000000000"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIIJE.EXE" [2011-11-02 246368] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2009-06-12 17887232] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 1443072] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-05-21 1501064] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160] "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-05-26 800768] "NBAgent"="c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-09-20 1493288] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-09-01 90448] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2011-10-31 1058400] "SpyHunter Security Suite"="c:\program files\Enigma Software Group\SpyHunter\SpyHunter4.exe" [2013-01-14 6320000] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\ Registratie van FIFA 11.lnk - c:\program files\EA Sports\FIFA 11\Support\EAregister.exe [N/A] Ubisoft register.lnk - c:\program files\Ubi Soft\Register\schedule.exe [N/A] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-5-31 577597] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders schannel.dll, digest.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] @="" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Vietcong\\vietcong.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"= "c:\\Program Files\\Red Alert 2 Yuri's Revenge\\game.exe"= "c:\\Program Files\\Solid Edge V20\\Program\\Edge.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 "27248:TCP"= 27248:TCP:BitComet 27248 TCP "27248:UDP"= 27248:UDP:BitComet 27248 UDP . R2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [x] R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x] R3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [x] R3 AQFileRestore;AQFileRestore;c:\windows\system32\DRIVERS\AQFileRestore.sys [x] R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [x] R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys [x] R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x] R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x] S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x] S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [x] S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x] S2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x] S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc.exe [x] S2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [x] S2 wDokan;wDokan;c:\windows\system32\drivers\wdokan.sys [x] S2 wDokanMounter;wDokanMounter;c:\program files\Wuala Dokan\mounter.exe [x] . . Inhoud van de 'Gedeelde Taken' map . 2013-02-02 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 11:44] . 2013-02-01 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . 2013-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-09 13:44] . 2013-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-09 13:44] . . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 IE: Verzenden naar &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8v0athsz.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q= FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . HKCU-Run-AdobeBridge - (no file) HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe HKCU-Run-MediaGet2 - c:\documents and settings\Administrator\Local Settings\Application Data\MediaGet2\mediaget.exe HKLM-Run-NWEReboot - (no file) HKLM-Run-UnlockerAssistant - c:\program files\Unlocker\UnlockerAssistant.exe SafeBoot-Wdf01000.sys AddRemove-Uninstall_is1 - c:\program files\Common Files\DVDVideoSoft\unins000.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-02-02 15:33 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1214440339-1326574676-1644491937-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,04,31,f3,d1,67,a0,b1,43,98,db,3c,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,04,31,f3,d1,67,a0,b1,43,98,db,3c,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(776) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll c:\windows\System32\wdokannp.dll . Voltooingstijd: 2013-02-02 15:35:20 ComboFix-quarantined-files.txt 2013-02-02 14:35 . Pre-Run: 785.123.549.184 bytes beschikbaar Post-Run: 785.176.031.232 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 60A4BB48BEED37FEAA0E5BF48470E5C1
  11. perry
    Ik krijg nog steeds de melding als ik opnieuw opstart
  12. perry
