Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Windows security centerservice

None
9 antwoorden
  • Deze service is uitgeschakeld en hoe krijg ik die weer ingeschakeld, MBAM heef geen resultaat gehad.
    wel log gemaakt (advies os wondows)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 16:29:30, on 22-2-2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16722)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
    C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Users\Computer van Ron\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Downloads\MailWasher Free\MailWasher.exe
    C:\Program Files (x86)\UPC\bin\sprtcmd.exe
    C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
    C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\real\realplayer\Update\realsched.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
    C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
    C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.upc.nl/upclive/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    R3 - URLSearchHook: (no name) - {65ca59ee-9920-4d7f-8c41-bfa12403261a} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: IE BHO Utility - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110129204023.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O3 - Toolbar: (no name) - {65ca59ee-9920-4d7f-8c41-bfa12403261a} - (no file)
    O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    O4 - HKLM\..\Run: [UPC] "C:\Program Files (x86)\UPC\bin\sprtcmd.exe" /P UPC
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe"
    unkey
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\real\realplayer\update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files (x86)\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Computer van Ron\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: Agenda2.lnk = C:\Softwarenetz\Agenda2\kalender2.exe
    O4 - Startup: Dropbox.lnk = Computer van Ron\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Startup: MailWasherPro.lnk = C:\Downloads\MailWasher Free\MailWasher.exe
    O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
    O4 - Global Startup: McAfee Online Backup Status.lnk = C:\Program Files (x86)\McAfee Online Backup\MOBKstat.exe
    O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\TRENDnet\TEW-623PI\WlanCU.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O15 - Trusted Zone: http://*.mcafee.com
    O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
    O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab
    O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - http://picasaweb.google.nl/s/v/66.30/uploader2.cab
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files (x86)\Skyline\TerraExplorer\TerraExplorerX.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
    O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: 1% (MOBKbackup) - McAfee, Inc. - C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 17015 bytes
  • Typ in de zoekregel boven de startknop [b:11416d4093]services.msc[/b:11416d4093].
    Vervolgens klik je met rechts op de snelkoppeling services bovin het startmenu, om middels adminrechten het tool te starten!

    Scroll in het venster Services nu naar Security Center en dubbelklkik er dan op.
    Zet bij Opstarttype de stand op [b:11416d4093]Automatisch (Start vertraagd)[/b:11416d4093]
  • Hartelijk dank voor de oplossing
  • Net toen ik bedankte voor de oplossing is het securitycenter weer uitgeschakeld. Het lijkt eerst goed.
  • MBAM gedraaid, vond nu adware troep, deze verwijderd en alles wederom gedaan, ook nu wordt de services weer uitgeschakeld.
  • Hoi Ron, doe dan maar het volgende:

    [b:baf7c703ab]Welk programma[/b:baf7c703ab]: ComboFix
    [b:baf7c703ab]Waarvoor/waarom[/b:baf7c703ab]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen.
    [b:baf7c703ab]Moeilijkheidsgraad[/b:baf7c703ab]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:baf7c703ab]Downloadlokatie[/b:baf7c703ab]: Dit programma absoluut naar het bureaublad downloaden!
    [b:baf7c703ab]Download ComboFix via één van deze locaties[/b:baf7c703ab]:
    [list:baf7c703ab][*:baf7c703ab][b:baf7c703ab]Bleepingcomputer[/b:baf7c703ab]
    [*:baf7c703ab][b:baf7c703ab]ForoSpyware[/b:baf7c703ab]
    [*:baf7c703ab][b:baf7c703ab]Geekstogo[/b:baf7c703ab][/list:u:baf7c703ab]
    [b:baf7c703ab]Hier[/b:baf7c703ab] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:baf7c703ab]Hier[/b:baf7c703ab] en [b:baf7c703ab]hier[/b:baf7c703ab] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:baf7c703ab]Voor alle duidelijkheid nogmaals[/b:baf7c703ab]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:baf7c703ab]Opmerkingen[/b:baf7c703ab]:
    [list:baf7c703ab][*:baf7c703ab] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:baf7c703ab]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:baf7c703ab]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:baf7c703ab]
    [b:baf7c703ab]ComboFix is opgestart[/b:baf7c703ab]:
    [list:baf7c703ab][*:baf7c703ab]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:baf7c703ab]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:baf7c703ab]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:baf7c703ab]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:baf7c703ab]Post de inhoud van dit logbestand in je volgende bericht.
    [*:baf7c703ab]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:baf7c703ab]
    [b:baf7c703ab]Belangrijke opmerking[/b:baf7c703ab]:
    [list:baf7c703ab][*:baf7c703ab][b:baf7c703ab]Indien er een error wordt getoond met de melding: [*:baf7c703ab][/color:baf7c703ab]Illegal operation attempted on a registery key that has been marked for deletion.[/color:baf7c703ab]
    [*:baf7c703ab]start dan de computer opnieuw op.[/color:baf7c703ab][/b:baf7c703ab][/list:u:baf7c703ab]
  • ComboFix 11-02-23.06 - Computer van Ron 24-02-2011 9:00.1.8 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.8155.6110 [GMT 1:00]
    Gestart vanuit: c:\downloads\ComboFix.exe
    AV: McAfee Antivirus en antispyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    SP: McAfee Antivirus en antispyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    /wow section - STAGE 25
    Kan bestand LockedB niet vinden.
    Kan bestand lockedB niet vinden.
    Het systeem kan het opgegeven pad niet vinden.
    Kan bestand LockedB niet vinden.
    SED: can't read temp2400: No such file or directory
    grep: temp2401: No such file or directory
    @DO niet verwacht op dit moment.


    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\users\Computer van Ron\AppData\Roaming\install
    c:\users\Computer van Ron\GoToAssistDownloadHelper.exe
    c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index(34).dat
    K:\Autorun.inf
    c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . konden niet verwijderd worden
    c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . konden niet verwijderd worden

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-01-24 to 2011-02-24 ))))))))))))))))))))))))))))))
    .

    2011-02-24 08:28 . 2011-02-24 08:28 ——– d—–w- c:\windows\system32\config\systemprofile\AppData\Local\temp
    2011-02-23 20:15 . 2010-09-14 06:45 367104 —-a-w- c:\windows\system32\wcncsvc.dll
    2011-02-23 20:15 . 2010-09-14 06:07 276992 —-a-w- c:\windows\SysWow64\wcncsvc.dll
    2011-02-23 20:04 . 2011-02-23 20:04 ——– d—–w- c:\program files (x86)\Common Files\McAfee
    2011-02-23 20:04 . 2010-10-13 21:28 190136 —-a-w- c:\windows\system32\drivers\mfeavfk.sys
    2011-02-23 20:04 . 2011-02-23 20:04 ——– d—–w- c:\program files\McAfee
    2011-02-23 20:04 . 2011-02-23 20:18 ——– d—–w- c:\program files (x86)\McAfee
    2011-02-23 19:16 . 2011-01-07 08:07 662528 —-a-w- c:\windows\system32\XpsPrint.dll
    2011-02-23 19:16 . 2011-01-07 08:07 475648 —-a-w- c:\windows\system32\XpsGdiConverter.dll
    2011-02-23 19:16 . 2011-01-07 07:31 442880 —-a-w- c:\windows\SysWow64\XpsPrint.dll
    2011-02-23 19:16 . 2011-01-07 07:31 288256 —-a-w- c:\windows\SysWow64\XpsGdiConverter.dll
    2011-02-22 12:50 . 2011-02-22 12:50 143360 –sha-r- c:\windows\SysWow64\WSDApia.dll
    2011-02-22 07:13 . 2011-01-13 10:20 7844688 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{05E8EA1A-3474-49EE-8BEE-9C556D0BCF2F}\mpengine.dll
    2011-02-21 15:50 . 2011-02-21 15:50 ——– d—–w- c:\program files (x86)\Common Files\Java
    2011-02-16 13:59 . 2011-02-16 13:59 ——– d—–w- c:\program files (x86)\Common Files\xing shared
    2011-02-13 12:10 . 2011-02-14 07:29 ——– d—–w- c:\programdata\cBoAdNc01834
    2011-02-08 17:37 . 2011-02-08 17:37 ——– d—–w- c:\program files (x86)\TweetDeck
    2011-02-08 16:11 . 2011-02-08 16:11 ——– d—–w- c:\users\Computer van Ron\AppData\Local\{883EA4C9-2987-49E8-B285-EC6D166165EE}
    2011-02-08 12:49 . 2011-02-08 12:49 ——– d—–w- c:\program files (x86)\HWiNFO32
    2011-02-06 12:44 . 2011-02-06 12:44 ——– d—–w- c:\users\Computer van Ron\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
    2011-02-06 12:42 . 2011-02-06 12:42 ——– d—–w- c:\program files (x86)\Conduit
    2011-02-06 12:42 . 2011-02-14 07:48 ——– d—–w- c:\program files (x86)\Softonic_Netherlands
    2011-02-05 09:13 . 2011-02-05 09:14 ——– d—–w- c:\users\Computer van Ron\AppData\Local\{F22C9E85-27FD-46DC-8D33-302FE3CEF0A0}
    2011-02-04 17:23 . 2011-02-04 17:23 ——– d—–w- c:\users\Computer van Ron\AppData\Local\{19B01787-F0E3-4EC1-A31D-06CE8738E425}
    2011-02-04 14:01 . 2011-02-04 14:01 ——– d—–w- c:\users\Computer van Ron\AppData\Local\{8A476854-4A2B-41CA-B2AD-33A64563A8AB}
    2011-02-04 13:33 . 2010-04-09 11:06 374664 —-a-w- c:\windows\system32\drivers
    etio.sys
    2011-02-04 13:25 . 2011-02-04 13:25 ——– d—–w- c:\windows
    l
    2011-02-04 13:22 . 2011-02-04 13:22 ——– d—–w- c:\program files (x86)\MSN Toolbar
    2011-02-04 13:21 . 2011-02-04 13:22 ——– d—–w- c:\program files (x86)\Bing Bar Installer
    2011-02-04 13:21 . 2009-09-04 16:44 69464 —-a-w- c:\windows\SysWow64\XAPOFX1_3.dll
    2011-02-04 13:21 . 2009-09-04 16:44 515416 —-a-w- c:\windows\SysWow64\XAudio2_5.dll
    2011-02-04 13:21 . 2009-09-04 16:29 453456 —-a-w- c:\windows\SysWow64\d3dx10_42.dll
    2011-02-04 13:21 . 2009-09-04 16:29 523088 —-a-w- c:\windows\system32\d3dx10_42.dll
    2011-02-04 13:21 . 2006-11-29 12:06 4398360 —-a-w- c:\windows\system32\d3dx9_32.dll
    2011-02-04 13:21 . 2006-11-29 12:06 3426072 —-a-w- c:\windows\SysWow64\d3dx9_32.dll
    2011-02-04 13:21 . 2011-02-04 13:21 469256 —-a-w- c:\program files (x86)\Common Files\Windows Live\.cache\661376d21cbc46e04\InstallManager_WLE_WLE.exe
    2011-02-04 13:20 . 2011-02-04 13:20 15712 —-a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5cd2fda21cbc46e03\MeshBetaRemover.exe
    2011-02-03 21:00 . 2011-02-03 21:00 ——– d—–w- c:\program files (x86)\Common Files\Skype
    2011-01-31 10:25 . 2011-01-31 10:26 ——– d—–w- c:\program files\iTunes
    2011-01-31 10:25 . 2011-01-31 10:26 ——– d—–w- c:\program files (x86)\iTunes
    2011-01-31 10:25 . 2011-01-31 10:25 ——– d—–w- c:\program files\iPod
    2011-01-30 13:57 . 2011-01-30 13:57 103864 —-a-w- c:\program files (x86)\Mozilla Firefox\plugins
    ppdf32.dll
    2011-01-30 13:57 . 2011-01-30 13:57 103864 —-a-w- c:\program files (x86)\Internet Explorer\PLUGINS
    ppdf32.dll
    2011-01-29 13:57 . 2011-01-29 13:57 ——– d—–w- c:\users\Computer van Ron\AppData\Roaming\Gmail Notifier Plus
    2011-01-26 19:16 . 2011-01-26 19:16 ——– d—–w- C:\Softwarenetz
    2011-01-26 11:35 . 2011-01-26 11:35 ——– d—–w- c:\users\Computer van Ron\AppData\Local\Help
    2011-01-26 11:34 . 2009-08-04 17:56 296960 —-a-w- c:\windows\winhlp32.exe
    2011-01-26 11:34 . 2009-08-04 17:55 195072 —-a-w- c:\windows\SysWow64\ftsrch.dll
    2011-01-26 11:34 . 2009-08-04 17:55 195072 —-a-w- c:\windows\system32\ftsrch.dll
    2011-01-26 11:34 . 2009-08-04 17:55 9216 —-a-w- c:\windows\SysWow64\ftlx0411.dll
    2011-01-26 11:34 . 2009-08-04 17:55 9216 —-a-w- c:\windows\system32\ftlx0411.dll
    2011-01-26 11:34 . 2009-08-04 17:55 10240 —-a-w- c:\windows\SysWow64\ftlx041e.dll
    2011-01-26 11:34 . 2009-08-04 17:55 10240 —-a-w- c:\windows\system32\ftlx041e.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-02-16 13:59 . 2010-04-01 12:24 499712 —-a-w- c:\windows\SysWow64\msvcp71.dll
    2011-02-16 13:59 . 2010-03-02 13:33 348160 —-a-w- c:\windows\SysWow64\msvcr71.dll
    2011-02-02 20:40 . 2010-05-16 10:57 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2011-02-02 16:11 . 2010-03-02 12:27 270720 ——w- c:\windows\system32\MpSigStub.exe
    2010-12-20 17:09 . 2010-11-08 15:58 38224 —-a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2010-12-20 17:08 . 2010-03-22 10:35 24152 —-a-w- c:\windows\system32\drivers\mbam.sys
    2010-12-02 03:35 . 2010-12-02 03:35 4280320 —-a-w- c:\windows\SysWow64\GPhotos.scr
    2010-11-29 16:38 . 2010-11-29 16:38 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2010-11-29 16:38 . 2010-11-29 16:38 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
    2010-07-29 14:41 . 2010-07-29 14:42 590798536 —-a-w- c:\program files (x86)\Office_Home_and_Student_2010_Dutch_32bit.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 94208 —-a-w- c:\users\Computer van Ron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 94208 —-a-w- c:\users\Computer van Ron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 94208 —-a-w- c:\users\Computer van Ron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 94208 —-a-w- c:\users\Computer van Ron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
    "Rainlendar2"="c:\program files (x86)\Rainlendar2\Rainlendar2.exe" [2010-07-11 2199040]
    "TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2010-08-24 247144]
    "ccleaner"="c:\program files (x86)\CCleaner\ccleaner.exe" [2011-01-24 2200376]
    "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-01-26 15026056]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-02 39408]
    "Google Update"="c:\users\Computer van Ron\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-02-02 136176]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
    "ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-02 98304]
    "ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2009-06-14 307200]
    "UPC"="c:\program files (x86)\UPC\bin\sprtcmd.exe" [2005-08-16 192512]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
    "ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2009-09-12 103768]
    "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-01-17 1484856]
    "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-01-25 421160]
    "TkBellExe"="c:\program files (x86)\real\realplayer\update\realsched.exe" [2011-02-16 273544]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]

