Trage PC en internet

roosje*

05-03-2011 23:38

Mijn computer is erg traag vnl met internet.
Stappenplan uitgevoerd, hem al gescand met AVG en Mal Ware Bites, daarbij was alles oké,
Met Panda gaf hij infecties aan, een Hijacthis logje gemaakt, en ook het logje van Panda staat hieronder.
Wil iemand hierna kijken en mij advies geven.
Alvast bedankt.
Voor de 2e keer nog een scan gemaakt met Mal Ware, had nl de eerste niet opgeslagen.
Groetjes Roosje
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:34:36, on 5-3-2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\PROGRA~1\Raptr\raptr.exe
C:\PROGRA~1\Raptr\raptr_im.exe
C:\Program Files\Raptr\raptr_ep32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Companion\companionuser.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TrendMicro\HiJackThis\HijackThis.exe
C:\Windows\system32\msfeedssync.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gratis.startpagina.nl/prikbord/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - (no file)
R3 - URLSearchHook: (no name) - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - (no file)
R3 - URLSearchHook: (no name) - {b80f591e-fe9a-46cf-a13e-180377240586} - (no file)
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
R3 - URLSearchHook: Bitlord 1.2 Toolbar - {8c5878d0-6106-423b-aaa8-144c143dbf44} - C:\Program Files\Bitlord_1.2\prxtbBitl.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Bitlord 1.2 - {8c5878d0-6106-423b-aaa8-144c143dbf44} - C:\Program Files\Bitlord_1.2\prxtbBitl.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Bitlord 1.2 Toolbar - {8c5878d0-6106-423b-aaa8-144c143dbf44} - C:\Program Files\Bitlord_1.2\prxtbBitl.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: “C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: “C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe” -scheduler
O4 - HKCU\..\Run: C:\PROGRA~1\Raptr\raptrstub.exe –startup
O4 - Startup: Seagate S_N_2GH5LHVP Product Registration.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O16 - DPF: {63D6DD13-C913-466D-9444-9357561E4D94} (Upload-applicatie Control) - http://www.mijnalbum.nl/v3/skinsrc/core/system/ma5.8.3/uploadtoepassing.cab
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~1\GOOGLEDESKTOPNETWORK3.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOOGLEDESKTOPNETWORK3.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
–
End of file - 11680 bytes
================================
Export to:
Threats with free disinfection (0)
Threats (18)
Low danger level (18)
Cookie/Apmebf Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@apmebf.txt
2. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@apmebf.txt
3. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@apmebf.txt
4. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\adrie@apmebf.txt
5. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@apmebf.txt
6. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@apmebf.txt
7. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@apmebf.txt
8. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@apmebf.txt
9. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@apmebf.txt
Cookie/Xiti Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@xiti.txt
Cookie/Serving… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@ca5ue96y.txt
Cookie/Mediapl… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\wind…\cookies\low\adrie@mediaplex.txt
2. c:\users\adrie\appdata\roaming\microsoft\wind…\cookies\low\adrie@mediaplex.txt
3. c:\users\adrie\appdata\roaming\microsoft\wind…\cookies\low\adrie@mediaplex.txt
Cookie/Statcou… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\wind…ookies\low\adrie@statcounter.txt
Cookie/Adtech Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\wind…ws\cookies\low\adrie@adtech.txt
2. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@adtech.txt
Cookie/YieldMa… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@ca2fgalt.txt
2. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@cau1mc1l.txt
3. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@caamc1a3.txt
Cookie/Serving… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@ca76pkzg.txt
2. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@cappqj1f.txt
Cookie/Weboram… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\wind…s\cookies\low\adrie@weborama.txt
2. c:\users\adrie\appdata\roaming\microsoft\wind…s\cookies\low\adrie@weborama.txt
3. c:\users\adrie\appdata\roaming\microsoft\wind…s\cookies\low\adrie@weborama.txt
4. c:\users\adrie\appdata\roaming\microsoft\wind…s\cookies\low\adrie@weborama.txt
5. c:\users\adrie\appdata\roaming\microsoft\wind…\cookies\low\adrie@weborama.txt
6. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\adrie@weborama.txt
7. c:\users\adrie\appdata\roaming\microsoft\wind…s\cookies\low\adrie@weborama.txt
8. c:\users\adrie\appdata\roaming\microsoft\wind…\cookies\low\adrie@weborama.txt
9. c:\users\adrie\appdata\roaming\microsoft\wind…s\cookies\low\adrie@weborama.txt
10. c:\users\adrie\appdata\roaming\microsoft\wind…s\cookies\low\adrie@weborama.txt
11. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@caglq4uw.txt
12. c:\users\adrie\appdata\roaming\microsoft\wind…s\cookies\low\adrie@weborama.txt
13. c:\users\adrie\appdata\roaming\microsoft\wind…s\cookies\low\adrie@weborama.txt
Cookie/Adviva Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@adviva.txt
2. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@adviva.txt
Cookie/Tradedo… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\wind…s\cookies\adrie@tradedoubler.txt
2. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@tradedoubler.txt
3. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@tradedoubler.txt
4. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@tradedoubler.txt
5. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@tradedoubler.txt
6. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@tradedoubler.txt
Cookie/Tribalf… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@tribalfusion.txt
Cookie/FastCli… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\wind…\cookies\low\adrie@fastclick.txt
Cookie/Atlas D… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@cayb3hir.txt
2. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@cahb71bz.txt
3. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@cafx04g2.txt
4. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@ca1e6wy5.txt
5. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@ca5e57n9.txt
Cookie/Comclic… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\wind…\low\adrie@fl01.ct2.comclick.txt
Cookie/onestat… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\wind…s\cookies\adrie@stat.onestat.txt
2. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@ca79znr9.txt
3. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@calof3pk.txt
4. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@canhulac.txt
5. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@stat.onestat.txt
6. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@stat.onestat.txt
7. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@stat.onestat.txt
8. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@cag9gfuw.txt
9. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@stat.onestat.txt
10. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@casibxvl.txt
11. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@caoqjes2.txt
12. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@stat.onestat.txt
13. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@stat.onestat.txt
14. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@cak4g8u0.txt
15. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@ca2ghaev.txt
16. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@stat.onestat.txt
17. c:\users\adrie\appdata\roaming\microsoft\wind…kies\low\adrie@stat.onestat.txt
18. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@cacx5668.txt
19. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@stat.onestat.txt
20. c:\users\adrie\appdata\roaming\microsoft\wind…kies\low\adrie@stat.onestat.txt
21. c:\users\adrie\appdata\roaming\microsoft\wind…okies\low\adrie@stat.onestat.txt
Cookie/Doublec… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@caiscwvo.txt
2. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@caf37cd2.txt
3. c:\users\adrie\appdata\roaming\microsoft\windows\cookies\low\adrie@ca478oc0.txt
Cookie/MetriWe… Tracking Cookie Latent Hide + Info
1. c:\users\adrie\appdata\roaming\microsoft\wind…s\cookies\low\adrie@metriweb.txt
=============================
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Databaseversie: 5969
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019
6-3-2011 1:37:46
mbam-log-2011-03-06 (01-37-46).txt
Scantype: Volledige scan (C:\|D:\|)
Objecten gescand: 419134
Verstreken tijd: 1 uur/uren, 47 minuut/minuten, 17 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Ben

