simpellife
Vaak hier
- Lid geworden
- 16 okt 2007
- Berichten
- 531
- Waarderingsscore
- 0
Gisteren vermoeden gekregen een virus in pc te hebben.
Scan avast gaf niets aan, scan Malwarebytes gaf ook niets aan. Melding van a-squared geeft aan dat ik iets met trojan's heb, zitten zo te zien in firefox.
Kan het via a-squared niet verwijderen.
[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:00:55, on 5-3-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
c:\windows\system32\dwm.exe
c:\windows\system32\taskeng.exe
c:\windows\explorer.exe
c:\program files\windows defender\msascui.exe
c:\windows\rthdvcpl.exe
c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe
c:\program files\cyberlink\magicsports\kernel\magicsports\mspmirage.exe
c:\program files\hp\hp software update\hpwuschd2.exe
c:\program files\adobe\acrobat 8.0\acrobat\acrotray.exe
c:\windows\vmsnap23.exe
c:\windows\domino.exe
c:\windows\system32\rundll32.exe
c:\program files\alwil software\avast4\ashdisp.exe
c:\program files\java\jre6\bin\jusched.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\packard bell\setupmypc\smpsys.exe
c:\windows\ehome\ehtray.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
c:\program files\windows media player\wmpnscfg.exe
c:\program files\hp\digital imaging\bin\hpqtra08.exe
c:\windows\ehome\ehmsas.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\common files\roxio shared\9.0\sharedcom\cpshelprunner.exe
c:\program files\hp\digital imaging\bin\hpqste08.exe
c:\program files\hp\digital imaging\bin\hpqbam08.exe
c:\program files\hp\digital imaging\bin\hpqgpc01.exe
c:\windows\system32\taskeng.exe
c:\windows\system32\sdclt.exe
c:\program files\twhirl\twhirl.exe
c:\program files\a-squared free\a2free.exe
c:\program files\windows live\messenger\msnmsgr.exe
c:\program files\windows live\contacts\wlcomm.exe
c:\program files\incredimail\bin\incmail.exe
c:\program files\incredimail\bin\imapp.exe
c:\program files\mozilla firefox\firefox.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://mystart.incredimail.com/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
o1 - hosts: ::1 localhost
o2 - bho: adobe pdf reader link helper - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
o2 - bho: contributebho class - {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/adobe contribute cs3/contributeieplugin.dll
o2 - bho: windows live family safety browser helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
o2 - bho: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb} - (no file)
o2 - bho: search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
o2 - bho: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: adobe pdf conversion toolbar helper - {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\acroiefavclient.dll
o2 - bho: browser address error redirector - {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\google\google_bae\bae.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: windows live toolbar helper - {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
o2 - bho: hp smart bho class - {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
o3 - toolbar: adobe pdf - {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\acroiefavclient.dll
o3 - toolbar: contribute toolbar - {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/adobe contribute cs3/contributeieplugin.dll
o3 - toolbar: &windows live toolbar - {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
o4 - hklm\..\run: [windows defender] %programfiles%\windows defender\msascui.exe -hide
o4 - hklm\..\run: [rthdvcpl] rthdvcpl.exe
o4 - hklm\..\run: [roxwatchtray] c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe
o4 - hklm\..\run: [mspservice] c:\program files\cyberlink\magicsports\kernel\magicsports\mspmirage.exe
o4 - hklm\..\run: [toolbar_eula_launcher] c:\program files\packard bell\google_eula\eulalauncher.exe
o4 - hklm\..\run: [hp software update] c:\program files\hp\hp software update\hpwuschd2.exe