    hierbij het DDS logje DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by Administrator at 13:15:39 on 2013-02-02 . ============== Running Processes ================ . C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\EscSvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Nero\Update\NASvc.exe C:\Program Files\Wuala Dokan\mounter.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\notepad.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files\Epson Software\Event Manager\EEventManager.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIIJE.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll BHO: WsftpBrowserHelper Class: {601ED020-FB6C-11D3-87D8-0050DA59922B} - c:\program files\ipswitch\ws_ftp pro\wsbho2k0.dll BHO: Windows Live Aanmelden - Help: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [AdobeBridge] <no file> mRun: [RTHDCPL] RTHDCPL.EXE mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [NWEReboot] <no file> dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\documents and settings\administrator\menu start\programma's\opstarten\PowerReg Scheduler V3.exe StartupFolder: c:\docume~1\admini~1\menust~1\progra~1\opstar~1\regist~2.lnk - c:\program files\ea sports\fifa 11\support\EAregister.exe StartupFolder: c:\docume~1\admini~1\menust~1\progra~1\opstar~1\regist~1.lnk - c:\program files\ubisoft\telltale games\csi-3 dimensions of murder\registration\RegistrationReminder.exe StartupFolder: c:\docume~1\admini~1\menust~1\progra~1\opstar~1\runctf.lnk - c:\windows\system32\rundll32.exe StartupFolder: c:\docume~1\admini~1\menust~1\progra~1\opstar~1\ubisof~1.lnk - c:\program files\ubi soft\register\schedule.exe StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\bttray.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000 IE: Verzenden naar &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{8BDEC375-2F01-4DF2-BB16-0AD72B48982A} : DHCPNameServer = 192.168.1.1 192.168.1.1 SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SecurityProviders: SecurityProviders = schannel.dll, digest.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\8v0athsz.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q= FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\documents and settings\all users\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll FF - plugin: c:\progra~1\common~1\nero\browse~1\npBrowserPlugin.dll FF - plugin: c:\program files\abn amro e.dentifier2\mozilla\npBECON.dll FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll . ============= SERVICES / DRIVERS =============== . . =============== Created Last 30 ================ . 2013-02-02 10:38:30 24064 ----a-w- c:\windows\zoek-delete.exe 2013-02-02 09:57:00 388096 ----a-r- c:\documents and settings\administrator\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2013-02-02 09:56:59 -------- d-----w- c:\program files\hjt 2013-02-02 09:25:40 110080 ----a-r- c:\documents and settings\administrator\application data\microsoft\installer\{68b9bd86-c5e8-4154-bf38-20a7acc1fa7e}\IconF7A21AF7.exe 2013-02-02 09:25:40 110080 ----a-r- c:\documents and settings\administrator\application data\microsoft\installer\{68b9bd86-c5e8-4154-bf38-20a7acc1fa7e}\IconD7F16134.exe 2013-02-02 09:25:40 110080 ----a-r- c:\documents and settings\administrator\application data\microsoft\installer\{68b9bd86-c5e8-4154-bf38-20a7acc1fa7e}\IconCF33A0CE.exe 2013-02-02 09:25:34 -------- d-----w- C:\sh4ldr 2013-02-02 09:25:34 -------- d-----w- c:\program files\Enigma Software Group 2013-02-02 09:25:11 -------- d-----w- c:\windows\68B9BD86C5E84154BF3820A7ACC1FA7E.TMP 2013-02-02 09:21:01 -------- d-----w- c:\windows\pss 2013-01-31 16:50:05 12872 ----a-w- c:\windows\system32\bootdelete.exe 2013-01-31 16:08:30 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro 2013-01-22 17:44:57 77824 ----a-w- c:\windows\system32\EBAPI.dll 2013-01-22 17:44:57 65536 ----a-w- c:\windows\system32\EEBUtil.dll 2013-01-22 17:44:57 55808 ----a-w- c:\windows\system32\EEBSDKIF.dll 2013-01-22 17:44:57 135168 ----a-w- c:\windows\system32\EEBAPI.dll 2013-01-22 17:44:57 110592 ----a-w- c:\windows\system32\EEBDSCVR.dll 2013-01-22 17:05:48 -------- d-----w- c:\documents and settings\administrator\local settings\application data\ABBYY 2013-01-22 17:00:33 -------- d-----w- c:\program files\common files\ABBYY 2013-01-22 17:00:33 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint 2013-01-22 17:00:33 -------- d-----w- c:\documents and settings\all users\application data\ABBYY 2013-01-22 16:58:52 -------- d-----w- c:\documents and settings\all users\application data\UDL 2013-01-22 16:55:17 457780 ----a-w- c:\windows\system32\ensppui.dll 2013-01-22 16:55:16 475496 ----a-w- c:\windows\system32\ensppmon.dll 2013-01-22 16:55:16 475496 ----a-w- c:\windows\system32\enppmon.dll 2013-01-22 16:55:16 457780 ----a-w- c:\windows\system32\enppui.dll 2013-01-22 16:55:16 249344 ----a-w- c:\windows\system32\enspres.dll 2013-01-22 16:55:16 