Vraag & Antwoord

Beveiliging & privacy

Hijackthis Logfile - Wie wil dit even controleren???

36 antwoorden
  • Tijdens het internetten wordt de verschijnen er plots allerlei Reklame sites spontaan????? Wie wil deze logfile even controleren??? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:58:56, on 8-10-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Common Files\Teleca Shared\logger.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\conime.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\HTC\HTC Sync\Sync Manager\syncindicator.exe C:\Program Files\Babylon\Babylon-Pro\Babylon.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Ashampoo\Ashampoo Snap 3\ashsnap.exe C:\Program Files\Summitsoft\Logo Design Studio Trial\LogoDesignStudio.exe C:\Program Files\uTorrent\uTorrent.exe C:\Windows\msa.exe C:\Program Files\Corel\CorelDRAW Graphics Suite X4\Programs\CorelDRW.exe C:\Users\Meine\AppData\Local\Temp\b.exe C:\Windows\system32\ctfmon.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\Windows\system32\msxml71.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [GoMail Scheduler] C:\Program Files\ExecuteIT\GoMail Standard Edition\\gschedule.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [googletalk] C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart O4 - HKCU\..\Run: [PopRock] C:\Users\Meine\AppData\Local\Temp\b.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe O4 - Global Startup: web'n'walk Manager.lnk = C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) - http://photosmart.hpphoto.com/Download/HPeServicesLocalPrint.CAB O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1241683251658 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A76EAEC2-ADE8-46D3-AB78-AE6FE77E3649}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CCS\Services\Tcpip\..\{BB213A3A-B7CC-483F-BB3E-4D4672AD4807}: NameServer = 208.67.222.222,208.67.220.220 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O20 - AppInit_DLLs: avgrsstx.dll acaptuser32.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: GtDetectSc - OptionNV - C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe O23 - Service: Google Updateservice (gupdate1ca08772da920b2) (gupdate1ca08772da920b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 15916 bytes
  • Hallo Meine, je hebt inderdaad een besmetting in je Windows. Bovendien: mogelijk is AVG beschadigd - maar daar kom ik naderhand nog op terug. Doe eerst de volgende stappen: 1) download, installeer en blijf [b:97bfc7bb97]MBAM[/b:97bfc7bb97] gebruiken. Al meteen na de installatie wil [b:97bfc7bb97]MBAM[/b:97bfc7bb97] zijn database opwaarderen – toestaan dus. Ook bij herhaald gebruik: eerst de tab [b:97bfc7bb97]Update[/b:97bfc7bb97] aandoen! [url=http://www.idealsoftware.nl/MBAM/][b:97bfc7bb97]Download MBAM[/b:97bfc7bb97][/url] Start [b:97bfc7bb97]MBAM[/b:97bfc7bb97] en kies voor [b:97bfc7bb97]Snelle Scan[/b:97bfc7bb97] Het scannen kan een tijdje duren, dus wees geduldig. Wanneer de scan voltooid is, klik dan op de knop [b:97bfc7bb97]OK[/b:97bfc7bb97] , daarna op de knop [b:97bfc7bb97]Bekijk Resultaten[/b:97bfc7bb97] om de resultaten te zien. Zorg ervoor dat daar alles aangevinkt is, daarna klikken op: [b:97bfc7bb97]Verwijder geselecteerde[/b:97bfc7bb97] . Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. Het log wordt automatisch bewaard door [b:97bfc7bb97]MBAM[/b:97bfc7bb97] en dat kan je terugvinden door op de tab [b:97bfc7bb97]Logs[/b:97bfc7bb97] te klikken in [b:97bfc7bb97]MBAM[/b:97bfc7bb97] . Indien [b:97bfc7bb97]MBAM[/b:97bfc7bb97] moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op [b:97bfc7bb97]OK[/b:97bfc7bb97] klikken! Daarna zal [b:97bfc7bb97]MBAM[/b:97bfc7bb97] vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt. 2) [COLOR="Navy"][b:97bfc7bb97]Hierna een nieuw Hijack This Log aanmaken en het resultaat daarvan samen met het eerste scanresultaat van MBAM posten; tevens een Uninstall-lijst posten (Start HijackThis, klik op de knop [COLOR="RoyalBlue"]Open the Misc Tools section[/COLOR], dan op de knop [COLOR="RoyalBlue"]Open Uninstall Manager[/COLOR] en als laatse op de knop [COLOR="royalblue"]Save)[/COLOR] [/b:97bfc7bb97].[/COLOR]
  • Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:59:49, on 9-10-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Teleca Shared\logger.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\conime.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\HTC\HTC Sync\Sync Manager\syncindicator.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [GoMail Scheduler] C:\Program Files\ExecuteIT\GoMail Standard Edition\\gschedule.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [googletalk] C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe O4 - Global Startup: web'n'walk Manager.lnk = C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) - http://photosmart.hpphoto.com/Download/HPeServicesLocalPrint.CAB O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1241683251658 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A76EAEC2-ADE8-46D3-AB78-AE6FE77E3649}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CCS\Services\Tcpip\..\{BB213A3A-B7CC-483F-BB3E-4D4672AD4807}: NameServer = 208.67.222.222,208.67.220.220 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O20 - AppInit_DLLs: avgrsstx.dll acaptuser32.