Deze website maakt gebruik van cookies. Waarom? Klik hier voor ons privacy- en cookiebeleid. Door op akkoord te klikken of door gebruik te blijven maken van deze website geeft u aan akkoord te zijn met het gebruik van cookies.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

verzoek om de gegevens van de huispc ook te controleren

None
10 antwoorden
  • ik heb thuis een pc staan die door het hele gezin gebruikt wordt.
    er wordt nu geklaagd dat vooral de internetbrowser vaak moeilijk doet.
    Firefox is onze browser op dit moment.
    verder lopen programma's vaak even vast lijkt het, dit gebeurt vaak als er in programma's gewisseld wordt. bv. van internet naar een mediaplayer.
    of is dit gewoon laadtijd?

    hier iig een hijack logje en een mbam logje.

    [hjt]
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:51:09, on 14-8-2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v8.00 (8.00.7601.17514)
    Boot mode: Normal

    [b:e0802f31f3]Running processes:[/b:e0802f31f3]
    c:\program files (x86)\google\googletoolbarnotifier\[/color:e0802f31f3]googletoolbarnotifier.exe[/color:e0802f31f3]
    c:\program files (x86)\avg\avg10\[/color:e0802f31f3]avgtray.exe[/color:e0802f31f3]
    c:\program files (x86)\common files\java\java update\[/color:e0802f31f3]jusched.exe[/color:e0802f31f3]
    c:\program files (x86)\itunes\[/color:e0802f31f3]ituneshelper.exe[/color:e0802f31f3]
    c:\program files\thomson\tg122n\[/color:e0802f31f3]wlancu.exe[/color:e0802f31f3]
    c:\program files (x86)\avg\avg10\identity protection\agent\bin\[/color:e0802f31f3]avgidsmonitor.exe[/color:e0802f31f3]
    c:
    exon
    exon_eu_downloader\[/color:e0802f31f3]nexon_eu_downloader_engine.exe[/color:e0802f31f3]
    c:\program files (x86)\trend micro\hijackthis\[/color:e0802f31f3]hijackthis.exe[/color:e0802f31f3]

