Weergegeven resultaten: 1 t/m 4 van 4

Discussie: Politie virus?

  1. #1
    Gevorderd  
    Geregistreerd
    28 January 2008
    Berichten
    203
    Bedankjes
    56
    Bedankt
    22 keer in 13 posts

    Politie virus?

    Goedemiddag,

    Twee uur geleden kreeg ik opeens een pop-up van het zgn. politie virus (waar ze vragen om een betaling). In tegenstelling tot anderen, blokkeerde mijn pc overigens niet (ook niet bij een herstart).

    Nu heb ik AdwCleaner, Malwarebytes en AVG al laten scannen (alleen de eerste vond enkele bestanden, die ik verwijderd heb). Hoe kan ik er nu zeker van zijn dat dit 100% verwijderd is van mijn pc? Ik probeerde namelijk systeemherstel maar kreeg een melding dat dit niet mogelijk was vanwege een onherstelbare fout (ik zal de code even opzoeken). Hierdoor vermoed ik dat de computer nog steeds besmet is.

    Bij voorbaat dank!

    Gr. Bongers

    Hieronder mijn diverse logjes:

    HijackThis

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 13:59:28, on 28-3-2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v8.00 (8.00.7601.17514)
    Boot mode: Normal


    Running processes:
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
    C:\Program Files (x86)\AVG\AVG10\avgtray.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
    C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Program Files (x86)\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe


    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr....5v1j5y44411664
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr....5v1j5y44411664
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr....5v1j5y44411664
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr....5v1j5y44411664
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\s wg.dll
    O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-1963343364-1718321140-3581229968-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
    O4 - HKUS\S-1-5-21-1963343364-1718321140-3581229968-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe
    O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    --
    End of file - 13311 bytes



    MBAM


    Malwarebytes Anti-Malware
    www.malwarebytes.org


    Scandatum: 1-2-2015
    Scantijd: 16:47:13
    Logbestand: 1.txt
    Beheerder: Ja


    Versie: 2.00.4.1028
    Malwaredatabase: v2015.02.01.05
    Rootkitdatabase: v2015.01.14.01
    Licentie: Gratis
    Malwarebescherming: Uitgeschakeld
    Kwaadaardige Website Bescherming: Uitgeschakeld
    Zelfbescherming: Uitgeschakeld


    Besturingssysteem: Windows 7 Service Pack 1
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: Rob


    Scantype: Bedreigingsscan
    Resultaat: Voltooid
    Objecten Gescand: 432987
    Verstreken Tijd: 22 m, 54 s


    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Uitgeschakeld
    Heuristiek: Ingeschakeld
    POP: Waarschuwen
    POA: Ingeschakeld


    Processen: 0
    (Geen kwaadaardige items gedetecteerd)


    Modules: 0
    (Geen kwaadaardige items gedetecteerd)


    Registersleutels: 0
    (Geen kwaadaardige items gedetecteerd)


    Registerwaardes: 0
    (Geen kwaadaardige items gedetecteerd)


    Registerdata: 0
    (Geen kwaadaardige items gedetecteerd)


    Mappen: 0
    (Geen kwaadaardige items gedetecteerd)


    Bestanden: 0
    (Geen kwaadaardige items gedetecteerd)


    Fysieke Sectoren: 0
    (Geen kwaadaardige items gedetecteerd)




    (end)


    Gmer

    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2015-02-01 17:50:51
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST350041 rev.CC44 465,76GB
    Running: 5g86h9mm.exe; Driver: C:\Users\Rob\AppData\Local\Temp\uwtdrpow.sys




    ---- Kernel code sections - GMER 2.1 ----


    INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLoo kasideList + 528 fffff800031be000 45 bytes [01, 00, 00, 00, 00, 00, 00, ...]
    INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLoo kasideList + 575 fffff800031be02f 16 bytes [00, 01, 00, 00, 00, 00, 00, ...]