o4 - hklm\..\run: [acrobat assistant 8.0] c:\program files\adobe\acrobat 8.0\acrobat\acrotray.exe
o4 - hklm\..\run: [adobe_id0eythm] c:\progra~1\common~1\adobe\adobev~1\server\bin\versio~2.exe
o4 - hklm\..\run: [hpqsrmon] c:\program files\hp\digital imaging\bin\hpqsrmon.exe
o4 - hklm\..\run: [fssui] c:\program files\windows live\family safety\fsui.exe -autorun
o4 - hklm\..\run: [bigdogpath323vmsnap] c:\windows\vmsnap23.exe
o4 - hklm\..\run: [bigdogpath323domino] c:\windows\domino.exe
o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
o4 - hklm\..\run: [nvmediacenter] rundll32.exe c:\windows\system32\nvmctray.dll,nvtaskbarinit
o4 - hklm\..\run: [avast!] c:\progra~1\alwils~1\avast4\ashdisp.exe
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\java\jre6\bin\jusched.exe
o4 - hklm\..\run: [adobe arm] c:\program files\common files\adobe\arm\1.0\adobearm.exe
o4 - hklm\..\run: [quicktime task] c:\program files\quicktime\qttask.exe -atboottime
o4 - hkcu\..\run: [sidebar] c:\program files\windows sidebar\sidebar.exe /autorun
o4 - hkcu\..\run: [windowswelcomecenter] rundll32.exe oobefldr.dll,showwelcomecenter
o4 - hkcu\..\run: [smpcsys] c:\program files\packard bell\setupmypc\smpsys.exe
o4 - hkcu\..\run: [ehtray.exe] c:\windows\ehome\ehtray.exe
o4 - hkcu\..\run: [isuspm] c:\program files\common files\installshield\updateservice\isuspm.exe -scheduler
o4 - hkcu\..\run: [incredimail] c:\program files\incredimail\bin\incmail.exe /c
o4 - hkcu\..\run: [google update] c:\users\jenny\appdata\local\google\update\googleupdate.exe /c
o4 - hkcu\..\run: [wmpnscfg] c:\program files\windows media player\wmpnscfg.exe
o4 - hkus\s-1-5-18\..\run: [picasa media detector] c:\program files\picasa2\picasamediadetector.exe (user 'systeem')
o4 - hkus\.default\..\run: [picasa media detector] c:\program files\picasa2\picasamediadetector.exe (user 'default user')
o4 - global startup: hp digital imaging monitor.lnk = c:\program files\hp\digital imaging\bin\hpqtra08.exe
o4 - global startup: microsoft office.lnk = c:\program files\microsoft office\office\osa9.exe
o9 - extra button: in weblog opnemen - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra 'tools' menuitem: &in weblog opnemen met windows live writer - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra button: hp slim selecteren - {dde87865-83c5-48c4-8357-2f5b1aa84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
o15 - trusted zone: [noparse]http://*.alipay.com[/noparse]
o15 - trusted zone: [noparse]http://*.alisoft.com[/noparse]
o15 - trusted zone: [noparse]http://*.taobao.com[/noparse]
o16 - dpf: {20a60f0d-9afa-4515-a0fd-83bd84642501} (checkers class) - [noparse]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[/noparse]
o16 - dpf: {c3f79a2b-b9b4-4a66-b012-3ee46475b072} (messengerstatsclient class) - [noparse]http://messenger.zone.msn.com/binary/messengerstatspaclient.cab56907.cab[/noparse]
o23 - service: a-squared free service (a2free) - emsi software gmbh - c:\program files\a-squared free\a2service.exe
o23 - service: adobe version cue cs3 - adobe systems incorporated - c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe
o23 - service: avast! iavs4 control service (aswupdsv) - alwil software - c:\program files\alwil software\avast4\aswupdsv.exe
o23 - service: avast! antivirus - alwil software - c:\program files\alwil software\avast4\ashserv.exe
o23 - service: avast! mail scanner - alwil software - c:\program files\alwil software\avast4\ashmaisv.exe
o23 - service: avast! web scanner - alwil software - c:\program files\alwil software\avast4\ashwebsv.exe
o23 - service: ##id_string1.6844f930_1628_4223_b5cc_5bb94b879762## (bonjour service) - apple computer, inc. - c:\program files\bonjour\mdnsresponder.exe
o23 - service: flexnet licensing service - macrovision europe ltd. - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
