Laptop is erg traag

fazantje

17-12-2012 21:56

Hoi Rudi,
Start HijackThis, klik op scan en vink de volgende regels aan:
R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
O20 - AppInit_DLLs: c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll
Sluit alle openstaande vensters, behalve HijackThis en klik op fix checked.
Schakel nu jou virusscanner uit en doe het volgende:
Download Combofix hier en plaats het op jou bureaublad.
Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link,
want Combofix wordt dagelijks geupdate.
OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt
van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
Dubbelklik op Combofix.exe
Volg de instructies, aanvaard de disclaimer.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
De scan kan, afhankelijk van de besmetting 40 tot wel 100 minuten duren, dus denk niet van hij zit vast.
Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
Plaats deze log in je volgende post samen met een nieuw HijackThis log.
Succes,
Huib;)
marijea

17-12-2012 22:43

HJ
C:\Users\Marije\Desktop\Antivirus , spyware en onderhoud, wekelijks checken\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQCON/7
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQCON/7
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe” -launchedbylogin
O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe “C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe” 60
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Marije\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra ‘Tools’ menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technologie (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
fazantje

17-12-2012 22:53

Nu het logje van Combofix nog.
Maar ik ga naar bed, morgen vroege dienst.
Ben zal je dan wel weer verder helpen.
Groetjes Huib;)
marijea

