antwerpfan
Lid-
Items
18 -
Registratiedatum
-
Laatst bezocht
antwerpfan's prestaties
-
Dit is het logje en daaronder zie je een printscreen: Unhide by Lawrence Abrams (Grinler) Bleeping Computer - Computer Help and Discussion Copyright 2008-2012 BleepingComputer.com More Information about Unhide.exe can be found at this link: Unhide.exe - A introduction as to what this program does Program started at: 07/24/2012 05:23:32 PM Windows Version: Windows Vista Please be patient while your files are made visible again. Processing the C:\ drive Finished processing the C:\ drive. 211885 files processed. Processing the D:\ drive Finished processing the D:\ drive. 263 files processed. Processing the G:\ drive Finished processing the G:\ drive. 2578 files processed. The C:\Users\dirk\AppData\Local\Temp\smtmp\ folder does not exist!! Unhide cannot restore your missing shortcuts!! Please see this topic in order to learn how to restore default Start Menu shortcuts: Unhide.exe - A introduction as to what this program does Searching for Windows Registry changes made by FakeHDD rogues. - Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer - Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer - Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System - Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop - Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced No registry changes detected. Restarting Explorer.exe in order to apply changes. Program finished at: 07/24/2012 05:35:48 PM Execution time: 0 hours(s), 12 minute(s), and 15 seconds(s)
-
ComboFix 12-07-21.01 - dirk 23/07/2012 19:33:53.3.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2429.1158 [GMT 2:00] Gestart vanuit: c:\users\dirk\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\dirk\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\drivers\etc\hosts.ics . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-23 to 2012-07-23 )))))))))))))))))))))))))))))) . . 2012-07-23 18:00 . 2012-07-23 18:00 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-07-23 18:00 . 2012-07-23 18:00 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-20 14:03 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{22C6C561-A12F-4E0C-9E8C-B7A0B8122703}\mpengine.dll 2012-07-19 14:47 . 2012-07-19 14:47 -------- d-----w- c:\program files\Hewlett-Packard 2012-07-19 14:47 . 2012-07-19 14:47 -------- d-----w- c:\program files\HP Photo Creations 2012-07-19 14:47 . 2012-07-19 14:47 -------- d-----w- c:\programdata\HP Photo Creations 2012-07-19 14:46 . 2012-07-19 14:46 -------- d-----w- c:\users\dirk\AppData\Roaming\HpUpdate 2012-07-19 14:45 . 2011-06-08 16:06 544616 ------w- c:\windows\system32\HPDiscoPMa211.dll 2012-07-19 14:40 . 2012-07-19 14:40 -------- d-----w- c:\programdata\HP 2012-07-19 14:40 . 2012-07-19 14:46 -------- d-----w- c:\program files\HP 2012-07-19 14:39 . 2012-07-19 14:52 -------- d-----w- c:\users\dirk\AppData\Local\HP 2012-07-13 01:44 . 2012-06-13 13:40 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-07-12 08:44 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-07-12 08:44 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-07-12 08:44 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-07-12 08:44 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-12 08:44 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll 2012-07-12 08:44 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-09 14:12 . 2012-07-09 14:12 -------- d-----w- c:\program files\iPod 2012-07-09 14:12 . 2012-07-09 14:16 -------- d-----w- c:\program files\iTunes 2012-07-05 18:54 . 2012-07-05 18:54 -------- d-----w- c:\users\dirk\AppData\Local\Scansoft 2012-07-05 18:11 . 2012-07-05 18:11 -------- d-----w- c:\program files\Nuance 2012-07-05 18:09 . 2012-07-05 18:09 -------- d-----w- c:\programdata\InstallShield 2012-07-05 18:06 . 2012-07-05 18:06 -------- d-----w- c:\program files\Common Files\ScanSoft Shared 2012-07-05 18:06 . 2012-07-05 18:06 -------- d-----w- c:\program files\ScanSoft 2012-07-05 18:06 . 2012-07-05 18:10 -------- d-----w- c:\programdata\ScanSoft 2012-07-05 17:57 . 2012-07-05 17:57 -------- d-----r- c:\users\dirk\AppData\Roaming\Brother 2012-07-05 17:51 . 2012-07-05 17:51 -------- d-----w- c:\programdata\Brother . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-03 11:46 . 2010-10-14 07:49 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-02 22:19 . 2012-06-21 05:42 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 05:42 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 05:41 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 05:41 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-21 05:42 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:12 . 2012-06-21 05:42 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12 . 2012-06-21 05:41 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-21 05:41 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:12 . 2012-06-21 05:41 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-05-31 10:25 . 2010-03-05 19:10 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-05-01 14:03 . 