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: GtDetectSc - OptionNV - C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe O23 - Service: Google Updateservice (gupdate1ca08772da920b2) (gupdate1ca08772da920b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 15748 bytes 7-Zip 4.60 beta Aangifte loonheffingen 2009 Acrobat.com ActiveCheck component for HP Active Support Library Add or Remove Adobe Creative Suite 4 Master Collection Adobe Acrobat 9 Pro Extended - English, Français, Deutsch Adobe Acrobat 9 Pro Extended - English, Français, Deutsch Adobe After Effects CS4 Adobe After Effects CS4 Presets Adobe After Effects CS4 Template Projects & Footage Adobe After Effects CS4 Third Party Content Adobe AIR Adobe AIR Adobe Anchor Service CS4 Adobe Asset Services CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe Color - Photoshop Specific CS4 Adobe Color EU Extra Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Recommended Settings CS4 Adobe Color Video Profiles AE CS4 Adobe Color Video Profiles CS CS4 Adobe Contribute CS4 Adobe Creative Suite 4 Master Collection Adobe Device Central CS4 Adobe Dreamweaver CS4 Adobe ExtendScript Toolkit CS4 Adobe Fireworks CS4 Adobe Flash CS4 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Fonts All Adobe Illustrator CS4 Adobe InDesign CS3 Icon Handler Adobe InDesign CS4 Adobe Linguistics CS4 Adobe Media Encoder CS4 Adobe Media Encoder CS4 Importer Adobe Media Encoder CS4 Importer Adobe Media Player Adobe Media Player Adobe MotionPicture Color Files CS4 Adobe PDF Library Files CS4 Adobe Photoshop CS4 Americas Adobe Photoshop CS4 Core_Americas Adobe Photoshop CS4 English Language Pack Adobe Photoshop CS4 French Language Pack Adobe Photoshop CS4 Spanish Language Pack Adobe Premiere Pro CS4 Adobe Premiere Pro CS4 Functional Content Adobe Premiere Pro CS4 Third Party Content Adobe Reader 9.1.3 - Nederlands Adobe Setup Adobe Setup Adobe Shockwave Player Adobe SING CS3 Adobe Soundbooth CS3 Scores Adobe Soundbooth CS4 Adobe Soundbooth CS4 Codecs Adobe Type Support CS4 Adobe Update Manager CS4 Adobe Version Cue CS4 Client Adobe WinSoft Linguistics Plugin AdobeColorCommonSetCMYK AdobeColorCommonSetRGB AMD USB Audio Driver Filter Apple Application Support Apple Mobile Device Support Apple Software Update Artisteer 2 Ashampoo Snap 3.02 Atheros Driver Installation Program AVG Free 8.5 Babylon Bluetooth Stack for Windows by Toshiba Bonjour Canon MP Navigator EX 1.2 Canon MP190 series MP Drivers Canon My Printer Canon Utilities Easy-PhotoPrint EX Canon Utilities Solution Menu Catalyst Control Center - Branding CCleaner (remove only) Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Compatibiliteitspakket voor het 2007 Microsoft Office system CorelDRAW Graphics Suite X4 CorelDRAW Graphics Suite X4 - Capture CorelDRAW Graphics Suite X4 - Content CorelDRAW Graphics Suite X4 - Draw CorelDRAW Graphics Suite X4 - Filters CorelDRAW Graphics Suite X4 - FontNav CorelDRAW Graphics SUite X4 - ICA CorelDRAW Graphics Suite X4 - IPM CorelDRAW Graphics Suite X4 - Lang NL CorelDRAW Graphics Suite X4 - PP CorelDRAW Graphics Suite X4 - VBA CorelDRAW(R) Graphics Suite X4 CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension CyberLink DVD Suite CyberLink DVD Suite ESU for Microsoft Vista FastImageResizer (remove only) FotoVergroter GoMail Standard Edition Google Calendar Sync Google Chrome Google Earth Google Update Helper Google Updater HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Active Support Library HP Customer Experience Enhancements HP Doc Viewer HP eServices Local Prints and Save HP Help and Support HP MediaSmart DVD HP MediaSmart DVD HP MediaSmart Music/Photo/Video HP MediaSmart Music/Photo/Video HP MediaSmart SmartMenu HP MediaSmart TV HP MediaSmart TV HP MediaSmart Webcam HP MediaSmart Webcam HP Quick Launch Buttons 6.40 H2 HP Total Care Setup HP Update HP User Guides 0129 HP Wireless Assistant HPAsset component for HP Active Support Library HPNetworkAssistant HTC Driver HTC Sync IDT Audio Inkjet Printer/Scanner Extended Survey Program iPhone-configuratieprogramma iTunes Java(TM) 6 Update 15 Java(TM) 6 Update 7 JLC's Internet TV JMicron JMB38X Flash Media Controller LabelPrint LabelPrint LightScribe System Software Logo Design Studio Trial Malwarebytes' Anti-Malware Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access 2003 Runtime Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (PAPEXPRESS) Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 MSXML 4.0 SP2 (KB954430) muvee Mix It Up stylePack muvee Reveal My HP Games neroxml Norton Internet Security OGA Notifier 2.0.0048.0 Pap PDF Settings Photoshop Camera Raw Power2Go Power2Go PowerDirector PowerDirector ProtectSmart Hard Drive Protection QuickTime Readiris Pro 11 Corporate Edition Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB969679) Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Microsoft Office Excel 2007 (KB969682) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office Publisher 2007 (KB969693) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office Word 2007 (KB969604) Security Update for Windows Media Encoder (KB954156) SetupPAPSMTP Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) Skype™ 4.1 Spelling Dictionaries Support For Adobe Reader 9 SPORE Creature Creator Trial Edition Synaptics Pointing Device Driver Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL TeamViewer 4 Uniblue DriverScanner 2009 Uniblue DriverScanner 2009 Uniblue PowerSuite 2009 Uniblue PowerSuite 2009 Uniblue RegistryBooster 2009 Uniblue RegistryBooster 2009 Uniblue SpeedUpMyPC 2009 Uniblue SpeedUpMyPC 2009 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office Outlook 2007 (KB969907) Update for Outlook 2007 Junk Email Filter (kb973514) Update voor het stuurprogramma voor Windows Mobile Apparaatcentrum Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) web'n'walk Manager web'n'walk Manager Windows Live OneCare safety scanner Windows Live OneCare safety scanner Windows Media Encoder 9 Series Windows Media Encoder 9 Series Windows Mobile Apparaatcentrum WinRAR archiver WinZip 12.1 Xilisoft Video Converter Ultimate
  • Hallo Meine - waar is nu het MBAM - log? Dat kan je in MBAM terugvinden via de tab [b:de193430d4]Logs[/b:de193430d4].
