Complitly verwijderen

maarten

25-03-2012 15:01

Hierbij de logjes gaarne bericht.
groeten maarten
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:58:13, on 25-3-2012
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Trend Micro\Hijackthis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchya.com/?chnl=ft-100&s=1&cr=1007446503&cd=2XzutAtN2Y1L1QzutDtDtCyCyEyEyCyBzzyD0A0CyC0EzyzztAtN0D0TzutBtDtCtBtDtBtCtC&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Complitly - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\BIJNS\AppData\Roaming\Complitly\Complitly.dll
O4 - HKLM\..\Run: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: RtHDVCpl.exe
O4 - HKLM\..\Run: “C:\Program Files\Launch Manager\HotkeyApp.exe”
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: c:\RecInfo\RecInfo.exe
O4 - HKLM\..\Run: RecInfo.exe
O4 - HKLM\..\Run: KHALMNPR.EXE
O4 - HKLM\..\Run: C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM\..\Run: C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM\..\Run: “C:\Program Files\DivX\DivX Update\DivXUpdate.exe” /CHECKNOW
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\ISStart.exe /RegAll
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll”,DllRegisterServer
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033
O4 - HKCU\..\Run: “C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe” -automount
O4 - HKCU\..\Run: “C:\Program Files\Uniblue\DriverScanner\launcher.exe” delay 20000
O4 - HKCU\..\Run: C:\Users\BIJNS\AppData\Roaming\dropped.exe
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU\..\Run: “C:\Program Files\Logitech\Video\ManifestEngine.exe” boot
O4 - HKCU\..\RunOnce: C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\Run: rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra ‘Tools’ menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updateservice (gupdate1ca2b12cc9bf89) (gupdate1ca2b12cc9bf89) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Lexar Media, Inc. - C:\Windows\system32\LxrSII1s.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
–
End of file - 10939 bytes
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Databaseversie: v2012.03.23.05
Windows Vista x86 NTFS
Internet Explorer 7.0.6000.17037
BIJNS :: PCVANBIJNS
25-3-2012 13:34:34
mbam-log-2012-03-25 (13-34-34).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 185654
Verstreken tijd: 9 minuut/minuten, 32 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Jos H

25-03-2012 15:16

Hallo Maarten
Maak eerst even dat je updates van Vista compleet zijn, mis hier SP1 en 2.
maarten

25-03-2012 15:32

Hoi Jos thanks voor de snelle reactie. Ik heb eeb windows update uitgevoerd en deze zegt dat er geen updates zijn.
Jos H

25-03-2012 18:20

Deze moet je hebben , anders ben je niet up to date. Platform: Windows Vista SP2 (WinNT 6.00
maarten

25-03-2012 19:27

Ok ga er mee aan de slag en meld me weer. thanks.
maarten

26-03-2012 11:46

Hoi Jos.
SP1 en SP2 geinstalleerd en alle stappen opnieuw gedaan. hier de nieuwe logjes.
Groeten Maarten.
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Databaseversie: v2012.03.23.05
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
BIJNS :: PCVANBIJNS
26-3-2012 11:07:09
mbam-log-2012-03-26 (11-07-09).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 186188
Verstreken tijd: 7 minuut/minuten, 49 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:58:13, on 25-3-2012
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Trend Micro\Hijackthis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchya.com/?chnl=ft-100&s=1&cr=1007446503&cd=2XzutAtN2Y1L1QzutDtDtCyCyEyEyCyBzzyD0A0CyC0EzyzztAtN0D0TzutBtDtCtBtDtBtCtC&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Complitly - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\BIJNS\AppData\Roaming\Complitly\Complitly.dll
O4 - HKLM\..\Run: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: RtHDVCpl.exe
O4 - HKLM\..\Run: “C:\Program Files\Launch Manager\HotkeyApp.exe”
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: c:\RecInfo\RecInfo.exe
O4 - HKLM\..\Run: RecInfo.exe
O4 - HKLM\..\Run: KHALMNPR.EXE
O4 - HKLM\..\Run: C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM\..\Run: C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM\..\Run: “C:\Program Files\DivX\DivX Update\DivXUpdate.exe” /CHECKNOW
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\ISStart.exe /RegAll
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll”,DllRegisterServer
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033
O4 - HKCU\..\Run: “C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe” -automount
O4 - HKCU\..\Run: “C:\Program Files\Uniblue\DriverScanner\launcher.exe” delay 20000
O4 - HKCU\..\Run: C:\Users\BIJNS\AppData\Roaming\dropped.exe
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU\..\Run: “C:\Program Files\Logitech\Video\ManifestEngine.exe” boot
O4 - HKCU\..\RunOnce: C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\Run: rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra ‘Tools’ menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updateservice (gupdate1ca2b12cc9bf89) (gupdate1ca2b12cc9bf89) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Lexar Media, Inc. - C:\Windows\system32\LxrSII1s.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
–
End of file - 10939 bytes
fazantje