    r1 -[/color:e0802f31f3] hkcu\software\microsoft\internet explorer\main[/color:e0802f31f3],search page = [u:e0802f31f3][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:e0802f31f3]
    r0 -[/color:e0802f31f3] hkcu\software\microsoft\internet explorer\main[/color:e0802f31f3],start page = [u:e0802f31f3][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:e0802f31f3]
    r1 -[/color:e0802f31f3] hklm\software\microsoft\internet explorer\main[/color:e0802f31f3],default_page_url = [u:e0802f31f3][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:e0802f31f3]
    r1 -[/color:e0802f31f3] hklm\software\microsoft\internet explorer\main[/color:e0802f31f3],default_search_url = [u:e0802f31f3][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:e0802f31f3]
    r1 -[/color:e0802f31f3] hklm\software\microsoft\internet explorer\main[/color:e0802f31f3],search page = [u:e0802f31f3][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:e0802f31f3]
    r0 -[/color:e0802f31f3] hklm\software\microsoft\internet explorer\main[/color:e0802f31f3],start page = [u:e0802f31f3][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:e0802f31f3]
    r0 -[/color:e0802f31f3] hklm\software\microsoft\internet explorer\search[/color:e0802f31f3],searchassistant =
    r0 -[/color:e0802f31f3] hklm\software\microsoft\internet explorer\search[/color:e0802f31f3],customizesearch =
    r0 -[/color:e0802f31f3] hklm\software\microsoft\internet explorer\main[/color:e0802f31f3],local page = c:\windows\syswow64\[/color:e0802f31f3]blank.htm[/color:e0802f31f3]
    r0 -[/color:e0802f31f3] hkcu\software\microsoft\internet explorer\toolbar[/color:e0802f31f3],linksfoldername =
    r3 -[/color:e0802f31f3] urlsearchhook[/color:e0802f31f3]: avg security toolbar bho - {a3bc75a2-1f87-4686-aa43-5347d756017c}[/color:e0802f31f3] - c:\program files (x86)\avg\avg10\toolbar\[/color:e0802f31f3]ietoolbar.dll[/color:e0802f31f3]
    f2 -[/color:e0802f31f3] reg[/color:e0802f31f3]:system.ini: userinit=userinit.exe
    o2 -[/color:e0802f31f3] bho[/color:e0802f31f3]: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3}[/color:e0802f31f3] - c:\program files (x86)\common files\adobe\acrobat\activex\[/color:e0802f31f3]acroiehelpershim.dll[/color:e0802f31f3]
    o2 -[/color:e0802f31f3] bho[/color:e0802f31f3]: wormradar.com iesiteblocker.navfilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}[/color:e0802f31f3] - c:\program files (x86)\avg\avg10\[/color:e0802f31f3]avgssie.dll[/color:e0802f31f3]
    o2 -[/color:e0802f31f3] bho[/color:e0802f31f3]: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb}[/color:e0802f31f3] - (no file)
    o2 -[/color:e0802f31f3] bho[/color:e0802f31f3]: windows live id sign-in helper - {9030d464-4c02-4abf-8ecc-5164760863c6}[/color:e0802f31f3] - c:\program files (x86)\common files\microsoft shared\windows live\[/color:e0802f31f3]windowslivelogin.dll[/color:e0802f31f3]
    o2 -[/color:e0802f31f3] bho[/color:e0802f31f3]: avg security toolbar bho - {a3bc75a2-1f87-4686-aa43-5347d756017c}[/color:e0802f31f3] - c:\program files (x86)\avg\avg10\toolbar\[/color:e0802f31f3]ietoolbar.dll[/color:e0802f31f3]
    o2 -[/color:e0802f31f3] bho[/color:e0802f31f3]: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7}[/color:e0802f31f3] - c:\program files (x86)\google\google toolbar\[/color:e0802f31f3]googletoolbar_32.dll[/color:e0802f31f3]
    o2 -[/color:e0802f31f3] bho[/color:e0802f31f3]: skypeiepluginbho - {ae805869-2e5c-4ed4-8f7b-f1f7851a4497}[/color:e0802f31f3] - c:\program files (x86)\skype\toolbars\internet explorer\[/color:e0802f31f3]skypeieplugin.dll[/color:e0802f31f3]
    o2 -[/color:e0802f31f3] bho[/color:e0802f31f3]: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d}[/color:e0802f31f3] - c:\program files (x86)\google\googletoolbarnotifier\5.7.6406.1642\[/color:e0802f31f3]swg.dll[/color:e0802f31f3]
    o2 -[/color:e0802f31f3] bho[/color:e0802f31f3]: java™ plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9}[/color:e0802f31f3] - c:\program files (x86)\java\jre6\bin\[/color:e0802f31f3]jp2ssv.dll[/color:e0802f31f3]
    o3 -[/color:e0802f31f3] toolbar[/color:e0802f31f3]: avg security toolbar - {ccc7a320-b3ca-4199-b1a6-9f516dd69829}[/color:e0802f31f3] - c:\program files (x86)\avg\avg10\toolbar\[/color:e0802f31f3]ietoolbar.dll[/color:e0802f31f3]
    o3 -[/color:e0802f31f3] toolbar[/color:e0802f31f3]: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f}[/color:e0802f31f3] - c:\program files (x86)\google\google toolbar\[/color:e0802f31f3]googletoolbar_32.dll[/color:e0802f31f3]
    o4 -[/color:e0802f31f3] hklm\..\run[/color:e0802f31f3]: [b:e0802f31f3][avg_tray][/b:e0802f31f3] c:\program files (x86)\avg\avg10\[/color:e0802f31f3]avgtray.exe[/color:e0802f31f3]
    o4 -[/color:e0802f31f3] hklm\..\run[/color:e0802f31f3]: [b:e0802f31f3][sunjavaupdatesched][/b:e0802f31f3] c:\program files (x86)\common files\java\java update\[/color:e0802f31f3]jusched.exe[/color:e0802f31f3]
    o4 -[/color:e0802f31f3] hklm\..\run[/color:e0802f31f3]: [b:e0802f31f3][ituneshelper][/b:e0802f31f3] c:\program files (x86)\itunes\[/color:e0802f31f3]ituneshelper.exe[/color:e0802f31f3]
    o4 -[/color:e0802f31f3] hklm\..\run[/color:e0802f31f3]: [b:e0802f31f3][adobe arm][/b:e0802f31f3] c:\program files (x86)\common files\adobe\arm\1.0\[/color:e0802f31f3]adobearm.exe[/color:e0802f31f3]
    o4 -[/color:e0802f31f3] hklm\..\runonce[/color:e0802f31f3]: [b:e0802f31f3][malwarebytes' anti-malware][/b:e0802f31f3] c:\program files (x86)\malwarebytes' anti-malware\[/color:e0802f31f3]mbamgui.exe[/color:e0802f31f3] /install /silent
    o4 -[/color:e0802f31f3] hkcu\..\run[/color:e0802f31f3]: [b:e0802f31f3][msnmsgr][/b:e0802f31f3] c:\program files (x86)\windows live\messenger\[/color:e0802f31f3]msnmsgr.exe[/color:e0802f31f3] /background