  • Malwarebytes' Anti-Malware 1.41 Database versie: 2928 Windows 6.0.6002 Service Pack 2 9-10-2009 12:43:26 mbam-log-2009-10-09 (12-43-26).txt Scan type: Snelle Scan Objecten gescand: 98189 Verstreken tijd: 10 minute(s), 17 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 6 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 1 Bestanden geïnfecteerd: 2 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\poprock (Trojan.Downloader) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: C:\Program Files\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
  • Hallo Meine, wat MBAM ondertussen heeft gebeutraliseerd, is niet niks. Ik raad je dan ook aan, dat [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:965b8b020c]Laat Combofix jouw Windows gaat scannen[/b:965b8b020c] (KLIK)[/url]. [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:965b8b020c]Hoe Combofix goed te gebruiken[/b:965b8b020c] (KLIK)[/url] [b:965b8b020c]Aanvulling: om Combofix te kunnen gebruiken geldt het volgende:[/b:965b8b020c] [b:965b8b020c]- er mogen geen webbrowsers openstaan - antivirus moet geheel gedeaktiveerd zijn - actieve mal- en spywarescanners moeten gedeaktiveerd zijn.[/b:965b8b020c] Niet in het actieve Combofixvnster klikken – dit zal Combofix doen bevriezen! Combofix sluit de internet verbinding – probeer deze tussentijds niet te herstellen! [b:965b8b020c]Vistagebruikers starten Combofix op met Administratorrechten! En vergeten niet Windows Defender tijdelijk uit te schakelen: zie daarvoor [url]http://windowshelp.microsoft.com/Windows/nl-NL/help/31d797aa-091d-4d67-a556-dbfaf21bf0dc1043.mspx[/url] [/b:965b8b020c] [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:965b8b020c]Hier vindt je gegevens hoe antivirus te deaktiveren[/b:965b8b020c] (KLIK)[/url]
  • ComboFix 09-10-08.04 - Meine 09-10-2009 15:26.1.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3069.1718 [GMT 2:00] Gestart vanuit: c:\users\Meine\Documents\008 - Tijdelijk\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-1164616229-2455874707-3530547379-500 c:\windows\Installer\1f7ec.msi c:\windows\Installer\1f7f0.msi c:\windows\Installer\1f7f4.msi c:\windows\Installer\1f7f8.msi c:\windows\Installer\1f7fc.msi c:\windows\Installer\2033df.msi c:\windows\Installer\WMEncoder.msi . (((((((((((((((((((( Bestanden Gemaakt van 2009-09-09 to 2009-10-09 )))))))))))))))))))))))))))))) . 2009-10-09 13:45 . 2009-10-09 13:45 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-10-09 13:45 . 2009-10-09 13:46 -------- d-----w- c:\users\Meine\AppData\Local\temp 2009-10-09 10:26 . 2009-10-09 10:26 -------- d-----w- c:\users\Meine\AppData\Roaming\Malwarebytes 2009-10-09 10:26 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-09 10:26 . 2009-10-09 10:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-10-09 10:26 . 2009-10-09 10:26 -------- d-----w- c:\programdata\Malwarebytes 2009-10-09 10:26 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-10-09 06:43 . 2009-10-09 07:18 -------- d-----w- c:\program files\Windows Live Safety Center 2009-10-08 09:41 . 2009-10-08 09:41 -------- d-----w- c:\users\Meine\AppData\Roaming\Summitsoft 2009-10-08 09:39 . 2009-10-08 09:39 -------- d-----w- c:\windows\Logo Design Studio Trial 2009-10-08 09:39 . 2009-10-08 09:39 -------- d-----w- c:\program files\Summitsoft 2009-10-07 13:03 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll 2009-10-07 13:03 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe 2009-10-07 13:03 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2009-10-07 13:03 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2009-10-07 13:03 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll 2009-10-07 13:03 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-10-07 13:03 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll 2009-10-07 13:02 . 2009-08-06 17:23 171608 ----a-w- c:\windows\system32\wuwebv.dll 2009-10-07 13:02 . 2009-08-06 16:44 33792 ----a-w- c:\windows\system32\wuapp.exe 2009-10-06 07:44 . 2009-10-06 07:44 79367 ----a-w- c:\users\Meine\AppData\Roaming\Google\Google Talk\uninstall.exe 2009-10-04 14:49 . 2009-10-05 10:16 -------- d-----w- c:\users\Meine\AppData\Local\Lookout 2009-10-04 14:48 . 2009-10-04 14:48 -------- d-----w- c:\windows\OfficeCalendar Client 2009-10-04 14:46 . 2009-10-04 14:46 -------- d-----w- c:\windows\OfficeCalendar Server 2009-10-02 21:15 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe 2009-10-02 21:06 . 2009-10-02 21:07 -------- d-----w- c:\users\Meine\AppData\Local\Deployment 2009-10-02 21:06 . 2009-10-02 21:06 -------- d-----w- c:\users\Meine\AppData\Local\Apps 2009-09-29 07:09 . 2009-09-29 07:09 10134 ----a-r- c:\users\Meine\AppData\Roaming\Microsoft\Installer\{939E2189-9B65-41FC-A842-1BBC1588BFD1}\ARPPRODUCTICON.exe 2009-09-29 07:09 . 