26-03-2012 11:51

Hoi Maarten,
Zou je een nieuw HijackThis logje willen maken, want je hebt nu het logje van gisteren geplaatst, zie:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:58:13, on 25-3-2012
Platform: Windows Vista (WinNT 6.00.1904)
Ga naar: C - program files - trend micro - hijackthis.
Klik nu met jou rechtermuisknop op de rode hijackthis.exe en kies dan voor Als administrator uitvoeren.
Plaats het logje wat je nu krijgt even hier.
Succes,
Huib;)
maarten

26-03-2012 12:20

dan moet dit de nieuwe zijn. Thanks.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:18:46, on 26-3-2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\System32\wsqmcons.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchya.com/?chnl=ft-100&s=1&cr=1007446503&cd=2XzutAtN2Y1L1QzutDtDtCyCyEyEyCyBzzyD0A0CyC0EzyzztAtN0D0TzutBtDtCtBtDtBtCtC&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Complitly - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\BIJNS\AppData\Roaming\Complitly\Complitly.dll
O4 - HKLM\..\Run: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: RtHDVCpl.exe
O4 - HKLM\..\Run: “C:\Program Files\Launch Manager\HotkeyApp.exe”
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: c:\RecInfo\RecInfo.exe
O4 - HKLM\..\Run: RecInfo.exe
O4 - HKLM\..\Run: KHALMNPR.EXE
O4 - HKLM\..\Run: C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM\..\Run: C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM\..\Run: “C:\Program Files\DivX\DivX Update\DivXUpdate.exe” /CHECKNOW
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\ISStart.exe /RegAll
O4 - HKLM\..\Run: Skytel.exe
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll”,DllRegisterServer
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033
O4 - HKCU\..\Run: “C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe” -automount
O4 - HKCU\..\Run: “C:\Program Files\Uniblue\DriverScanner\launcher.exe” delay 20000
O4 - HKCU\..\Run: C:\Users\BIJNS\AppData\Roaming\dropped.exe
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU\..\Run: “C:\Program Files\Logitech\Video\ManifestEngine.exe” boot
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\Run: rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra ‘Tools’ menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updateservice (gupdate1ca2b12cc9bf89) (gupdate1ca2b12cc9bf89) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Lexar Media, Inc. - C:\Windows\system32\LxrSII1s.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
–
End of file - 10751 bytes
Ben

26-03-2012 20:29

Hallo maarten,
Doe onderstaande stappen:
1.Schakel tijdelijk Windows Defender uit
Want deze kan voor stoorzender spelen bij het fixen met HJT (de fix terug ongedaan maken)
* Open Windows Defender > Klik Tools of Hulpprogramma´s¨
* Klik "General Settings" of Options
* Scroll naar "Real Time Protection Options" of Real-timebeveiliging
* Haal het vinkje weg bij "Turn on Real Time Protection (recommended)" of Real-time-beveiliging gebruiken > Klik "Save" of Opslaan
* Sluit Windows Defender
(als de problemen over zijn, logje weer schoon verklaard is, kan je 'm weer aanzetten)
2. Start HijackThis;
Klik met de rechtermuis op het programma Hijackthis en kies voor “Uitvoeren als Administrator”
Kies voor ‘Do a system scan only’.
Selecteer alle regels die hier onder staan.
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Complitly - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\BIJNS\AppData\Roaming\Complitly\Complitly.dll
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll”,DllRegisterServer
O4 - HKLM\..\RunOnce: “C:\Windows\system32\rundll32.exe” “C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll”,DllRegisterServer
Verwijder onderstaande regels als je PartyPoker niet speelt:
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra ‘Tools’ menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
Sluit alle open vensters(behalve HijackThis), klik daarna op Fix checked en bevestig het door in het volgende scherm op Ja te klikken.
3. Download ComboFix van >>Hier<<, tevens kunt u daar lezen hoe u Combofix dient te gebruiken.
* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
- Bij Windows XP gebruikers zal er indien nodig gevraagd worden om de "Recovery Console" te installeren, sta dit dan toe (hiervoor is een actieve internet verbinding vereist)
- Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.
* ( hier of hier staat een handleiding over hoe je deze kan uitschakelen)
- Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
- Dubbelklik op "Combofix.exe" om de tool te starten.
- Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de ‘tool’ vastlopen.
* Noot !!! Als er een error wordt getoond met de melding “Illegal operation attempted on a registery key that has been marked for deletion.” herstart dan de computer.
- Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
4. Plaats hierna het ComboFixlogje en een nieuw HijackThis logje en vertel erbij hoe het gaat.
Gr.Ben
Antivirusprikbord
maarten