17-12-2012 22:55

ComboFix 12-12-17.02 - Marije 17-12-2012 22:15:10.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.1979.676
Gestart vanuit: c:\users\Marije\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marije\HijackThis.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-11-17 to 2012-12-17 ))))))))))))))))))))))))))))))
.
.
2012-12-17 21:27 . 2012-12-17 21:27 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-12-17 18:01 . 2012-12-17 18:01 ——– d—–w- c:\users\Marije\AppData\Local\Diagnostics
2012-12-17 15:07 . 2012-11-08 17:24 9125352 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DC0B835C-E2A2-45E4-A9A0-D240E4DDE6DD}\mpengine.dll
2012-12-17 11:41 . 2012-12-17 11:41 ——– d—–w- c:\users\Marije\AppData\Local\Macromedia
2012-12-17 11:40 . 2012-12-17 11:40 ——– d—–w- c:\users\Marije\AppData\Local\Mozilla
2012-12-17 11:40 . 2012-12-17 11:40 ——– d—–w- c:\program files (x86)\Mozilla Maintenance Service
2012-12-16 20:28 . 2010-01-10 17:40 118784 —-a-w- c:\windows\SysWow64\MSSTDFMT.DLL
2012-12-16 20:28 . 2010-01-10 17:40 1071088 —-a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-12-16 20:27 . 2012-12-17 17:32 ——– d—–w- c:\program files (x86)\SpywareBlaster
2012-12-16 20:05 . 2012-10-30 22:51 25232 —-a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-12-16 20:05 . 2012-10-30 22:51 370288 —-a-w- c:\windows\system32\drivers\aswSP.sys
2012-12-16 20:05 . 2012-10-15 16:59 54072 —-a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-12-16 20:05 . 2012-10-30 22:51 59728 —-a-w- c:\windows\system32\drivers\aswTdi.sys
2012-12-16 20:05 . 2012-10-30 22:51 984144 —-a-w- c:\windows\system32\drivers\aswSnx.sys
2012-12-16 20:05 . 2012-10-30 22:51 71600 —-a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-12-16 20:04 . 2012-10-30 22:51 41224 —-a-w- c:\windows\avastSS.scr
2012-12-16 20:03 . 2012-10-30 22:50 227648 —-a-w- c:\windows\SysWow64\aswBoot.exe
2012-12-16 19:46 . 2012-10-30 22:50 285328 —-a-w- c:\windows\system32\aswBoot.exe
2012-12-16 19:44 . 2012-12-16 20:03 ——– d—–w- c:\programdata\AVAST Software
2012-12-16 19:44 . 2012-12-16 20:03 ——– d—–w- c:\program files\AVAST Software
2012-12-16 19:27 . 2012-06-05 07:37 256904 —-a-w- c:\windows\SysWow64\drivers\tmcomm.sys
2012-12-16 18:59 . 2012-12-17 10:08 ——– d—–w- c:\program files\CCleaner
2012-12-16 18:36 . 2012-12-16 18:36 ——– d—–w- c:\program files (x86)\Common Files\Java
2012-12-16 18:36 . 2012-12-16 18:35 95184 —-a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-16 18:35 . 2012-12-16 18:35 ——– d—–w- c:\program files (x86)\Java
2012-12-16 11:31 . 2012-11-08 17:24 9125352 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-14 14:44 . 2012-12-14 14:47 ——– d—–w- c:\windows\system32\MpEngineStore
2012-12-13 10:50 . 2012-11-09 05:45 2048 —-a-w- c:\windows\system32\tzres.dll
2012-12-13 10:50 . 2012-11-09 04:42 2048 —-a-w- c:\windows\SysWow64\tzres.dll
2012-12-13 10:50 . 2012-11-22 03:26 3149824 —-a-w- c:\windows\system32\win32k.sys
2012-12-13 10:50 . 2012-11-05 21:35 46080 —-a-w- c:\windows\system32\atmlib.dll
2012-12-13 10:50 . 2012-11-05 20:41 367616 —-a-w- c:\windows\system32\atmfd.dll
2012-12-13 10:50 . 2012-11-05 20:32 295424 —-a-w- c:\windows\SysWow64\atmfd.dll
2012-12-13 10:50 . 2012-11-05 20:32 34304 —-a-w- c:\windows\SysWow64\atmlib.dll
2012-12-13 10:48 . 2012-11-02 05:59 478208 —-a-w- c:\windows\system32\dpnet.dll
2012-12-13 10:48 . 2012-11-02 05:11 376832 —-a-w- c:\windows\SysWow64\dpnet.dll
2012-12-10 17:52 . 2012-12-10 17:52 ——– d—–w- c:\users\Marije\AppData\Local\CRE
2012-12-10 17:52 . 2012-12-10 17:52 ——– d—–w- c:\windows\SysWow64\searchplugins
2012-12-10 17:52 . 2012-12-10 17:52 ——– d—–w- c:\windows\SysWow64\Extensions
2012-12-10 17:50 . 2012-12-16 19:38 ——– d—–w- c:\program files (x86)\TornTV.com
2012-12-10 17:48 . 2012-12-16 18:49 ——– d—–w- c:\users\Marije\AppData\Roaming\uTorrent
2012-11-29 08:18 . 2012-11-29 08:16 972264 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E07BC78-C9C9-4294-B8EA-23A8AC369F24}\gapaengine.dll
2012-11-25 15:29 . 2012-11-25 15:29 ——– d—–w- c:\program files\Microsoft Silverlight
2012-11-25 15:29 . 2012-11-25 15:29 ——– d—–w- c:\program files (x86)\Microsoft Silverlight
2012-11-24 12:46 . 2012-11-24 12:46 ——– d—–w- c:\program files (x86)\Teach2000
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 18:35 . 2012-10-04 20:53 859072 —-a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-12-16 18:35 . 2012-10-04 20:53 779704 —-a-w- c:\windows\SysWow64\deployJava1.dll
2012-12-14 14:42 . 2012-10-05 08:08 67413224 —-a-w- c:\windows\system32\MRT.exe
2012-12-14 14:20 . 2012-10-05 11:34 73656 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-14 14:20 . 2012-10-05 11:34 697272 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-17 03:31 . 2012-11-08 11:14 741480 ——w- c:\windows\system32\HPDiscoPMa011.dll
2012-10-16 08:38 . 2012-11-29 08:09 135168 —-a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-29 08:09 350208 —-a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-29 08:09 561664 —-a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-16 14:35 55296 —-a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-16 14:35 226816 —-a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-16 14:35 44032 —-a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-16 14:35 193536 —-a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-06 09:43 . 2009-07-14 02:36 152576 —-a-w- c:\windows\SysWow64\msclmd.dll