2012-06-14 10:24 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-17 16:02 . 2012-05-22 20:16 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2010-06-12 13:49 . 2010-06-12 13:50 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-06 23:15 123536 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-19 68856] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] "HP Deskjet 3070 B611 series (NET)"="c:\program files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" [2011-06-08 1804648] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-12 30192] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440] "RtHDVCpl"="RtHDVCpl.exe" [2008-09-19 6294048] "Skytel"="Skytel.exe" [2008-09-19 1833504] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-12-17 858632] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-09-11 544768] "ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-10-08 147456] "CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-10-08 167936] "PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-10-17 167936] "NoteBurner"="c:\program files\NoteBurner\VTBurnerGUI.exe" [2009-07-01 5668864] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2010-02-05 2056192] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-06 4241512] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ SANTIS USB and PC Card Utility.lnk - c:\program files\Siemens\SANTIS WLAN\WlanMonitor.exe [2003-4-2 491520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 21:59] . 2012-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 21:59] . 2012-07-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3773876927-1981744324-3705480347-1000Core.job - c:\users\dirk\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-23 21:59] . 2012-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3773876927-1981744324-3705480347-1000UA.job - c:\users\dirk\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-23 21:59] . 2012-07-23 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . 2011-01-06 c:\windows\Tasks\User_Feed_Synchronization-{E50DD964-1464-4ED5-AF0E-326454107249}.job - c:\windows\system32\msfeedssync.exe [2012-03-09 06:37] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0210&m=aspire_8530 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: Add to AMV/AVI Video Converter... - c:\program files\Media Player Utilities 4.36\AMVConverter\grab.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html TCP: DhcpNameServer = 195.130.130.131 195.130.131.131 FF - ProfilePath - c:\users\dirk\AppData\Roaming\Mozilla\Firefox\Profiles\3ukzxx1s.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-23 20:00 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-07-23 20:08:13 ComboFix-quarantined-files.txt 2012-07-23 18:08 ComboFix2.txt 2012-07-23 12:05 ComboFix3.txt 2010-10-31 08:48 . Pre-Run: 176.927.027.200 bytes beschikbaar Post-Run: 176.891.654.144 bytes beschikbaar . - - End Of File - - 092620BE7610EA4E9C11EC3EFA07EEA2
-
ComboFix 12-07-21.01 - dirk 23/07/2012 13:20:13.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2429.1314 [GMT 2:00] Gestart vanuit: c:\users\dirk\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2 .lnk c:\windows\system32\drivers\etc\hosts.ics . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-23 to 2012-07-23 )))))))))))))))))))))))))))))) . . 2012-07-23 11:54 . 2012-07-23 11:54 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-07-23 11:54 . 2012-07-23 11:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-23 10:24 . 2012-07-23 10:24 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{22C6C561-A12F-4E0C-9E8C-B7A0B8122703}\offreg.dll 2012-07-20 14:03 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{22C6C561-A12F-4E0C-9E8C-B7A0B8122703}\mpengine.dll 2012-07-19 14:47 . 2012-07-19 14:47 -------- d-----w- c:\program files\Hewlett-Packard 2012-07-19 14:47 . 2012-07-19 14:47 -------- d-----w- c:\program files\HP Photo Creations 2012-07-19 14:47 . 2012-07-19 14:47 -------- d-----w- c:\programdata\HP Photo Creations 2012-07-19 14:46 . 2012-07-19 14:46 -------- d-----w- c:\users\dirk\AppData\Roaming\HpUpdate 2012-07-19 14:45 . 2011-06-08 16:06 544616 ------w- c:\windows\system32\HPDiscoPMa211.dll 2012-07-19 14:40 . 2012-07-19 14:40 -------- d-----w- c:\programdata\HP 2012-07-19 14:40 . 2012-07-19 14:46 -------- d-----w- c:\program files\HP 2012-07-19 14:39 . 2012-07-19 14:52 -------- d-----w- c:\users\dirk\AppData\Local\HP 2012-07-13 01:44 . 2012-06-13 13:40 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-07-12 08:44 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-07-12 08:44 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-07-12 08:44 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-07-12 08:44 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-12 08:44 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll 2012-07-12 08:44 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-09 14:12 . 2012-07-09 14:12 -------- d-----w- c:\program files\iPod 2012-07-09 14:12 . 2012-07-09 14:16 -------- d-----w- c:\program files\iTunes 2012-07-05 18:54 . 