antivirus.startpagina.nl

internetpagina's worden niet gevonden

  • Anonymous avatar

    fazantje

    Hoi Mar,

    Ja, combofix wel even draaien en de uitslag hier plaatsen samen met een nieuw logje, zoals Ben voorstelde;)

    Succes,

    Huib;)

  • Anonymous avatar

    mar

    ComboFix 11-07-15.01 - Gebruiker 15-07-2011 17:35:37.1.4 - x64

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4055.2291

    Gestart vanuit: d:\downloads\ComboFix.exe

    AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

    SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Uninstall.lnk

    c:\users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\{11ED9734-6416-46BA-B677-80E6D7704210}.xps

    c:\users\Gebruiker\AppData\Roaming\chrtmp

    c:\users\Gebruiker\AppData\Roaming\Gebruikerlog.dat

    c:\windows\SysWow64\windir

    O:\Autorun.inf

    .

    .

    (((((((((((((((((((( Bestanden Gemaakt van 2011-06-15 to 2011-07-15 ))))))))))))))))))))))))))))))

    .

    .

    2011-07-15 15:39 . 2011-07-15 15:39 ——– d—–w- c:\users\Default\AppData\Local\temp

    2011-07-14 17:38 . 2011-07-14 17:38 ——– d—–w- c:\program files (x86)\Trend Micro

    2011-07-14 17:19 . 2011-05-29 07:11 39984 —-a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

    2011-07-13 09:50 . 2011-06-03 06:56 421888 —-a-w- c:\windows\system32\KernelBase.dll

    2011-07-13 09:50 . 2011-06-03 05:56 272384 —-a-w- c:\windows\SysWow64\KernelBase.dll

    2011-07-11 11:43 . 2011-07-11 11:43 0 —ha-w- c:\users\Gebruiker\AppData\Local\BITD91F.tmp

    2011-07-08 15:05 . 2011-07-08 18:54 472576 —-a-w- c:\windows\AutoKMS.exe

    2011-07-04 08:32 . 2011-07-04 08:32 ——– d—–w- c:\windows\Elven Mists 2

    2011-07-03 11:35 . 2011-07-03 11:35 ——– d—–w- c:\programdata\Uniblue

    2011-06-24 08:44 . 2011-06-24 08:44 ——– d—–w- c:\users\Gebruiker\AppData\Roaming\Aveyond 3

    2011-06-22 21:03 . 2011-06-22 21:03 ——– d—–w- c:\users\Gebruiker\AppData\Roaming\Alawar Entertainment

    2011-06-22 21:03 . 2011-06-22 21:03 ——– d—–w- c:\programdata\Alawar Entertainment

    2011-06-19 08:35 . 2011-06-19 08:35 ——– d—–w- c:\users\Gebruiker\AppData\Roaming\YoudaGames

    2011-06-18 09:29 . 2011-06-18 09:29 ——– d—–w- c:\users\Gebruiker\AppData\Roaming\Silverback Productions

    2011-06-16 04:11 . 2011-04-25 05:33 1923968 —-a-w- c:\windows\system32\drivers\tcpip.sys

    2011-06-16 04:11 . 2011-04-27 02:40 158208 —-a-w- c:\windows\system32\drivers\mrxsmb.sys

    2011-06-16 04:11 . 2011-04-27 02:39 289280 —-a-w- c:\windows\system32\drivers\mrxsmb10.sys

    2011-06-16 04:11 . 2011-04-27 02:39 128000 —-a-w- c:\windows\system32\drivers\mrxsmb20.sys

    2011-06-16 04:11 . 2011-04-25 02:34 499200 —-a-w- c:\windows\system32\drivers\afd.sys

    2011-06-16 04:11 . 2011-04-29 03:06 467456 —-a-w- c:\windows\system32\drivers\srv.sys

    2011-06-16 04:11 . 2011-04-29 03:05 410112 —-a-w- c:\windows\system32\drivers\srv2.sys

    2011-06-16 04:11 . 2011-04-29 03:05 168448 —-a-w- c:\windows\system32\drivers\srvnet.sys

    2011-06-16 04:11 . 2011-02-25 06:22 861696 —-a-w- c:\windows\system32\oleaut32.dll

    2011-06-16 04:11 . 2011-02-25 05:34 571904 —-a-w- c:\windows\SysWow64\oleaut32.dll

    2011-06-16 04:11 . 2011-05-03 05:29 976896 —-a-w- c:\windows\system32\inetcomm.dll

    2011-06-16 04:11 . 2011-05-03 04:30 741376 —-a-w- c:\windows\SysWow64\inetcomm.dll

    .