249344 ----a-w- c:\windows\system32\enpres.dll 2013-01-22 16:55:15 -------- d-----w- c:\program files\EpsonNet 2013-01-22 16:54:58 -------- d-----w- c:\program files\common files\EPSON 2013-01-22 16:54:55 -------- d-----w- c:\program files\EPSON Software 2013-01-22 16:54:37 8192 ----a-w- c:\windows\system32\E_DCINST.DLL 2013-01-22 16:54:35 95232 ----a-w- c:\windows\system32\E_FLBIJE.DLL 2013-01-22 16:54:35 81408 ----a-w- c:\windows\system32\E_FD4BIJE.DLL 2013-01-22 16:54:16 -------- d-----w- c:\documents and settings\all users\application data\EPSON 2013-01-22 16:54:09 342016 ----a-w- c:\windows\system32\eswiaud.dll 2013-01-22 16:54:09 122000 ----a-w- c:\windows\system32\escsvc.exe 2013-01-22 16:53:51 -------- d-----w- c:\program files\epson 2013-01-08 17:45:49 -------- d-----w- c:\documents and settings\administrator\application data\PopCap Games . ==================== Find3M ==================== . 2013-01-09 11:44:24 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-01-09 11:44:23 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-12-16 12:31:02 290560 ----a-w- c:\windows\system32\atmfd.dll 2012-11-15 10:22:08 444952 ----a-w- c:\windows\system32\wrap_oal.dll 2012-11-15 10:22:08 109080 ----a-w- c:\windows\system32\OpenAL32.dll 2012-11-13 11:56:18 1875584 ----a-w- c:\windows\system32\win32k.sys 2012-11-08 10:29:12 1402312 ----a-w- c:\windows\system32\msxml4.dll 2012-11-06 02:00:13 1446912 ----a-w- c:\windows\system32\msxml6.dll . ============= FINISH: 13:16:17,56 ===============
  13. perry
    Hierbij het log na het runnen van zoek.exe Zoek.exe Version 4.0.0.1 Updated 30-January-2013 Tool run by Administrator on za 02-02-2013 at 11:28:54,18. Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1214440339-1326574676-1644491937-500\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} deleted successfully HKEY_USERS\S-1-5-21-1214440339-1326574676-1644491937-500\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== FireFox Fix ====================== Deleted from C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8v0athsz.default\prefs.js: user_pref("browser.startup.homepage", "www.google.nl"); Added to C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8v0athsz.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8v0athsz.default user.js not found ---- Lines Toggle removed from prefs.js ---- user_pref("foxlingo.toggleall-langfrom", true); ---- Lines Toggle modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_02-02-2013_1131_.backup ==== Deleting Files \ Folders ====================== "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\Documents and Settings\All Users\Application Data\dsgsdgdsgdsgw.pad" deleted "C:\Documents and Settings\Administrator\Application Data\BabylonToolbar" deleted "C:\Documents and Settings\Administrator\Application Data\PriceGong" deleted "C:\Documents and Settings\All Users\Application Data\Trymedia" deleted "C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit" deleted ==== System Specs ====================== Windows: Windows XP Professional Service Pack 3 (Build 2600) Internet Explorer: 8.0.6001.18702 Memory (RAM): 3327 MB CPU Info: Intel® Pentium® Dual CPU E2200 @ 2.20GHz CPU Speed: 2187,5 MHz Sound Card: Realtek HD Audio output | Display Adapters: NVIDIA GeForce 9400 GT | NetMeeting driver | RDPDD Chained DD Monitors: 1x; Plug en Play-monitor | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller - Pakketplanner-minipoort CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SH-S223F Ports: COM3 | COM4 | COM1 LPT1 Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 931,5GB | E: 147,1GB | F: 146,0GB | G: 5,0GB Hard Disks - Free: C: 725,7GB | E: 59,0GB | F: 29,9GB | G: 2,5GB Manufacturer *: BIOS Info: AT/AT COMPATIBLE | 08/16/08 | IntelR - 42302e31 Time Zone: West-Europa (standaardtijd) Motherboard *: Sun Java version: 1.6.0_24 Country: Nederland Language: NLD ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2013-01-27 20:31:12 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\EEventManager.INI 2013-01-22 16:57:52 BA3AFC9419A11D6C28E80ECD524F0380 308 ----a-w- C:\WINDOWS\setup.iss ====== C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp ==== 2013-02-02 09:24:25 C151CBEE5D201A181693947B333CB820 44091984 ----a-w- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SHSetup.exe ====== C:\WINDOWS\system32 ===== 2013-02-02 09:33:02 1F61DA46403B664A7DE9C042D1406585 1446912 ----a-w- C:\WINDOWS\System32\SET44C.tmp 2013-01-31 16:50:05 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\WINDOWS\System32\bootdelete.exe 2013-01-22 17:44:57 EC069B49013FC82F6368234F661FCE37 77824 ----a-w- C:\WINDOWS\System32\EBAPI.dll 2013-01-22 17:44:57 78E3A1BE942B6CA69C01BAD7263D888C 65536 ----a-w- C:\WINDOWS\System32\EEBUtil.dll 2013-01-22 17:44:57 740ACDA94C3D220B871F335FA032B84D 55808 ----a-w- C:\WINDOWS\System32\EEBSDKIF.dll 2013-01-22 17:44:57 6B62CE038EA379D59A94C35618102AB0 135168 ----a-w- C:\WINDOWS\System32\EEBAPI.dll 2013-01-22 17:44:57 68D1E3E9233A61ED6E909588E6D145CE 110592 ----a-w- C:\WINDOWS\System32\EEBDSCVR.dll 2013-01-22 16:55:17 6DBBB4ACB4CFBC3EF51A47721BB6759E 457780 ----a-w- C:\WINDOWS\System32\ensppui.dll 2013-01-22 16:55:16 D289490C15678D961B8CCA03E32952FA 249344 ----a-w- C:\WINDOWS\System32\enspres.dll 2013-01-22 16:55:16 D289490C15678D961B8CCA03E32952FA 249344 ----a-w- C:\WINDOWS\System32\enpres.dll 2013-01-22 16:55:16 6DBBB4ACB4CFBC3EF51A47721BB6759E 457780 ----a-w- C:\WINDOWS\System32\enppui.dll 2013-01-22 16:55:16 1498B92DB24988F5A093E55028EE8840 475496 ----a-w- C:\WINDOWS\System32\ensppmon.dll 2013-01-22 16:55:16 1498B92DB24988F5A093E55028EE8840 475496 ----a-w- C:\WINDOWS\System32\enppmon.dll 2013-01-22 16:54:37 A622A7F07406723EC2A34D8E2788A5EA 8192 ----a-w- C:\WINDOWS\System32\E_DCINST.DLL 2013-01-22 16:54:35 52CEA1A344A14D6B3AD8F3BB29220A16 95232 ----a-w- C:\WINDOWS\System32\E_FLBIJE.DLL 2013-01-22 16:54:35 1CF87116EAD931C33BD1E00FADBAE75A 81408 ----a-w- C:\WINDOWS\System32\E_FD4BIJE.DLL 2013-01-22 16:54:09 E9EFCB47B90FD5498695BB7FEFD36CAE 122000 ----a-w- C:\WINDOWS\System32\escsvc.exe 2013-01-22 16:54:09 31C81FA457B04293A3E7709C4AA9BB1F 342016 ----a-w- C:\WINDOWS\System32\eswiaud.dll ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2013-02-02 09:56:59 -------- d-----w- C:\Program Files\hjt 2013-02-02 09:25:34 -------- d-----w- C:\Program Files\Enigma Software Group 2013-01-22 17:00:33 -------- d-----w- C:\Program Files\Common Files\ABBYY 2013-01-22 17:00:33 -------- d-----w- C:\Program Files\ABBYY FineReader 9.0 Sprint 2013-01-22 16:55:15 -------- d-----w- C:\Program Files\EpsonNet 2013-01-22 16:54:58 -------- d-----w- C:\Program Files\Common Files\EPSON 2013-01-22 16:54:55 -------- d-----w- C:\Program Files\EPSON Software 2013-01-22 16:53:51 -------- d-----w- C:\Program Files\epson ======= C: ===== ====== C:\Documents and Settings\Administrator\Application Data ====== 2013-01-31 16:08:30 -------- d-----w- C:\Documents and Settings\All Users\Application Data\HitmanPro 2013-01-27 20:25:07 -------- d-----w- C:\Documents and Settings\Administrator\Application Data\Epson 2013-01-22 17:05:48 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\ABBYY 2013-01-22 17:00:33 -------- d-----w- C:\Documents and Settings\All Users\Application Data\ABBYY 2013-01-22 16:58:52 -------- d-----w- C:\Documents and Settings\All Users\Application Data\UDL 2013-01-22 16:54:16 -------- d-----w- C:\Documents and Settings\All Users\Application Data\EPSON 2013-01-08 17:45:49 -------- d-----w- C:\Documents and Settings\Administrator\Application Data\PopCap Games ====== C:\Documents and Settings\Administrator ====== ====== C: exe-files == 2013-02-02 09:25:40 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{68B9BD86-C5E8-4154-BF38-20A7ACC1FA7E}\IconF7A21AF7.exe 2013-02-02 09:25:40 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{68B9BD86-C5E8-4154-BF38-20A7ACC1FA7E}\IconD7F16134.exe 2013-02-02 09:25:40 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{68B9BD86-C5E8-4154-BF38-20A7ACC1FA7E}\IconCF33A0CE.exe 2013-02-02 09:24:25 C151CBEE5D201A181693947B333CB820 44091984 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temp\SHSetup.exe 2013-02-02 09:24:12 EEA0B34B60632083F2A75352BAE365FB 726464 ----a-w- C:\Documents and Settings\Administrator\Mijn documenten\SpyHunter-Installer.exe === C: other files == 2013-02-02 09:25:47 E0E7672DBE3AF879971DAA6F1ECA6333 6320000 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\SH4.com ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-1214440339-1326574676-1644491937-500\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent" "MediaGet2"="C:\Documents and Settings\Administrator\Local Settings\Application Data\MediaGet2\mediaget.exe --minimized" "EPLTarget\P0000000000000000"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIIJE.EXE /EPT EPLTarget\P0000000000000000 /M XP-402 403 405 406 Series" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice" "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" "AdobeCS4ServiceManager"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin" "itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" "NvMediaCenter"="RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" "NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" "nwiz"="C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet" "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "PlusService"="C:\Program