Ga naar inhoud

Aanbevolen berichten

Geplaatst: (aangepast)

Beste mensen,

Mijn pc herkent mijn usb hub niet als ik mijn mobiel erop aansluit.

het gebeurde na dat er een scan is geweest van Reg tool.

Hier bij stuur ik een logje mee, willen jullie ernaar kijken?

mvg,

Ricardo

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:00:06, on 18-6-2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Boot mode: Normal

Running processes:

I:\WINDOWS\System32\smss.exe

I:\WINDOWS\system32\winlogon.exe

I:\WINDOWS\system32\services.exe

I:\WINDOWS\system32\lsass.exe

I:\WINDOWS\system32\Ati2evxx.exe

I:\WINDOWS\system32\svchost.exe

I:\WINDOWS\System32\svchost.exe

I:\WINDOWS\system32\svchost.exe

I:\WINDOWS\system32\Ati2evxx.exe

I:\WINDOWS\system32\spoolsv.exe

I:\WINDOWS\system32\rundll32.exe

L:\yntaa foto\YuntaaManager.exe

I:\WINDOWS\Explorer.EXE

I:\Program Files\Bonjour\mDNSResponder.exe

I:\WINDOWS\eHome\ehRecvr.exe

I:\WINDOWS\eHome\ehSched.exe

I:\WINDOWS\system32\gearsec.exe

I:\Program Files\Java\jre6\bin\jqs.exe

I:\Program Files\Common Files\LightScribe\LSSrvc.exe

I:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\opssvc.exe

I:\WINDOWS\system32\IoctlSvc.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE

I:\PROGRA~1\QUICKH~1\QUICKH~1\quhlpsvc.exe

I:\Program Files\Cyberlink\Shared Files\RichVideo.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\scanwscs.exe

I:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

I:\Program Files\SPAMfighter\sfus.exe

I:\WINDOWS\system32\svchost.exe

L:\tomtom back up\TomTom HOME 2\TomTomHOMEService.exe

I:\WINDOWS\system32\wscntfy.exe

I:\WINDOWS\system32\dllhost.exe

I:\WINDOWS\ehome\ehtray.exe

I:\WINDOWS\eHome\ehmsas.exe

I:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

I:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe

I:\Program Files\PC Connectivity Solution\ServiceLayer.exe

I:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

I:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

I:\WINDOWS\RTHDCPL.EXE

I:\WINDOWS\tsnpstd3.exe

I:\WINDOWS\PixArt\PAC207\Monitor.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE

I:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe

I:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe

I:\Program Files\Philips\SA19XX\Philips Device Manager\Bin\DeviceManager.exe

I:\Program Files\Canon\MyPrinter\BJMyPrt.exe

I:\Program Files\SPAMfighter\SFAgent.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\scanmsg.exe

L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\Acrotray.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\OnlineNT.EXE

I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

E:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe

I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

E:\backup K Schijf applicaties\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe

I:\WINDOWS\system32\SearchIndexer.exe

L:\tomtom back up\TomTom HOME 2\TomTomHOMERunner.exe

I:\WINDOWS\system32\ctfmon.exe

L:\bestanden en set ups\Nokia PC Suite 7\Nokia PC Suite 7\PCSuite.exe

I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

I:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

I:\Program Files\Internet Explorer\IEXPLORE.EXE

I:\Program Files\Windows Live\Toolbar\wltuser.exe

I:\WINDOWS\system32\SearchProtocolHost.exe

I:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Tropal.net

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: (no name) - {074C1DC5-9320-4A9A-947D-C042949C6216} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\BA5FEC~1\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll

O2 - BHO: EmailBHO - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - E:\backup G Schijf bestuuring\Program Files\jZip\WebmailPlugin.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - I:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - I:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - I:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - I:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: (no name) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - (no file)

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [ehTray] I:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [GrooveMonitor] "I:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] I:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NSLauncher] I:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [tsnpstd3] I:\WINDOWS\tsnpstd3.exe

O4 - HKLM\..\Run: [PAC207_Monitor] I:\WINDOWS\PixArt\PAC207\Monitor.exe

O4 - HKLM\..\Run: I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE

O4 - HKLM\..\Run: [ResumeQuickupDownload] I:\PROGRA~1\QUICKH~1\QUICKH~1\acappaa.exe

O4 - HKLM\..\Run: [Quick Heal Monitor] I:\PROGRA~1\QUICKH~1\QUICKH~2\op_mon.exe /tray /noservice

O4 - HKLM\..\Run: [Resume Quickup] I:\PROGRA~1\QUICKH~1\QUICKH~1\QuickUp.exe /resumei /silent /show