    ---- User code sections - GMER 2.1 ----


    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2504] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007725fe14 5 bytes JMP 00000001716d1000
    .text C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe[2732] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007725fe14 5 bytes JMP 00000001716d1000
    .text C:\OEM\USBDECTION\USBS3S4Detection.exe[2140] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007725fe14 5 bytes JMP 00000001716d1000
    .text C:\Windows\system32\SearchIndexer.exe[3396] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000770b1650 5 bytes JMP 0000000077210018
    .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3636] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000770b1650 5 bytes JMP 0000000077210018
    .text C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe[3916] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007725fe14 5 bytes JMP 00000001716d1000
    .text C:\Program Files (x86)\AVG\AVG2015\avgui.exe[1656] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007725fe14 5 bytes JMP 00000001716d1000
    .text C:\Windows\system32\svchost.exe[436] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000770b1650 5 bytes JMP 0000000077210018
    .text C:\Windows\System32\svchost.exe[3508] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000770b1650 5 bytes JMP 0000000077210018
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[1904] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007725fe14 5 bytes JMP 00000001716d1000
    .text C:\Program Files (x86)\BitTorrent\BitTorrent.exe[4132] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007725fe14 5 bytes JMP 00000001716d1000
    .text C:\Windows\servicing\TrustedInstaller.exe[6656] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000770b1650 5 bytes JMP 0000000077210018
    .text C:\Windows\system32\wbem\wmiprvse.exe[3848] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000770b1650 5 bytes JMP 0000000077210018
    .text C:\Users\Rob\Downloads\5g86h9mm.exe[6168] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007725fe14 5 bytes JMP 00000001716d1000


    ---- Threads - GMER 2.1 ----


    Thread C:\Windows\system32\svchost.exe [1484:2580] 000007fef6e0bd88
    Thread C:\Windows\system32\svchost.exe [1484:4568] 000007fef8395170
    Thread C:\Windows\system32\svchost.exe [1484:4516] 000007fef6dd5124
    Thread C:\Windows\System32\spoolsv.exe [1744:1504] 000007fef80a10c8
    Thread C:\Windows\System32\spoolsv.exe [1744:1576] 000007fef8066144
    Thread C:\Windows\System32\spoolsv.exe [1744:1628] 000007fef7e55fd0
    Thread C:\Windows\System32\spoolsv.exe [1744:1696] 000007fef7e43438
    Thread C:\Windows\System32\spoolsv.exe [1744:1700] 000007fef7e563ec
    Thread C:\Windows\System32\spoolsv.exe [1744:1712] 000007fef8365e5c
    Thread C:\Windows\System32\spoolsv.exe [1744:1832] 000007fef7be5074
    Thread C:\Windows\system32\taskhost.exe [1864:1160] 000007fef8641f38
    Thread C:\Windows\system32\taskhost.exe [1864:1068] 000007fef9001010
    Thread C:\Windows\System32\WUDFHost.exe [3652:3708] 000007fef11124a0
    Thread C:\Windows\system32\DllHost.exe [2388:1644] 000000007367e320
    Thread C:\Windows\system32\rundll32.exe [6044:5044] 000007fefc720168


