Mededeling

**smeenk** · 19-02-08, 06:38

Download ATF cleaner (mirror)(gemaakt door Atribune)

Start de computer in veilige modus.

Zorg dat je browser, in ieder geval Internet Explorer, afgesloten is.

Rechtsklik Hijackthis.exe en kies voor "Run as administrator"
Start HijackThis nog een keer en plaats alleen een vinkje voor de volgende regel:
O2 - BHO: (no name) - {1F429225-E162-4B82-9C79-23C507D40845} - C:\Windows\system32\pmklm.dll
Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af.

Dubbelklik op ATF cleaner om het programma te starten.
Op het tabblad "Main", plaats je een vinkje bij Select All.
Klik op de knop Empty Selected.

Het volgende doen als je ook FireFox als browser hebt:
Klik op tabblad "Firefox", plaats een vinkje bij Select All.
Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
(dit haalt het vinkje weer weg bij "Firefox saved passwords")
Klik op de knop Empty Selected.

Het volgende doen als je ook Opera als browser hebt:
Klik op tabblad "Opera", plaats een vinkje bij Select All.
Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
Klik op de knop Empty Selected.
Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

Herstart de computer in normale modus.

Start HijackThis opnieuw, maak een nieuwe log en post deze ter controle.

Groeten smeenk

**vosmerel** · 19-02-08, 07:29

Beste Smeenk, bedankt voor je hulp. Ik heb de aanwijzingen uitgevoerd. Hierbij de nieuwe scanresultaten:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:27:03, on 19-2-2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\WTablet\Wacom_TabletUser.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Workrave\lib\Workrave.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmplayer.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5DD1D1C3-73D0-4EF1-9F4A-AAE8C4BA9F8F} - C:\Windows\system32\pmklm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SecondBackup_FilesBackup_2] SECONDBACKUP2
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Birthday reminder check.lnk = C:\Program Files\Birthday Reminder\bday.exe
O4 - Startup: Workrave.lnk = C:\Program Files\Workrave\lib\Workrave.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {6989C944-3529-4DA8-8C60-187E95F580E2} (SecureSession Class) - http://culture.samsungfoundation.org/common/SecuiJoinsIE.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by123fd.bay123.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Google\Google Desktop Search\Plugins\gdSkype\skype4com.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Desktop Manager 5.7.801.1629 (GoogleDesktopManager-010108-205858) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\Windows\system32\Wacom_Tablet.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11859 bytes

**smeenk** · 19-02-08, 08:42

Download Combofix (mirror) naar je Bureaublad.
Dubbelklik op Combofix.exe
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen(je kan hem ook hier vinden: C:\Combofix.txt)
Plaats deze log in je volgende post.

NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.

**vosmerel** · 19-02-08, 09:50

Hierbij de log van Combofix:

ComboFix 08-02-19.2 - Merel 2008-02-19 17:28:02.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1098 [GMT 9:00]
Running from: C:\Users\Merel\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\Merel\AppData\Roaming\macromedia\Flash Player\#SharedObjects\GVP00001\iforex.com
C:\Users\Merel\AppData\Roaming\macromedia\Flash Player\#SharedObjects\GVP00001\iforex.com\Emerp\Events\flash_object.swf\user_data.sol
C:\Users\Merel\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com
C:\Users\Merel\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol
C:\Windows\System32\mlkmp.ini
C:\Windows\System32\mlkmp.ini2
C:\Windows\system32\pmklm.dll
C:\Windows\system32\x64

.
((((((((((((((((((((((((( Files Created from 2008-01-19 to 2008-02-19 )))))))))))))))))))))))))))))))
.