27-03-2012 09:29

een goed resultaat het lijkt erop dat de toolbar weg is!
hier de nieuwe logjes. Thanks.!
ComboFix 12-03-26.04 - BIJNS 27-03-2012 8:05.1.1 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.2038.1086
Gestart vanuit: c:\users\BIJNS\Desktop\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\LanGpaCK
c:\langpack\Lang.txt
c:\windows\bwUnin-8.1.1.50-8876480SL.exe
c:\windows\IsUn0413.exe
c:\windows\iun6002.exe
c:\windows\security\Database\tmp.edb
c:\windows\system32\drivers\etc\hosts.ics
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-02-27 to 2012-03-27 ))))))))))))))))))))))))))))))
.
.
2012-03-27 06:15 . 2012-03-27 06:16 ——– d—–w- c:\users\BIJNS\AppData\Local\temp
2012-03-27 06:15 . 2012-03-27 06:15 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-03-27 01:02 . 2012-03-27 01:02 386560 —-a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-03-27 01:02 . 2012-03-27 01:02 22016 —-a-w- c:\program files\Internet Explorer\ExtExport.exe
2012-03-27 01:02 . 2012-03-27 01:02 149504 —-a-w- c:\program files\Internet Explorer\jsprofilerui.dll
2012-03-26 19:14 . 2012-03-20 01:53 6582328 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B6BFDE9C-FB2A-414F-9FD0-7DB81532EA27}\mpengine.dll
2012-03-26 08:30 . 2012-03-26 08:30 ——– d—–w- c:\program files\Windows Portable Devices
2012-03-26 08:12 . 2009-09-10 02:00 1164800 —-a-w- c:\windows\system32\UIRibbonRes.dll
2012-03-26 08:12 . 2009-09-10 02:00 92672 —-a-w- c:\windows\system32\UIAnimation.dll
2012-03-26 08:12 . 2009-09-10 02:01 3023360 —-a-w- c:\windows\system32\UIRibbon.dll
2012-03-26 08:11 . 2009-09-25 01:33 369664 —-a-w- c:\windows\system32\WMPhoto.dll
2012-03-26 08:11 . 2009-09-25 02:10 974848 —-a-w- c:\windows\system32\WindowsCodecs.dll
2012-03-26 08:11 . 2009-09-25 02:07 189440 —-a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-03-26 08:11 . 2009-09-25 02:04 321024 —-a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-03-26 08:11 . 2009-09-25 01:33 195584 —-a-w- c:\windows\system32\dxdiagn.dll
2012-03-26 08:11 . 2009-09-25 01:32 252928 —-a-w- c:\windows\system32\dxdiag.exe
2012-03-26 08:11 . 2009-09-25 01:31 519680 —-a-w- c:\windows\system32\d3d11.dll
2012-03-26 07:21 . 2009-10-09 21:56 2048 —-a-w- c:\windows\system32\winrsmgr.dll
2012-03-26 07:18 . 2010-08-26 16:37 157184 —-a-w- c:\windows\system32\t2embed.dll
2012-03-26 07:17 . 2010-09-06 16:20 125952 —-a-w- c:\windows\system32\srvsvc.dll
2012-03-26 07:17 . 2010-09-06 16:19 17920 —-a-w- c:\windows\system32\netevent.dll
2012-03-26 07:16 . 2011-02-22 13:23 69632 —-a-w- c:\windows\system32\drivers\bowser.sys
2012-03-26 07:16 . 2010-06-28 17:00 1316864 —-a-w- c:\windows\system32\ole32.dll
2012-03-26 07:16 . 2010-06-28 14:54 339968 —-a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2012-03-26 07:16 . 2010-01-29 15:40 1616384 —-a-w- c:\program files\Windows Mail\msoe.dll
2012-03-26 07:16 . 2011-07-06 15:31 214016 —-a-w- c:\windows\system32\drivers\mrxsmb10.sys
2012-03-26 07:16 . 2011-04-29 13:24 79872 —-a-w- c:\windows\system32\drivers\mrxsmb20.sys
2012-03-26 07:16 . 2011-04-29 13:24 106496 —-a-w- c:\windows\system32\drivers\mrxsmb.sys