Files\Yuna Software\Messenger Plus\PlusService.exe" "UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" "NBAgent"="C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe /WinStart" "DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "RIMBBLaunchAgent.exe"="C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "EEventManager"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe" "SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent" "MediaGet2"="C:\Documents and Settings\Administrator\Local Settings\Application Data\MediaGet2\mediaget.exe --minimized" "EPLTarget\P0000000000000000"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIIJE.EXE /EPT EPLTarget\P0000000000000000 /M XP-402 403 405 406 Series" ==== Startup Folders ====================== 2011-12-28 09:28:01 225280 ----a-w- C:\Documents and Settings\Administrator\Menu Start\Programma's\Opstarten\PowerReg Scheduler V3.exe 2011-09-29 12:04:48 1007 ----a-w- C:\Documents and Settings\Administrator\Menu Start\Programma's\Opstarten\Registratie van FIFA 11.lnk 2011-06-07 19:33:08 1248 ----a-w- C:\Documents and Settings\Administrator\Menu Start\Programma's\Opstarten\Registration .LNK 2013-01-31 17:25:50 790 ----a-w- C:\Documents and Settings\Administrator\Menu Start\Programma's\Opstarten\runctf.lnk 2011-05-30 14:07:29 1041 ----a-w- C:\Documents and Settings\Administrator\Menu Start\Programma's\Opstarten\Ubisoft register.lnk 2010-11-07 15:08:40 691 ----a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\BTTray.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [09-01-2013 12:44] C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\Apple Software Update\SoftwareUpdate.exe [01-06-2011 17:57] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [09-10-2010 14:44] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [09-10-2010 14:44] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8v0athsz.default 9AC863FD5976316C29D4CB5E4C9EFD9C - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll - Shockwave Flash 667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat 667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat 6846D2CA7E1D5937AEE3F99BB7F5464B - C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director 586FDC4E02623EE228EC35B9604AE5F2 - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll - Google Update 9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll - Silverlight Plug-In 0383A25D0433516CA14918D3779ACFD8 - C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll - BitCometAgent A66A630E101E7B5CF0946F34935660CC - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player AF98ECFCA95399CB7402C34E5E2967B6 - C:\Program Files\ABN AMRO e.dentifier2\Mozilla\npBECON.dll - ABN AMRO e.dentifier2 Plug-in B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in BC7B9BA1F4D4C982AE23DCC0D121C4B0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll - RIM Handheld Application Loader D38AFAE9A9F77F9BE6473E9CC83D5647 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.9 8B98B1A31858618AD9544477E2F7814D - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.9 D8F8E45ACC404661CF0787F2A0888180 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.9 7B55FEF2BA47A2420BB49CD93320077A - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.9 D9F5A433758BC151850E53690D57663A - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.9 2FE95733EB36CD762EAE54BBE9D8B11C - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.9 8FD41344CB62DDB06E2A339F2C5F1947 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.9 167235BFCB884D8B4D514767CB82FCEF - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 9D35E12B661581B83DD74EB910EA9E6D - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.240.7 4EBB5B4DCABEC18B29D01F9F607B0114 - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java Platform SE 6 U24 855B79451ECF62602F20EB4D5C71F99B - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director FC5866F7793AF2CBCD425CC4B8D32A9E - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM BF2AD333C79072EEBE5AE0D72670E64E - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dhkplhfnhceodhffomolpfigojocbpcb - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx[] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12-12-2011 14:13] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6B528F7B-1290-4F85-BA27-8515B393FF4B}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {6B528F7B-1290-4F85-BA27-8515B393FF4B} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7GGLL_nlNL400" {6BA4BBC5-3A34-465E-A7AD-CA216AD72022} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1214440339-1326574676-1644491937-500\Software\Microsoft\Internet Explorer\SearchScopes\{6BA4BBC5-3A34-465E-A7AD-CA216AD72022} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully ==== HijackThis Entries ====================== O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\WINDOWS\system32\EscSvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: wDokanMounter - Unknown owner - C:\Program Files\Wuala Dokan\mounter.exe ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Tijdelijke Internet-bestanden\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\8v0athsz.