    o4 -[/color:e0802f31f3] hkcu\..\run[/color:e0802f31f3]: [b:e0802f31f3][kpeernexoneu][/b:e0802f31f3] c:
    exon
    exon_eu_downloader\[/color:e0802f31f3]nxeulauncher.exe[/color:e0802f31f3]
    o4 -[/color:e0802f31f3] hkcu\..\run[/color:e0802f31f3]: [b:e0802f31f3][swg][/b:e0802f31f3] c:\program files (x86)\google\googletoolbarnotifier\[/color:e0802f31f3]googletoolbarnotifier.exe[/color:e0802f31f3]
    o4 -[/color:e0802f31f3] hkcu\..\run[/color:e0802f31f3]: [b:e0802f31f3][daemon tools lite][/b:e0802f31f3] c:\program files (x86)\daemon tools lite\[/color:e0802f31f3]dtlite.exe[/color:e0802f31f3] -autorun
    o4 -[/color:e0802f31f3] hkus\s-1-5-19\..\run[/color:e0802f31f3]: [b:e0802f31f3][sidebar][/b:e0802f31f3] %programfiles%\windows sidebar\[/color:e0802f31f3]sidebar.exe[/color:e0802f31f3] /autorun (user 'local service')
    o4 -[/color:e0802f31f3] hkus\s-1-5-19\..\runonce[/color:e0802f31f3]: [b:e0802f31f3][mctadmin][/b:e0802f31f3] c:\windows\system32\[/color:e0802f31f3]mctadmin.exe[/color:e0802f31f3] (user 'local service')
    o4 -[/color:e0802f31f3] hkus\s-1-5-20\..\run[/color:e0802f31f3]: [b:e0802f31f3][sidebar][/b:e0802f31f3] %programfiles%\windows sidebar\[/color:e0802f31f3]sidebar.exe[/color:e0802f31f3] /autorun (user 'network service')
    o4 -[/color:e0802f31f3] hkus\s-1-5-20\..\runonce[/color:e0802f31f3]: [b:e0802f31f3][mctadmin][/b:e0802f31f3] c:\windows\system32\[/color:e0802f31f3]mctadmin.exe[/color:e0802f31f3] (user 'network service')
    o4 -[/color:e0802f31f3] global startup[/color:e0802f31f3]: wireless configuration utility.lnk = c:\program files\thomson\tg122n\[/color:e0802f31f3]wlancu.exe[/color:e0802f31f3]
    o8 -[/color:e0802f31f3] extra context menu item[/color:e0802f31f3]: e&xporteren naar microsoft excel - res://c:\progra~2\micros~3\office11\[/color:e0802f31f3]excel.exe[/color:e0802f31f3]/3000
    o8 -[/color:e0802f31f3] extra context menu item[/color:e0802f31f3]: google sidewiki… - res://c:\program files (x86)\google\google toolbar\component\[/color:e0802f31f3]googletoolbardynamic_mui_en_43c348bc2e93eb2b.dll[/color:e0802f31f3]/cmsidewiki.html
    o9 -[/color:e0802f31f3] extra button[/color:e0802f31f3]: in weblog opnemen - {219c3416-8cb2-491a-a3c7-d9fcddc9d600}[/color:e0802f31f3] - c:\program files (x86)\windows live\writer\[/color:e0802f31f3]writerbrowserextension.dll[/color:e0802f31f3]
    o9 -[/color:e0802f31f3] extra 'tools' menuitem[/color:e0802f31f3]: &in weblog opnemen met windows live writer - {219c3416-8cb2-491a-a3c7-d9fcddc9d600}[/color:e0802f31f3] - c:\program files (x86)\windows live\writer\[/color:e0802f31f3]writerbrowserextension.dll[/color:e0802f31f3]
    o9 -[/color:e0802f31f3] extra button[/color:e0802f31f3]: click to call with skype - {898ea8c8-e7ff-479b-8935-aec46303b9e5}[/color:e0802f31f3] - c:\program files (x86)\skype\toolbars\internet explorer\[/color:e0802f31f3]skypeieplugin.dll[/color:e0802f31f3]
    o9 -[/color:e0802f31f3] extra 'tools' menuitem[/color:e0802f31f3]: click to call with skype - {898ea8c8-e7ff-479b-8935-aec46303b9e5}[/color:e0802f31f3] - c:\program files (x86)\skype\toolbars\internet explorer\[/color:e0802f31f3]skypeieplugin.dll[/color:e0802f31f3]
    o9 -[/color:e0802f31f3] extra button[/color:e0802f31f3]: onderzoek - {92780b25-18cc-41c8-b9be-3c9c571a8263}[/color:e0802f31f3] - c:\progra~2\micros~3\office11\[/color:e0802f31f3]refiebar.dll[/color:e0802f31f3]
    o10 -[/color:e0802f31f3] unknown file in winsock lsp[/color:e0802f31f3]: c:\program files (x86)\common files\microsoft shared\windows live\[/color:e0802f31f3]wlidnsp.dll[/color:e0802f31f3]
    o10 -[/color:e0802f31f3] unknown file in winsock lsp[/color:e0802f31f3]: c:\program files (x86)\common files\microsoft shared\windows live\[/color:e0802f31f3]wlidnsp.dll[/color:e0802f31f3]
    o16 -[/color:e0802f31f3] dpf[/color:e0802f31f3]: {5d6f45b3-9043-443d-a792-115447494d24}[/color:e0802f31f3] (unoctrl class) - [u:e0802f31f3][noparse]http://messenger.zone.msn.com/messengergamescontent/gamecontent/nl/uno1/game_uno1.cab[/noparse][/u:e0802f31f3]
    o16 -[/color:e0802f31f3] dpf[/color:e0802f31f3]: {c3f79a2b-b9b4-4a66-b012-3ee46475b072}[/color:e0802f31f3] (messengerstatsclient class) - [u:e0802f31f3][noparse]http://messenger.zone.msn.com/binary/messengerstatspaclient.cab56907.cab[/noparse][/u:e0802f31f3]
    o18 -[/color:e0802f31f3] protocol[/color:e0802f31f3]: avgsecuritytoolbar - {f2dde6b2-9684-4a55-86d4-e255e237b77c}[/color:e0802f31f3] - c:\program files (x86)\avg\avg10\toolbar\[/color:e0802f31f3]ietoolbar.dll[/color:e0802f31f3]
    o18 -[/color:e0802f31f3] protocol[/color:e0802f31f3]: linkscanner - {f274614c-63f8-47d5-a4d1-fbdde494f8d1}[/color:e0802f31f3] - c:\program files (x86)\avg\avg10\[/color:e0802f31f3]avgpp.dll[/color:e0802f31f3]
    o18 -[/color:e0802f31f3] protocol[/color:e0802f31f3]: skype-ie-addon-data - {91774881-d725-4e58-b298-07617b9b86a8}[/color:e0802f31f3] - c:\program files (x86)\skype\toolbars\internet explorer\[/color:e0802f31f3]skypeieplugin.dll[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: adobe acrobat update service (adobearmservice) - adobe systems incorporated - c:\program files (x86)\common files\adobe\arm\1.0\[/color:e0802f31f3]armsvc.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]alg.exe[/color:e0802f31f3],-112 (alg) - unknown owner - c:\windows\system32\[/color:e0802f31f3]alg.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: mobiel apple apparaat (apple mobile device) - apple inc. - c:\program files (x86)\common files\apple\mobile device support\[/color:e0802f31f3]applemobiledeviceservice.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: avg security toolbar service - unknown owner - c:\program files (x86)\avg\avg10\toolbar\[/color:e0802f31f3]toolbarbroker.