o23 - service: generic service for hid keyboard input collections (generichidservice) - packard bell services - c:\program files\packard bell\saxo27\hidservice.exe
o23 - service: google updater service (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: installdriver table manager (idrivert) - macrovision corporation - c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe
o23 - service: nvidia display driver service (nvsvc) - nvidia corporation - c:\windows\system32\nvvsvc.exe
o23 - service: cyberlink richvideo service(crvs) (richvideo) - unknown owner - c:\program files\cyberlink\shared files\richvideo.exe
o23 - service: roxmediadb9 - sonic solutions - c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe
o23 - service: roxio hard drive watcher 9 (roxwatch9) - sonic solutions - c:\program files\common files\roxio shared\9.0\sharedcom\roxwatch9.exe
o23 - service: stllssvr - microvision development, inc. - c:\program files\common files\surething shared\stllssvr.exe
--
end of file - 10164 bytes
[/hjt]
20/20 v2.2
32 Bit HP CIO Components Installer
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player 11.5
Apple Application Support
Apple Software Update
a-squared Free 4.5
avast! Antivirus
Call of Atlantis 1.00
CoffeeCup Web Form Builder - Registered
Eye Candy 3
Eye Candy 4000 Demo
FrostWire 4.18.1
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
HP Update
IncrediMail
Java(TM) 6 Update 17
Junk Mail filter update
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 3.5 SP1
Microsoft Choice Guard
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Mozilla Firefox (3.5.8)
MSVCRT
MSXML 4.0 SP2 (KB973688)
NVIDIA Drivers
Opera 10.10
PhotoMail Maker
PhotoMail Maker
QuickTime
Realtek High Definition Audio Driver
Revo Uninstaller 1.83
Safari
twhirl
twhirl
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Vimicro USB PC Camera(VC0323)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Xvid 1.2.2 final uninstall
--- automatische edit ---
--- automatische edit ---
http://i100.photobucket.com/albums/m20/simpellife/trojan.jpg
Scan avast gaf niets aan, scan Malwarebytes gaf ook niets aan. Melding van a-squared geeft aan dat ik iets met trojan's heb, zitten zo te zien in firefox.
Kan het via a-squared niet verwijderen.
[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:00:55, on 5-3-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
c:\windows\system32\dwm.exe
c:\windows\system32\taskeng.exe
c:\windows\explorer.exe
c:\program files\windows defender\msascui.exe
c:\windows\rthdvcpl.exe
c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe
c:\program files\cyberlink\magicsports\kernel\magicsports\mspmirage.exe
c:\program files\hp\hp software update\hpwuschd2.exe
c:\program files\adobe\acrobat 8.0\acrobat\acrotray.exe
c:\windows\vmsnap23.exe
c:\windows\domino.exe
c:\windows\system32\rundll32.exe
c:\program files\alwil software\avast4\ashdisp.exe
c:\program files\java\jre6\bin\jusched.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\packard bell\setupmypc\smpsys.exe
c:\windows\ehome\ehtray.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
c:\program files\windows media player\wmpnscfg.exe
c:\program files\hp\digital imaging\bin\hpqtra08.exe
c:\windows\ehome\ehmsas.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\common files\roxio shared\9.0\sharedcom\cpshelprunner.exe
c:\program files\hp\digital imaging\bin\hpqste08.exe
c:\program files\hp\digital imaging\bin\hpqbam08.exe
c:\program files\hp\digital imaging\bin\hpqgpc01.exe
c:\windows\system32\taskeng.exe
c:\windows\system32\sdclt.exe
c:\program files\twhirl\twhirl.exe
c:\program files\a-squared free\a2free.exe
c:\program files\windows live\messenger\msnmsgr.exe
c:\program files\windows live\contacts\wlcomm.exe
c:\program files\incredimail\bin\incmail.exe
c:\program files\incredimail\bin\imapp.exe
c:\program files\mozilla firefox\firefox.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://mystart.incredimail.com/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
