DDS (Ver_2012-11-20.01) - NTFS_x86 MINIMAL
Internet Explorer: 8.0.6001.19328 BrowserJavaVersion: 10.5.1
Run by eigenaar at 17:22:53 on 2013-02-26
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3070.2591 [GMT 1:00]
.
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://
www.google.be/" onclick="window.open(this.href);return false;
uDefault_Page_URL = hxxp://
www.msi.com" onclick="window.open(this.href);return false;
mDefault_Page_URL = hxxp://
www.msi.com" onclick="window.open(this.href);return false;
uProxyOverride = 127.0.0.1:9421;<local>
uWinlogon: Shell = explorer.exe,c:\users\eigenaar\appdata\roaming\skype.dat
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: SpeedBit Video Downloader: {0329E7D6-6F54-462D-93F6-F5C3118BADF2} -
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Akamai NetSession Interface] "c:\users\eigenaar\appdata\local\akamai\netsession_win.exe"
uRun: [Google Update] "c:\users\eigenaar\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [ITSecMng] c:\program files\toshiba\bluetooth toshiba stack\ItSecMng.exe /START
mRun: [MGSysCtrl] c:\program files\system control manager\MGSysCtrl.exe
mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "d:\quicktimeplayer\QTTask.exe" -atboottime
mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
StartupFolder: c:\users\eigenaar\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\eigenaar\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\eigenaar\appdata\roaming\dvdvideosoftiehelpers\freeytvdownloader.htm
IE: Verzenden naar &Bluetooth - d:\programs\widcomm\btsendto_ie_ctx.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: mswsock.dll
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab" onclick="window.open(this.href);return false;
TCP: NameServer = 195.130.130.131 195.130.131.131
TCP: Interfaces\{5B5820D9-A136-4427-B7C6-B4AEAF0BC9E7} : DHCPNameServer = 195.130.130.131 195.130.131.131
TCP: Interfaces\{86E38D3A-6EB4-4D91-99CE-D500F1E3B32F} : DHCPNameServer = 195.130.130.131 195.130.131.131
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.97\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-11-8 250080]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-8-24 301920]
S2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-21 21504]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-11-2 5174392]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
S2 Micro Star SCM;Micro Star SCM;c:\program files\system control manager\MSIService.exe [2009-10-17 159744]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-12-10 142176]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2012-4-8 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\drivers\netr28.sys [2009-10-17 451584]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSGB6.sys [2009-10-16 48128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2013-02-25 14:50:05 -------- d-----w- c:\users\eigenaar\appdata\local\{4BF69407-6967-49A2-95DF-F21E6D0DD24A}
2013-02-24 20:54:04 -------- d-----w- c:\users\eigenaar\appdata\local\{F01311B4-9E5C-4151-B1AF-C5889089FFFD}
2013-02-24 08:35:03 -------- d-----w- c:\users\eigenaar\appdata\local\{3B65E782-418D-463A-80A3-895117A1141B}
2013-02-23 11:37:23 -------- d-----w- c:\users\eigenaar\appdata\local\{D4F825BA-8F45-4AAA-8987-1973480ED6B2}
2013-02-22 17:12:18 -------- d-----w- c:\users\eigenaar\appdata\local\{F508C8A8-76D4-4C23-A3B0-07318E2028A9}
2013-02-21 16:02:19 -------- d-----w- c:\users\eigenaar\appdata\local\{48EEBA5A-8B0E-4980-B83E-D19AC4287583}
2013-02-20 19:21:46 -------- d-----w- c:\users\eigenaar\appdata\local\{BEBB7333-D61F-458F-BC89-A3C7B534487E}
2013-02-20 07:21:14 -------- d-----w- c:\users\eigenaar\appdata\local\{C2460D9F-7C17-4854-B083-DA8080F24021}
2013-02-19 11:16:01 -------- d-----w- c:\users\eigenaar\appdata\local\{DB41CBD7-4026-4E3B-A8C4-6EE43DE54FDF}
2013-02-18 14:48:52 -------- d-----w- c:\users\eigenaar\appdata\local\{6B4F52D9-9DB3-4791-80EF-E1E0AF3471ED}
2013-02-17 22:21:55 -------- d-----w- c:\users\eigenaar\appdata\local\{169AC08C-5F7C-49DB-A11A-AB21B0A9DD93}