2008-02-19 17:04 . 2008-02-19 17:04 <DIR> d-------- C:\ComboFix[1]
2008-02-19 12:59 . 2007-10-24 12:58 3,504,696 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-02-19 12:59 . 2007-10-24 12:58 3,470,392 --a------ C:\Windows\System32\ntoskrnl.exe
2008-02-19 12:59 . 2007-10-26 20:12 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-02-19 12:59 . 2007-10-26 20:14 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys
2008-02-19 12:59 . 2008-01-19 12:06 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-02-19 12:59 . 2008-01-19 14:08 109,624 --a------ C:\Windows\System32\drivers\ataport.sys
2008-02-19 12:59 . 2008-01-19 14:07 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
2008-02-19 12:59 . 2008-01-19 14:06 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
2008-02-19 12:59 . 2008-01-19 14:06 17,464 --a------ C:\Windows\System32\drivers\intelide.sys
2008-02-19 12:58 . 2008-01-29 09:30 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-19 12:58 . 2008-01-29 13:16 1,686,528 --a------ C:\Windows\System32\gameux.dll
2008-02-19 12:58 . 2008-01-10 14:50 1,244,672 --a------ C:\Windows\System32\mcmde.dll
2008-02-18 00:40 . 2007-08-18 16:54 380,928 --a------ C:\Windows\System32\ac3filter.acm
2008-02-18 00:39 . 2008-02-18 00:40 <DIR> d-------- C:\Program Files\XP Codec Pack
2008-02-18 00:25 . 2008-02-18 00:25 <DIR> dr------- C:\Users\Public\Recorded TV
2008-02-17 21:39 . 2008-02-17 16:13 691,545 --a------ C:\Windows\unins000.exe
2008-02-17 21:39 . 2008-02-17 21:39 3,443 --a------ C:\Windows\unins000.dat
2008-02-17 16:13 . 2008-02-17 16:13 <DIR> d-------- C:\Users\Merel\AppData\Roaming\PC Tools
2008-02-17 16:13 . 2008-02-17 16:14 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-02-17 16:13 . 2007-12-10 14:53 81,288 --a------ C:\Windows\System32\drivers\iksyssec.sys
2008-02-17 16:13 . 2007-12-10 14:53 66,952 --a------ C:\Windows\System32\drivers\iksysflt.sys
2008-02-17 16:13 . 2007-12-10 14:53 41,864 --a------ C:\Windows\System32\drivers\ikfilesec.sys
2008-02-17 16:13 . 2007-12-10 14:53 29,576 --a------ C:\Windows\System32\drivers\kcom.sys
2008-02-17 16:12 . 2008-02-17 16:40 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy
2008-02-17 16:12 . 2008-02-17 16:13 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-02-17 16:11 . 2008-02-17 16:11 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-02-17 16:11 . 2005-08-25 18:19 115,920 --a------ C:\Windows\System32\MSINET.OCX
2008-02-17 16:07 . 2008-02-17 16:09 <DIR> d-------- C:\Temp
2008-02-17 16:07 . 2008-02-17 16:07 <DIR> d-------- C:\ProgramData\Prevx
2008-02-17 15:48 . 2008-02-17 18:54 <DIR> d-------- C:\Program Files\Hitman Pro