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2011-07-11 13:57 . 2011-06-08 15:43 466456 —-a-w- c:\windows\system32\wrap_oal.dll

    2011-07-11 13:57 . 2011-06-08 15:43 444952 —-a-w- c:\windows\SysWow64\wrap_oal.dll

    2011-07-11 13:57 . 2011-06-08 15:43 122904 —-a-w- c:\windows\system32\OpenAL32.dll

    2011-07-11 13:57 . 2011-06-08 15:43 109080 —-a-w- c:\windows\SysWow64\OpenAL32.dll

    2011-06-03 05:57 . 2011-07-13 09:49 44032 —-a-w- c:\windows\apppatch\acwow64.dll

    2011-05-29 07:11 . 2010-12-11 15:12 25912 —-a-w- c:\windows\system32\drivers\mbam.sys

    2011-05-13 08:11 . 2011-05-13 08:11 89088 —-a-w- c:\windows\system32\RegisterIEPKEYs.exe

    2011-05-13 08:11 . 2011-05-13 08:11 86528 —-a-w- c:\windows\SysWow64\iesysprep.dll

    2011-05-13 08:11 . 2011-05-13 08:11 76800 —-a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

    2011-05-13 08:11 . 2011-05-13 08:11 74752 —-a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

    2011-05-13 08:11 . 2011-05-13 08:11 74752 —-a-w- c:\windows\SysWow64\iesetup.dll

    2011-05-13 08:11 . 2011-05-13 08:11 63488 —-a-w- c:\windows\SysWow64\tdc.ocx

    2011-05-13 08:11 . 2011-05-13 08:11 48640 —-a-w- c:\windows\SysWow64\mshtmler.dll

    2011-05-13 08:11 . 2011-05-13 08:11 420864 —-a-w- c:\windows\SysWow64\vbscript.dll

    2011-05-13 08:11 . 2011-05-13 08:11 367104 —-a-w- c:\windows\SysWow64\html.iec

    2011-05-13 08:11 . 2011-05-13 08:11 35840 —-a-w- c:\windows\SysWow64\imgutil.dll

    2011-05-13 08:11 . 2011-05-13 08:11 23552 —-a-w- c:\windows\SysWow64\licmgr10.dll

    2011-05-13 08:11 . 2011-05-13 08:11 222208 —-a-w- c:\windows\system32\msls31.dll

    2011-05-13 08:11 . 2011-05-13 08:11 161792 —-a-w- c:\windows\SysWow64\msls31.dll

    2011-05-13 08:11 . 2011-05-13 08:11 152064 —-a-w- c:\windows\SysWow64\wextract.exe

    2011-05-13 08:11 . 2011-05-13 08:11 150528 —-a-w- c:\windows\SysWow64\iexpress.exe

    2011-05-13 08:11 . 2011-05-13 08:11 142848 —-a-w- c:\windows\SysWow64\ieUnatt.exe

    2011-05-13 08:11 . 2011-05-13 08:11 1427456 —-a-w- c:\windows\SysWow64\inetcpl.cpl

    2011-05-13 08:11 . 2011-05-13 08:11 1389056 —-a-w- c:\windows\system32\wininet.dll

    2011-05-13 08:11 . 2011-05-13 08:11 11776 —-a-w- c:\windows\SysWow64\mshta.exe

    2011-05-13 08:11 . 2011-05-13 08:11 1126912 —-a-w- c:\windows\SysWow64\wininet.dll

    2011-05-13 08:11 . 2011-05-13 08:11 110592 —-a-w- c:\windows\SysWow64\IEAdvpack.dll

    2011-05-13 08:11 . 2011-05-13 08:11 101888 —-a-w- c:\windows\SysWow64\admparse.dll

    2011-05-13 08:11 . 2011-05-13 08:11 91648 —-a-w- c:\windows\system32\SetIEInstalledDate.exe

    2011-05-13 08:11 . 2011-05-13 08:11 85504 —-a-w- c:\windows\system32\iesetup.dll

    2011-05-13 08:11 . 2011-05-13 08:11 76800 —-a-w- c:\windows\system32\tdc.ocx

    2011-05-13 08:11 . 2011-05-13 08:11 603648 —-a-w- c:\windows\system32\vbscript.dll