2012-03-26 07:16 . 2011-02-16 14:02 292864 —-a-w- c:\windows\system32\atmfd.dll
2012-03-26 07:16 . 2011-02-16 16:16 34304 —-a-w- c:\windows\system32\atmlib.dll
2012-03-26 07:16 . 2010-06-16 15:30 72704 —-a-w- c:\windows\system32\fontsub.dll
2012-03-26 07:16 . 2011-03-10 17:03 1162240 —-a-w- c:\windows\system32\mfc42u.dll
2012-03-26 07:16 . 2011-03-10 17:03 1136640 —-a-w- c:\windows\system32\mfc42.dll
2012-03-26 07:14 . 2010-08-26 16:34 1696256 —-a-w- c:\windows\system32\gameux.dll
2012-03-26 07:14 . 2011-03-03 15:40 28672 —-a-w- c:\windows\system32\Apphlpdm.dll
2012-03-26 07:14 . 2011-03-03 13:35 4240384 —-a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2012-03-26 07:14 . 2010-06-17 18:08 10926592 —-a-w- c:\program files\Movie Maker\MOVIEMK.dll
2012-03-26 07:14 . 2010-06-17 16:16 150016 —-a-w- c:\program files\Movie Maker\MOVIEMK.exe
2012-03-26 07:14 . 2011-04-29 13:25 146432 —-a-w- c:\windows\system32\drivers\srv2.sys
2012-03-26 07:14 . 2011-04-29 13:25 102400 —-a-w- c:\windows\system32\drivers\srvnet.sys
2012-03-26 07:13 . 2010-12-14 14:49 1169408 —-a-w- c:\windows\system32\sdclt.exe
2012-03-26 07:13 . 2010-06-18 17:31 36864 —-a-w- c:\windows\system32\rtutils.dll
2012-03-26 07:13 . 2010-04-05 17:02 317952 —-a-w- c:\windows\system32\MP4SDECD.DLL
2012-03-26 07:13 . 2011-11-18 17:47 66560 —-a-w- c:\windows\system32\packager.dll
2012-03-26 07:13 . 2011-12-14 16:17 680448 —-a-w- c:\windows\system32\msvcrt.dll
2012-03-26 07:13 . 2011-11-08 14:42 2048 —-a-w- c:\windows\system32\tzres.dll
2012-03-26 07:04 . 2011-08-25 16:15 555520 —-a-w- c:\windows\system32\UIAutomationCore.dll
2012-03-26 07:04 . 2011-08-25 16:14 563712 —-a-w- c:\windows\system32\oleaut32.dll
2012-03-26 07:04 . 2011-08-25 16:14 238080 —-a-w- c:\windows\system32\oleacc.dll
2012-03-26 07:04 . 2011-08-25 13:31 4096 —-a-w- c:\windows\system32\oleaccrc.dll
2012-03-26 07:03 . 2012-01-31 10:59 2409784 —-a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-03-26 07:03 . 2010-11-04 18:55 352768 —-a-w- c:\windows\system32\taskschd.dll
2012-03-26 07:03 . 2010-11-04 18:55 601600 —-a-w- c:\windows\system32\schedsvc.dll
2012-03-26 07:03 . 2010-11-04 18:56 345600 —-a-w- c:\windows\system32\wmicmiplugin.dll
2012-03-26 07:03 . 2010-11-04 18:55 270336 —-a-w- c:\windows\system32\taskcomp.dll
2012-03-26 07:03 . 2010-11-04 16:34 171520 —-a-w- c:\windows\system32\taskeng.exe
2012-03-26 07:00 . 2011-10-25 15:58 1314816 —-a-w- c:\windows\system32\quartz.dll
2012-03-26 07:00 . 2011-10-25 15:58 497152 —-a-w- c:\windows\system32\qdvd.dll
2012-03-26 07:00 . 2010-12-29 18:28 322560 —-a-w- c:\windows\system32\sbe.dll
2012-03-26 07:00 . 2010-12-29 18:28 153088 —-a-w- c:\windows\system32\sbeio.dll
2012-03-26 07:00 . 2010-12-29 18:26 177664 —-a-w- c:\windows\system32\mpg2splt.ax
2012-03-26 07:00 . 2011-05-02 17:16 739328 —-a-w- c:\windows\system32\inetcomm.dll
2012-03-26 07:00 . 2010-08-31 15:44 531968 —-a-w- c:\windows\system32\comctl32.dll
2012-03-26 06:58 . 2011-10-25 15:56 49152 —-a-w- c:\windows\system32\csrsrv.dll
2012-03-26 06:58 . 2010-05-04 19:13 231424 —-a-w- c:\windows\system32\msshsq.dll