2012-10-06 09:43 . 2009-07-14 02:36 175616 —-a-w- c:\windows\system32\msclmd.dll
2012-10-05 10:38 . 2012-10-05 10:38 560184 —-a-w- c:\windows\system32\drivers\sptd.sys
2012-10-05 08:45 . 2010-06-24 09:33 19720 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-10-04 19:02 . 2012-10-04 19:02 74752 —-a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-10-04 19:02 . 2012-10-04 19:02 161792 —-a-w- c:\windows\SysWow64\msls31.dll
2012-10-04 19:02 . 2012-10-04 19:02 110592 —-a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-10-04 19:02 . 2012-10-04 19:02 86528 —-a-w- c:\windows\SysWow64\iesysprep.dll
2012-10-04 19:02 . 2012-10-04 19:02 76800 —-a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-10-04 19:02 . 2012-10-04 19:02 74752 —-a-w- c:\windows\SysWow64\iesetup.dll
2012-10-04 19:02 . 2012-10-04 19:02 63488 —-a-w- c:\windows\SysWow64\tdc.ocx
2012-10-04 19:02 . 2012-10-04 19:02 48640 —-a-w- c:\windows\SysWow64\mshtmler.dll
2012-10-04 19:02 . 2012-10-04 19:02 367104 —-a-w- c:\windows\SysWow64\html.iec
2012-10-04 19:02 . 2012-10-04 19:02 23552 —-a-w- c:\windows\SysWow64\licmgr10.dll
2012-10-04 19:02 . 2012-10-04 19:02 35840 —-a-w- c:\windows\SysWow64\imgutil.dll
2012-10-04 19:02 . 2012-10-04 19:02 152064 —-a-w- c:\windows\SysWow64\wextract.exe
2012-10-04 19:02 . 2012-10-04 19:02 150528 —-a-w- c:\windows\SysWow64\iexpress.exe
2012-10-04 19:02 . 2012-10-04 19:02 11776 —-a-w- c:\windows\SysWow64\mshta.exe
2012-10-04 19:02 . 2012-10-04 19:02 101888 —-a-w- c:\windows\SysWow64\admparse.dll
2012-10-04 19:02 . 2012-10-04 19:02 89088 —-a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-10-04 19:02 . 2012-10-04 19:02 65024 —-a-w- c:\windows\system32\pngfilt.dll
2012-10-04 19:02 . 2012-10-04 19:02 49664 —-a-w- c:\windows\system32\imgutil.dll
2012-10-04 19:02 . 2012-10-04 19:02 267776 —-a-w- c:\windows\system32\ieaksie.dll
2012-10-04 19:02 . 2012-10-04 19:02 222208 —-a-w- c:\windows\system32\msls31.dll
2012-10-04 19:02 . 2012-10-04 19:02 197120 —-a-w- c:\windows\system32\msrating.dll
2012-10-04 19:02 . 2012-10-04 19:02 163840 —-a-w- c:\windows\system32\ieakui.dll
2012-10-04 19:02 . 2012-10-04 19:02 149504 —-a-w- c:\windows\system32\occache.dll
2012-10-04 19:02 . 2012-10-04 19:02 12288 —-a-w- c:\windows\system32\mshta.exe
2012-10-04 19:02 . 2012-10-04 19:02 114176 —-a-w- c:\windows\system32\admparse.dll
2012-10-04 19:02 . 2012-10-04 19:02 145920 —-a-w- c:\windows\system32\iepeers.dll
2012-10-04 19:02 . 2012-10-04 19:02 91648 —-a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-10-04 19:02 . 2012-10-04 19:02 89088 —-a-w- c:\windows\system32\ie4uinit.exe
2012-10-04 19:02 . 2012-10-04 19:02 85504 —-a-w- c:\windows\system32\iesetup.dll
2012-10-04 19:02 . 2012-10-04 19:02 82432 —-a-w- c:\windows\system32\icardie.dll
2012-10-04 19:02 . 2012-10-04 19:02 76800 —-a-w- c:\windows\system32\tdc.ocx
2012-10-04 19:02 . 2012-10-04 19:02 55296 —-a-w- c:\windows\system32\msfeedsbs.dll
2012-10-04 19:02 . 2012-10-04 19:02 534528 —-a-w- c:\windows\system32\ieapfltr.dll
2012-10-04 19:02 . 2012-10-04 19:02 48640 —-a-w- c:\windows\system32\mshtmler.dll
2012-10-04 19:02 . 2012-10-04 19:02 452608 —-a-w- c:\windows\system32\dxtmsft.dll
2012-10-04 19:02 . 2012-10-04 19:02 448512 —-a-w- c:\windows\system32\html.iec
2012-10-04 19:02 . 2012-10-04 19:02 403248 —-a-w- c:\windows\system32\iedkcs32.dll
2012-10-04 19:02 . 2012-10-04 19:02 39936 —-a-w- c:\windows\system32\iernonce.dll
2012-10-04 19:02 . 2012-10-04 19:02 3695416 —-a-w- c:\windows\system32\ieapfltr.dat
2012-10-04 19:02 . 2012-10-04 19:02 282112 —-a-w- c:\windows\system32\dxtrans.dll
2012-10-04 19:02 . 2012-10-04 19:02 160256 —-a-w- c:\windows\system32\ieakeng.dll
2012-10-04 19:02 . 2012-10-04 19:02 135168 —-a-w- c:\windows\system32\IEAdvpack.dll
2012-10-04 19:02 . 2012-10-04 19:02 111616 —-a-w- c:\windows\system32\iesysprep.dll
2012-10-04 19:02 . 2012-10-04 19:02 10752 —-a-w- c:\windows\system32\msfeedssync.exe
2012-10-04 19:02 . 2012-10-04 19:02 30720 —-a-w- c:\windows\system32\licmgr10.dll
2012-10-04 19:02 . 2012-10-04 19:02 249344 —-a-w- c:\windows\system32\webcheck.dll
2012-10-04 19:02 . 2012-10-04 19:02 165888 —-a-w- c:\windows\system32\iexpress.exe
2012-10-04 19:02 . 2012-10-04 19:02 160256 —-a-w- c:\windows\system32\wextract.exe
2012-10-04 19:02 . 2012-10-04 19:02 103936 —-a-w- c:\windows\system32\inseng.dll
2012-10-04 18:10 . 2010-07-08 05:14 29480 —-a-w- c:\windows\SysWow64\msxml3a.dll
2012-10-04 18:10 . 2009-07-21 11:22 505128 —-a-w- c:\windows\SysWow64\msvcp71.dll
2012-10-04 18:10 . 2009-07-21 11:22 353576 —-a-w- c:\windows\SysWow64\msvcr71.dll
2012-10-04 16:40 . 2012-12-13 10:49 44032 —-a-w- c:\windows\apppatch\acwow64.dll
2012-10-04 15:29 . 2010-03-27 17:32 588472 —-a-w- c:\windows\SysWow64\ezsvc7x.dll