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: avgidsagent - avg technologies cz, s.r.o. - c:\program files (x86)\avg\avg10\identity protection\agent\bin\[/color:e0802f31f3]avgidsagent.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: avg watchdog (avgwd) - avg technologies cz, s.r.o. - c:\program files (x86)\avg\avg10\[/color:e0802f31f3]avgwdsvc.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: bonjour-service (bonjour service) - apple inc. - c:\program files (x86)\bonjour\[/color:e0802f31f3]mdnsresponder.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]efssvc.dll[/color:e0802f31f3],-100 (efs) - unknown owner - c:\windows\system32\[/color:e0802f31f3]lsass.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]fxsresm.dll[/color:e0802f31f3],-118 (fax) - unknown owner - c:\windows\system32\[/color:e0802f31f3]fxssvc.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: google updateservice (gupdate) (gupdate) - google inc. - c:\program files (x86)\google\update\[/color:e0802f31f3]googleupdate.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: google update-service (gupdatem) (gupdatem) - google inc. - c:\program files (x86)\google\update\[/color:e0802f31f3]googleupdate.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: google software updater (gusvc) - google - c:\program files (x86)\google\common\google updater\[/color:e0802f31f3]googleupdaterservice.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: installdriver table manager (idrivert) - macrovision corporation - c:\program files (x86)\common files\installshield\driver\11\intel 32\[/color:e0802f31f3]idrivert.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: ipod-service (ipod service) - apple inc. - c:\program files\ipod\bin\[/color:e0802f31f3]ipodservice.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @keyiso.dll,-100 (keyiso) - unknown owner - c:\windows\system32\[/color:e0802f31f3]lsass.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @comres.dll,-2797 (msdtc) - unknown owner - c:\windows\system32\[/color:e0802f31f3]msdtc.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: nero backitup scheduler 4.0 - nero ag - c:\program files (x86)\common files
    ero
    ero backitup 4\[/color:e0802f31f3]nbservice.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]netlogon.dll[/color:e0802f31f3],-102 (netlogon) - unknown owner - c:\windows\system32\[/color:e0802f31f3]lsass.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: nvidia display driver service (nvsvc) - unknown owner - c:\windows\system32\[/color:e0802f31f3]nvvsvc.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]psbase.dll[/color:e0802f31f3],-300 (protectedstorage) - unknown owner - c:\windows\system32\[/color:e0802f31f3]lsass.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]locator.exe[/color:e0802f31f3],-2 (rpclocator) - unknown owner - c:\windows\system32\[/color:e0802f31f3]locator.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]samsrv.dll[/color:e0802f31f3],-1 (samss) - unknown owner - c:\windows\system32\[/color:e0802f31f3]lsass.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]snmptrap.exe[/color:e0802f31f3],-3 (snmptrap) - unknown owner - c:\windows\system32\[/color:e0802f31f3]snmptrap.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]spoolsv.exe[/color:e0802f31f3],-1 (spooler) - unknown owner - c:\windows\system32\[/color:e0802f31f3]spoolsv.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]sppsvc.exe[/color:e0802f31f3],-101 (sppsvc) - unknown owner - c:\windows\system32\[/color:e0802f31f3]sppsvc.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: steam client service - valve corporation - c:\program files (x86)\common files\steam\[/color:e0802f31f3]steamservice.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: nvidia stereoscopic 3d driver service (stereo service) - nvidia corporation - c:\program files (x86)
    vidia corporation\3d vision\[/color:e0802f31f3]nvscpapisvr.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: tomtomhomeservice - tomtom - c:\program files (x86)\tomtom home 2\[/color:e0802f31f3]tomtomhomeservice.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]ui0detect.exe[/color:e0802f31f3],-101 (ui0detect) - unknown owner - c:\windows\system32\[/color:e0802f31f3]ui0detect.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]vaultsvc.dll[/color:e0802f31f3],-1003 (vaultsvc) - unknown owner - c:\windows\system32\[/color:e0802f31f3]lsass.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]vds.exe[/color:e0802f31f3],-100 (vds) - unknown owner - c:\windows\system32\[/color:e0802f31f3]vds.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]vssvc.exe[/color:e0802f31f3],-102 (vss) - unknown owner - c:\windows\system32\[/color:e0802f31f3]vssvc.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\wat\[/color:e0802f31f3]watux.exe[/color:e0802f31f3],-601 (watadminsvc) - unknown owner - c:\windows\system32\wat\[/color:e0802f31f3]watadminsvc.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\[/color:e0802f31f3]wbengine.exe[/color:e0802f31f3],-104 (wbengine) - unknown owner - c:\windows\system32\[/color:e0802f31f3]wbengine.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: wlanwpssvc - unknown owner - c:\program files\thomson\tg122n\[/color:e0802f31f3]wlanwpssvc.exe[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%systemroot%\system32\wbem\[/color:e0802f31f3]wmiapsrv.exe[/color:e0802f31f3],-110 (wmiapsrv) - unknown owner - c:\windows\system32\wbem\[/color:e0802f31f3]wmiapsrv.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]
    o23 -[/color:e0802f31f3] service[/color:e0802f31f3]: @%programfiles%\windows media player\[/color:e0802f31f3]wmpnetwk.exe[/color:e0802f31f3],-101 (wmpnetworksvc) - unknown owner - c:\program files (x86)\windows media player\[/color:e0802f31f3]wmpnetwk.exe[/color:e0802f31f3] (file missing)[/color:e0802f31f3]