    ---- EOF - GMER 2.1 ----


    DDS

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17344 BrowserJavaVersion: 1.6.0_35
    Run by Rob at 17:53:10 on 2015-02-01
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3959.2245 [GMT 1:00]
    .
    AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
    C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdate Svc.exe
    C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe
    C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    C:\OEM\USBDECTION\USBS3S4Detection.exe
    C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
    C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
    C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
    C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    C:\Program Files (x86)\AVG\AVG2015\avgui.exe
    C:\Windows\SysWOW64\ctfmon.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\BitTorrent\BitTorrent.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&m=imedia_s3800&r=1736071127 26p0465v1j5y44411664
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
    EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
    uRun: [AVG-Secure-Search-Update_1213b] C:\Users\Rob\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=ef119825e80547d18fca41b2e0a32bfd-38a4b03ef8c5dcc651a19bcd577ab2dc04c5b8a1 /CMPID=1213b
    uRun: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
    mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
    mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVIMlctM1NYM0UtR0hHWDktQUZISjMtUFcyUU4tW jlLSDQ"&"inst=NzctNjgwNTI0NTY0LUZMMTArMS1ERFQrMTQ3 NzEtREQxMEYrMS1MU0QrMi1TVDEwRkFQUCsxLUwxME1KKzEtRj EwTTEySlQrMS1UQk4rMS1GMTBNMTJSKzEtVklQMTIrMS1DSUFW KzctQ0lBMTArMi1UQkNWKzE"&"prod=90"&"ver=10.0.1430
    StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STAR TM~1\Programs\Startup\SEAGAT~1.LNK - C:\Users\Rob\AppData\Roaming\Leadertech\PowerRegis ter\Seagate NA4T6PFN Product Registration.exe
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
    TCP: NameServer = 212.54.40.25 212.54.44.54
    TCP: Interfaces\{AAD478F9-0A47-410B-AF84-7540824FD83A} : DHCPNameServer = 212.54.40.25 212.54.44.54
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\Insta ller\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath -
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgi dsha.sys [2014-11-18 203544]
    R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-7-18 313624]
    R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-10-5 124184]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-18 31512]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHl pa64.sys [2011-7-24 55024]
    R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-18 153368]
    R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\driv ers\avgidsdrivera.sys [2014-12-8 260888]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-8-28 243480]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-10-10 274200]
    R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.s ys [2014-9-19 50976]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-1-6 309232]
    R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdate Svc.exe [2014-7-14 1390176]
    R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
    R2 Greg_Service;GRegService;C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-8-28 1150496]
    R2 OberonGameConsoleService;Oberon Media Game Console service;C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe [2009-11-17 44312]
    R2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w --> C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 [?]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-7-24 2314240]
    R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2009-11-17 240160]
    R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTIO N\USBS3S4Detection.exe [2009-12-14 76320]
    R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
    R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k62x64.sys [2009-11-17 283824]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-11-17 56344]
    S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-1-6 3440080]
    S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
    S3 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-8 169312]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-10-15 111616]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUs bFlt.sys [2011-7-26 59392]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-25 1255736]
    .
    =============== Created Last 30 ================
    .
    2015-02-01 12:40:52 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2015-02-01 12:40:37 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2015-02-01 12:40:36 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2015-01-31 01:19:53 923776 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
    2015-01-31 01:19:53 73840 ----a-w- C:\Program Files (x86)\Mozilla Firefox\wow_helper.exe
    2015-01-31 01:19:52 800368 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuuc52.dll
    2015-01-31 01:19:52 3231832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dcompiler_46.dll
    2015-01-31 01:19:52 220784 ----a-w- C:\Program Files (x86)\Mozilla Firefox\sandboxbroker.dll
    2015-01-31 01:19:52 10397296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icudt52.dll
    2015-01-31 01:19:52 1023600 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuin52.dll
    .
    ==================== Find3M ====================
    .
    2015-02-01 12:25:01 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2015-02-01 12:25:01 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-12-08 20:24:26 260888 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
    2014-11-21 05:14:08 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2014-11-18 20:42:04 203544 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
    2014-11-18 13:56:48 1202848 ----a-w- C:\Windows\SysWow64\FM20.DLL
    .
    ============= FINISH: 17:54:04,53 ===============


    Attach (DDS)