    c:\users\Computer van Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Agenda2.lnk - c:\softwarenetz\Agenda2\kalender2.exe [N/A]
    Dropbox.lnk - c:\users\Computer van Ron\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-12-17 23343848]
    MailWasherPro.lnk - c:\downloads\MailWasher Free\MailWasher.exe [2010-3-15 16691142]
    OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 245120]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Wireless Configuration Utility.lnk - c:\program files\TRENDnet\TEW-623PI\WlanCU.exe [N/A]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""

    R1 SASDIFSV;SASDIFSV;c:\users\COMPUT~1\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV64.SYS [x]
    R1 SASKUTIL;SASKUTIL;c:\users\COMPUT~1\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL64.SYS [x]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-02 135664]
    R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672]
    R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-10-13 94864]
    R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-10-13 283360]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
    S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-09-08 87600]
    S1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [2010-03-02 16384]
    S1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [2010-09-29 28032]
    S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-10-13 75032]
    S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [2010-04-13 66040]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S2 acedrv10;acedrv10;c:\windows\system32\drivers\acedrv10.sys [2010-03-04 464464]
    S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-03-04 376400]
    S2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [2010-03-04 229664]
    S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 203776]
    S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 245352]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-10-13 149032]
    S2 MOBKbackup;1%;c:\program files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-04-13 231224]
    S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
    S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-10-27 8012288]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-27 287232]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-10-13 62800]
    S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
    S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]
    S3 LVUVC64;Logitech QuickCam S5500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-10-13 441328]
    S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS
    etr28x.sys [2009-11-09 787968]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]


    — Andere Services/Drivers In Geheugen —

    *Deregistered* - mfeavfk01
    .
    Inhoud van de 'Gedeelde Taken' map

    2011-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-02 13:03]

    2011-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-02 13:03]

    2011-02-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2815104739-2611702783-2569919567-1001Core.job
    - c:\users\Computer van Ron\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-02 08:47]

    2011-02-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2815104739-2611702783-2569919567-1001UA.job
    - c:\users\Computer van Ron\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-02 08:47]
    .

    ——— x86-64 ———–


    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 97792 —-a-w- c:\users\Computer van Ron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 97792 —-a-w- c:\users\Computer van Ron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 97792 —-a-w- c:\users\Computer van Ron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 97792 —-a-w- c:\users\Computer van Ron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
    @="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
    [HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
    2010-04-13 19:11 3816248 —-a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
    @="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
    [HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
    2010-04-13 19:11 3816248 —-a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
    @="{b4caf489-1eec-c617-49ad-8d7088598c06}"
    [HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
    2010-04-13 19:11 3816248 —-a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
    "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1609296]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-28 497648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ——- Bijkomende Scan ——-
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.upc.nl/upclive/
    mLocal Page = c:\windows\SysWOW64\blank.htm
    mSearch Bar = hxxp://www.google.com
    uInternet Settings,ProxyOverride = local
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Google Sidewiki… - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    Trusted Zone: internet
    Trusted Zone: mcafee.com
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
    FF - ProfilePath - c:\users\Computer van Ron\AppData\Roaming\Mozilla\Firefox\Profiles\xqpekkb2.default\
    FF - prefs.js: browser.search.selectedEngine - Secure-zoeken
    FF - prefs.js: browser.startup.homepage - hxxps://portal.sensire.nl/vpn/index.html
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
    FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files (x86)\McAfee\SiteAdvisor
    .
    - - - - ORPHANS VERWIJDERD - - - -

    URLSearchHooks-{65ca59ee-9920-4d7f-8c41-bfa12403261a} - (no file)
    Toolbar-Locked - (no file)
    Toolbar-{65ca59ee-9920-4d7f-8c41-bfa12403261a} - (no file)
    Wow6432Node-HKLM-Run-RemoteAssist - (no file)
    Wow6432Node-HKLM-Run-1A:Stardock TrayMonitor - (no file)
    Toolbar-Locked - (no file)
    WebBrowser-{3BB40A0A-4DF6-4548-95EE-09D2512A09A6} - (no file)
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file)
    WebBrowser-{65CA59EE-9920-4D7F-8C41-BFA12403261A} - (no file)


    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe,-101"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
    "ThreadingModel"="Apartment"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
    "ThreadingModel"="Apartment"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\windows\SysWOW64\rundll32.exe
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\windows\SysWOW64\ASDR.exe
    c:\program files (x86)\Bonjour\mDNSResponder.exe
    c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
    c:\windows\SysWOW64\rundll32.exe
    c:\program files (x86)\Citrix\ICA Client\wfcrun32.exe
    c:\program files (x86)\Brother\Brmfcmon\BrMfcmon.exe
    c:\program files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    c:\program files (x86)\Skype\Plugin Manager\skypePM.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2011-02-24 09:39:11 - machine werd herstart
    ComboFix-quarantined-files.txt 2011-02-24 08:39

    Pre-Run: 226.484.600.832 bytes beschikbaar
    Post-Run: 226.329.874.432 bytes beschikbaar

    - - End Of File - - 1EA3FE256C740F6FA1517E50A2542097
  • vooralsnog is het probleem niet weg.
  • McAfee opnieuw geinstalleerd en het lijkt nu goed te zijn.
    Bedankt voor jullie hulp.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.