2012-03-26 06:50 . 2012-01-09 15:54 613376 —-a-w- c:\windows\system32\rdpencom.dll
2012-03-26 06:50 . 2012-01-09 13:58 180736 —-a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-26 05:59 . 2012-03-26 06:00 ——– d—–w- c:\windows\system32\ca-ES
2012-03-26 05:59 . 2012-03-26 06:00 ——– d—–w- c:\windows\system32\eu-ES
2012-03-26 05:59 . 2012-03-26 06:00 ——– d—–w- c:\windows\system32\vi-VN
2012-03-26 05:53 . 2012-03-26 05:53 ——– d—–w- c:\windows\system32\SPReview
2012-03-26 05:28 . 2009-04-10 21:28 928768 —-a-w- c:\windows\system32\scavenge.dll
2012-03-26 05:28 . 2009-04-10 21:27 57856 —-a-w- c:\windows\system32\compcln.exe
2012-03-26 05:18 . 2009-04-10 21:28 97792 —-a-w- c:\windows\system32\oleprn.dll
2012-03-26 05:17 . 2009-04-10 21:28 560640 —-a-w- c:\windows\system32\msdtcprx.dll
2012-03-26 05:16 . 2009-04-10 21:28 1524736 —-a-w- c:\windows\system32\WindowsAnytimeUpgradeCPL.dll
2012-03-26 05:15 . 2009-04-10 21:28 663552 —-a-w- c:\program files\Common Files\System\Ole DB\sqloledb.dll
2012-03-25 15:12 . 2012-03-25 15:12 ——– d—–w- C:\PerfLogs
2012-03-25 14:18 . 2008-01-18 21:36 6656 —-a-w- c:\windows\system32\sdspres.dll
2012-03-25 14:18 . 2008-01-18 21:33 193024 —-a-w- c:\windows\system32\recdisc.exe
2012-03-25 14:17 . 2008-01-18 21:36 28160 —-a-w- c:\windows\system32\sxproxy.dll
2012-03-25 14:08 . 2008-01-18 21:35 48128 —-a-w- c:\windows\system32\nlaapi.dll
2012-03-25 14:07 . 2008-01-18 21:34 159232 —-a-w- c:\windows\system32\dinput8.dll
2012-03-25 14:06 . 2008-01-18 21:34 87552 —-a-w- c:\windows\system32\icfupgd.dll
2012-03-25 14:05 . 2008-01-18 21:36 56320 —-a-w- c:\windows\system32\tbssvc.dll
2012-03-25 14:00 . 2012-03-25 14:00 ——– d—–w- C:\cd077ecdae0b379624adc2e6b313
2012-03-25 13:55 . 2012-03-25 13:55 ——– d—–w- c:\windows\system32\EventProviders
2012-03-25 12:57 . 2012-03-25 12:57 ——– d—–w- c:\program files\Trend Micro
2012-03-25 11:23 . 2012-03-25 11:23 ——– d—–w- c:\programdata\HitmanPro
2012-03-24 12:15 . 2012-03-24 12:15 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
2012-03-24 12:15 . 2011-12-10 14:24 20464 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-03-22 19:11 . 2011-04-27 14:37 149456 —-a-w- c:\windows\SGDetectionTool.dll0302.old
2012-03-22 19:11 . 2011-04-27 14:37 2074576 —-a-w- c:\windows\PCTBDCore.dll0302.old
2012-03-22 19:11 . 2011-04-27 14:36 767952 —-a-w- c:\windows\BDTSupport.dll0302.old
2012-03-22 19:07 . 2012-03-23 09:40 ——– d—–w- c:\program files\PC Tools Security
2012-03-22 19:07 . 2012-03-23 09:40 ——– d—–w- c:\program files\Common Files\PC Tools
2012-03-20 23:17 . 2012-03-21 07:56 ——– d—–w- C:\sh4ldr
2012-03-20 23:17 . 2012-03-20 23:17 ——– d—–w- c:\program files\Enigma Software Group
2012-03-20 23:16 . 2012-03-21 07:56 ——– d—–w- c:\windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP
2012-03-20 23:16 . 2012-03-20 23:16 ——– d—–w- c:\program files\Common Files\Wise Installation Wizard
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-25 14:59 . 2006-11-02 10:32 101888 —-a-w- c:\windows\system32\ifxcardm.dll
2012-03-25 14:59 . 2006-11-02 10:32 82432 —-a-w- c:\windows\system32\axaltocm.dll