2009-09-29 07:09 -------- d-----w- C:\virtualroots 2009-09-18 07:01 . 2009-09-18 07:01 24576 ----a-w- c:\windows\system32\drivers\ANDROIDUSB.sys 2009-09-17 17:25 . 2009-09-17 17:25 -------- d-----w- C:\ruu_log 2009-09-17 14:42 . 2009-09-17 14:42 -------- d-----w- c:\users\Meine\AppData\Local\HTC 2009-09-17 14:42 . 2009-09-18 11:03 -------- d-----w- c:\users\Meine\AppData\Roaming\Teleca 2009-09-17 14:40 . 2009-09-17 14:40 -------- d-----w- c:\programdata\HTC 2009-09-17 14:40 . 2009-09-17 14:40 -------- d-----w- c:\program files\Common Files\Teleca Shared 2009-09-17 14:40 . 2009-09-17 14:40 -------- d-----w- c:\programdata\Teleca 2009-09-17 14:38 . 2009-09-17 14:40 -------- d-----w- c:\program files\HTC 2009-09-17 14:38 . 2009-09-17 14:38 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll 2009-09-12 11:55 . 2009-09-12 11:55 -------- d-----w- c:\program files\iPhone-configuratieprogramma 2009-09-12 11:54 . 2009-09-12 11:54 -------- d-----w- c:\users\Meine\AppData\Roaming\Apple Computer 2009-09-12 11:54 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2009-09-12 11:54 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll 2009-09-12 11:52 . 2009-09-12 11:52 -------- d-----w- c:\program files\iPod 2009-09-12 11:52 . 2009-09-12 11:54 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-09-12 11:52 . 2009-09-12 11:54 -------- d-----w- c:\program files\iTunes 2009-09-12 11:50 . 2009-09-12 11:51 -------- d-----w- c:\program files\QuickTime 2009-09-12 11:50 . 2009-09-12 11:52 -------- d-----w- c:\programdata\Apple Computer 2009-09-12 11:43 . 2009-09-12 11:52 -------- d-----w- c:\program files\Common Files\Apple 2009-09-11 14:31 . 2000-09-21 07:21 1056768 ----a-w- c:\windows\system32\Roboex32.dll 2009-09-11 14:09 . 2009-09-11 14:09 -------- d-----w- c:\program files\Grafica . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-09 13:39 . 2009-05-04 10:24 -------- d-----w- c:\users\Meine\AppData\Roaming\Skype 2009-10-09 11:50 . 2009-05-04 14:21 2828 --sha-w- c:\programdata\KGyGaAvL.sys 2009-10-09 10:55 . 2009-05-04 10:25 -------- d-----w- c:\users\Meine\AppData\Roaming\skypePM 2009-10-09 10:45 . 2008-11-23 21:21 12 ----a-w- c:\windows\bthservsdp.dat 2009-10-09 06:18 . 2009-05-05 18:08 -------- d-----w- c:\users\Meine\AppData\Roaming\uTorrent 2009-10-09 05:58 . 2009-05-05 16:59 -------- d-----w- c:\programdata\Babylon 2009-10-08 09:41 . 2009-05-04 10:12 132000 ----a-w- c:\users\Meine\AppData\Local\GDIPFONTCACHEV1.DAT 2009-10-08 06:15 . 2008-11-24 05:44 714060 ----a-w- c:\windows\system32\perfh013.dat 2009-10-08 06:15 . 2008-11-24 05:44 144496 ----a-w- c:\windows\system32\perfc013.dat 2009-10-05 10:16 . 2009-05-13 06:07 -------- d-----w- c:\program files\CCleaner 2009-10-04 14:14 . 2009-07-19 13:44 -------- d-----w- c:\program files\Google 2009-10-03 11:59 . 2009-05-04 15:54 -------- d-----w- c:\programdata\CanonIJPLM 2009-09-29 07:09 . 2008-11-23 23:44 -------- d-----w- c:\program files\HP 2009-09-25 09:08 . 2009-05-04 19:15 -------- d-----w- c:\programdata\FLEXnet 2009-09-17 17:26 . 2009-09-17 17:26 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf 2009-09-15 09:45 . 2009-05-11 07:08 -------- d-----w- c:\users\Meine\AppData\Roaming\Belastingdienst 2009-09-15 09:43 . 2009-05-11 07:07 -------- d-----w- c:\program files\Belastingdienst 2009-09-14 14:06 . 2009-08-30 08:49 -------- d-----w- c:\users\Meine\AppData\Roaming\HpUpdate 2009-09-13 08:46 . 2009-05-05 17:40 -------- d-----w- c:\programdata\WinZip 2009-09-12 11:51 . 2009-05-12 15:06 -------- d-----w- c:\program files\Bonjour 2009-09-11 14:24 . 2008-11-23 21:58 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-10 06:01 . 2009-05-04 15:01 -------- d-----w- c:\program files\Microsoft Silverlight 2009-09-09 17:08 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-09-09 17:07 . 2009-05-04 09:54 -------- d-----w- c:\programdata\Microsoft Help 2009-09-09 06:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2009-09-09 06:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2009-09-09 06:59 . 2009-08-30 10:02 -------- d-----w- c:\program files\Pap 2009-09-09 06:59 . 2009-05-14 16:39 -------- d-----w- c:\program files\Readiris Pro 11 Corporate Edition 2009-09-09 06:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2009-09-09 06:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2009-09-09 06:59 . 2009-05-20 18:44 -------- d-----w- c:\program files\Common Files\LightScribe 2009-09-09 06:59 . 2009-05-09 19:11 -------- d-----w- c:\program files\7-Zip 2009-09-09 06:59 . 2009-05-09 11:20 -------- d-----w- c:\program files\Adobe Media Player 2009-09-09 06:59 . 2009-05-05 18:14 -------- d-----w- c:\program files\Fast Image Resizer 2009-09-09 04:45 . 2009-09-09 04:45 680 ----a-w- c:\users\Meine\AppData\Local\d3d9caps.dat 2009-09-08 18:23 . 