    end of file - 11667 bytes

    [/hjt]



    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Databaseversie: 7463

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 8.0.7601.17514

    14-8-2011 12:48:08
    mbam-log-2011-08-14 (12-48-08).txt

    Scantype: Snelle scan
    Objecten gescand: 179000
    Verstreken tijd: 3 minuut/minuten, 54 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    mvg
    Bennie
  • Log ziet er netjes ui.

    Doe het volgende:

    [b:cb314ea720]Welk programma[/b:cb314ea720]: ComboFix
    [b:cb314ea720]Waarvoor/waarom[/b:cb314ea720]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:cb314ea720]Moeilijkheidsgraad[/b:cb314ea720]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:cb314ea720]Downloadlokatie[/b:cb314ea720]: Dit programma absoluut naar het bureaublad downloaden!
    [b:cb314ea720]Download ComboFix via één van deze locaties[/b:cb314ea720]:
    [list:cb314ea720][*:cb314ea720][b:cb314ea720]Bleepingcomputer[/b:cb314ea720]
    [*:cb314ea720][b:cb314ea720]ForoSpyware[/b:cb314ea720]
    [*:cb314ea720][b:cb314ea720]Geekstogo[/b:cb314ea720][/list:u:cb314ea720]
    [b:cb314ea720]Hier[/b:cb314ea720] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:cb314ea720]Hier[/b:cb314ea720] en [b:cb314ea720]hier[/b:cb314ea720] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:cb314ea720]Voor alle duidelijkheid nogmaals[/b:cb314ea720]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:cb314ea720]Opmerkingen[/b:cb314ea720]:
    [list:cb314ea720][*:cb314ea720] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:cb314ea720]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:cb314ea720]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:cb314ea720]
    [b:cb314ea720]ComboFix is opgestart[/b:cb314ea720]:
    [list:cb314ea720][*:cb314ea720]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:cb314ea720]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:cb314ea720]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:cb314ea720]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:cb314ea720]Post de inhoud van dit logbestand in je volgende bericht.
    [*:cb314ea720]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:cb314ea720]
    [b:cb314ea720]Belangrijke opmerking[/b:cb314ea720]:
    [list:cb314ea720][*:cb314ea720][b:cb314ea720]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:cb314ea720][/b:cb314ea720]
    [*:cb314ea720][b:cb314ea720]Illegal operation attempted on a registery key that has been marked for deletion.[/color:cb314ea720][/b:cb314ea720]
    [*:cb314ea720][b:cb314ea720]Start dan de computer opnieuw op.[/color:cb314ea720][/b:cb314ea720][/list:u:cb314ea720]
  • ComboFix 11-08-14.02 - Home 14-08-2011 13:37:18.1.8 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4087.2639 [GMT 2:00]
    Gestart vanuit: c:\users\Home\Desktop\ComboFix.exe
    AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\Roaming
    c:\programdata\Roaming\Disney Imagineering\Disneys Roller Coaster Challenge\Saves\Big Thunder.csa
    c:\programdata\Roaming\Disney Imagineering\Disneys Roller Coaster Challenge\Saves\Depth Charge.csa
    c:\programdata\Roaming\Disney Imagineering\Disneys Roller Coaster Challenge\Saves\Fall Ratio.csa
    c:\programdata\Roaming\Disney Imagineering\Disneys Roller Coaster Challenge\Saves\Park Night.csa
    c:\programdata\Roaming\Disney Imagineering\Disneys Roller Coaster Challenge\Saves\Phire Werx.csa
    c:\programdata\Roaming\Disney Imagineering\Disneys Roller Coaster Challenge\Saves\Plum Crazy.csa
    c:\programdata\Roaming\Disney Imagineering\Disneys Roller Coaster Challenge\Saves\Space Mountain Paris.csa
    c:\programdata\Roaming\Disney Imagineering\Disneys Roller Coaster Challenge\Saves\Tapeworm.csa
    c:\programdata\Roaming\Disney Imagineering\Disneys Roller Coaster Challenge\Saves\Toontown Twister.csa
    c:\programdata\Roaming\Disney Imagineering\Disneys Roller Coaster Challenge\Saves\X 25s.csa
    c:\windows\IsUn0413.exe
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-07-14 to 2011-08-14 ))))))))))))))))))))))))))))))
    .
    .
    2011-08-14 11:41 . 2011-08-14 11:41 ——– d—–w- c:\users\Default\AppData\Local\temp
    2011-08-14 11:21 . 2011-08-14 11:21 ——– d—–w- c:\program files\iPod
    2011-08-14 11:21 . 2011-08-14 11:21 ——– d—–w- c:\program files\iTunes
    2011-08-14 11:20 . 2011-08-14 11:20 ——– d—–w- c:\program files\Bonjour
    2011-08-14 11:20 . 2011-08-14 11:20 ——– d—–w- c:\program files (x86)\Bonjour
    2011-08-14 10:12 . 2011-08-14 10:12 ——– d—–w- c:\users\Home\AppData\Roaming\Malwarebytes
    2011-08-14 10:12 . 2011-08-14 10:12 ——– d—–w- c:\programdata\Malwarebytes
    2011-08-14 10:12 . 2011-07-06 17:52 41272 —-a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-08-14 10:12 . 2011-08-14 10:12 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-08-14 10:12 . 2011-07-06 17:52 25912 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-08-14 10:09 . 2011-08-14 10:09 388096 —-a-r- c:\users\Home\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-08-14 10:09 . 2011-08-14 10:09 ——– d—–w- c:\program files (x86)\Trend Micro
    2011-08-13 19:16 . 2011-08-13 19:16 ——– d—–w- c:\users\Home\AppData\Roaming\Tibia
    2011-08-13 19:16 . 2011-08-13 19:16 ——– d—–w- c:\program files (x86)\GMG Hosting Solutions
    2011-08-12 18:37 . 2011-08-12 18:51 ——– d—–w- C:\Muziek Bennie
    2011-08-12 15:33 . 2011-08-13 13:06 ——– d—–w- c:\users\Home\AppData\Roaming\Skype
    2011-08-12 15:32 . 2011-08-12 15:32 ——– d—–r- c:\program files (x86)\Skype
    2011-08-12 15:32 . 2011-08-12 15:32 ——– d—–w- c:\programdata\Skype
    2011-08-04 21:54 . 2011-08-04 21:54 270912 —-a-w- c:\windows\system32\drivers\dtsoftbus01.sys
    2011-08-04 21:53 . 2011-08-04 21:54 ——– d—–w- c:\program files (x86)\DAEMON Tools Lite
    2011-08-04 20:54 . 2011-08-04 20:55 ——– d—–w- c:\program files\HP3
    2011-07-22 18:34 . 2011-07-22 18:34 ——– d—–w- c:\program files (x86)\Common Files\Adobe
    2011-07-22 18:32 . 2011-07-22 18:32 ——– d—–w- c:\program files\Google
    2011-07-22 18:31 . 2011-07-29 16:09 ——– d—–w- c:\program files (x86)\Google
    2011-07-22 14:06 . 2011-08-10 10:26 ——– d—–w- c:\users\Home\AppData\Roaming\Belastingdienst
    2011-07-22 14:06 . 2011-08-10 10:23 ——– d—–w- c:\program files (x86)\Belastingdienst
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-07-22 18:30 . 2011-06-04 16:50 404640 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-07-16 04:26 . 2011-08-10 06:31 44032 —-a-w- c:\windows\apppatch\acwow64.dll
    2011-07-14 14:24 . 2009-07-14 02:36 152576 —-a-w- c:\windows\SysWow64\msclmd.dll
    2011-07-14 14:24 . 2009-07-14 02:36 175616 —-a-w- c:\windows\system32\msclmd.dll
    2011-07-12 09:34 . 2011-07-12 09:34 96104 —-a-w- c:\windows\system32\dns-sd.exe
    2011-07-12 09:34 . 2011-07-12 09:34 85864 —-a-w- c:\windows\system32\dnssd.dll
    2011-07-12 09:34 . 2011-07-12 09:34 61288 —-a-w- c:\windows\system32\jdns_sd.dll
    2011-07-12 09:34 . 2011-07-12 09:34 212840 —-a-w- c:\windows\system32\dnssdX.dll
    2011-07-12 09:20 . 2011-07-12 09:20 83816 —-a-w- c:\windows\SysWow64\dns-sd.exe
    2011-07-12 09:20 . 2011-07-12 09:20 73064 —-a-w- c:\windows\SysWow64\dnssd.dll
    2011-07-12 09:20 . 2011-07-12 09:20 50536 —-a-w- c:\windows\SysWow64\jdns_sd.dll
    2011-07-12 09:20 . 2011-07-12 09:20 178536 —-a-w- c:\windows\SysWow64\dnssdX.dll
    2011-06-11 17:21 . 2011-04-23 15:13 47104 —-a-w- c:\windows\SysWow64\KMVIDC32.DLL
    2011-06-11 03:07 . 2011-07-13 15:05 3137536 —-a-w- c:\windows\system32\win32k.sys
    2011-05-28 09:18 . 2009-08-18 10:49 564632 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
    2011-05-28 09:18 . 2009-08-18 09:24 18328 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2011-05-24 11:42 . 2011-06-29 08:13 404480 —-a-w- c:\windows\system32\umpnpmgr.dll
    2011-05-24 10:40 . 2011-06-29 08:13 64512 —-a-w- c:\windows\SysWow64\devobj.dll
    2011-05-24 10:40 . 2011-06-29 08:13 44544 —-a-w- c:\windows\SysWow64\devrtl.dll
    2011-05-24 10:39 . 2011-06-29 08:13 145920 —-a-w- c:\windows\SysWow64\cfgmgr32.dll
    2011-05-24 10:37 . 2011-06-29 08:13 252928 —-a-w- c:\windows\SysWow64\drvinst.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
    .
    [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
    2011-05-30 09:33 2495816 —-a-w- c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
    .
    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
    "KPeerNexonEU"="c:
    exon\NEXON_EU_Downloader
    xEULauncher.exe" [2011-03-15 438272]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-07-22 39408]
    "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "AVG_TRAY"="c:\program files (x86)\AVG\AVG10\avgtray.exe" [2011-04-18 2334560]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-07-19 421736]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Wireless Configuration Utility.lnk - c:\program files\Thomson\TG122n\WlanCU.exe [2011-1-15 520192]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "mixer2"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG10\avgchsva.exe /sync\0c:\progra~2\AVG\AVG10\avgrsa.exe /sync
    estart
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-22 136176]
    R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-05-30 1025352]
    R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [x]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-22 136176]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
    S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
    S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
    S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-04-18 7398752]
    S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
    S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
    S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision
    vSCPAPISvr.exe [2010-10-16 369256]
    S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]
    S2 WlanWpsSvc;WlanWpsSvc;c:\program files\Thomson\TG122n\WlanWpsSvc.exe [2008-06-26 167936]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
    S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x]
    S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x]
    S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers
    vhda64v.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
    S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]
    S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc4ed4f7c4b12c.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-22 18:31]
    .
    2011-08-09 c:\windows\Tasks\SidebarExecute.job
    - c:\program files\Windows Sidebar\sidebar.exe [2011-06-21 13:25]
    .
    2011-08-12 c:\windows\Tasks\{7CF420EA-85DE-4993-A721-D30EE5AC3858}.job
    - c:\program files (x86)\Skype\Phone\Skype.exe [2011-07-29 10:31]
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-28 11101800]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ——- Bijkomende Scan ——-
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
    IE: Google Sidewiki… - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
    TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
    Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
    FF - ProfilePath - c:\users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\cxne71mh.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ig#t_0
    FF - prefs.js: keyword.URL - hxxp://search.avg.com
    oute/?d=4da0932b&v=7.007.026.001&i=23&tp=ab&iy=&ychte=nl&lng=nl&q=
    FF - prefs.js: network.proxy.type - 0
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Ext: Click to call with Skype: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    FF - Ext: AVG Security Toolbar em:version=7.007.026.001 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared
    FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files (x86)\AVG\AVG10\Firefox4
    FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
    AddRemove-Roller coaster 3 pack all pathed_is1 - c:\program\unins000.exe
    AddRemove-Worms2 - c:\windows\IsUn0413.exe
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\S-1-5-21-1598469481-98697913-2812916829-1000\Software\SecuROM\License information*]
    "datasecu"=hex:56,0e,a8,97,f7,bd,81,8c,fb,ee,39,87,3d,3e,39,a3,20,16,65,6f,13,
    8f,07,0a,a4,ef,94,2b,ed,fb,7a,7a,23,4d,95,c2,51,ab,39,d1,8c,32,4b,8b,88,e9,\
    "rkeysecu"=hex:8f,47,75,a0,ee,c0,85,3a,ff,31,86,77,c7,9a,4b,6c
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash9f.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.9"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash9f.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash9f.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash9f.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9f.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9f.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\Bonjour\mDNSResponder.exe
    c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2011-08-14 13:48:27 - machine werd herstart
    ComboFix-quarantined-files.txt 2011-08-14 11:48
    .
    Pre-Run: 1.258.776.915.968 bytes beschikbaar
    Post-Run: 1.259.151.810.560 bytes beschikbaar
    .
    - - End Of File - - C11FF0A3E15D6A66C7CB60F3125FD70D