2012-07-05 18:54 -------- d-----w- c:\users\dirk\AppData\Local\Scansoft 2012-07-05 18:11 . 2012-07-05 18:11 -------- d-----w- c:\program files\Nuance 2012-07-05 18:09 . 2012-07-05 18:09 -------- d-----w- c:\programdata\InstallShield 2012-07-05 18:06 . 2012-07-05 18:06 -------- d-----w- c:\program files\Common Files\ScanSoft Shared 2012-07-05 18:06 . 2012-07-05 18:06 -------- d-----w- c:\program files\ScanSoft 2012-07-05 18:06 . 2012-07-05 18:10 -------- d-----w- c:\programdata\ScanSoft 2012-07-05 17:57 . 2012-07-05 17:57 -------- d-----r- c:\users\dirk\AppData\Roaming\Brother 2012-07-05 17:51 . 2012-07-05 17:51 -------- d-----w- c:\programdata\Brother . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-03 11:46 . 2010-10-14 07:49 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-02 22:19 . 2012-06-21 05:42 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 05:42 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 05:41 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 05:41 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-21 05:42 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:12 . 2012-06-21 05:42 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12 . 2012-06-21 05:41 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-21 05:41 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:12 . 2012-06-21 05:41 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-05-31 10:25 . 2010-03-05 19:10 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-05-01 14:03 . 2012-06-14 10:24 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-17 16:02 . 2012-05-22 20:16 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2010-06-12 13:49 . 2010-06-12 13:50 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-06 23:15 123536 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-19 68856] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] "HP Deskjet 3070 B611 series (NET)"="c:\program files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" [2011-06-08 1804648] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-12 30192] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440] "RtHDVCpl"="RtHDVCpl.exe" [2008-09-19 6294048] "Skytel"="Skytel.exe" [2008-09-19 1833504] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-12-17 858632] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-09-11 544768] "ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-10-08 147456] "CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-10-08 167936] "PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-10-17 167936] "NoteBurner"="c:\program files\NoteBurner\VTBurnerGUI.exe" [2009-07-01 5668864] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2010-02-05 2056192] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-06 4241512] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ SANTIS USB and PC Card Utility.lnk - c:\program files\Siemens\SANTIS WLAN\WlanMonitor.exe [2003-4-2 491520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 21:59] . 2012-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 21:59] . 2012-07-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3773876927-1981744324-3705480347-1000Core.job - c:\users\dirk\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-23 21:59] . 2012-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3773876927-1981744324-3705480347-1000UA.job - c:\users\dirk\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-23 21:59] . 2012-07-23 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . 2011-01-06 c:\windows\Tasks\User_Feed_Synchronization-{E50DD964-1464-4ED5-AF0E-326454107249}.job - c:\windows\system32\msfeedssync.exe [2012-03-09 06:37] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0210&m=aspire_8530 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: Add to AMV/AVI Video Converter... - c:\program files\Media Player Utilities 4.36\AMVConverter\grab.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html TCP: DhcpNameServer = 195.130.130.131 195.130.131.131 FF - ProfilePath - c:\users\dirk\AppData\Roaming\Mozilla\Firefox\Profiles\3ukzxx1s.default\ FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - hxxp://search.bearshare.com//web?src=ffb&appid=44&systemid=2&sr=0&q= . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-23 13:55 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-07-23 14:05:46 ComboFix-quarantined-files.txt 2012-07-23 12:05 ComboFix2.txt 2010-10-31 08:48 . Pre-Run: 176.404.217.856 bytes beschikbaar Post-Run: 178.447.175.680 bytes beschikbaar . - - End Of File - - C9675B553279B3737239670FA6655EDC
-