2008-02-17 15:12 . 2008-02-17 15:46 <DIR> d-------- C:\Program Files\VideoLAN
2008-02-17 15:02 . 2008-02-17 15:04 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-02-16 02:23 . 2008-02-16 02:23 <DIR> d-------- C:\Users\Merel\AppData\Roaming\TrojanHunter
2008-02-16 01:16 . 2008-02-16 01:17 <DIR> d-------- C:\Program Files\TrojanHunter 5.0
2008-02-15 23:11 . 2008-02-18 12:21 <DIR> d-a------ C:\ProgramData\TEMP
2008-02-14 12:50 . 2008-02-14 12:50 <DIR> d-------- C:\Users\Merel\_Merel_
2008-02-13 18:04 . 2008-02-13 18:04 194,560 --a------ C:\Windows\System32\WebClnt.dll
2008-02-13 18:04 . 2008-02-13 18:04 110,080 --a------ C:\Windows\System32\drivers\mrxdav.sys
2008-02-13 17:59 . 2008-02-13 17:59 803,328 --a------ C:\Windows\System32\drivers\tcpip.sys
2008-02-13 17:59 . 2008-02-13 17:59 216,632 --a------ C:\Windows\System32\drivers\netio.sys
2008-02-13 17:59 . 2008-02-13 17:59 167,424 --a------ C:\Windows\System32\tcpipcfg.dll
2008-02-13 17:59 . 2008-02-13 17:59 24,064 --a------ C:\Windows\System32\netcfg.exe
2008-02-13 17:59 . 2008-02-13 17:59 22,016 --a------ C:\Windows\System32\netiougc.exe
2008-02-13 13:26 . 2008-02-13 13:32 <DIR> d-------- C:\Users\Merel\AppData\Roaming\Canon
2008-02-13 12:47 . 2008-02-13 12:49 <DIR> d--h----- C:\CanoScan
2008-02-13 12:47 . 2002-05-24 03:04 389,180 --a------ C:\Windows\System32\UCS32P.DLL
2008-02-13 12:47 . 2003-09-17 17:35 339,968 --a------ C:\Windows\System32\N067UFW.DLL
2008-02-13 12:47 . 2002-09-12 01:07 36,864 --a------ C:\Windows\System32\CNQU70.DLL
2008-02-09 01:19 . 2008-02-09 01:19 <DIR> dr------- C:\Users\Public\Music
2008-02-08 19:02 . 2008-02-08 20:19 <DIR> d-------- C:\Users\Merel\08 Merel
2008-02-08 18:58 . 2008-02-18 00:25 <DIR> dr------- C:\Users\Public\Documents
2008-02-07 14:44 . 2008-02-07 14:44 <DIR> d-------- C:\Windows\System32\Adobe
2008-02-07 14:44 . 2004-08-17 09:40 16,384 --a------ C:\Windows\System32\FileOps.exe
2008-02-05 13:51 . 2005-04-20 03:10 80,731 --a------ C:\Windows\System32\EBPMON2.DLL
2008-02-05 13:49 . 2008-02-07 17:36 <DIR> d-------- C:\ProgramData\EPSON
2008-02-05 13:49 . 2005-07-25 03:11 80,731 --a------ C:\Windows\System32\E_SL2379.DLL
2008-02-05 13:11 . 2008-02-05 13:57 <DIR> d-------- C:\Program Files\EPSON
2008-02-05 13:11 . 2005-07-25 03:11 80,731 --a------ C:\Windows\System32\E_SL2411.DLL
2008-02-05 13:10 . 2008-02-05 13:19 11,714 --a------ C:\Windows\EPSTPLOG.BAK
2008-01-31 21:42 . 2007-06-28 18:55 77,824 --a------ C:\Windows\System32\xvid.ax
2008-01-25 08:46 . 2008-01-25 08:46 106,496 --a------ C:\Windows\System32\drivers\Rtlh86.sys
2008-01-25 00:30 . 2008-01-25 00:31 <DIR> d-------- C:\Program Files\Picasa2