O4 - HKLM\..\Run: [Google Quick Search Box] "I:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [NokiaMServer] I:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles

O4 - HKLM\..\Run: [PhilipsDM\SA1916] I:\Program Files\Philips\SA19XX\Philips Device Manager\Bin\DeviceManager.exe OS_STARTUP

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] I:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [CanonMyPrinter] I:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [CanonSolutionMenu] I:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [sPAMfighter Agent] "I:\Program Files\SPAMfighter\SFAgent.exe" update delay 60

O4 - HKLM\..\Run: [Messenger] I:\PROGRA~1\QUICKH~1\QUICKH~1\scanmsg.exe

O4 - HKLM\..\Run: [On-Line Protection] I:\PROGRA~1\QUICKH~1\QUICKH~1\cateye.exe

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [NBKeyScan] "I:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "E:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"

O4 - HKCU\..\Run: [swg] "I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] E:\backup K Schijf applicaties\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [TomTomHOME.exe] "L:\tomtom back up\TomTom HOME 2\TomTomHOMERunner.exe" -s

O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [PC Suite Tray] "L:\bestanden en set ups\Nokia PC Suite 7\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKCU\..\Run: [AdobeUpdater6] "I:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: LimeWire On Startup.lnk = L:\limewire\LimeWire.exe

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = I:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: Append to existing PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Google Sidewiki... - res://I:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - I:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - I:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\BA5FEC~1\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\BA5FEC~1\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll

O16 - DPF: {0DBF2423-33D3-4084-B83E-6A3661F2CD46} (Album Upload Software Control) - http://www.mijnalbum.nl/v3/skinsrc/core/system/6.5.6/ImageUploader6.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - I:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Quick Heal Client Security Service (acssrv) - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~2\acs.exe

O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - I:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - I:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: gearsec - GEAR Software - I:\WINDOWS\system32\gearsec.exe

O23 - Service: Google Updateservice (gupdate1ca2d47d79bc69e) (gupdate1ca2d47d79bc69e) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - I:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - I:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: Online Protection System - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~1\opssvc.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - I:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Quick Heal Antivirus Plus Mail Protection - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE

O23 - Service: Quick Update Service - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~1\quhlpsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - I:\Program Files\Cyberlink\Shared Files\RichVideo.exe

O23 - Service: Quick Heal Helper Service WSC (ScanWscS) - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~1\scanwscs.exe

O23 - Service: ServiceLayer - Nokia - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - I:\Program Files\SPAMfighter\sfus.exe

O23 - Service: SPYWAREfighterRP - SpamFighter APS - I:\Program Files\SPYWAREfighter\spfprc.exe

O23 - Service: TomTomHOMEService - TomTom - L:\tomtom back up\TomTom HOME 2\TomTomHOMEService.exe

--

End of file - 16009 bytes

aangepast door stegisoft
Geplaatst:

Het is niet de eerste keer dat er iets niet werkt wanneer Regtool bezig is geweest.

Heb je ook iets laten verwijderen met Regtool? Hij heeft gescand en ik heb op ok geklkt, neem aan dat hij het een en ander heeft verwijderd.

Een backup gemaakt van je register? Nee dat heb ik niet ,een systeemherstel heeft ook niet mogen baten.

Geplaatst:

Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator" of "Uitvoeren als administrator". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555

O2 - BHO: (no name) - {074C1DC5-9320-4A9A-947D-C042949C6216} - (no file)

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)

O3 - Toolbar: (no name) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - (no file)

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

Geplaatst:

RegTool is een valse registercleaner waarbij door valse meldingen aangegeven wordt dat het systeem fouten vertoond en waarbij je aangemoedigd wordt om dit pakket te kopen. Het verbetert echter niets in je register ... en zorgt integendeel alleen maar voor extra spyware- en andere problemen.

Voer de opdrachten van Kweezie Wabbitt maar uit. Dat is een start om dit fake registertool te verwijderen van je PC.

Geplaatst:

Bij deze de gevraagde logjes.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:11:13, on 19-6-2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Boot mode: Normal

Running processes:

I:\WINDOWS\System32\smss.exe

I:\WINDOWS\system32\winlogon.exe

I:\WINDOWS\system32\services.exe

I:\WINDOWS\system32\lsass.exe

I:\WINDOWS\system32\Ati2evxx.exe

I:\WINDOWS\system32\svchost.exe

I:\WINDOWS\System32\svchost.exe

I:\WINDOWS\system32\svchost.exe

I:\WINDOWS\system32\Ati2evxx.exe

I:\WINDOWS\system32\spoolsv.exe

I:\WINDOWS\system32\rundll32.exe

I:\Program Files\Bonjour\mDNSResponder.exe

I:\WINDOWS\eHome\ehRecvr.exe

I:\WINDOWS\eHome\ehSched.exe

I:\WINDOWS\system32\gearsec.exe

I:\Program Files\Java\jre6\bin\jqs.exe

I:\Program Files\Common Files\LightScribe\LSSrvc.exe

I:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\opssvc.exe

I:\WINDOWS\system32\IoctlSvc.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE

I:\PROGRA~1\QUICKH~1\QUICKH~1\quhlpsvc.exe

I:\Program Files\Cyberlink\Shared Files\RichVideo.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\scanwscs.exe

I:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

I:\Program Files\SPAMfighter\sfus.exe

I:\WINDOWS\system32\svchost.exe

L:\tomtom back up\TomTom HOME 2\TomTomHOMEService.exe

I:\WINDOWS\system32\SearchIndexer.exe

I:\WINDOWS\system32\dllhost.exe

I:\WINDOWS\system32\wscntfy.exe

L:\yntaa foto\YuntaaManager.exe

I:\WINDOWS\Explorer.EXE

I:\WINDOWS\ehome\ehtray.exe

I:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

I:\WINDOWS\eHome\ehmsas.exe

I:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe

I:\Program Files\PC Connectivity Solution\ServiceLayer.exe

I:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

I:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

I:\WINDOWS\RTHDCPL.EXE

I:\WINDOWS\tsnpstd3.exe

I:\WINDOWS\PixArt\PAC207\Monitor.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE

I:\PROGRA~1\QUICKH~1\QUICKH~1\QuickUp.exe

I:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe

I:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe

I:\Program Files\Philips\SA19XX\Philips Device Manager\Bin\DeviceManager.exe

I:\Program Files\Canon\MyPrinter\BJMyPrt.exe

I:\Program Files\SPAMfighter\SFAgent.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\scanmsg.exe

L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\Acrotray.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\OnlineNT.EXE

I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

I:\WINDOWS\system32\msiexec.exe

E:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe

I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

E:\backup K Schijf applicaties\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe

L:\tomtom back up\TomTom HOME 2\TomTomHOMERunner.exe

I:\WINDOWS\system32\ctfmon.exe

L:\bestanden en set ups\Nokia PC Suite 7\Nokia PC Suite 7\PCSuite.exe

I:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

I:\Program Files\Internet Explorer\IEXPLORE.EXE

I:\Program Files\Windows Live\Toolbar\wltuser.exe

I:\Program Files\Trend Micro\HijackThis\HijackThis.exe

I:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Tropal.net

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\BA5FEC~1\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll

O2 - BHO: EmailBHO - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - E:\backup G Schijf bestuuring\Program Files\jZip\WebmailPlugin.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - I:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - I:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - I:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - I:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [ehTray] I:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [GrooveMonitor] "I:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] I:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NSLauncher] I:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [tsnpstd3] I:\WINDOWS\tsnpstd3.exe

O4 - HKLM\..\Run: [PAC207_Monitor] I:\WINDOWS\PixArt\PAC207\Monitor.exe

O4 - HKLM\..\Run: I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE

O4 - HKLM\..\Run: [ResumeQuickupDownload] I:\PROGRA~1\QUICKH~1\QUICKH~1\acappaa.exe

O4 - HKLM\..\Run: [Quick Heal Monitor] I:\PROGRA~1\QUICKH~1\QUICKH~2\op_mon.exe /tray /noservice

O4 - HKLM\..\Run: [Resume Quickup] I:\PROGRA~1\QUICKH~1\QUICKH~1\QuickUp.exe /resumei /silent /show

O4 - HKLM\..\Run: [Google Quick Search Box] "I:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [NokiaMServer] I:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles

O4 - HKLM\..\Run: [PhilipsDM\SA1916] I:\Program Files\Philips\SA19XX\Philips Device Manager\Bin\DeviceManager.exe OS_STARTUP

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] I:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [CanonMyPrinter] I:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [CanonSolutionMenu] I:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [sPAMfighter Agent] "I:\Program Files\SPAMfighter\SFAgent.exe" update delay 60

O4 - HKLM\..\Run: [Messenger] I:\PROGRA~1\QUICKH~1\QUICKH~1\scanmsg.exe

O4 - HKLM\..\Run: [On-Line Protection] I:\PROGRA~1\QUICKH~1\QUICKH~1\cateye.exe

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [NBKeyScan] "I:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "E:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"