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat" deleted "C:\Documents and Settings\LocalService\Local Settings\Tijdelijke Internet-bestanden\Content.IE5\index.dat" not deleted
  14. perry
    Goede morgen, Ik heb 3 dagen geleden het wel bekende politie virus opgelopen, deze heb ik kunnen verwijderen met hitmanpro. Nu valt soms mijn pc uit en al ik hem dan opstart krijg ik de volgende melding zoals op de afbeelding te zien is. Ik word er een beetje moedeloos van. Wie o wie kan mij helpen dit op te lossen??? Groeten Perry - - - Updated - - - Ik heb ook een HiJackThis logje gemaakt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:57:37, on 2-2-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\EscSvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Nero\Update\NASvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Wuala Dokan\mounter.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files\Epson Software\Event Manager\EEventManager.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIIJE.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\hjt\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss&mntrId=f0eb1bc00000000000000015589a9b30&tlver=1.4.19.19&affID=17159 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=f0eb1bc00000000000000015589a9b30&tlver=1.4.19.19&affID=17159 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [PlusService] "C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [spyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [MediaGet2] C:\Documents and Settings\Administrator\Local Settings\Application Data\MediaGet2\mediaget.exe --minimized O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIIJE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-402 403 405 406 Series" O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-1214440339-1326574676-1644491937-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-1214440339-1326574676-1644491937-500\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?') O4 - HKUS\S-1-5-21-1214440339-1326574676-1644491937-500\..\Run: [AdobeBridge] (User '?') O4 - HKUS\S-1-5-21-1214440339-1326574676-1644491937-500\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent (User '?') O4 - HKUS\S-1-5-21-1214440339-1326574676-1644491937-500\..\Run: [MediaGet2] C:\Documents and Settings\Administrator\Local Settings\Application Data\MediaGet2\mediaget.exe --minimized (User '?') O4 - HKUS\S-1-5-21-1214440339-1326574676-1644491937-500\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIIJE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-402 403 405 406 Series" (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-21-1214440339-1326574676-1644491937-500 Startup: PowerReg Scheduler V3.exe (User '?') O4 - S-1-5-21-1214440339-1326574676-1644491937-500 Startup: Registratie van FIFA 11.lnk = C:\Program Files\EA Sports\FIFA 11\Support\EAregister.exe (User '?') O4 - S-1-5-21-1214440339-1326574676-1644491937-500 Startup: Registration .LNK = C:\Program Files\Ubisoft\Telltale Games\CSI-3 Dimensions of Murder\Registration\RegistrationReminder.exe (User '?') O4 - S-1-5-21-1214440339-1326574676-1644491937-500 Startup: runctf.lnk = C:\WINDOWS\system32\rundll32.exe (User '?') O4 - S-1-5-21-1214440339-1326574676-1644491937-500 Startup: Ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe (User '?') O4 - Startup: PowerReg Scheduler V3.exe O4 - Startup: Registratie van FIFA 11.lnk = C:\Program Files\EA Sports\FIFA 11\Support\EAregister.exe O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Telltale Games\CSI-3 Dimensions of Murder\Registration\RegistrationReminder.exe O4 - Startup: runctf.lnk = C:\WINDOWS\system32\rundll32.exe O4 - Startup: Ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\WINDOWS\system32\EscSvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: wDokanMounter - Unknown owner - C:\Program Files\Wuala Dokan\mounter.exe -- End of file - 13952 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.