2009-09-08 17:30 -------- d-----w- c:\programdata\NOS 2009-09-02 07:59 . 2009-08-29 11:58 -------- d-----w- c:\program files\Microsoft SQL Server 2009-08-31 14:20 . 2009-08-31 14:20 10134 ----a-r- c:\users\Meine\AppData\Roaming\Microsoft\Installer\{5182C589-514F-E93C-274C-C00B9A9A3F23}\ARPPRODUCTICON.exe 2009-08-31 14:14 . 2009-08-31 14:13 119391528 ----a-w- c:\users\Meine\AppData\Roaming\Uniblue\DriverScanner\Download\pci_ven_1002_dev_9591_subsys_30fc103c8_563_3_2000.exe 2009-08-31 14:04 . 2009-06-06 15:43 -------- d-----w- c:\programdata\DriverScanner 2009-08-31 08:31 . 2009-08-31 08:31 -------- d-----w- c:\program files\PAPSMTP 2009-08-31 07:51 . 2009-08-31 07:51 -------- d-----w- c:\program files\Pap_Start 2009-08-31 07:51 . 2009-08-31 07:51 -------- d-----w- c:\program files\paptreeV4 2009-08-31 07:51 . 2009-08-31 07:51 -------- d-----w- c:\program files\fileboxv20 2009-08-31 07:25 . 2009-07-26 06:46 -------- d-----w- c:\program files\Opera 2009-08-31 06:38 . 2008-11-23 22:01 -------- d-----w- c:\programdata\Norton 2009-08-31 06:38 . 2008-11-23 22:00 -------- d-----w- c:\program files\NortonInstaller 2009-08-31 06:37 . 2008-11-23 22:01 -------- d-----w- c:\program files\Norton Internet Security 2009-08-30 10:19 . 2009-08-30 10:19 -------- d-----w- c:\programdata\Office Genuine Advantage 2009-08-29 12:03 . 2009-05-04 13:14 -------- d-----w- c:\program files\Microsoft.NET 2009-08-29 00:27 . 2009-09-02 07:42 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-08-29 00:14 . 2009-09-02 07:42 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-08-26 09:15 . 2009-08-24 17:09 -------- d-----w- c:\program files\Artisteer 2 2009-08-15 07:15 . 2009-05-04 13:59 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-08-15 07:15 . 2009-05-04 13:59 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-08-15 07:15 . 2009-05-04 13:59 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-08-14 16:27 . 2009-09-09 06:37 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-08-14 15:53 . 2009-09-09 06:37 17920 ----a-w- c:\windows\system32\netevent.dll 2009-08-14 13:49 . 2009-09-09 06:37 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2009-08-14 13:49 . 2009-09-09 06:37 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2009-08-14 13:49 . 2009-09-09 06:37 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2009-08-14 13:49 . 2009-09-09 06:37 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2009-08-14 13:49 . 2009-09-09 06:37 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2009-08-14 13:49 . 2009-09-09 06:37 19968 ----a-w- c:\windows\system32\ARP.EXE 2009-08-14 13:49 . 2009-09-09 06:37 10240 ----a-w- c:\windows\system32\finger.exe 2009-08-14 13:48 . 2009-09-09 06:37 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2009-08-14 13:48 . 2009-09-09 06:37 105984 ----a-w- c:\windows\system32\netiohlp.dll 2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.DLL 2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll 2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe 2009-07-25 03:23 . 2009-05-04 10:25 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-07-21 21:52 . 2009-07-28 17:55 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-21 21:47 . 2009-07-28 17:55 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-07-21 21:47 . 2009-07-28 17:55 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-07-21 20:33 . 2009-07-21 20:33 409088 ----a-w- c:\windows\system32\drivers\stwrt.sys 2009-07-21 20:33 . 2009-07-21 20:33 405504 ----a-w- c:\windows\system32\stcplx.dll 2009-07-21 20:33 . 2009-05-04 09:18 536576 ----a-w- c:\windows\system32\idtmini1.exe 2009-07-21 20:33 . 2009-05-04 09:18 458844 ----a-w- c:\windows\sttray.exe 2009-07-21 20:33 . 2009-05-04 09:18 3600384 ----a-w- c:\windows\system32\stlang.dll 2009-07-21 20:33 . 2009-05-04 09:17 175616 ----a-w- c:\windows\system32\staco.dll 2009-07-21 20:33 . 2009-05-04 09:17 915456 ----a-w- c:\windows\system32\stapo.dll 2009-07-21 20:33 . 2009-05-04 09:17 490496 ----a-w- c:\windows\system32\stapi32.dll 2009-07-21 20:13 . 2009-07-28 17:55 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-17 13:54 . 2009-08-13 02:42 71680 ----a-w- c:\windows\system32\atl.dll 2009-07-15 12:40 . 2009-08-13 02:41 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-07-15 12:39 . 2009-08-13 02:41 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-15 12:39 . 2009-08-13 02:41 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-07-15 12:39 . 2009-08-13 02:41 7680 ----a-w- c:\windows\system32\spwmp.dll 2009-07-11 19:01 . 2009-09-09 06:36 302592 ----a-w- c:\windows\system32\wlansec.dll 2009-07-11 19:01 . 2009-09-09 06:36 293376 ----a-w- c:\windows\system32\wlanmsm.dll 2009-07-11 19:01 . 2009-09-09 06:36 513536 ----a-w- c:\windows\system32\wlansvc.dll 2009-07-11 19:01 . 2009-09-09 06:36 65024 ----a-w- c:\windows\system32\wlanapi.dll 2009-07-11 17:03 . 2009-09-09 06:36 127488 ----a-w- c:\windows\system32\L2SecHC.dll 2008-11-24 06:04 . 2008-11-24 05:46 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-07-16 25604904] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "googletalk"="c:\users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-09-23 912688] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752] "TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-02-09 206120] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-04 2023704] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-25 652624] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-09-13 1603152] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "GoMail Scheduler"="c:\program files\ExecuteIT\GoMail Standard Edition\\gschedule.exe" [2009-05-10 131072] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-08 305440] "Mobile Connectivity Suite"="c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" [2009-05-27 598016] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608] Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2008-10-2 546288] web'n'walk Manager.lnk - c:\program files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe [2008-7-7 1426944] WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-6-19 525640] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll c:\windows\System32\acaptuser32.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^Meine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] path=c:\users\Meine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):55,42,a3,97,3c,01,ca,01 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{D24BC98D-7877-46A2-8AAD-F1B06A99B8F4}"= c:\program files\CyberLink\PowerDirector\PDR.EXE:CyberLink PowerDirector "{11974441-65C1-4636-A28C-7B08F70A0F81}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe:HP TouchSmart Music "{D4D32EC7-133D-4AD4-90AD-25A49C0C5B39}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe:HP TouchSmart Photo "{A9BADA5B-C1D6-40AC-9242-9447FF7A6262}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe:HP TouchSmart Video "{8F06C242-258F-4304-8D2D-0F2830A5B75B}"= c:\program files\Hewlett-Packard\Media\DVD\TSMAgent.exe:HP TouchSmart Media Resident Program "{6B5E1A00-BAC7-4D4F-8D70-CBF7E222E1E6}"= c:\program files\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe:CyberLink Media Service "{9822AE59-82D0-419E-A610-BB285777F124}"= c:\program files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe:HP MediaSmart DVD "{41E3E04E-54D5-4477-97F0-1F5B6E99BE2E}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe:HP TouchSmart Music "{A758E763-FCEB-4F8A-848F-F361090B19A3}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe:HP TouchSmart Photo "{801F88CE-B3A4-4735-916F-A53164CDA738}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe:HP TouchSmart Video "{F148D5EC-B1C6-4FCA-8748-4D437A8824C9}"= c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe:HP TouchSmart Media Resident Program "{5E4B6751-2B28-4ADD-959D-A20B1CB78114}"= c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe:CyberLink Media Service "{B3112172-5160-4790-B23D-4A9F7AF73955}"= c:\program files\Skype\Phone\Skype.exe:Skype "{D7580845-F9AC-4AFE-851E-EEC04DE7AD7C}"= c:\program files\Hewlett-Packard\Media\TV\QP.exe:Quick Play "{7F5A2B11-5161-4EDD-9353-7D4023D9A957}"= c:\program files\Hewlett-Packard\Media\TV\QPService.exe:Quick Play Resident Program "{C43416C5-2E13-4F97-B5DE-5B8BB6C4313E}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{81C86DF0-243F-4E41-8F19-0CCA80B46091}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{82F05377-839A-4131-8E31-1B74B018B771}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{1ABA3AD1-6A27-4524-8195-8C7A759A746F}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{996C4925-AD27-441C-8A0F-05364B4061C1}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{BD199F10-3D58-40EF-A58D-7AD9E57043A4}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "{9CCB305C-7DAC-4B66-A670-BA08C7A4CE68}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe "{CCA020BB-658B-491A-89A2-24E5D5F1DDB9}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{0665C0F4-19B0-4920-85CD-2444B142A3AD}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "{CB3A9E33-752D-40BB-BA9D-84C6F2D7323C}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{C7E40F11-906B-45A5-A3B4-E2A1D1321BE0}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{732CEF63-D873-43C0-9A5D-3B9D05B01CDC}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{7E02F4ED-2865-4576-9AD2-B74AD2E2642A}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes R0 RRamdisk;Ramdisk Driver;c:\windows\System32\drivers\rramdisk.sys [20-5-2009 14:30 10368] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [4-5-2009 15:59 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [4-5-2009 15:59 108552] R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};c:\program files\Hewlett-Packard\Media\DVD\000.fcl [26-9-2008 2:36 59376] R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\AEstSrv.exe [2-3-2009 18:43 81920] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [4-5-2009 15:59 297752] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21-1-2008 4:23 21504] R2 GtDetectSc;GtDetectSc;c:\program files\T-Mobile\web'n'walk Manager\GtDetectSc.exe [18-12-2007 12:48 196704] R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18-3-2008 16:24 19456] R2 MSSQL$PAPEXPRESS;SQL Server (PAPEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24-11-2008 22:31 29263712] R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [24-11-2008 1:54 365952] R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [29-4-2009 15:17 185640] R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [9-2-2009 18:14 296320] R2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [9-2-2009 18:14 116096] R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [24-11-2008 0:15 193840] R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [24-1-2008 15:23 52736] R3 usbfilter;AMD USB Filter Driver;c:\windows\System32\drivers\usbfilter.sys [4-5-2009 11:59 22072] S2 gupdate1ca08772da920b2;Google Updateservice (gupdate1ca08772da920b2);c:\program files\Google\Update\GoogleUpdate.exe [19-7-2009 15:45 133104] S2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [24-11-2008 0:01 115560] S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\System32\drivers\Gt51Ip.sys [18-2-2008 16:14 106624] S3 GT72UBUS;GT 72 U BUS;c:\windows\System32\drivers\gt72ubus.sys [8-2-2008 12:00 59648] S3 GTPTSER;GT PT SER;c:\windows\System32\drivers\gtptser.sys [30-3-2007 12:38 8064] S3 HTCAND32;HTC Device Driver;c:\windows\System32\drivers\ANDROIDUSB.sys [18-9-2009 9:01 24576] S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [21-7-2008 12:53 100184] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . Inhoud van de 'Gedeelde Taken' map 2009-10-09 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-19 13:44] 2009-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-19 13:45] 2009-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-19 13:45] 2009-10-04 c:\windows\Tasks\HPCeeScheduleForMeine.job - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-11-23 10:34] 2009-10-09 c:\windows\Tasks\User_Feed_Synchronization-{187FF7BF-58C5-4895-9892-AE44757E7C95}.job - c:\windows\system32\msfeedssync.exe [2009-07-28 20:13] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb uInternet Settings,ProxyOverride = *.local IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert link target to existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Translate with &Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm TCP: {A76EAEC2-ADE8-46D3-AB78-AE6FE77E3649} = 208.67.222.222,208.67.220.220 TCP: {BB213A3A-B7CC-483F-BB3E-4D4672AD4807} = 208.67.222.222,208.67.220.220 DPF: {54D53429-945C-4188-B460-C81356541882} - hxxp://photosmart.hpphoto.com/Download/HPeServicesLocalPrint.CAB . - - - - ORPHANS VERWIJDERD - - - - HKCU-Run-AdobeBridge - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-09 15:45 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}] "ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl" . Voltooingstijd: 2009-10-09 15:49 ComboFix-quarantined-files.txt 2009-10-09 13:49 Pre-Run: 116.724.903.936 bytes beschikbaar Post-Run: 116.959.875.072 bytes beschikbaar 335 --- E O F --- 2009-10-09 01:06
  • Hallo Meine, Combofix mag je nu verwijderen: ga naar [b:88ea71e180]Start / Zoekregel[/b:88ea71e180], kopiëer en plak [b:88ea71e180]Combofix /U[/b:88ea71e180] in het zoek-venster, gebruik de Entertoets. Het Combofix log toont aan, netzoals de Uninstalllijst, dat je twee antivirusprodukten in je Windows hebt zitten! [b:88ea71e180]- welke moet nu verwijderd worden: Norton of AVG - want voor beide zijn er speciale verwijdertools![/b:88ea71e180] [b:88ea71e180]Java runtime dient net zoals de Adobe Flashplayer altijd actueel te zijn! Hou het altijd op één geïnstalleerde Java-runtime![/b:88ea71e180] Download naar je bureaublad : [url=http://www.java.com/en/download/manual.jsp][i:88ea71e180][b:88ea71e180]Java SE Runtime Environment (JRE) 6 update 16[/b:88ea71e180] (KLIK)[/i:88ea71e180][/url] Nu ga je eerst naar [b:88ea71e180]Configuratiescherm /Programma's en onderdelen[/b:88ea71e180] en dan verwijder je [b:88ea71e180] Java(TM) 6 Update 15 Java(TM) 6 Update 7 [/b:88ea71e180]. Hierna de computer opnieuw starten! Daarna kan je de nieuwe versie van Java installeren!