2012-10-03 17:56 . 2012-11-16 14:35 1914248 —-a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-16 14:35 303104 —-a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-16 14:35 70656 —-a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-16 14:35 246272 —-a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-16 14:35 18944 —-a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-16 14:35 216576 —-a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-16 14:35 569344 —-a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-16 14:35 175104 —-a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-16 14:35 18944 —-a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-16 14:35 156672 —-a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-16 14:35 45568 —-a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-09-29 18:54 . 2012-10-04 20:54 25928 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-09-25 22:47 . 2012-11-16 14:35 78336 —-a-w- c:\windows\SysWow64\synceng.dll
2012-09-25 22:46 . 2012-11-16 14:35 95744 —-a-w- c:\windows\system32\synceng.dll
2012-09-20 18:00 . 2012-10-04 18:19 127488 —-a-w- c:\windows\system32\ff_vfw.dll
2012-09-18 22:58 . 2012-10-04 15:46 9308616 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{568F8B50-BAFC-4492-8B4D-2EF5E309D195}\mpengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
“WirelessAssistant”=“c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe”
“SwitchBoard”=“c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe”
“AdobeCS6ServiceManager”=“c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe”
“RemoteControl9”=“c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe”
“PDVD9LanguageShortcut”=“c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe”
“BDRegion”=“c:\program files (x86)\Cyberlink\Shared files\brs.exe”
“IAStorIcon”=“c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe”
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“HP Software Update”=“c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe”
“SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe”
“avast”=“c:\program files\AVAST Software\Avast\avastUI.exe”
.
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
“LoadAppInit_DLLs”=1 (0x1)
.
“aux1”=wdmaud.drv
.
@=“Service”
.
“SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe”
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys
S1 aswSnx;aswSnx;
S1 aswSP;aswSP;
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control ;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\000.fcl
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe
S2 aswFsBlk;aswFsBlk;
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe
S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys
S3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys
.
.
— Andere Services/Drivers In Geheugen —
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
2010-02-22 09:38 451872 —-a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de ‘Gedeelde Taken’ map
.
2012-12-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
.
2012-12-14 c:\windows\Tasks\HPCeeScheduleForMarije.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
.
.
——— X64 Entries ———–
.
.
@=“{472083B0-C522-11CF-8763-00608CC02F24}”
2012-10-30 22:50 133400 —-a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
“RTHDVCPL”=“c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe”
“RtkOSD”=“c:\program files (x86)\Realtek\Audio\OSD\RtVOsd64.exe”
“HP Quick Launch”=“c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe”
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe”
“MSC”=“c:\program files\Microsoft Security Client\msseces.exe”
“AdobeAAMUpdater-1.0”=“c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe”
“BCSSync”=“c:\program files\Microsoft Office\Office14\BCSSync.exe”
“IgfxTray”=“c:\windows\system32\igfxtray.exe”
“HotKeysCmds”=“c:\windows\system32\hkcmd.exe”
“Persistence”=“c:\windows\system32\igfxpers.exe”
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.nu.nl/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Marije\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 212.54.35.25 212.54.40.25
FF - ProfilePath - c:\users\Marije\AppData\Roaming\Mozilla\Firefox\Profiles\nh0fvlhj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.nu.nl/
FF - ExtSQL: 2012-12-16 21:12; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - ORPHANS VERWIJDERD - - - -
.
Wow6432Node-HKLM-Run- - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
“ImagePath”=“\??\c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\000.fcl”
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx”
“ThreadingModel”=“Apartment”
.
@=“0”
.
@=“ShockwaveFlash.ShockwaveFlash.11”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“ShockwaveFlash.ShockwaveFlash”
.
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx”
“ThreadingModel”=“Apartment”
.
@=“FlashFactory.FlashFactory.1”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“FlashFactory.FlashFactory”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (Full) (Everyone)
.
———————— Andere Aktieve Processen ————————
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Voltooingstijd: 2012-12-17 22:37:20 - machine werd herstart
ComboFix-quarantined-files.txt 2012-12-17 21:37
.
Pre-Run: 32.461.582.336 bytes beschikbaar
Post-Run: 32.435.527.680 bytes beschikbaar
.
- - End Of File - - 104795AAA5F35180378C83CB6049801A
marijea

17-12-2012 22:56

Slaap lekker Huib. Alvast bedankt
Ben

18-12-2012 09:23

Hallo,
Ik zie 2 virusscanners verwijder Microsoft Security Essentials.
Klik op Start > (Instellingen) > Configuratiescherm > Een programma verwijderen:
Microsoft Security Essentials
“zoek.exe” gebruiken
Schakel je antivirus- en antispywareprogramma's uit, zoek.exe wordt tijdens het downloaden of tijdens gebruik soms als trojan aangezien.
(hier of hier) kan je lezen hoe je dat doet.
Download daarna zoek.exe naar het bureaublad.
Windows 2000 en Windows XP: start de tool middels dubbelklik op “zoek.exe”.
Windows Vista en Windows 7: start de tool middels rechtsklik op “zoek.exe” en dan kiezen voor Als Administrator uitvoeren.
Vervolgens zal er na een tijdje een venster geopend worden.
Met je muis selecteer je nu de volgende keuze "Combined fix"(rechts onderaan)
Kopieer nu onderstaande Vet gedrukte en plak die in het grote invulvenster:
emptyFFcache;
c:\users\Marije\AppData\Local\CRE;f
c:\windows\SysWow64\searchplugins;f
c:\windows\SysWow64\Extensions;f
emptyclsid;
emptyjava;
emptyflash;
emptyiecache;
emptytemp;
Sluit nu eerst alle nog openstaande programmavensters!
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent(dit kan na een herstart zijn)
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht en een nieuw HijackThis logje.
Gr.Ben
marijea

18-12-2012 10:02

Dank je Ben
HJ volgt zo
Zoek.exe Version 3.0.0.4 Updated 15-12-2012
Tool run by Marije on di 18-12-2012 at 9:51:19,76.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3806108587-3756943749-911228452-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-3806108587-3756943749-911228452-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Files \ Folders ======================
“c:\users\Marije\AppData\Local\CRE” deleted
“c:\windows\SysWow64\searchplugins” deleted
“c:\windows\SysWow64\Extensions” deleted
“C:\Users\Marije\AppData\Local\CRE” deleted
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marije\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marije\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\users\Marije\AppData\Local\Mozilla\Firefox\Profiles\nh0fvlhj.default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Marije\AppData\Local\Temp successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\Marije\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not deleted
“C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not deleted
marijea

18-12-2012 10:05

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:03:53, on 18-12-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Marije\Desktop\Antivirus , spyware en onderhoud, wekelijks checken\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQCON/7
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQCON/7
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe” -launchedbylogin
O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe “C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe” 60
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Marije\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra ‘Tools’ menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technologie (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 10927 bytes
Ben

18-12-2012 10:11

Hallo,
Dat ziet er weer netjes uit (tu)
Ondervind je nog problemen zo nee dan gaan we de gebruikte programma's weer verwijderen.
Gr.Ben
marijea

18-12-2012 10:47

Fijn Ben.
Hij is een knap stuk sneller geworden !!

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Laptop is erg traag

fazantje

marijea

fazantje

marijea

marijea

Ben

marijea

marijea

Ben

marijea