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-19 08:45 --------- d-----w C:\Users\Merel\AppData\Roaming\WTablet
2008-02-19 08:43 --------- d-----w C:\Users\Merel\AppData\Roaming\BitTorrent DNA
2008-02-19 08:23 --------- d-----w C:\Users\Merel\AppData\Roaming\Skype
2008-02-19 04:06 --------- d-----w C:\Program Files\Windows Mail
2008-02-19 01:53 --------- d-----w C:\Users\Merel\AppData\Roaming\AVG7
2008-02-17 16:08 --------- d-----w C:\Users\Merel\AppData\Roaming\BitTorrent
2008-02-15 03:49 --------- d-----w C:\ProgramData\avg7
2008-02-13 08:57 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-13 08:57 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-13 08:57 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-13 08:57 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-07 05:44 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-06 13:47 --------- d-----w C:\Program Files\Google
2008-01-29 04:16 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-01-29 04:16 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-01-29 04:16 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-01-29 04:16 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-01-23 22:42 --------- d-----w C:\Users\Merel\AppData\Roaming\LimeWire
2008-01-09 23:15 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-09 23:15 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-07 15:42 --------- d-----w C:\Program Files\Tablet
2007-12-26 15:24 318,464 ------w C:\Windows\System32\jmail_AutoBAUP.dll
2007-12-26 15:23 724,992 ----a-w C:\Windows\iun6002.exe
2007-12-26 15:23 --------- d-----w C:\Program Files\Second Backup
2007-12-25 22:25 174 --sha-w C:\Program Files\desktop.ini
2007-12-25 22:22 --------- d-----w C:\Program Files\Windows Defender
2007-12-25 22:22 --------- d-----w C:\Program Files\Windows Calendar
2007-12-25 22:14 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2007-12-25 22:13 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2007-12-25 22:13 7,680 ----a-w C:\Windows\System32\spwmp.dll
2007-12-25 22:13 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2007-12-25 22:13 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2007-12-25 22:11 57,856 ----a-w C:\Windows\System32\SLUINotify.dll
2007-12-25 22:11 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll
2007-12-25 22:11 39,936 ----a-w C:\Windows\System32\slcinst.dll
2007-12-25 22:11 351,232 ----a-w C:\Windows\System32\SLUI.exe
2007-12-25 22:11 33,280 ----a-w C:\Windows\System32\slwmi.dll
2007-12-25 22:11 268,288 ----a-w C:\Windows\System32\mcbuilder.exe
2007-12-25 22:11 223,232 ----a-w C:\Windows\System32\SLC.dll
2007-12-25 22:11 2,605,568 ----a-w C:\Windows\System32\SLsvc.exe
2007-12-25 22:11 186,368 ----a-w C:\Windows\System32\SLLUA.exe
2007-12-25 22:10 61,440 ----a-w C:\Windows\System32\ntprint.exe
2007-12-25 22:10 269,824 ----a-w C:\Windows\System32\schannel.dll
2007-12-25 22:10 220,160 ----a-w C:\Windows\System32\ntprint.dll
2007-12-25 22:10 120,320 ----a-w C:\Windows\System32\dhcpcsvc6.dll
2007-12-25 22:10 10,240 ----a-w C:\Windows\System32\dhcpcmonitor.dll
2007-12-25 22:10 1,984,512 ----a-w C:\Windows\System32\authui.dll
2007-12-25 22:09 88,576 ----a-w C:\Windows\System32\avifil32.dll
2007-12-25 22:09 82,944 ----a-w C:\Windows\System32\mciavi32.dll
2007-12-25 22:09 8,138,240 ----a-w C:\Windows\System32\ssBranded.scr
2007-12-25 22:09 712,192 ----a-w C:\Windows\System32\WindowsCodecs.dll
2007-12-25 22:09 69,632 ----a-w C:\Windows\System32\sendmail.dll
2007-12-25 22:09 65,024 ----a-w C:\Windows\System32\avicap32.dll
2007-12-25 22:09 31,232 ----a-w C:\Windows\System32\msvidc32.dll
2007-12-25 22:09 123,904 ----a-w C:\Windows\System32\msvfw32.dll
2007-12-25 22:09 12,800 ----a-w C:\Windows\System32\msrle32.dll
2007-12-25 14:59 --------- d-----w C:\Users\Merel\AppData\Roaming\LaCie
2007-12-25 13:46 --------- d-----w C:\Program Files\6610 USB-Handset Manager
2007-12-25 13:44 --------- d-----w C:\Users\Merel\AppData\Roaming\MobileAction
2007-12-21 13:28 55,304 ----a-w C:\Windows\system32\drivers\avgwfp.sys
2007-12-12 10:39 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2007-12-12 10:39 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2007-12-12 10:39 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2007-09-26 14:59 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.da t
2007-09-26 14:59 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-09-26 14:59 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2007-09-28 12:50 16,384 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index. dat
2007-09-28 12:50 32,768 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-09-28 12:50 16,384 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 21:35 125440]
"BitTorrent DNA"="C:\Program Files\BitTorrent_DNA\dna.exe" [2007-11-08 22:43 286016]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-01-29 22:36 25370152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-26 07:13 1006264]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-06 20:03 4423680 C:\Windows\RtHDVCpl.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-09 06:06 835584]
"VAIOCameraUtility"="C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-04-03 08:49 411768]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2007-04-17 11:06 321656]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-03-24 12:02 138008]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-03-24 12:02 154392]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-03-24 12:02 133912]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-16 06:48 479232]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-21 22:28 579072]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 13:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-07 23:55 267064]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 09:12 483328]
"SecondBackup_FilesBackup_2"="SECONDBACKUP2"