Malwarebytes Anti-Malware (-evaluatieversie-) 1.62.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2012.07.21.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 dirk :: PC_VAN_DIRK [administrator] Realtime bescherming: Ingeschakeld 21/07/2012 21:36:55 mbam-log-2012-07-21 (21-36-55).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 200335 Verstreken tijd: 23 minuut/minuten, 28 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:09:42, on 21/07/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\RtHDVCpl.exe C:\Windows\PLFSetI.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files\NoteBurner\VTBurnerGUI.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\dirk\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Siemens\SANTIS WLAN\WlanMonitor.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe C:\Windows\system32\taskeng.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicator.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [NoteBurner] C:\Program Files\NoteBurner\VTBurnerGUI.exe /silence O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\dirk\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1CF6637S05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: SANTIS USB and PC Card Utility.lnk = C:\Program Files\Siemens\SANTIS WLAN\WlanMonitor.exe O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files\Media Player Utilities 4.36\AMVConverter\grab.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - c:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 13373 bytes
-
dit is de malware log Malwarebytes Anti-Malware (-evaluatieversie-) 1.62.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2012.07.20.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 dirk :: PC_VAN_DIRK [administrator] Realtime bescherming: Ingeschakeld 20/07/2012 19:17:49 mbam-log-2012-07-20 (19-17-49).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 200141 Verstreken tijd: 19 minuut/minuten, 43 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) dit is de nieuwe hijack log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:42:28, on 20/07/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\RtHDVCpl.exe C:\Windows\PLFSetI.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\System32\mobsync.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files\NoteBurner\VTBurnerGUI.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Users\dirk\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Siemens\SANTIS WLAN\WlanMonitor.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Windows\ehome\ehmsas.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [NoteBurner] C:\Program Files\NoteBurner\VTBurnerGUI.exe /silence O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [7D5B765234DA1A58E8678A64464448C0] "C:\Program Files\Common Files\BitDefender\SetupInformation\{CFB8BDCE-8814-4B9A-8EA9-31DB74FEF0AE}\setuplauncher.exe" /run:"C:\Program Files\Common Files\BitDefender\SetupInformation\{CFB8BDCE-8814-4B9A-8EA9-31DB74FEF0AE}\setup.exe" /args:"qscan /after_restart" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\dirk\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1CF6637S05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: SANTIS USB and PC Card Utility.lnk = C:\Program Files\Siemens\SANTIS WLAN\WlanMonitor.exe O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files\Media Player Utilities 4.36\AMVConverter\grab.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - c:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 14517 bytes
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:00:07, on 20/07/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\RtHDVCpl.exe C:\Windows\PLFSetI.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\System32\mobsync.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files\NoteBurner\VTBurnerGUI.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Users\dirk\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Siemens\SANTIS WLAN\WlanMonitor.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Windows\ehome\ehmsas.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\dirk\Documents\computer\HijackThis.exe C:\Windows\system32\SearchProtocolHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [NoteBurner] C:\Program Files\NoteBurner\VTBurnerGUI.exe /silence O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [7D5B765234DA1A58E8678A64464448C0] "C:\Program Files\Common Files\BitDefender\SetupInformation\{CFB8BDCE-8814-4B9A-8EA9-31DB74FEF0AE}\setuplauncher.exe" /run:"C:\Program Files\Common Files\BitDefender\SetupInformation\{CFB8BDCE-8814-4B9A-8EA9-31DB74FEF0AE}\setup.exe" /args:"qscan /after_restart" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\dirk\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1CF6637S05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: SANTIS USB and PC Card Utility.lnk = C:\Program Files\Siemens\SANTIS WLAN\WlanMonitor.exe O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files\Media Player Utilities 4.36\AMVConverter\grab.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - c:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 14294 bytes
-
Ik weet niet wat er aan de hand is, maar een filmpje afspelen lukt niet mleer in Youtube, cpu 100 en de computer valt uit als ik in slaapmodus of sluimerstand heb gezet. Ik heb een keer moeten opstarten dat hij " alles moest recupereren" maar toen bleek er verder niks aande hand. Ik begrijp er niks van ben een computerleek. Wie kan me helpen mijn mail is PC Helpforum moderator bericht: email adres verwijderd ter bescherming van je privacy. Jion
OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!