06-03-2011 14:04

Hallo,
Doe deze stappen (maar wacht eerst tot fazantje zijn goed keuring geeft ben nog lerend)
Start HijackThis en klik op “scan” en vink de volgende regels aan:
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - (no file)
R3 - URLSearchHook: (no name) - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - (no file)
R3 - URLSearchHook: (no name) - {b80f591e-fe9a-46cf-a13e-180377240586} - (no file)
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
R3 - URLSearchHook: Bitlord 1.2 Toolbar - {8c5878d0-6106-423b-aaa8-144c143dbf44} - C:\Program Files\Bitlord_1.2\prxtbBitl.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Bitlord 1.2 Toolbar - {8c5878d0-6106-423b-aaa8-144c143dbf44} - C:\Program Files\Bitlord_1.2\prxtbBitl.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
Sluit alle vensters, behalve HijackThis en klik op fix checked.
download ccleaner;
http://www.filehippo.com/download_ccleaner/
Na installatie het programma standaard laten draaien.
Eerst de Cleaner en daarna het register.
Bij het installeren van de nieuwste Ccleaner wordt nu ook Google Chrome (helaas) mee geinstalleerd.
Je moet tijdens het installeren een vinkje weg halen, zodat Google Chrome niet geinstalleerd word.
Start jou computer opnieuw op, vertel hoe het met jou probleem is en plaats een nieuw HijackThis logje.
suc6 Ben
fazantje

06-03-2011 14:43

Hoi Roosje,
Ik neem aan dat Panda de gevonden infecties heeft verwijderd:D
Voordat je de fix van Ben gaat uitvoeren, eerst de toolbars vanuit configuratiescherm - programma's en onderdelen verwijderen.
Het gaat om:
AVG Security Toolbar
Bitlord 1.2 Toolbar
Toolbar: &RoboForm
Toolbar: Google Toolbar
Toolbar: Conduit Engine
Wil je 1 van deze wel behouden, dan natuurlijk niet verwijderen.
Start je computer opnieuw op en plaats een nieuw HijackThis logje.
Ben zal dan een nieuwe fix voor jou maken;)
Succes,
Huib;)
roosje*