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 24-7-2011 14:27:44
    System Uptime: 1-2-2015 16:39:46 (1 hours ago)
    .
    Motherboard: Packard Bell | | FIH57
    Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz | CPU 1 | 1173/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 226 GiB total, 84,645 GiB free.
    D: is FIXED (NTFS) - 227 GiB total, 226,619 GiB free.
    E: is CDROM ()
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Description: SD/MMC
    Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_SD#MMC&REV_1.00#20060413092100000&2#
    Manufacturer: Generic-
    Name: H:\
    PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_SD#MMC&REV_1.00#20060413092100000&2#
    Service: WUDFRd
    .
    Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Description: SM/xD-Picture
    Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_SM#XD-PICTURE&REV_1.00#20060413092100000&1#
    Manufacturer: Generic-
    Name: G:\
    PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_SM#XD-PICTURE&REV_1.00#20060413092100000&1#
    Service: WUDFRd
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: Common Log (CLFS)
    Device ID: ROOT\LEGACY_CLFS\0000
    Manufacturer:
    Name: Common Log (CLFS)
    PNP Device ID: ROOT\LEGACY_CLFS\0000
    Service: CLFS
    .
    Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Description: MS/MS-Pro
    Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_MS#MS-PRO&REV_1.00#20060413092100000&3#
    Manufacturer: Generic-
    Name: I:\
    PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_MS#MS-PRO&REV_1.00#20060413092100000&3#
    Service: WUDFRd
    .
    ==== System Restore Points ===================
    .
    RP192: 16-1-2015 18:28:37 - Windows Update
    RP193: 16-1-2015 20:51:23 - Windows Update
    RP194: 16-1-2015 23:51:27 - Windows Update
    RP195: 17-1-2015 1:46:17 - Windows Update
    RP196: 17-1-2015 21:54:16 - Windows Update
    RP197: 17-1-2015 23:20:23 - Windows Update
    RP198: 18-1-2015 1:42:08 - Windows Update
    RP199: 18-1-2015 11:14:02 - Windows Update
    RP200: 18-1-2015 17:04:04 - Windows Update
    RP201: 18-1-2015 18:41:48 - Windows Update
    RP202: 18-1-2015 19:22:35 - Windows Update
    RP203: 19-1-2015 21:47:48 - Windows Update
    RP204: 19-1-2015 22:45:52 - Windows Update
    RP205: 20-1-2015 15:01:12 - Windows Update
    RP206: 20-1-2015 20:34:01 - Windows Update
    RP207: 22-1-2015 11:19:03 - Windows Update
    RP208: 24-1-2015 17:54:46 - Windows Update
    RP209: 24-1-2015 19:37:20 - Windows Update
    RP210: 25-1-2015 21:02:49 - Windows Update
    RP211: 27-1-2015 11:29:44 - Windows Update
    RP212: 29-1-2015 18:02:30 - Windows Update
    RP213: 30-1-2015 12:02:42 - Windows Update
    RP214: 31-1-2015 2:24:15 - Installed AVG 2015
    RP215: 31-1-2015 2:46:23 - Windows Update
    RP216: 31-1-2015 14:36:06 - Windows Update
    RP217: 31-1-2015 19:04:56 - Windows Update
    RP218: 31-1-2015 22:08:06 - Windows Update
    RP219: 1-2-2015 16:23:13 - Herstelbewerking
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    64 Bit HP CIO Components Installer
    Acrobat.com
    Adobe AIR
    Adobe Digital Editions 2.0
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 16 NPAPI
    Adobe Photoshop Elements 7.0
    Adobe Reader XI (11.0.03) - Nederlands
    Advertising Center
    Alice Greenfingers
    Amazonia
    AVG 2015
    AVG Web TuneUp
    Bing Bar
    BitTorrent
    CCleaner
    Chicken Invaders 2
    Compatibiliteitspakket voor het 2007 Microsoft Office system
    Dairy Dash
    Dream Day First Home
    Farm Frenzy 2
    FastStone Image Viewer 4.6
    First Class Flurry
    Gnumeric Spreadsheet 1.10.16-20110616
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Granny In Paradise
    Heroes of Hellas
    HiJackThis
    Holdem Manager
    HP Update
    Identity Card
    ImagXpress
    Intel(R) Management Engine Components
    Intel® Matrix Storage Manager
    Java 7 Update 25 (64-bit)
    Java Auto Updater
    Java(TM) 6 Update 35
    Junk Mail filter update
    Malwarebytes Anti-Malware versie 2.0.4.1028
    Merriam Websters Spell Jam
    Microsoft .NET Framework 4.5.1
    Microsoft .NET Framework 4.5.1 (Nederlands)
    Microsoft .NET Framework 4.5.1 (NLD)
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (Dutch) 2007
    Microsoft Office Excel MUI (Dutch) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Groove MUI (Dutch) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office InfoPath MUI (Dutch) 2007
    Microsoft Office Language Pack 2007 - Dutch/Nederlands
    Microsoft Office O MUI (Dutch) 2007
    Microsoft Office Office 64-bit Components 2007
    Microsoft Office OneNote MUI (Dutch) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (Dutch) 2007
    Microsoft Office PowerPoint MUI (Dutch) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (Dutch)
    Microsoft Office Proof (Dutch) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (German) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (Dutch) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (Dutch) 2007
    Microsoft Office Shared 64-bit MUI (Dutch) 2007
    Microsoft Office Shared 64-bit MUI (English) 2007
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    Microsoft Office Shared MUI (Dutch) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
    Microsoft Office SharePoint Designer MUI (Dutch) 2007
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (Dutch) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Office X MUI (Dutch) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Works
    Mozilla Firefox 35.0.1 (x86 nl)
    Mozilla Maintenance Service
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Nero 9 Essentials
    Nero ControlCenter
    Nero DiscSpeed
    Nero DiscSpeed Help
    Nero DriveSpeed
    Nero DriveSpeed Help
    Nero Express Help
    Nero InfoTool
    Nero InfoTool Help
    Nero Installer
    Nero Online Upgrade
    Nero StartSmart
    Nero StartSmart Help
    Nero StartSmart OEM
    NeroExpress
    neroxml
    Norton Online Backup
    NVIDIA-configuratiescherm 311.06
    NVIDIA 3D Vision stuurprogramma 311.06
    NVIDIA Grafisch stuurprogramma 311.06
    NVIDIA HD Audio-stuurprogramma 1.3.18.0
    NVIDIA Install Application
    NVIDIA PhysX
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update 1.11.3
    NVIDIA Update Components
    Packard Bell GameZone Console
    Packard Bell InfoCentre
    Packard Bell Recovery Management
    Packard Bell Registration
    Packard Bell ScreenSaver
    Packard Bell Software Suite SE
    PokerStars
    PokerStars.eu
    PostgreSQL 8.4
    Realtek High Definition Audio Driver
    Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition
    Skype Click to Call
    Skype™ 6.14
    SopCast 3.5.0
    Toggle Downloader DAEMON Tools
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update voor Microsoft Office Excel 2007 Help (KB963678)
    Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
    Update voor Microsoft Office Word 2007 Help (KB963665)
    Visual Studio 2008 x64 Redistributables
    Visual Studio 2010 x64 Redistributables
    Visual Studio 2012 x64 Redistributables
    Visual Studio 2012 x86 Redistributables
    VLC media player 1.1.11
    Welcome Center
    Windows Live - Hulpprogramma voor uploaden
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Writer
    WinRAR 4.00 (64-bit)
    .
    ==== End Of File ===========================