O4 - HKCU\..\Run: [swg] "I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] E:\backup K Schijf applicaties\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [TomTomHOME.exe] "L:\tomtom back up\TomTom HOME 2\TomTomHOMERunner.exe" -s

O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [PC Suite Tray] "L:\bestanden en set ups\Nokia PC Suite 7\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKCU\..\Run: [AdobeUpdater6] "I:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: LimeWire On Startup.lnk = L:\limewire\LimeWire.exe

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = I:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: Append to existing PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://L:\bestanden en set ups\C3 adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Google Sidewiki... - res://I:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - I:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - I:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\BA5FEC~1\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\BA5FEC~1\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll

O16 - DPF: {0DBF2423-33D3-4084-B83E-6A3661F2CD46} (Album Upload Software Control) - http://www.mijnalbum.nl/v3/skinsrc/core/system/6.5.6/ImageUploader6.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - I:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Quick Heal Client Security Service (acssrv) - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~2\acs.exe

O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - I:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - I:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: gearsec - GEAR Software - I:\WINDOWS\system32\gearsec.exe

O23 - Service: Google Updateservice (gupdate1ca2d47d79bc69e) (gupdate1ca2d47d79bc69e) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - I:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - I:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: Online Protection System - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~1\opssvc.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - I:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Quick Heal Antivirus Plus Mail Protection - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE

O23 - Service: Quick Update Service - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~1\quhlpsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - I:\Program Files\Cyberlink\Shared Files\RichVideo.exe

O23 - Service: Quick Heal Helper Service WSC (ScanWscS) - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~1\scanwscs.exe

O23 - Service: ServiceLayer - Nokia - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - I:\Program Files\SPAMfighter\sfus.exe

O23 - Service: SPYWAREfighterRP - SpamFighter APS - I:\Program Files\SPYWAREfighter\spfprc.exe

O23 - Service: TomTomHOMEService - TomTom - L:\tomtom back up\TomTom HOME 2\TomTomHOMEService.exe

--

End of file - 15627 bytes

=====================================================

mbam log.

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Databaseversie: 4215

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

19-6-2010 16:56:06

mbam-log-2010-06-19 (16-56-06).txt

Scantype: Snelle scan

Objecten gescand: 186841

Verstreken tijd: 10 minuut/minuten, 12 seconde(n)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 2

Registerwaarden geïnfecteerd: 0

Registerdata geïnfecteerd: 0

Mappen geïnfecteerd: 7

Bestanden geïnfecteerd: 53

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:

HKEY_CURRENT_USER\Software\Reg-Tool (Rogue.RegTool) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Reg-Tool (Rogue.RegTool) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:

I:\Documents and Settings\All Users.WINDOWS\Application Data\18173124 (Rogue.Multiple) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Logs (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\PCOBackups (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160 (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Results (Rogue.RegTool) -> Quarantined and deleted successfully.

Bestanden geïnfecteerd:

I:\Documents and Settings\All Users.WINDOWS\Application Data\18173124\18173124 (Rogue.Multiple) -> Quarantined and deleted successfully.

I:\Documents and Settings\All Users.WINDOWS\Application Data\18173124\pc18173124ins (Rogue.Multiple) -> Quarantined and deleted successfully.

I:\Documents and Settings\All Users.WINDOWS\Application Data\18173124\pc18173124reg (Rogue.Multiple) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\spy_ignore.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Logs\2010-01-17 22-19-090.log (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Logs\2010-01-17 22-20-020.log (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Logs\2010-01-17 23-30-460.log (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Logs\2010-01-18 15-42-240.log (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Logs\2010-01-18 16-00-570.log (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Logs\2010-01-19 09-50-570.log (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Logs\2010-01-19 10-18-360.log (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Logs\2010-01-19 12-00-000.log (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Logs\2010-01-19 12-00-001.log (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Logs\2010-01-20 23-13-420.log (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\filelist.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-0.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-1.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-10.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-11.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-12.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-13.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-14.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-15.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-16.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-17.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-18.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-19.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-2.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-20.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-21.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-22.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-23.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-24.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-25.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-26.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-27.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-28.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-29.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-3.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-30.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-31.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-32.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-4.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-5.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-6.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-7.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-8.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\QuarantineW\2010-01-20 23-18-160\regb-9.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Results\Evidence.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Results\Junk.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Results\Registry.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\Hill.RICARDO\Application Data\Reg-Tool\Results\Update.db (Rogue.RegTool) -> Quarantined and deleted successfully.

I:\Documents and Settings\All Users.WINDOWS\Menu Start\Programma's\AntiMalware\AntiMalware.lnk (Rogue.AntiMalware) -> Quarantined and deleted successfully.

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.