o1 - hosts: ::1 localhost
o2 - bho: adobe pdf reader link helper - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
o2 - bho: contributebho class - {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/adobe contribute cs3/contributeieplugin.dll
o2 - bho: windows live family safety browser helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
o2 - bho: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb} - (no file)
o2 - bho: search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
o2 - bho: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: adobe pdf conversion toolbar helper - {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\acroiefavclient.dll
o2 - bho: browser address error redirector - {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\google\google_bae\bae.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: windows live toolbar helper - {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
o2 - bho: hp smart bho class - {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
o3 - toolbar: adobe pdf - {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\acroiefavclient.dll
o3 - toolbar: contribute toolbar - {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/adobe contribute cs3/contributeieplugin.dll
o3 - toolbar: &windows live toolbar - {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
o4 - hklm\..\run: [windows defender] %programfiles%\windows defender\msascui.exe -hide
o4 - hklm\..\run: [rthdvcpl] rthdvcpl.exe
o4 - hklm\..\run: [roxwatchtray] c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe
o4 - hklm\..\run: [mspservice] c:\program files\cyberlink\magicsports\kernel\magicsports\mspmirage.exe
o4 - hklm\..\run: [toolbar_eula_launcher] c:\program files\packard bell\google_eula\eulalauncher.exe
o4 - hklm\..\run: [hp software update] c:\program files\hp\hp software update\hpwuschd2.exe
o4 - hklm\..\run: [acrobat assistant 8.0] c:\program files\adobe\acrobat 8.0\acrobat\acrotray.exe
o4 - hklm\..\run: [adobe_id0eythm] c:\progra~1\common~1\adobe\adobev~1\server\bin\versio~2.exe
o4 - hklm\..\run: [hpqsrmon] c:\program files\hp\digital imaging\bin\hpqsrmon.exe
o4 - hklm\..\run: [fssui] c:\program files\windows live\family safety\fsui.exe -autorun
o4 - hklm\..\run: [bigdogpath323vmsnap] c:\windows\vmsnap23.exe
o4 - hklm\..\run: [bigdogpath323domino] c:\windows\domino.exe
o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
o4 - hklm\..\run: [nvmediacenter] rundll32.exe c:\windows\system32\nvmctray.dll,nvtaskbarinit
o4 - hklm\..\run: [avast!] c:\progra~1\alwils~1\avast4\ashdisp.exe
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\java\jre6\bin\jusched.exe
o4 - hklm\..\run: [adobe arm] c:\program files\common files\adobe\arm\1.0\adobearm.exe
o4 - hklm\..\run: [quicktime task] c:\program files\quicktime\qttask.exe -atboottime
o4 - hkcu\..\run: [sidebar] c:\program files\windows sidebar\sidebar.exe /autorun
o4 - hkcu\..\run: [windowswelcomecenter] rundll32.exe oobefldr.dll,showwelcomecenter
o4 - hkcu\..\run: [smpcsys] c:\program files\packard bell\setupmypc\smpsys.exe
o4 - hkcu\..\run: [ehtray.exe] c:\windows\ehome\ehtray.exe
o4 - hkcu\..\run: [isuspm] c:\program files\common files\installshield\updateservice\isuspm.exe -scheduler
o4 - hkcu\..\run: [incredimail] c:\program files\incredimail\bin\incmail.exe /c
o4 - hkcu\..\run: [google update] c:\users\jenny\appdata\local\google\update\googleupdate.exe /c
o4 - hkcu\..\run: [wmpnscfg] c:\program files\windows media player\wmpnscfg.exe
o4 - hkus\s-1-5-18\..\run: [picasa media detector] c:\program files\picasa2\picasamediadetector.exe (user 'systeem')
o4 - hkus\.default\..\run: [picasa media detector] c:\program files\picasa2\picasamediadetector.exe (user 'default user')
o4 - global startup: hp digital imaging monitor.lnk = c:\program files\hp\digital imaging\bin\hpqtra08.exe