2013-02-17 10:21:23 -------- d-----w- c:\users\eigenaar\appdata\local\{9ADC4ABD-803E-4E96-831A-73563B1258A1}
2013-02-16 21:53:34 -------- d-----w- c:\users\eigenaar\appdata\local\{59B2FD8E-B520-4FCB-93B2-7703080C29BD}
2013-02-16 09:53:00 -------- d-----w- c:\users\eigenaar\appdata\local\{CB85163F-EDBF-48B9-8788-1EE9DF7C7D7E}
2013-02-15 18:08:16 -------- d-----w- c:\users\eigenaar\appdata\local\{29455A23-679F-4A07-8D72-EE94FFCF983D}
2013-02-14 09:03:03 -------- d-----w- c:\users\eigenaar\appdata\local\{967AAA1F-8FFF-4040-B6C1-575ABD1923B2}
2013-02-13 15:36:27 -------- d-----w- c:\users\eigenaar\appdata\local\{F1BD3C24-890C-418F-A4C4-171DCCBEA2C8}
2013-02-12 21:55:39 -------- d-----w- c:\users\eigenaar\appdata\local\{1F8DCDD9-4A22-4F3D-8165-DE732886A2C9}
2013-02-12 09:55:15 -------- d-----w- c:\users\eigenaar\appdata\local\{A3E6A4C5-2BD8-42E0-9155-40782CCF65D0}
2013-02-11 10:46:02 -------- d-----w- c:\users\eigenaar\appdata\local\{51F01619-7205-4204-8C03-1CA0A1B54B24}
2013-02-10 22:45:30 -------- d-----w- c:\users\eigenaar\appdata\local\{7F308E9E-114D-45E0-8A2E-93480A127EA3}
2013-02-10 10:44:58 -------- d-----w- c:\users\eigenaar\appdata\local\{42E928EC-9155-4B8E-9F16-DFF8236FB55A}
2013-02-09 10:54:20 -------- d-----w- c:\users\eigenaar\appdata\local\{BC7D4A01-BECC-4551-8409-E10F787951AE}
2013-02-08 22:53:48 -------- d-----w- c:\users\eigenaar\appdata\local\{DC6C7B1B-3E6A-4611-B603-4C0C39A9C0CD}
2013-02-08 10:53:16 -------- d-----w- c:\users\eigenaar\appdata\local\{F3554AF5-4B74-4619-9FA6-B2DBC7F8EC0B}
2013-02-07 18:59:41 -------- d-----w- c:\users\eigenaar\appdata\local\{EF834623-BF8B-41A3-AC71-61E940A7BA77}
2013-02-06 06:56:31 -------- d-----w- c:\users\eigenaar\appdata\local\{C8C90FF5-3718-43EC-8023-9027A91D41AF}
2013-02-05 17:38:22 -------- d-----w- c:\users\eigenaar\appdata\local\{BEE6C5EB-96E1-46DD-903B-F243F67FAFB9}
2013-02-04 15:01:29 -------- d-----w- c:\users\eigenaar\appdata\local\{3C59187E-5CF4-40F5-A03A-AD6B67694B80}
2013-02-03 12:01:25 -------- d-----w- c:\users\eigenaar\appdata\local\{2D844420-015E-467C-A3D1-E8A33CA7FF68}
2013-02-03 09:32:48 -------- d-----w- c:\users\eigenaar\appdata\local\{1F06E879-368F-46F4-9644-DA48C702A7F7}
2013-02-03 09:17:15 -------- d-----w- c:\users\eigenaar\appdata\local\{2F174D03-A87D-4C7F-AA18-4D6C3BFB828A}
2013-02-03 09:09:47 -------- d-----w- c:\users\eigenaar\appdata\local\{0F7C5FBB-E33A-4DC5-95B3-B3B5E7B5FAA4}
2013-02-02 20:24:31 -------- d-----w- c:\users\eigenaar\appdata\local\{07B5F0C3-CA58-4009-99D9-D7CBEB2421BE}
2013-02-02 08:24:11 -------- d-----w- c:\users\eigenaar\appdata\local\{956B0352-7CD3-407F-BF9D-F2BE35F1326A}
2013-02-01 20:08:28 -------- d-----w- c:\users\eigenaar\appdata\local\{82199CEB-2E34-4595-B19B-ED2378B8D1BF}
2013-02-01 08:08:07 -------- d-----w- c:\users\eigenaar\appdata\local\{09208EB2-2B10-46B5-A397-9D637663A65E}
2013-01-31 11:11:52 -------- d-----w- c:\users\eigenaar\appdata\local\{4D4271E3-DEED-445C-805F-1F00E81E7E4D}
2013-01-30 20:59:17 -------- d-----w- c:\users\eigenaar\appdata\local\{FBA2A787-8351-4A40-9003-B91A65EC7DB7}
2013-01-30 08:58:44 -------- d-----w- c:\users\eigenaar\appdata\local\{80FF2833-76F6-4BD2-AFA7-6D59A18FA9D9}
2013-01-29 20:40:13 -------- d-----w- c:\users\eigenaar\appdata\local\{D69AFF3D-A3AE-4A49-BA51-20AFBA3BA6A0}
2013-01-29 08:39:53 -------- d-----w- c:\users\eigenaar\appdata\local\{771F0324-7FDB-4961-8AB0-2D96546121F1}
2013-01-28 15:51:41 -------- d-----w- c:\users\eigenaar\appdata\local\{02DB378E-D5E5-4693-B717-815016AA2C82}
.
==================== Find3M ====================
.
2013-01-12 02:30:20 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-12-16 10:46:14 90824 ----a-w- c:\windows\system32\EasyHook32.dll
2012-12-16 10:46:14 109256 ----a-w- c:\windows\system32\EasyHook64.dll
2012-12-14 15:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-10 02:28:36 142176 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-12-08 15:41:48 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-12-08 15:41:48 348160 ----a-w- c:\windows\system32\msvcr71.dll
.
============= FINISH: 17:24:39,79 ===============