2012-02-23 07:18 . 2009-10-03 16:45 237072 ——w- c:\windows\system32\MpSigStub.exe
2012-01-12 18:37 . 2012-01-12 18:37 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
@=“{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}”
2009-10-14 19:41 150872 —-a-w- c:\windows\System32\pfmshx_359.dll
.
“ehTray.exe”=“c:\windows\ehome\ehTray.exe”
“DAEMON Tools”=“c:\program files\DAEMON Tools\daemon.exe”
“AlcoholAutomount”=“c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe”
“WMPNSCFG”=“c:\program files\Windows Media Player\WMPNSCFG.exe”
“LogitechSoftwareUpdate”=“c:\program files\Logitech\Video\ManifestEngine.exe”
.
“RtHDVCpl”=“RtHDVCpl.exe”
“HotkeyApp”=“c:\program files\Launch Manager\HotkeyApp.exe”
“SynTPStart”=“c:\program files\Synaptics\SynTP\SynTPStart.exe”
“recinfo386”=“c:\recinfo\RecInfo.exe”
“Kernel and Hardware Abstraction Layer”=“KHALMNPR.EXE”
“IgfxTray”=“c:\windows\system32\igfxtray.exe”
“HotKeysCmds”=“c:\windows\system32\hkcmd.exe”
“Persistence”=“c:\windows\system32\igfxpers.exe”
“TkBellExe”=“c:\program files\Common Files\Real\Update_OB\realsched.exe”
“NeroFilterCheck”=“c:\program files\Common Files\Ahead\Lib\NeroCheck.exe”
“QuickTime Task”=“c:\program files\QuickTime\QTTask.exe”
“iTunesHelper”=“c:\program files\iTunes\iTunesHelper.exe”
“DivXUpdate”=“c:\program files\DivX\DivX Update\DivXUpdate.exe”
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“LogitechVideoTray”=“c:\program files\Logitech\Video\LogiTray.exe”
“LogitechVideoRepair”=“c:\program files\Logitech\Video\ISStart.exe”
“Skytel”=“Skytel.exe”
.
“AvgUninstallURL”=“start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYAMwBaAEMAOQAtAEUASwBBAFIAUwAtADYAUgBXAEcAQQAtAEEAQQBUAEMAVQAtAFYAUAA5AEYATgA&inst=NwA3AC0ANAA1ADkANwA3ADIAOAAyADQALQBUADQALQBCAEEAKwAxAC0AWABMACsAMQAtAEYATAArADkALQBGADkATQA2ACsAMQAtAFgATwAzADYAKwAxAC0ARgA5AE0ANwBDACsANQAtAFgATwA5ACsAMQAtAEYAOQBNADMAKwAxAC0ARABEAFQAKwAzADIAMwAxADkALQBEAEQAOQAwAEYAKwAxAC0AUwBUADkAMABGAEEAUABQACsAMQAtAEYAOQAwAE0AMQAyAEUAVAArADEALQBUAEIATgArADEALQBVADkANQArADEALQBMADkAMABNAEoAKwAxAC0ARgA5ADAATQAxADIASgBOACsAMQA&prod=90&ver=9.0.894”
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe
.
“EnableUIADesktopToggle”= 0 (0x0)
.
2012-01-13 13:53 981680 —-a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
2009-07-26 15:44 3883856 —-a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
2010-08-02 12:47 1167808 —-a-w- c:\program files\Trojan Remover\Trjscan.exe
.
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de ‘Gedeelde Taken’ map
.
2012-03-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
.
2012-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
2012-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.startpagina.nl/
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
.
- - - - ORPHANS VERWIJDERD - - - -
.
HKCU-Run-DriverScanner - c:\program files\Uniblue\DriverScanner\launcher.exe
HKCU-Run-net - c:\users\BIJNS\AppData\Roaming\dropped.exe
HKCU-Run-Skype - c:\program files\Skype\Phone\Skype.exe
HKLM-Run-recinfo - RecInfo.exe
MSConfigStartUp-RavenBleuSA - c:\users\BIJNS\AppData\Local\RavenBleuSA\bin\1.0.11.0\RavenBleuSA.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-27 08:15