o4 - global startup: microsoft office.lnk = c:\program files\microsoft office\office\osa9.exe
o9 - extra button: in weblog opnemen - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra 'tools' menuitem: &in weblog opnemen met windows live writer - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra button: hp slim selecteren - {dde87865-83c5-48c4-8357-2f5b1aa84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
o15 - trusted zone: [noparse]http://*.alipay.com[/noparse]
o15 - trusted zone: [noparse]http://*.alisoft.com[/noparse]
o15 - trusted zone: [noparse]http://*.taobao.com[/noparse]
o16 - dpf: {20a60f0d-9afa-4515-a0fd-83bd84642501} (checkers class) - [noparse]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[/noparse]
o16 - dpf: {c3f79a2b-b9b4-4a66-b012-3ee46475b072} (messengerstatsclient class) - [noparse]http://messenger.zone.msn.com/binary/messengerstatspaclient.cab56907.cab[/noparse]
o23 - service: a-squared free service (a2free) - emsi software gmbh - c:\program files\a-squared free\a2service.exe
o23 - service: adobe version cue cs3 - adobe systems incorporated - c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe
o23 - service: avast! iavs4 control service (aswupdsv) - alwil software - c:\program files\alwil software\avast4\aswupdsv.exe
o23 - service: avast! antivirus - alwil software - c:\program files\alwil software\avast4\ashserv.exe
o23 - service: avast! mail scanner - alwil software - c:\program files\alwil software\avast4\ashmaisv.exe
o23 - service: avast! web scanner - alwil software - c:\program files\alwil software\avast4\ashwebsv.exe
o23 - service: ##id_string1.6844f930_1628_4223_b5cc_5bb94b879762## (bonjour service) - apple computer, inc. - c:\program files\bonjour\mdnsresponder.exe
o23 - service: flexnet licensing service - macrovision europe ltd. - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
o23 - service: generic service for hid keyboard input collections (generichidservice) - packard bell services - c:\program files\packard bell\saxo27\hidservice.exe
o23 - service: google updater service (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: installdriver table manager (idrivert) - macrovision corporation - c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe
o23 - service: nvidia display driver service (nvsvc) - nvidia corporation - c:\windows\system32\nvvsvc.exe
o23 - service: cyberlink richvideo service(crvs) (richvideo) - unknown owner - c:\program files\cyberlink\shared files\richvideo.exe
o23 - service: roxmediadb9 - sonic solutions - c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe
o23 - service: roxio hard drive watcher 9 (roxwatch9) - sonic solutions - c:\program files\common files\roxio shared\9.0\sharedcom\roxwatch9.exe
o23 - service: stllssvr - microvision development, inc. - c:\program files\common files\surething shared\stllssvr.exe
--
end of file - 10164 bytes
[/hjt]
20/20 v2.2
32 Bit HP CIO Components Installer
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player 11.5
Apple Application Support
Apple Software Update
a-squared Free 4.5
avast! Antivirus
Call of Atlantis 1.00
CoffeeCup Web Form Builder - Registered
Eye Candy 3
Eye Candy 4000 Demo
FrostWire 4.18.1
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
HP Update
IncrediMail
Java(TM) 6 Update 17
Junk Mail filter update
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 3.5 SP1
Microsoft Choice Guard
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Mozilla Firefox (3.5.8)
MSVCRT
MSXML 4.0 SP2 (KB973688)
NVIDIA Drivers
Opera 10.10
PhotoMail Maker
PhotoMail Maker
QuickTime
Realtek High Definition Audio Driver
Revo Uninstaller 1.83
Safari
twhirl
twhirl
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Vimicro USB PC Camera(VC0323)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Xvid 1.2.2 final uninstall
--- automatische edit ---
--- automatische edit ---
http://i100.photobucket.com/albums/m20/simpellife/trojan.jpg
Laatst bewerkt door een moderator: