pagina,s laden langzaam of niet

harry

30-10-2012 17:41

Zoek.exe Version 3.0.0.4 Updated 30-10-2012
Tool run by Gebruiker on di 30-10-2012 at 17:29:32,89.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
==== Deleting Files \ Folders ======================
“c:\users\gebruiker\appdata\roaming\Kyimoc” deleted
“c:\users\gebruiker\appdata\roaming\Hyow” deleted
“c:\users\gebruiker\appdata\roaming\tor” deleted
“c:\users\gebruiker\appdata\roaming\Zuadve” deleted
“c:\users\gebruiker\appdata\roaming\Epzeic” deleted
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied
DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.9.2
Run by Gebruiker at 17:38:22 on 2012-10-30
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.1791.912
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://startpagina.nl/
uWindow Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
uRun: c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: “c:\program files\avast software\avast\avastUI.exe” /nogui
mRun: “c:\program files\common files\adobe\arm\1.0\AdobeARM.exe”
mRun: “c:\program files\common files\java\java update\jusched.exe”
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
uPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Verzenden naar OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
IE: Backward &Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cac&hed Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
IE: Si&milar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the ‘Force scan all domains’ option.
.
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{E8641357-5132-43AA-A8FD-63D3C6DFA8D7} : DHCPNameServer = 212.54.35.25 212.54.40.25
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - c:\windows\system32\DreamScene.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2013\TuneUpUtilitiesService32.exe
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2013\TuneUpUtilitiesDriver32.sys
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 WiseBootAssistant;Wise Boot Assistant;c:\program files\wise\wise care 365\BootTime.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys
S3 c2wts;Claims voor Windows Token Service;c:\program files\windows identity foundation\v3.5\c2wtshost.exe
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys
S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe
.
=============== Created Last 30 ================
.
2012-10-30 16:30:54 167424 —-a-w- c:\windows\zoek-delete.exe
2012-10-30 16:30:54 ——– d—–w- c:\users\gebruiker\appdata\local\Temp
2012-10-29 19:03:04 ——– d-sh–w- C:\$RECYCLE.BIN
2012-10-29 19:00:08 ——– d-s—w- C:\ComboFix
2012-10-28 10:47:11 ——– d—–w- c:\users\gebruiker\appdata\roaming\NZBEE
2012-10-28 10:11:16 ——– d—–w- c:\users\gebruiker\appdata\local\Delicious_Beezzz
2012-10-28 10:08:08 ——– d—–w- c:\users\gebruiker\appdata\local\Geckofx
2012-10-28 10:07:35 ——– d—–w- c:\program files\NZBEE
2012-10-27 12:44:12 93672 —-a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-27 06:44:11 ——– d—–w- c:\program files\Joboshare
2012-10-27 05:38:44 6918632 —-a-w- c:\programdata\microsoft\windows defender\definition updates\{840d4087-17ee-48ee-97f1-ae0e0e61adee}\mpengine.dll
2012-10-24 06:25:28 247808 —-a-w- c:\windows\system32\schannel.dll
2012-10-24 06:25:27 136560 —-a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-10-24 06:25:26 369856 —-a-w- c:\windows\system32\drivers\cng.sys
2012-10-24 06:25:26 220160 —-a-w- c:\windows\system32\ncrypt.dll
2012-10-24 06:25:26 1039360 —-a-w- c:\windows\system32\lsasrv.dll
2012-10-23 17:06:04 ——– d—–w- c:\users\gebruiker\appdata\local\TricksAndTreats
2012-10-21 12:47:14 ——– d—–w- c:\users\gebruiker\appdata\roaming\AVS4YOU
2012-10-21 12:45:31 ——– d—–w- c:\program files\common files\AVSMedia
2012-10-21 12:44:54 1700352 —-a-w- c:\windows\system32\GdiPlus.dll
2012-10-21 12:44:53 24576 —-a-w- c:\windows\system32\msxml3a.dll
2012-10-21 12:44:53 ——– d—–w- c:\programdata\AVS4YOU
2012-10-21 12:44:53 ——– d—–w- c:\program files\AVS4YOU
2012-10-21 11:09:47 ——– d—–w- c:\users\gebruiker\appdata\roaming\Wise Care 365
2012-10-21 11:09:26 ——– d—–w- c:\program files\Wise
2012-10-20 12:41:33 ——– d—–w- c:\users\gebruiker\appdata\roaming\Kutawaves Games
2012-10-13 15:11:21 11270 –sha-w- c:\windows\system32\KGyGaAvL.sys
2012-10-13 08:16:47 ——– d—–w- c:\program files\DivX
2012-10-13 08:07:11 ——– d—–w- c:\program files\1Click DVD to Divx Avi
2012-10-11 18:05:14 ——– d—–w- c:\users\gebruiker\appdata\roaming\Elephant Games
2012-10-11 18:05:14 ——– d—–w- c:\programdata\Elephant Games
2012-10-11 16:42:12 ——– d—–w- c:\users\gebruiker\appdata\roaming\Specialbit
2012-10-11 06:18:32 ——– d—–w- c:\program files\SUPERAntiSpyware
2012-10-10 17:32:04 ——– d—–w- c:\users\gebruiker\appdata\roaming\AnvSoft
2012-10-10 17:31:51 ——– d—–w- c:\program files\AnvSoft
2012-10-10 04:54:24 172544 —-a-w- c:\windows\system32\wintrust.dll
2012-10-10 04:54:13 2048 —-a-w- c:\windows\system32\tzres.dll
2012-10-10 04:52:53 1211760 —-a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 04:52:50 542208 —-a-w- c:\windows\system32\kerberos.dll
2012-10-10 04:52:44 3968880 —-a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-10 04:52:44 3914096 —-a-w- c:\windows\system32\ntoskrnl.exe
2012-10-07 08:32:22 ——– d—–w- c:\users\gebruiker\appdata\roaming\iWin4
2012-10-07 08:32:22 ——– d—–w- c:\programdata\iWin4
2012-10-06 16:11:56 ——– d—–w- c:\users\gebruiker\appdata\roaming\DVD2AVI Ripper
2012-10-06 08:16:14 ——– d—–w- c:\users\gebruiker\appdata\roaming\Rumbic Studio
2012-10-05 13:28:33 ——– d—–w- c:\programdata\Playrix Entertainment
2012-10-04 18:06:07 ——– d—–w- c:\programdata\Alawar Stargaze
2012-10-04 17:02:08 ——– d—–w- c:\users\gebruiker\appdata\roaming\AlawarEntertainment
2012-10-03 17:59:45 ——– d—–w- c:\users\gebruiker\appdata\roaming\SMIGames
.
==================== Find3M ====================
.
2012-10-27 12:44:02 821736 —-a-w- c:\windows\system32\npdeployJava1.dll
2012-10-27 12:44:02 746984 —-a-w- c:\windows\system32\deployJava1.dll
2012-10-25 16:10:09 73656 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-25 16:10:09 697272 —-a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-23 10:18:34 738504 —-a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-23 10:18:33 58680 —-a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-23 10:17:48 41224 —-a-w- c:\windows\avastSS.scr
2012-10-15 16:59:28 44784 —-a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-09-29 22:53:20 68960 —-a-w- c:\windows\system32\SFAPO.dll
2012-09-29 17:54:26 22856 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-09-21 15:50:43 2424832 —-a-w- c:\windows\system32\d45ba.msi
2012-09-21 15:50:38 24141824 —-a-w- c:\windows\system32\d45be.msi
2012-09-21 08:21:09 46 —-a-w- c:\windows\DeleteOnReboot.bat
2012-09-21 07:48:15 102400 —-a-w- c:\windows\RegBootClean.exe
2012-09-19 10:10:58 31584 —-a-w- c:\windows\system32\TURegOpt.exe
2012-09-19 10:10:58 21344 —-a-w- c:\windows\system32\authuitu.dll
2012-08-24 06:59:17 1800704 —-a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 —-a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 —-a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 —-a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 —-a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 —-a-w- c:\windows\system32\mshtml.tlb
2012-08-23 16:06:47 3584 —-a-w- c:\windows\system32\drivers\nl-nl\tsusbflt.sys.mui
2012-08-23 14:48:14 221184 —-a-w- c:\windows\system32\rdpudd.dll
2012-08-23 14:44:32 14848 —-a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-08-23 14:40:25 49664 —-a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-08-23 14:10:40 12288 —-a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-08-23 14:10:04 13312 —-a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-08-23 13:52:25 12800 —-a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-08-23 13:47:20 46592 —-a-w- c:\windows\system32\MsRdpWebAccess.dll
2012-08-23 13:46:20 16896 —-a-w- c:\windows\system32\wksprtPS.dll
2012-08-23 13:32:59 32768 —-a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2012-08-23 13:18:14 37376 —-a-w- c:\windows\system32\tsgqec.dll
2012-08-23 11:40:43 56320 —-a-w- c:\windows\system32\TSWbPrxy.exe
2012-08-23 11:32:48 317440 —-a-w- c:\windows\system32\wksprt.exe
2012-08-23 11:15:57 269312 —-a-w- c:\windows\system32\aaclient.dll
2012-08-23 11:12:17 192000 —-a-w- c:\windows\system32\rdpendp_winip.dll
2012-08-23 10:39:24 1048064 —-a-w- c:\windows\system32\mstsc.exe
2012-08-23 10:08:49 2739712 —-a-w- c:\windows\system32\rdpcorets.dll
2012-08-23 08:19:01 4916224 —-a-w- c:\windows\system32\mstscax.dll
2012-08-22 17:16:54 1292144 —-a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16:46 712048 —-a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16:46 240496 —-a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16:36 187760 —-a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 20:12:27 245760 —-a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 12:44:10 513696 —-a-w- c:\windows\system32\msxml.dll
2012-08-21 12:44:02 38560 —-a-w- c:\windows\system32\CleanMFT32.exe
2012-08-20 17:40:31 169984 —-a-w- c:\windows\system32\winsrv.dll
2012-08-20 17:40:01 293376 —-a-w- c:\windows\system32\KernelBase.dll
2012-08-20 17:37:58 271360 —-a-w- c:\windows\system32\conhost.exe
2012-08-20 15:33:28 6144 —ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 —ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 —ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 —ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-02 16:57:20 490496 —-a-w- c:\windows\system32\d3d10level9.dll
2012-05-04 07:04:00 2174976 —-a-w- c:\program files\common files\atimpenc.dll
.
============= FINISH: 17:39:13,12 ===============
Ben

30-10-2012 17:44

Hallo,
Hoe gaat het nu?
Gr.Ben
Antivirusprikbord.nl
harry

30-10-2012 17:54

Ja goed
is de trojan foetsie ?
en heeft wise care pro eriets mee te maken ben ?
heb jij een tip/link voor scannen naar trojan.s ?
bedankt en alles lijkt oke
gr harry
Ben

30-10-2012 18:12

Hallo,
Malwarebytes kan je laten staan en één maal in de week (na te hebben geupdate) je pc mee scannen.
1. De volgende programma's en bijbehorende log bestanden mag je verwijderen.
• DDS
• zoek.exe
• AdwCleaner via Verwijderen functie als je het programma opstart.
2. Leeg je prullenbak en verwijder nog even je systeemherstelpunten en maak een nieuwe aan:
Ga naar Start/Configuratiescherm/Systeem/Systeembeveiliging schakel nu systeemherstel uit door de gewenste schijf te selecteren en op "configureren" te klikken.
Klik nu op "verwijderen" om alle herstelpunten te verwijderen.
Klik op "Toepassen“ en ”OK".
Herstart nu de PC. (en schakel daarna systeemherstel weer in)
>>>is de trojan foetsie ?<<<
Ja.(tu)
>>>en heeft wise care pro er iets mee te maken ben ?<<<
Nee, maar kijk uit met die reg programma’s ze verwijderen wel eens iets te veel.
>>>heb jij een tip/link voor scannen naar trojan.s ?<<<
Kijk uit met wat je download.
Om de kans op een her-infectie te minimaliseren kan je naast de gebruikte beveiligingssoftware een aanvullende malwarescanner installeren zoals:
Emsisoft Anti-Malware of Malwarebytes' Antimalware om de bescherming te optimaliseren.
En als je het niet vertrouwd je weet ons te vinden want niet alles word gevonden door een scanner (tu)
>>>Combofix zag ik ook op je pc staan verwijder die, want niet onder begeleiding kan hij je systeem om zeep helpen<<<
Gr.Ben
Antivirusprikbord.nl
harry

02-11-2012 08:04

Hallo Ben
Ik heb zoals je zei Emsisoft Anti-Malware geinstalleerd en doe dagelijks Malwarebytes' Antimalware
ook heb ik zonet via ziggo speedtest de snelheid gemeten, keurig
maar toch…het laden van de pagina,s is traag naar mijn mening
moet ik iets doen met de invoegtoepassingen ? staat vaak onderaan als ik I E opstart / startpagina
hierbij stuur ik je effe een logje
alvast bedankt voor het kijken hijack en Malwarebytes' Antimalware volgt
p.s avast is up to date incl window,s zelf
bij msconfig starten de volgende dingen op opstarten/ besturingsysteen en anti avast
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:54:36, on 2-11-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gebruiker\Downloads\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/?ocid=OIE9HP
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Emsisoft Anti-Malware 7.0 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe
–
End of file - 8519 bytes
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Databaseversie: v2012.11.02.05
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Gebruiker :: GEBRUIK-M9FNQAG
2-11-2012 7:54:10
mbam-log-2012-11-02 (07-54-10).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 198142
Verstreken tijd: 7 minuut/minuten, 36 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
harry

04-11-2012 08:11

Geen reactie
Ga er dan maar vanuit dat alles er goed uit ziet
Gr Harry
Ben

04-11-2012 09:14

Hallo,
Sorry had je over het hooft gezien.
Logjes zien er goed uit kijk het even aan, installeer eens Firefox en kijk hoe het dan gaat.\
>>>Emsisoft Anti-Malware<<<
Had die nog wat gevonden.
>>>moet ik iets doen met de invoegtoepassingen ? staat vaak onderaan als ik I E opstart / startpagina<<<
Nee hoor alleen de hoog nodige. Zoals webrep van Avast.
Gr.Ben
Antivirusprikbord.nl
Ben

14-11-2012 20:48

Omdat dit topic is opgelost word het gesloten.
Wilt U Uw topic als nog weer openen, stuur dan een privé bericht naar Ben of Huib (fazantje).
Zij zullen dan het “slotje” er van af halen en het topic is weer geopend.
Het AV team.

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

pagina,s laden langzaam of niet

harry

Ben

harry

Ben

harry

harry

Ben

Ben