  • Oké.... heb alle instructies gevolgd. Norton graag verwijderen, AVG behouden... Wat nu???
  • Download het Norton verwijderingstool en voer het uit: http://service1.symantec.com/support/inter/tsgeninfointl.nsf/nl_docid/20050411155130924?OpenDocument&seg=hm&lg=nl&ct=nl Succes ermee. Nadat je machine een herstart heeft ondergaan, post daarna een nieuw HJT-log ter controle.
  • Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:16:17, on 10-10-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Common Files\Teleca Shared\logger.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Windows\system32\conime.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\HTC\HTC Sync\Sync Manager\syncindicator.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [GoMail Scheduler] C:\Program Files\ExecuteIT\GoMail Standard Edition\\gschedule.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [googletalk] C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe O4 - Global Startup: web'n'walk Manager.lnk = C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) - http://photosmart.hpphoto.com/Download/HPeServicesLocalPrint.CAB O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1241683251658 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A76EAEC2-ADE8-46D3-AB78-AE6FE77E3649}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CCS\Services\Tcpip\..\{BB213A3A-B7CC-483F-BB3E-4D4672AD4807}: NameServer = 208.67.222.222,208.67.220.220 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll C:\Windows\System32\acaptuser32.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: GtDetectSc - OptionNV - C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe O23 - Service: Google Updateservice (gupdate1ca08772da920b2) (gupdate1ca08772da920b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 14712 bytes
  • Hallo Meine, hoe is het momenteel gesteld met het internetten. Heb je nog last van allerei popups? Is het je bekend dat je een logger in je Windows hebt zitten? - [b:c1db68d8c2]C:\Program Files\Common Files\Teleca Shared\logger.exe[/b:c1db68d8c2]
  • Internet gaat goed en tot nu toe geen popups. En eh.... het is mij niet bekend dat er een logger in mijn Windows zit. Hoe krijg ik die weg dan?
  • Hallo Meine, je kijkt eerst in [b:6e68a38f0d]Taakbeheer / Processen[/b:6e68a38f0d] of daar [b:6e68a38f0d]logger.exe[/b:6e68a38f0d] te vinden is - zoja dan middels rechtsklik erop uitschakelen! Daarna ga je naar [b:6e68a38f0d]C:\Program Files\Common Files\Teleca Shared\[/b:6e68a38f0d]en verwijder je daar handmatig [b:6e68a38f0d]logger.exe[/b:6e68a38f0d] Start daarna je PC opnieuw op en post een nieuw HJT-log, om te controleren, of de operatie succesvol is.
  • Oké, die logger is verwijderd.... opnieuw opgestart en dan komt er een foutmelding dat één of andere Launcher niet kan worden gestart ???? En trouwens wat doet zo'n logger eigenlijk? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:09:23, on 10-10-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Windows\system32\conime.exe C:\Windows\system32\wuauclt.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [GoMail Scheduler] C:\Program Files\ExecuteIT\GoMail Standard Edition\\gschedule.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [googletalk] C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe O4 - Global Startup: web'n'walk Manager.lnk = C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) - http://photosmart.hpphoto.com/Download/HPeServicesLocalPrint.CAB O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1241683251658 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A76EAEC2-ADE8-46D3-AB78-AE6FE77E3649}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CCS\Services\Tcpip\..\{BB213A3A-B7CC-483F-BB3E-4D4672AD4807}: NameServer = 208.67.222.222,208.67.220.220 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll C:\Windows\System32\acaptuser32.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: GtDetectSc - OptionNV - C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe O23 - Service: Google Updateservice (gupdate1ca08772da920b2) (gupdate1ca08772da920b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 13885 bytes
  • Hallo Meine, een logger slaat elke toetsaanslag van jou op en verzend met regelmaat al die gegevens. Internetcriminelen proberen op deze wijze aan wachtwoorden enz. te komen - ultimo om je bankrekening te kunnen plunderen! Kun je aangeven wat die foutmelding precies aangeeft?
  • Applicatin Launcher.exe - Kan onderdeel niet vinden Deze toepassing kan niet worden gestart omdat tlib_log.dll niet kan worden gevonden. Het opnieuw instaleren van deze toepassing kan het probleem oplossen.
  • Ga naar [b:9194691c50]Start / Zoekregel[/b:9194691c50] en typ [b:9194691c50]msconfig[/b:9194691c50] en dan klik je op de tab [b:9194691c50]Opstarten[/b:9194691c50] Ga in de lijst van opstartgegevens op zoek naar [b:9194691c50]Teleca[/b:9194691c50] en verwijder dan het/de vinkje(s) ervoor. Log dan even uit en dan weer in en wacht af of de melding nogmaals bovenkomt!
  • Teleca niet te vinden in opstart gegevens
  • Ga dan nu wederom naar Start / Zoekregel en typ [b:467ac31e8d]services.msc[/b:467ac31e8d] Maak het venster Services groot, verbreed desnoods ook de kolom [b:467ac31e8d]Naam[/b:467ac31e8d] en zoek daar naar [b:467ac31e8d]Teleca[/b:467ac31e8d]

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.