06-03-2011 18:59

Hallo,
ik heb nog even hulp nodig.
Ik probeer CC Cleaner te downloaden, maar dat lukt niet, ik kom telkens uit bij Registry Reviver.
Deze ook al laten draaien, hij vindn 926 fouten, maar kan er maar 25 herstellen of ik moet me registreren??
Waarschijnlijk doe ik iets fout, kom nu niet verder.
…. Toch gevonden, is nu aan het scannen…..
Groetjes Roosje
roosje*

06-03-2011 19:47

CC Cleaner laten scannen en de registry Reviver, deze laatste geeft nog steeds veel fouten aan. (Hoe kan ik veranderen dat hij mee opstart???)
Computer doet het stukken beter als weleer.
Hier het nieuwe logje, ik hoor wel van jullie of het oke'is.
Groetjes Roosje
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:43:13, on 6-3-2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\PROGRA~1\Raptr\raptr.exe
C:\PROGRA~1\Raptr\raptr_im.exe
C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe
C:\Program Files\Raptr\raptr_ep32.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\TrendMicro\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://prijsvragen.startpagina.nl/prikbord/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: “C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: “C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe” -scheduler
O4 - HKCU\..\Run: C:\PROGRA~1\Raptr\raptrstub.exe –startup
O4 - HKCU\..\Run: “C:\Program Files\Uniblue\RegistryBooster\launcher.exe” delay 20000
O4 - Startup: Seagate S_N_2GH5LHVP Product Registration.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O16 - DPF: {63D6DD13-C913-466D-9444-9357561E4D94} (Upload-applicatie Control) - http://www.mijnalbum.nl/v3/skinsrc/core/system/ma5.8.3/uploadtoepassing.cab
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~1\GOOGLEDESKTOPNETWORK3.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOOGLEDESKTOPNETWORK3.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
–
End of file - 9494 bytes
Jos H

06-03-2011 19:51

Verwijder de registry Reviver via configscherm ,software.
Dit is een betaal progje heb je niets aan (geldklopperij)
Ben

06-03-2011 20:45

hallo,
Verwijder onder programma's :RegistryBooster
Verwijder deze map: druk deze computer;C-Program Files-RegistryBooster
Ccleaner ruimt ook je register op:
Open ccleaner-druk links op register-scan naar problemen-herstel geselecteerde problemen.
Start HijackThis en klik op “scan” en vink de volgende regels aan:
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
Sluit alle vensters, behalve HijackThis en klik op fix checked.
Start daarna pc opnieuw op,
Plaats hierna nog een hijack this log en vertel hoe het met je problemmen is?
Ben
roosje*

08-03-2011 07:39

Hallo,
Ivm weinig tijd de laatste adviezen nog niet uitgevoerd, maar comuter doet het weer niet goed, het leek even beter te gaan
Als ik via email een link aanklik zoekt hij hem slecht op, er komt vaak wit scherm.
Via google zoeken lukt wel, maar als ik daarna de juiste website aanklik gaat hij niet verder.
Als ik bovenstaande uitvoer wordt dat dan verholen of is er meer aan de hand??
Groetjes Roosje
fazantje

08-03-2011 10:23

Hoi Roosje,
Registry Reviver enof RegistryBooster is verwijderd:S zo niet, dan eerst verwijderen.
Voer even een snelle scan uit met MBAM. (wel eerst updaten). Deze scan zal ongeveer 3 tot 6 minuten in beslag nemen.
Plaats daarna even een nieuw HijackThis logje en het nieuwe MBAM logje.
Ik weet n.l. niet wat er nu wel of niet is uitgevoerd.
Succes,
Huib;)
roosje*

08-03-2011 16:44

Hieronder de scans, momenteel lukt het doorlinken via de mail naar internet weer goed???
Ik hoor wel wat ik nog uit moet voeren.
Alvast bedankt.
Groetjes Roosje
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:39:59, on 8-3-2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conime.exe
C:\Program Files\Trend Micro\HiJackThis\HijackThis.exe
C:\Windows\system32\cmd.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://prijsvragen.startpagina.nl/prikbord/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: “C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: “C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe” -scheduler
O4 - HKCU\..\Run: “C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe”
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra ‘Tools’ menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra ‘Tools’ menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra ‘Tools’ menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O16 - DPF: {63D6DD13-C913-466D-9444-9357561E4D94} (Upload-applicatie Control) - http://www.mijnalbum.nl/v3/skinsrc/core/system/ma5.8.3/uploadtoepassing.cab
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~1\GOOGLEDESKTOPNETWORK3.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOOGLEDESKTOPNETWORK3.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
–
End of file - 10800 bytes
==============================
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Databaseversie: 5989
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019
8-3-2011 16:34:37
mbam-log-2011-03-08 (16-34-37).txt
Scantype: Snelle scan
Objecten gescand: 165509
Verstreken tijd: 7 minuut/minuten, 15 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Trage PC en internet

roosje*

Ben

fazantje

roosje*

roosje*

Jos H

Ben

roosje*

fazantje

roosje*