    2011-05-13 08:11 . 2011-05-13 08:11 49664 —-a-w- c:\windows\system32\imgutil.dll

    2011-05-13 08:11 . 2011-05-13 08:11 48640 —-a-w- c:\windows\system32\mshtmler.dll

    2011-05-13 08:11 . 2011-05-13 08:11 448512 —-a-w- c:\windows\system32\html.iec

    2011-05-13 08:11 . 2011-05-13 08:11 30720 —-a-w- c:\windows\system32\licmgr10.dll

    2011-05-13 08:11 . 2011-05-13 08:11 173056 —-a-w- c:\windows\system32\ieUnatt.exe

    2011-05-13 08:11 . 2011-05-13 08:11 165888 —-a-w- c:\windows\system32\iexpress.exe

    2011-05-13 08:11 . 2011-05-13 08:11 160256 —-a-w- c:\windows\system32\wextract.exe

    2011-05-13 08:11 . 2011-05-13 08:11 1492992 —-a-w- c:\windows\system32\inetcpl.cpl

    2011-05-13 08:11 . 2011-05-13 08:11 135168 —-a-w- c:\windows\system32\IEAdvpack.dll

    2011-05-13 08:11 . 2011-05-13 08:11 12288 —-a-w- c:\windows\system32\mshta.exe

    2011-05-13 08:11 . 2011-05-13 08:11 114176 —-a-w- c:\windows\system32\admparse.dll

    2011-05-13 08:11 . 2011-05-13 08:11 111616 —-a-w- c:\windows\system32\iesysprep.dll

    2011-05-04 02:52 . 2011-01-18 07:49 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll

    2011-04-22 22:15 . 2011-05-25 05:57 27520 —-a-w- c:\windows\system32\drivers\Diskdump.sys

    .

    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    REGEDIT4

    .

    @=“{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}”

    2010-10-06 23:36 94208 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    .

    @=“{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}”

    2010-10-06 23:36 94208 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    .

    @=“{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}”

    2010-10-06 23:36 94208 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    .

    @=“{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}”

    2010-10-06 23:36 94208 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    .

    “msnmsgr”=“c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe”

    “Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe”

    “OfficeSyncProcess”=“c:\program files\Microsoft Office\Office14\MSOSYNC.EXE”

    .

    “Malwarebytes' Anti-Malware”=“e:\program files\Malwarebytes' Anti-Malware\mbamgui.exe”

    .

    “AvgUninstallURL”=“start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=OUFWRlJFRS1WMEtNQy1FOVZVVy1FVzBWQS1VVTNYTC1GRVc5Ny1PVTZF&inst=NzctNjI1ODU5MTI0LVFJWDErMy1GTDEwKzEtTElDKzg4LVNQMSsxLVNQMVRCKzEtU1VEKzEtVFVHKzMtUzFJKzEtU1UzKzEtRERUKzA&prod=90&ver=10.0.1390”

    .

    c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

    Dropbox.lnk - c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

    .

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

    HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

    .

    “ConsentPromptBehaviorAdmin”= 0 (0x0)

    “ConsentPromptBehaviorUser”= 3 (0x3)

    “EnableLUA”= 0 (0x0)

    “EnableUIADesktopToggle”= 0 (0x0)

    “PromptOnSecureDesktop”= 0 (0x0)

    .

    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

    .

    “HP Software Update”=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe

    “Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

    “Adobe Reader Speed Launcher”=“c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe”

    “SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe”

    .

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

    R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe

    R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe

    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE

    R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

    R3 SetupNTGLM7X;SetupNTGLM7X;F:\NTGLM7X.sys

    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys

    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe

    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe

    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys

    S2 MBAMService;MBAMService;e:\program files\Malwarebytes' Anti-Malware\mbamservice.exe

    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

    S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe

    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys

    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys

    S3 netr7364;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr7364.sys

    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys

    S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

    S3 RTL8167;Realtek 8167 NT-stuurprogramma;c:\windows\system32\DRIVERS\Rt64win7.sys

    S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys

    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys

    .

    .

    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

    .

    Inhoud van de ‘Gedeelde Taken’ map

    .

    2011-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe

    .

    2011-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe

    .

    2011-07-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1848488349-641486460-2212997090-1000Core.job

    - c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe

    .

    2011-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1848488349-641486460-2212997090-1000UA.job

    - c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe

    .

    .

    ——— x86-64 ———–

    .

    .

    @=“{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}”

    2010-10-06 23:36 97792 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

    .

    @=“{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}”

    2010-10-06 23:36 97792 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

    .

    @=“{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}”

    2010-10-06 23:36 97792 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

    .

    @=“{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}”

    2010-10-06 23:36 97792 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

    .

    “BCSSync”=“c:\program files\Microsoft Office\Office14\BCSSync.exe”

    .

    “LoadAppInit_DLLs”=0x0

    .

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

    UxTuneUp

    .

    ——- Bijkomende Scan ——-

    .

    uLocal Page = c:\windows\system32\blank.htm

    uStart Page = hxxp://www.google.nl/

    IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

    IE: Free YouTube to Mp3 Converter - c:\users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

    TCP: DhcpNameServer = 192.168.1.1

    FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\3b8i8jfo.default\

    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2603445&SearchSource=3&q={searchTerms}

    FF - prefs.js: browser.search.selectedEngine - Softonic Netherlands Customized Web Search

    FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2603445&SearchSource=13

    FF - prefs.js: network.proxy.type - 0

    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

    FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

    FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

    FF - Ext: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - %profile%\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}

    FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

    FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

    FF - Ext: Softonic Netherlands Toolbar: {65ca59ee-9920-4d7f-8c41-bfa12403261a} - %profile%\extensions\{65ca59ee-9920-4d7f-8c41-bfa12403261a}

    FF - user.js: network.http.max-persistent-connections-per-server - 4

    FF - user.js: nglayout.initialpaint.delay - 600

    FF - user.js: content.notify.interval - 600000

    FF - user.js: content.max.tokenizing.time - 1800000

    FF - user.js: content.switch.threshold - 600000

    .

    - - - - ORPHANS VERWIJDERD - - - -

    .

    SafeBoot-mcmscsvc

    SafeBoot-MCODS

    WebBrowser-{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - (no file)

    WebBrowser-{65CA59EE-9920-4D7F-8C41-BFA12403261A} - (no file)

    WebBrowser-{77F8C945-4B74-4BD6-A073-E0D1997EDCE8} - (no file)

    WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)

    WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)

    WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

    .

    .

    .

    ——————— VERGRENDELDE REGISTER SLEUTELS ———————

    .

    @Denied: (2) (LocalSystem)

    “Progid”=“WindowsLiveMail.Email.1”

    .

    @Denied: (2) (LocalSystem)

    “Progid”=“WindowsLiveMail.VCard.1”

    .

    @Denied: (A 2) (Everyone)

    @=“FlashBroker”

    “LocalizedString”=“@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101”

    .

    “Enabled”=dword:00000001

    .

    @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe”

    .

    @=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”

    .

    @Denied: (A 2) (Everyone)

    @=“Shockwave Flash Object”

    .

    @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx”

    “ThreadingModel”=“Apartment”

    .

    @=“0”

    .

    @=“ShockwaveFlash.ShockwaveFlash.10”

    .

    @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1”

    .

    @=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”

    .

    @=“1.0”

    .

    @=“ShockwaveFlash.ShockwaveFlash”

    .

    @Denied: (A 2) (Everyone)

    @=“Macromedia Flash Factory Object”

    .

    @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx”

    “ThreadingModel”=“Apartment”

    .

    @=“FlashFactory.FlashFactory.1”

    .

    @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1”

    .

    @=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”

    .

    @=“1.0”

    .

    @=“FlashFactory.FlashFactory”

    .

    @Denied: (A 2) (Everyone)

    @=“IFlashBroker4”

    .

    @=“{00020424-0000-0000-C000-000000000046}”

    .

    @=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”

    “Version”=“1.0”

    .

    @Denied: (Full) (Everyone)

    .

    ———————— Andere Aktieve Processen ————————

    .

    c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

    c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

    c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

    c:\program files (x86)\Windows Live\Contacts\wlcomm.exe

    .

    **************************************************************************

    .

    Voltooingstijd: 2011-07-15 17:48:52 - machine werd herstart

    ComboFix-quarantined-files.txt 2011-07-15 15:48

    .

    Pre-Run: 297.323.053.056 bytes beschikbaar

    Post-Run: 298.902.614.016 bytes beschikbaar

    .