    Ik weet niet zeker of combofix iets verandert heeft, maar firefox werkt nu wel stukken sneller.
    zijn er verdere maatregelen nodig?
    mvg
    bennie
  • Hoi Bennie, ComboFix mag nu verwijderd worden:
    [list:5c28ef7fa9][*:5c28ef7fa9] ga daarvoor naar Start - Uitvoeren
    [*:5c28ef7fa9] kopieer en plak hierin het volgende: [b:5c28ef7fa9]Combofix /Uninstall[/b:5c28ef7fa9]
    [*:5c28ef7fa9] klik daarna op [b:5c28ef7fa9]OK[/b:5c28ef7fa9].
    [*:5c28ef7fa9] indien het goed is, krijg je vervolgens een melding, dat Combofix verwijderd werd.[/list:u:5c28ef7fa9]

    Voorbeeld:

    [img:5c28ef7fa9]http://www.emphyrio.be/images/SMUninstall_combofix.png[/img:5c28ef7fa9]

    Uitvoeren kan ook gestart worden door de toetsen "Windowstoets + R" gelijktijdig in te drukken.

    [i:5c28ef7fa9]Dit zal Combofix verwijderen inclusief gerelateerde mappen en bestanden,
    herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies,
    gaat verborgen bestanden en systeembestanden terug verbergen
    en reset je Systeemherstel opnieuw.[/i:5c28ef7fa9]

    Daarna:

    [b:5c28ef7fa9]Welk programma[/b:5c28ef7fa9]: TFC.
    [b:5c28ef7fa9]Waarvoor/waarom[/b:5c28ef7fa9]:grondige reiniging van Windows.
    [b:5c28ef7fa9]Moeilijkheidsgraad[/b:5c28ef7fa9]: geen.

    [b:5c28ef7fa9]Download: Download TFC naar je bureaublad (klick) [/b:5c28ef7fa9]

    [b:5c28ef7fa9]TFC opstarten[/b:5c28ef7fa9]:
    Windows 2000 en Windows XP: start TFC.exe middels dubbelklik op de snelkoppeling.
    Windows Vista en Windows 7: start TFC.exe middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
    [list:5c28ef7fa9][*:5c28ef7fa9] Niet schrikken - het tool sluit alle lopende programma's - ergo: verzeker je dus ervan, dat je werk al is opgeslagen!
    [*:5c28ef7fa9] Vervolgens klik je op de knop [b:5c28ef7fa9]Start[/b:5c28ef7fa9] om de scan te starten. Deze scan kan kort of langer duren, wees geduldig en laat TFC zijn taak doen en wacht to TFC klaaar is.
    [*:5c28ef7fa9] Indien TFC klaar is, dan komt de melding dat de computer opnieuw opgestart wordt.
    [*:5c28ef7fa9] Gebeurt het afsluiten niet automatisch, start dan zelf de computer opnieuw op.
    [*:5c28ef7fa9] Noot: TFC vertoont geen log![/list:u:5c28ef7fa9]


    Doe ook nog een test, om te kijken hoe je huidige veiligheidssituatie is.

    Download naar je bureaublad [b:5c28ef7fa9]Security Check[/color:5c28ef7fa9][/b:5c28ef7fa9] (klik).
    [list:5c28ef7fa9][*:5c28ef7fa9] Klik/dubbelklik op [b:5c28ef7fa9]SecurityCheck.exe[/b:5c28ef7fa9] en let op de instrukties in het zwarte venster.
    [*:5c28ef7fa9] Een Kladblok document genaamd [b:5c28ef7fa9]checkup.txt[/b:5c28ef7fa9] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:5c28ef7fa9] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:5c28ef7fa9]
    Post de inhoud van [b:5c28ef7fa9]checkup.txt [/b:5c28ef7fa9]in je volgende post.
  • Results of screen317's Security Check version 0.99.18
    Windows 7 (UAC is enabled)
    Internet Explorer 8
    [b:ac7cfcb30a]``````````````````````````````
    [u:ac7cfcb30a]Antivirus/Firewall Check:[/u:ac7cfcb30a][/b:ac7cfcb30a]
    [size=1:ac7cfcb30a]WMI entry may not exist for antivirus; attempting automatic update.[/size:ac7cfcb30a]
    [b:ac7cfcb30a]```````````````````````````````
    [u:ac7cfcb30a]Anti-malware/Other Utilities Check:[/u:ac7cfcb30a][/b:ac7cfcb30a]
    Malwarebytes' Anti-Malware
    Java(TM) 6 Update 22
    [b:ac7cfcb30a]Out of date Java installed![/b:ac7cfcb30a][/color:ac7cfcb30a]
    Adobe Flash Player 9 [b:ac7cfcb30a](Out of date Flash Player installed!)[/b:ac7cfcb30a][/color:ac7cfcb30a]
    Adobe Flash Player 10.3.181.34
    Adobe Reader X (10.1.0)
    Mozilla Firefox (3.6.13) [b:ac7cfcb30a]Firefox Out of Date![/b:ac7cfcb30a][/color:ac7cfcb30a]
    [b:ac7cfcb30a]````````````````````````````````
    Process Check:
    [u:ac7cfcb30a]objlist.exe by Laurent[/u:ac7cfcb30a][/b:ac7cfcb30a]
    AVG avgwdsvc.exe
    AVG avgtray.exe
    [b:ac7cfcb30a]``````````End of Log````````````[/b:ac7cfcb30a]
  • Hoi Benny:

    voor adobe: kijk hier: http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=214114

    Java:

    download eerst naar je bureaublad [b:f0dcd1353c]Java 7 Update 0 (x86) voor Windows 7/XP/Vista/2000/2003/2008 Offline[/b:f0dcd1353c]

    Echter nog niet de nieuwe versie installeren!


    Je gaat daarna eerst naar Configuratiescherm
    [list:f0dcd1353c][*:f0dcd1353c][b:f0dcd1353c]Software[/b:f0dcd1353c] - Windows 2000/Windows XP
    [*:f0dcd1353c][b:f0dcd1353c]Programma's en onderdelen[/b:f0dcd1353c] - Windows Vista en Windows 7[/list:u:f0dcd1353c] en je verwijdert daar [b:f0dcd1353c]Java(TM) 6 Update 22[/b:f0dcd1353c]

    Vervolgens start jij je PC opnieuw op.

    Dan mag je daarna de nieuwste Java versie installeren.


    Firefox wordt gebruikt is het niet.
    Versie 6 is net uit!
    http://www.computhing.be/blog/internet-browsers/firefox-6-alvast-downloadbaar/

    Schijnbaar vanaf morgen ook via de officële Mozilla site.
  • ik heb alles geupdate
    is de pc nu schoon??
    mvg
    bennie
  • Hoi Bennie, ja, die PC is weer schoon.

    En dan een laatste tip:

    ga een paar keer per jaar naar [b:b8dcae9f30]Secunia PSI[/b:b8dcae9f30] (klik) om te controleren of ook alles binnen Windows uptodate is.
    Want alleen dan is Windows op zijn veiligst!

    Klik op de Secunia site eerst op de knop [b:b8dcae9f30]Start Scanner[/b:b8dcae9f30] en zet vervolgens op de nieuwe pagina eerst een vinkje bij [b:b8dcae9f30]Enable thorough system inspection[/b:b8dcae9f30] aleer op [b:b8dcae9f30]Start[/b:b8dcae9f30] te klikken!

    Gebruik je geen Java, dan zal de site niet werken.
    Dan kan je de [b:b8dcae9f30]Secunia Personal Software Inspector (PSI)[/b:b8dcae9f30] downloaden en installeren.
    N.B.: na installatie start dit tool automatisch met Windows, maar dat is echt niet nodig en kan uitgescakeld worden!
    http://secunia.com/vulnerability_scanning/personal/
  • ok, dat is goed nieuws dat ie weer schoon is.
    maar als ik dat zo hoor, dan was de pc dus wel besmet??
    zoja, met wat dan precies?
    als ik weet waar het door kwam, dan kan ik namelijk herhaling voorkomen uiteraard.
    verder zal ik die sites eens even bekijken.
    en nog bedankt voor de moeite!

    mvg
    bennie
  • Een en ander had te maken met besmette files van de game Rollercoaster!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.