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen …
.
scannen van verborgen autostart items …
.
scannen van verborgen bestanden …
.
.
c:\users\BIJNS\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
Scan succesvol afgerond
verborgen bestanden: 1
.
**************************************************************************
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
“bbnjhpdmgmmpapcjjmccejnmcjjjolklcnhb”=hex:61,61,00,00
“abnjhpdmgmmpapcjjmdclkeedbjcocplig”=hex:61,61,00,00
.
“datasecu”=hex:f7,cc,58,90,ad,eb,57,ac,78,bd,37,97,24,cd,33,74,c6,6e,53,50,8d,
1b,ad,c8,b1,54,34,bc,4f,01,0d,04,72,c4,66,f1,13,21,ce,07,62,03,8c,29,29,df,\
“rkeysecu”=hex:af,76,ef,0d,46,4c,d7,53,b8,6b,59,6d,cc,50,91,55
.
Voltooingstijd: 2012-03-27 08:24:07
ComboFix-quarantined-files.txt 2012-03-27 06:24
.
Pre-Run: 46.932.881.408 bytes beschikbaar
Post-Run: 47.301.505.024 bytes beschikbaar
.
- - End Of File - - 21B9E45464FBE531415F10F5E84793D9
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:27:16, on 27-3-2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG\AVG2012\avgui.exe
C:\Program Files\AVG\AVG2012\avgscanx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\Hijackthis\HijackThis.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O4 - HKLM\..\Run: RtHDVCpl.exe
O4 - HKLM\..\Run: “C:\Program Files\Launch Manager\HotkeyApp.exe”
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: c:\RecInfo\RecInfo.exe
O4 - HKLM\..\Run: KHALMNPR.EXE
O4 - HKLM\..\Run: C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM\..\Run: C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM\..\Run: “C:\Program Files\DivX\DivX Update\DivXUpdate.exe” /CHECKNOW
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\ISStart.exe /RegAll
O4 - HKLM\..\Run: Skytel.exe
O4 - HKLM\..\Run: “C:\Program Files\AVG\AVG2012\avgtray.exe”
O4 - HKLM\..\RunOnce: cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYAMwBaAEMAOQAtAEUASwBBAFIAUwAtADYAUgBXAEcAQQAtAEEAQQBUAEMAVQAtAFYAUAA5AEYATgA“&”inst=NwA3AC0ANAA1ADkANwA3ADIAOAAyADQALQBUADQALQBCAEEAKwAxAC0AWABMACsAMQAtAEYATAArADkALQBGADkATQA2ACsAMQAtAFgATwAzADYAKwAxAC0ARgA5AE0ANwBDACsANQAtAFgATwA5ACsAMQAtAEYAOQBNADMAKwAxAC0ARABEAFQAKwAzADIAMwAxADkALQBEAEQAOQAwAEYAKwAxAC0AUwBUADkAMABGAEEAUABQACsAMQAtAEYAOQAwAE0AMQAyAEUAVAArADEALQBUAEIATgArADEALQBVADkANQArADEALQBMADkAMABNAEoAKwAxAC0ARgA5ADAATQAxADIASgBOACsAMQA“&”prod=90“&”ver=9.0.894
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033
O4 - HKCU\..\Run: “C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe” -automount
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: “C:\Program Files\Logitech\Video\ManifestEngine.exe” boot
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updateservice (gupdate1ca2b12cc9bf89) (gupdate1ca2b12cc9bf89) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Lexar Media, Inc. - C:\Windows\system32\LxrSII1s.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
–
End of file - 8747 bytes

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Complitly verwijderen

maarten

Jos H

maarten

Jos H

maarten

maarten

fazantje

maarten

Ben

maarten