Hjt van pc Mdb-

Spyware is software die in het geheim op je computer wordt geplaatst en die persoonlijke gegevens doorstuurt, reclame toont, enz. Stel hier vragen, leer hoe je ervan af kan komen en hoe het te voorkomen.

hjb
Lid geworden op: 08 sep 2004, 14:45
Locatie: o.vl.

17 jun 2013, 18:02

zou u onderstaande log eens willen bekijken aub?
het is een hopeloos trage vista (1GB ram)...


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:43:26, on 17/06/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670}
- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -
C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} -
C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security -
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil
Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common
Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7}
- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
"C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -
C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} -
C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} -
"C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! Online Security -
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil
Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple
Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil
Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common
Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows
Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media
Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe
oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3200104136-507809109-521520905-1001\..\Run: [Sidebar]
%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program
Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program
Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program
Files\Google\Google
Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Zoeken op eBay - res://C:\Program
Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: @C:\Program Files\Windows
Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 -
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows
Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows
Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 -
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows
Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -
C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: Adobe Flash Player Update Service
(AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated -
C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program
Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program
Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. -
C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.8.811.4345
(GoogleDesktopManager-110408-113106) - Google - C:\Program
Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. -
C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc.
- C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common
Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) -
Mozilla Foundation - C:\Program Files\Mozilla Maintenance
Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero
BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA
Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA
Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update
Core\daemonu.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown
owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies -
C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 9179 bytes
acer x3470, amd a6, 6Ram, Radeon hd graphics 2.2Hz, win10 64bits, Firefox, Windows Defender
Omhoog

Fimmel
Lid geworden op: 25 okt 2007, 11:50
Locatie: Omgeving Aalst

17 jun 2013, 20:21

hjb

Voor dat u dat HJTlog maakt zou het aan te raden zijn dat u HJT 2.0.4 zou downloaden..
Er bestaat waarschijnlijk al een 2.0.5???
Vraag dat eens aan Iceman.

MVrGr
Fimmel
Windows10- Classificatie 5.1
Intel(R)Core(TM) i5 CPU--750@ 2.67GHz-2.66GHz
RAM 4GB- 64Bits-Telenet Security-M O Outlook- CCleaner- Eusing Register Cleaner-Spywareblaaster.MBAM-IE11-Microsoft Edge-ADW cleaner.HJT.
Omhoog

hjb
Lid geworden op: 08 sep 2004, 14:45
Locatie: o.vl.

17 jun 2013, 23:23

iceman: bij voorbaat dank voor wat geduld. het is een log van iemand die niet goed overweg kan met de pc, en ik kan er niet alle dagen naartoe.
acer x3470, amd a6, 6Ram, Radeon hd graphics 2.2Hz, win10 64bits, Firefox, Windows Defender
Omhoog

hjb
Lid geworden op: 08 sep 2004, 14:45
Locatie: o.vl.

25 jun 2013, 22:50

hier is dan het log van AdwCleaner:

# AdwCleaner v2.303 - Verslag gemaakt op 25/06/2013 om 21:32:35
# Geactualiseerd op 08/06/2013 door Xplode
# Besturingssysteem : Windows Vista (TM) Home Premium Service Pack 2 (32
bits)
# Gebruiker : Michel - PC_VAN_MICHEL
# Opstarten Modus : Normale modus
# Gelanceerd vanaf :
C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet
Files\Content.IE5\1VR0BOMD\adwcleaner.exe
# Optie [Verwijderen]


***** [Diensten] *****


***** [Files / Mappen] *****

File Verwijderd : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Verwijderd : C:\user.js
Map Verwijderd : C:\ProgramData\Ask
Map Verwijderd : C:\ProgramData\Babylon
Map Verwijderd : C:\Users\Michel\AppData\LocalLow\FunWebProducts
Map Verwijderd : C:\Users\Michel\AppData\LocalLow\MyWebSearch
Map Verwijderd : C:\Users\Michel\AppData\Roaming\Babylon

***** [Register] *****

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Fun Web Products
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\FunWebProducts
Sleutel Verwijderd : HKCU\Software\FunWebProducts
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet
Explorer\MenuExt\&Search
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet
Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App
Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App
Management\ARPCache\{83AA2913-C123-4146-85BD-AD8F93971D39}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App
Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Sleutel Verwijderd :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Sleutel Verwijderd :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Sleutel Verwijderd :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Sleutel Verwijderd :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar
Sleutel Verwijderd : HKLM\Software\Babylon
Sleutel Verwijderd :
HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Sleutel Verwijderd :
HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Sleutel Verwijderd :
HKLM\SOFTWARE\Classes\CLSID\{67FA02C4-AB30-4E77-A640-78EE8EC8673B}
Sleutel Verwijderd :
HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Sleutel Verwijderd :
HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Shared
Tools\MSConfig\startupreg\ApnUpdater
Sleutel Verwijderd :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Sleutel Verwijderd :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Sleutel Verwijderd :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Sleutel Verwijderd :
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Waarde Verwijderd : HKCU\Software\Microsoft\Internet
Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
[{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [Browsers] *****

-\\ Internet Explorer v9.0.8112.16490

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v21.0 (nl)

File :
C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\97pa6c08.default\prefs.js

C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\97pa6c08.default\user.js
... Verwijderd !

Verwijderd : user_pref("browser.search.order.1", "Ask.com");
Verwijderd : user_pref("extensions.BabylonToolbar.admin", false);
Verwijderd : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Verwijderd : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Verwijderd : user_pref("extensions.BabylonToolbar.excTlbr", false);
Verwijderd : user_pref("extensions.BabylonToolbar.id",
"ecb639c90000000000000011954793db");
Verwijderd : user_pref("extensions.BabylonToolbar.instlDay", "15548");
Verwijderd : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Verwijderd : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Verwijderd : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Verwijderd : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Verwijderd : user_pref("extensions.BabylonToolbar.tlbrSrchUrl",
"hxxp://www.google.com/search?babsrc=TB_ggl&q=");
Verwijderd : user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1");
Verwijderd : user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1");
Verwijderd : user_pref("extensions.BabylonToolbar_i.babExt", "");
Verwijderd : user_pref("extensions.BabylonToolbar_i.babTrack",
"affID=112542&tt=3012_4");
Verwijderd : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Verwijderd : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Verwijderd : user_pref("extensions.BabylonToolbar_i.vrsnTs",
"1.5.29.111:40:20");

-\\ Google Chrome v27.0.1453.116

File : C:\Users\Michel\AppData\Local\Google\Chrome\User
Data\Default\Preferences

Verwijderd [l.31] : icon_url = "hxxp://www.ask.com/favicon.ico",
Verwijderd [l.34] : keyword = "ask.com",
Verwijderd [l.38] : search_url =
"hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=60[...]
Verwijderd [l.39] : suggest_url =
"hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]
Verwijderd [l.1474] : homepage =
"hxxp://search.babylon.com/?affID=112542&tt=3012_4&babsrc=HP_ss&mntrId=ecb639c9000000[...]
Verwijderd [l.1869] : urls_to_restore_on_startup = [
"hxxp://search.babylon.com/?affID=112542&tt=3012_4&babsrc=HP_s[...]

*************************

AdwCleaner[S1].txt - [6131 octets] - [25/06/2013 21:32:35]

########## EOF - C:\AdwCleaner[S1].txt - [6191 octets] ##########



en dit is het nieuwe hjt-log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:29:12, on 25/06/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16490)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\msfeedssync.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -
C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} -
C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security -
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil
Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common
Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7}
- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
"C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -
C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} -
C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} -
"C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! Online Security -
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil
Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple
Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil
Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common
Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows
Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media
Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe
oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program
Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program
Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program
Files\Google\Google
Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Zoeken op eBay - res://C:\Program
Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: @C:\Program Files\Windows
Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 -
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows
Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows
Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 -
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows
Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -
C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: Adobe Flash Player Update Service
(AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated -
C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program
Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program
Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. -
C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.8.811.4345
(GoogleDesktopManager-110408-113106) - Google - C:\Program
Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. -
C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc.
- C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common
Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) -
Mozilla Foundation - C:\Program Files\Mozilla Maintenance
Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero
BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA
Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA
Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update
Core\daemonu.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown
owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies -
C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 8711 bytes
acer x3470, amd a6, 6Ram, Radeon hd graphics 2.2Hz, win10 64bits, Firefox, Windows Defender
Omhoog

hjb
Lid geworden op: 08 sep 2004, 14:45
Locatie: o.vl.

26 jun 2013, 23:41

welbedankt voor het nazicht!
hopelijk lukt het om die pc weer wat op dreef te krijgen. maar of hij nog zo goed zal worden als die van uw vrouw durf ik te betwijfelen. ik heb geen idee hoe zwaar de processor is. zal het eens noteren als ik er langs ga.
acer x3470, amd a6, 6Ram, Radeon hd graphics 2.2Hz, win10 64bits, Firefox, Windows Defender
Omhoog

Terug naar “Computer - Spyware”