    - - End Of File - - 89F62E2D8DCD00CD93CB823B742064B8

    hier is die dan

    alvast bedankt Hans

  • Anonymous avatar

    Ben

    Hallo Hans,

    Combo heeft ook weer zijn werk gedaan (wacht even tot fazantje het ook goed keurt) ben nog lerend!

    Verander alvast nog even al je wachtwoorden!

    Na goedkeuring krijg je nog een paar stappen dus wacht even nog af!

    En plaats nog even een nieuw haijck this logje.

    http://2.bp.blogspot.com/_NAn8-ZItaHE/Scq3w6FaicI/AAAAAAAACVY/QqPkGy7EU7U/s320/school69.gif

    Ben

  • Anonymous avatar

    fazantje

    Hoi Mar,

    Download Combofix uninstaller

    Klik op bestand opslaan.

    Plaats hem b.v. op je buroblad.

    Dubbel klik en kies uitvoeren.

    Laat hem zijn werk doen en klik op done.

    Gooi nog even Systeem herstel en je prullenbak leeg.

    Je virusscanner kun je weer installeren/ aanzetten.

    Download en installeer Ccleaner

    Na installatie het programma standaard laten draaien.

    Eerst de Cleaner en daarna het register.

    Bij het installeren van de nieuwste Ccleaner wordt nu ook Google Chrome (helaas) mee geinstalleerd.

    Je moet tijdens het installeren een vinkje weg halen, zodat Google Chrome niet geinstalleerd word.

    Doe verder even wat Ben al voorstelde.

    Succes,

    Huib;)

  • Anonymous avatar

    mar

    hoi

    gedaan wat u schreef alleen combofixe unstaller ik zie het niet terug als bestand en zegt al gelijk done dus nu weet ik niet

    Download Combofix uninstaller

    Klik op bestand opslaan.

    Plaats hem b.v. op je buroblad.

    Dubbel klik en kies uitvoeren.

    Laat hem zijn werk doen en klik op done.

    hij vraagt gelijk om uitvoeren en ik klik daar op en zegt dan done

    dus nu weet ik niet of dit goed is

    bedankt voor jullie hulp

    hans

  • Anonymous avatar

    fazantje

    Hoi Mar,

    Hij is weg hoor;)

    Plaats ter controle nog even een nieuw hijackthis logje.

    Groetjes Huib;)

  • Anonymous avatar

    mar

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 10:59:12, on 16-7-2011

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v9.00 (9.00.8112.16421)

    Boot mode: Normal

    Running processes:

    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

    C:\Program Files (x86)\AVG\AVG10\avgtray.exe

    C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

    C:\Program Files (x86)\Spotnet\Spotnet.exe

    C:\Program Files (x86)\Spotnet\SABnzbd.exe

    C:\Program Files (x86)\Trend Micro\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

    O4 - HKLM\..\Run: “e:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe” /starttray

    O4 - HKLM\..\Run: C:\Program Files (x86)\AVG\AVG10\avgtray.exe

    O4 - HKLM\..\RunOnce: cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=OUFWRlJFRS1WMEtNQy1FOVZVVy1FVzBWQS1VVTNYTC1GRVc5Ny1PVTZF“&”inst=NzctNjI1ODU5MTI0LVFJWDErMy1GTDEwKzEtTElDKzg4LVNQMSsxLVNQMVRCKzEtU1VEKzEtVFVHKzMtUzFJKzEtU1UzKzEtRERUKzA“&”prod=90“&”ver=10.0.1390

    O4 - HKCU\..\Run: “C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe” /background

    O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: “C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”

    O4 - HKCU\..\RunOnce: “C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe”

    O4 - Startup: Dropbox.lnk = Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

    O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

    O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O11 - Options group: Accelerated graphics

    O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe

    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe

    O23 - Service: MBAMService - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    End of file - 10694 bytes

    hier is het laatste gemaakte logje

    alvast bedankt voor het meedenken

    gr Hans

  • Anonymous avatar

    fazantje

    Hoi Mar,

    Ziet er weer goed uit;)

    Als je verder geen problemen meer hebt, laten we het hierbij.

    Groetjes Huib;)

  • Anonymous avatar

    mar

    hoi

    oke bedankt voor de hulp

    gr hans

  • Anonymous avatar

    fazantje

    Ook namens Ben, graag gedaan(tu)

    Groetjes Huib;)