"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-06 22:47 29744]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-11-01 17:17 219136]

C:\Users\Merel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-17 02:16:50 113664]
Birthday reminder check.lnk - C:\Program Files\Birthday Reminder\bday.exe [2007-05-15 04:47:53 69632]
Workrave.lnk - C:\Program Files\Workrave\lib\Workrave.exe [2007-09-15 06:23:03 2925568]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2007-09-17 06:32 9216 C:\Windows\System32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2007-02-14 07:19 98304 C:\Windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\Windows\system32\pmklm.dll

R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" [2007-01-31 17:24]
R2 TabletServiceWacom;TabletServiceWacom;C:\Windows\system32\Wacom_Tablet.exe [2007-09-07 19:40]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-02 21:56]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2007-03-02 21:42]
R3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2007-12-21 22:28]
R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-03-24 12:02]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-03-07 20:34]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2007-04-04 13:34]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2007-04-04 13:34]
R3 RTL8169;Realtek 8169 NT Driver;C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-01-25 08:46]
R3 SonyImgF;Sony Image Conversion Filter Driver;C:\Windows\system32\DRIVERS\SonyImgF.sys [2007-04-05 10:03]
R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [2007-02-08 12:53]
R3 wacommousefilter;Wacom Mouse Filter Driver;C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 19:12]
R3 wacomvhid;Wacom Virtual Hid Driver;C:\Windows\system32\DRIVERS\wacomvhid.sys [2007-02-16 18:30]
R3 WacomVKHid;Virtual Keyboard Driver;C:\Windows\system32\DRIVERS\WacomVKHid.sys [2007-02-16 00:11]
S3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-04-04 11:22]
S3 GoogleDesktopManager-010108-205858;Google Desktop Manager 5.7.801.1629;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-06 22:47]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 16:30]
S3 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2006-04-15 02:04]
S3 TcUsb;TC USB Kernel Driver;C:\Windows\system32\Drivers\tcusb.sys [2007-01-10 12:52]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaa414e3-dc55-11dc-a0a6-0019c1a1a8eb}]
\shell\AutoRun\command - G:\LaunchU3.exe -a

.
Contents of the 'Scheduled Tasks' folder
"2008-02-18 16:11:04 C:\Windows\Tasks\User_Feed_Synchronization-{389687BF-CD8D-4E9C-B6B0-AECDBFFEB193}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-19 17:46:29
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-19 17:48:48
ComboFix-quarantined-files.txt 2008-02-19 08:48:43
.
2008-02-19 04:03:26 --- E O F ---

**smeenk** · 19-02-08, 11:12

Lijkt goed gegaan te zijn

Je Java software is verouderd.
Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.
Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:

Download Java Runtime Environment (JRE) 6u4 en bewaar het naar je Bureaublad.
Sluit alle programma's die eventueel open zijn - Zeker je web browser!
Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
Herhaal dit tot alle oudere versies verdwenen zijn.
Na het verwijderen van alle oudere versies, herstart je pc.
Dubbelklik vervolgens op jre-6u4-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.

Ga naar Start - Uitvoeren en geef hier het volgende in:
Combofix /U
Druk daarna op OK.
Let op: Er moet een spatie tussen Combofix en /U zitten.

Dit zal Combofix deïnstalleren.

Laat ATF-cleaner nog eens lopen.

Vertel of er nog problemen zijn en post een nieuw logje van Hijackthis ter controle

**vosmerel** · 19-02-08, 11:45

Done! Volgens mij ondervind ik nu geen problemen meer! Super, bedankt voor je tijd en advies!

Hierbij mijn laatste log-file:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:42:54, on 19-2-2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WTablet\Wacom_TabletUser.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Workrave\lib\Workrave.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SecondBackup_FilesBackup_2] SECONDBACKUP2
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Birthday reminder check.lnk = C:\Program Files\Birthday Reminder\bday.exe
O4 - Startup: Workrave.lnk = C:\Program Files\Workrave\lib\Workrave.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {6989C944-3529-4DA8-8C60-187E95F580E2} (SecureSession Class) - http://culture.samsungfoundation.org/common/SecuiJoinsIE.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by123fd.bay123.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Google\Google Desktop Search\Plugins\gdSkype\skype4com.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Desktop Manager 5.7.801.1629 (GoogleDesktopManager-010108-205858) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\Windows\system32\Wacom_Tablet.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11659 bytes

**smeenk** · 19-02-08, 12:58

Graag gedaan hoor

Je logje ziet er ook weer prima uit

Mededeling

Buffer Overrun+constante popups

Buffer Overrun+constante popups

Comment

Comment

Comment

Comment

Comment

Comment

Comment