    AdwCleaner

    # AdwCleaner v4.109 - Rapport aangemaakt 01/02/2015 op 15:07:39
    # Laatste Update 24/01/2015 door Xplode
    # Database : 2015-01-26.1 [Live]
    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Gebruikersnaam : Rob - ROB-PC
    # Gestart vanuit : C:\Users\Rob\Downloads\adwcleaner_4.109.exe
    # Optie : Scannen


    ***** [ Services ] *****


    Service Gevonden : vToolbarUpdater3.2.0


    ***** [ Bestanden / Mappen ] *****


    Bestand Gevonden : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
    Map Gevonden : C:\Program Files (x86)\Common Files\AVG Secure Search
    Map Gevonden : C:\ProgramData\AVG Secure Search
    Map Gevonden : C:\ProgramData\AVG Security Toolbar


    ***** [ Taken ] *****




    ***** [ Snelkoppelingen ] *****




    ***** [ Register ] *****


    Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi .1
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
    Sleutel Gevonden : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFD
    Waarde Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
    Waarde Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Waarde Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]


    ***** [ Browsers ] *****


    -\\ Internet Explorer v11.0.9600.17344




    -\\ Mozilla Firefox v35.0.1 (x86 nl)




    -\\ Google Chrome v40.0.2214.93




    -\\ Chromium v




    *************************


    AdwCleaner[R0].txt - [1475 octets] - [24/04/2014 23:16:07]
    AdwCleaner[R1].txt - [723 octets] - [24/04/2014 23:20:09]
    AdwCleaner[R2].txt - [4690 octets] - [01/02/2015 15:07:39]
    AdwCleaner[S1].txt - [786 octets] - [24/04/2014 23:21:05]


    ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [4809 octets] ##########

  2. #2
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Niets verdachts te zien hoor.

  3. De volgende 3 gebruikers bedanken Rosty voor deze nuttige post:

    Bongers ( 8 February 2015), peterus ( 6 February 2015), retlawv ( 4 February 2015)

  4. #3
    Gevorderd  
    Geregistreerd
    28 January 2008
    Berichten
    203
    Bedankjes
    56
    Bedankt
    22 keer in 13 posts
    Ok mooi om te horen, heel erg bedankt!

  5. #4
    Gevorderd  
    Geregistreerd
    28 January 2008
    Berichten
    203
    Bedankjes
    56
    Bedankt
    22 keer in 13 posts
    Ik zag dat mijn Hijack This verouderd was, vandaar even een nieuw logje. Zou iemand hier nog even naar kunnen kijken voor de zekerheid? Ik kreeg overigens wel de melding bij Hijack This ''For some reason your system denied write access to the Hosts file...''

    Heel erg bedankt voor de hulp!

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 16:56:22, on 15-2-2015
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.17344)


    FIREFOX: 35.0.1 (x86 nl)
    Boot mode: Normal


    Running processes:
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    C:\Program Files (x86)\AVG\AVG2015\avgui.exe
    C:\Windows\SysWOW64\ctfmon.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\BitTorrent\BitTorrent.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\Rob\Downloads\HijackThis.exe


    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr....5v1j5y44411664
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
    O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVIMlctM1NYM0UtR0hHWDktQUZISjMtUFcyUU4tW jlLSDQ"&"inst=NzctNjgwNTI0NTY0LUZMMTArMS1ERFQrMTQ3 NzEtREQxMEYrMS1MU0QrMi1TVDEwRkFQUCsxLUwxME1KKzEtRj EwTTEySlQrMS1UQk4rMS1GMTBNMTJSKzEtVklQMTIrMS1DSUFW KzctQ0lBMTArMi1UQkNWKzE"&"prod=90"&"ver=10.0.1430
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
    O4 - HKCU\..\Run: [AVG-Secure-Search-Update_1213b] C:\Users\Rob\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=ef119825e80547d18fca41b2e0a32bfd-38a4b03ef8c5dcc651a19bcd577ab2dc04c5b8a1 /CMPID=1213b
    O4 - HKCU\..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
    O4 - Startup: Seagate NA4T6PFN Product Registration.lnk = Rob\AppData\Roaming\Leadertech\PowerRegister\Seaga te NA4T6PFN Product Registration.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe
    O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    --
    End of file - 11626 bytes

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. Politie virus?
    Door Bongers in forum Malware
    Reacties: 3
    Laatste bericht: 8 February 2015, 12:53
  2. controle pc na politie virus
    Door Nickel in forum HijackThis
    Reacties: 5
    Laatste bericht: 29 January 2013, 22:18
  3. ¨Politie virus
    Door gemini in forum HijackThis
    Reacties: 9
    Laatste bericht: 2 January 2013, 16:10
  4. Politie virus
    Door Dag_schotel in forum HijackThis
    Reacties: 13
    Laatste bericht: 24 November 2012, 08:51
  5. Politie virus
    Door poohbeer in forum HijackThis
    Reacties: 11
    Laatste bericht: 16 November 2012, 14:27

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •