Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Hijackthis

None
15 antwoorden
  • Volgens mij is het een rommeltje. Kan er iemand naar kijken?


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 14:01:21, on 14-9-2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16839)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
    C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2527944
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.5\iobitToolbarIE.dll
    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.5\iobitToolbarIE.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110818200720.dll
    O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.5\iobitToolbarIE.dll
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe"
    unkey
    O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
    O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKCU\..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
    O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
    O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/Letters%20from%20Nowhere%202/Images/stg_drm.ocx
    O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files%20(x86)/Vacation%20Quest%20-%20The%20Hawaiian%20Islands/Images/armhelper.ocx
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
    O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files (x86)\iWin Games\iWinTrusted.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
    O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
    O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)


    End of file - 14571 bytes
  • Een rommeltje?

    En dan ook nog dat rogue programma Advanced System Care van het Chinese Iobit.
    In ieder geval zit in dat tool onder andere "geleende" programmatuur van twee westerse antivirusmakers.

    Dus spyware zit er nu ook in.

    Gekoppeld aan het gegeven dat je als antivirussoftware daarnaast Avira Antivir Free en ook nog McAfee gebruikt, houdt dat in dat het beveiligingsniveau in jouw Windows behoorlijk omlaag is geschroefd!

    Maar nu eerst een en ander rechttrekken:

    dus Iobit moet eruit.
    En welke antivirussoftware wil jij nu behouden?
  • Ik heb McAfee via XS4all, en Avira op advies van XS. Ik had blijkbaar een virus o.i.d. Geen enkel programma kon trouwens iets vinden.
    Is IObit echt zo erg?
  • Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 18:19:34, on 15-9-2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16839)
    Boot mode: Normal

    Running processes:
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2527944
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110914145546.dll
    O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe"
    unkey
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
    O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
    O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/Letters%20from%20Nowhere%202/Images/stg_drm.ocx
    O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files%20(x86)/Vacation%20Quest%20-%20The%20Hawaiian%20Islands/Images/armhelper.ocx
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
    O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files (x86)\iWin Games\iWinTrusted.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
    O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
    O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)


    End of file - 13130 bytes
  • Om je een voorbeeld te geven: de malwarescanner van Iobit in Advanced System Care is van Malware MBAM gestolen!


    Doe jij het volgende:

    [b:57fed4eef4]Welk programma[/b:57fed4eef4]: ComboFix
    [b:57fed4eef4]Waarvoor/waarom[/b:57fed4eef4]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:57fed4eef4]Moeilijkheidsgraad[/b:57fed4eef4]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:57fed4eef4]Downloadlokatie[/b:57fed4eef4]: Dit programma absoluut naar het bureaublad downloaden!
    [b:57fed4eef4]Download ComboFix via één van deze locaties[/b:57fed4eef4]:
    [list:57fed4eef4][*:57fed4eef4][b:57fed4eef4]Bleepingcomputer[/b:57fed4eef4]
    [*:57fed4eef4][b:57fed4eef4]ForoSpyware[/b:57fed4eef4]
    [*:57fed4eef4][b:57fed4eef4]Geekstogo[/b:57fed4eef4][/list:u:57fed4eef4]
    [b:57fed4eef4]Hier[/b:57fed4eef4] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:57fed4eef4]Hier[/b:57fed4eef4] en [b:57fed4eef4]hier[/b:57fed4eef4] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:57fed4eef4]Voor alle duidelijkheid nogmaals[/b:57fed4eef4]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:57fed4eef4]Opmerkingen[/b:57fed4eef4]:
    [list:57fed4eef4][*:57fed4eef4] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:57fed4eef4]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:57fed4eef4]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:57fed4eef4]
    [b:57fed4eef4]ComboFix is opgestart[/b:57fed4eef4]:
    [list:57fed4eef4][*:57fed4eef4]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:57fed4eef4]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:57fed4eef4]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:57fed4eef4]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:57fed4eef4]Post de inhoud van dit logbestand in je volgende bericht.
    [*:57fed4eef4]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:57fed4eef4]
    [b:57fed4eef4]Belangrijke opmerking[/b:57fed4eef4]:
    [list:57fed4eef4][*:57fed4eef4][b:57fed4eef4]
  • ComboFix 11-09-15.05 - Tweetzz 16-09-2011 13:08:41.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.3950.2368 [GMT 2:00]
    Gestart vanuit: C:\Users\Tweetzz\Downloads\ComboFix.exe
    AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
    AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
    SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\Program Files (x86)\iWin Games\iWINgameshookie.dll
    C:\ProgramData\Herofy
    C:\ProgramData\Herofy\save.aps
    C:\Users\Tweetzz\AppData\Local\ApplicationHistory
    C:\Users\Tweetzz\AppData\Local\ApplicationHistory\Autorun.exe.4f151a3a.ini
    C:\Windows\SysWow64\comct332.ocx
    C:\Windows\SysWow64\mfc100deu.dll


    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    ——-\Service_Boonty Games


    (((((((((((((((((((( Bestanden Gemaakt van 2011-08-16 to 2011-09-16 ))))))))))))))))))))))))))))))


    2011-09-16 11:14:05 . 2011-09-16 11:14:05 ——– d—–w- C:\Users\Default\AppData\Local\temp
    2011-09-16 11:03:31 . 2011-09-16 11:03:31 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Avira
    2011-09-16 10:55:45 . 2011-08-12 04:10:01 8862544 —-a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{482D70B7-8B8A-4BD5-BB6B-50F5F5D07278}\mpengine.dll
    2011-09-15 10:33:42 . 2011-09-15 10:34:03 ——– d—–w- C:\Program Files (x86)\Secret Mission - Het Vergeten Eiland
    2011-09-14 10:50:20 . 2011-09-14 10:50:20 388096 —-a-r- C:\Users\Tweetzz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-09-14 10:50:18 . 2011-09-14 10:50:18 ——– d—–w- C:\Program Files (x86)\Trend Micro
    2011-09-14 10:35:50 . 2011-09-14 10:35:50 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Malwarebytes
    2011-09-14 10:35:34 . 2011-09-14 10:35:34 ——– d—–w- C:\ProgramData\Malwarebytes
    2011-09-14 10:35:28 . 2011-08-31 15:00:50 25416 —-a-w- C:\Windows\system32\drivers\mbam.sys
    2011-09-14 10:35:23 . 2011-09-14 10:35:37 ——– d—–w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-09-14 10:32:37 . 2011-09-14 13:15:01 88288 —-a-w- C:\Windows\system32\drivers\avgntflt.sys
    2011-09-14 10:32:37 . 2011-09-14 13:15:01 123784 —-a-w- C:\Windows\system32\drivers\avipbb.sys
    2011-09-14 10:32:35 . 2011-09-14 10:32:35 ——– d—–w- C:\ProgramData\Avira
    2011-09-14 10:32:35 . 2011-09-14 10:32:35 ——– d—–w- C:\Program Files (x86)\Avira
    2011-09-13 08:59:10 . 2011-09-14 10:22:13 ——– d—–w- C:\Program Files (x86)\Cursed Memories - The Secret of Agony Creek Collector's Edition
    2011-09-12 12:46:41 . 2011-09-12 12:46:41 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Clockwork Pixels
    2011-09-11 15:29:47 . 2011-09-11 15:30:12 ——– d—–w- C:\Program Files (x86)\Hidden Mysteries - The Forbidden City
    2011-09-09 12:03:35 . 2011-09-09 12:03:37 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Masque
    2011-09-08 17:27:34 . 2011-09-08 17:29:53 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\PeaceCraft3
    2011-09-08 17:26:36 . 2011-09-09 15:10:46 ——– d—–w- C:\Program Files (x86)\My Kingdom for the Princess III
    2011-09-08 17:24:51 . 2011-09-08 17:25:08 ——– d—–w- C:\Program Files (x86)\Magic Farm 2
    2011-09-07 14:22:03 . 2011-09-07 14:22:03 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\KeepersOfDryandra
    2011-09-07 10:54:33 . 2011-08-19 14:33:16 27992 —-a-w- C:\Windows\system32\SmartDefragBootTime.exe
    2011-09-07 10:54:33 . 2010-11-26 16:02:18 17720 —-a-w- C:\Windows\system32\drivers\SmartDefragDriver.sys
    2011-09-01 11:47:34 . 2011-09-01 11:47:34 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\casualArts
    2011-09-01 11:47:34 . 2011-09-01 11:47:34 ——– d—–w- C:\ProgramData\casualArts
    2011-08-30 16:34:03 . 2011-08-30 16:34:03 ——– d—–w- C:\ProgramData\Desktop Gaming
    2011-08-29 12:54:42 . 2011-08-29 12:56:50 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Phantasmat_zylom_ce
    2011-08-29 10:39:51 . 2011-08-29 10:39:51 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Fenomen Games
    2011-08-29 10:24:00 . 2011-08-29 10:24:00 ——– d—–w- C:\Zylom Games
    2011-08-25 11:20:38 . 2011-08-25 11:20:38 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Casual Box
    2011-08-24 17:22:40 . 2011-08-24 17:22:40 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\BrandX Games
    2011-08-24 09:04:07 . 2011-08-24 09:04:07 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Pirate Stories Kit Ellis
    2011-08-24 06:03:30 . 2011-07-09 05:14:10 2048 —-a-w- C:\Windows\system32\tzres.dll
    2011-08-24 06:03:29 . 2011-07-09 04:30:52 2048 —-a-w- C:\Windows\SysWow64\tzres.dll
    2011-08-22 16:20:08 . 2011-08-24 14:59:21 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Merscom
    2011-08-22 16:20:08 . 2011-08-24 14:59:21 ——– d—–w- C:\ProgramData\Merscom
    2011-08-21 16:46:26 . 2011-08-21 16:46:26 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Alawar Stargaze
    2011-08-21 15:44:37 . 2011-08-21 15:44:37 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Twilight Games
    2011-08-19 11:00:41 . 2011-08-19 11:00:41 ——– d—–w- C:\Users\Tweetzz\AppData\Local\Vast Studios
    2011-08-17 15:42:48 . 2011-08-17 15:42:49 2560 —-a-w- C:\Windows\_MSRSTRT.EXE
    .


    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2011-08-19 13:59:28 . 2010-12-26 12:32:23 158832 —-a-w- C:\Windows\system32\mfevtps.exe
    2011-08-15 08:00:06 . 2010-12-26 12:32:46 9984 —-a-w- C:\Windows\system32\drivers\mfeclnk.sys
    2011-08-15 08:00:06 . 2010-12-26 12:32:42 75672 —-a-w- C:\Windows\system32\drivers\mfenlfk.sys
    2011-08-15 08:00:06 . 2010-12-26 12:32:42 283744 —-a-w- C:\Windows\system32\drivers\mfewfpk.sys
    2011-08-15 08:00:06 . 2010-12-26 12:32:41 65128 —-a-w- C:\Windows\system32\drivers\cfwids.sys
    2011-08-15 08:00:06 . 2010-12-26 12:32:41 481504 —-a-w- C:\Windows\system32\drivers\mfefirek.sys
    2011-08-15 08:00:06 . 2010-12-26 12:32:41 228752 —-a-w- C:\Windows\system32\drivers\mfeavfk.sys
    2011-08-15 08:00:06 . 2010-12-26 12:32:41 100904 —-a-w- C:\Windows\system32\drivers\mferkdet.sys
    2011-08-15 08:00:06 . 2010-08-24 19:57:38 642824 —-a-w- C:\Windows\system32\drivers\mfehidk.sys
    2011-08-15 08:00:06 . 2010-08-24 19:57:38 158584 —-a-w- C:\Windows\system32\drivers\mfeapfk.sys
    2011-07-22 05:35:08 . 2011-08-11 10:04:20 1638912 —-a-w- C:\Windows\system32\mshtml.tlb
    2011-07-22 04:56:17 . 2011-08-11 10:04:20 1638912 —-a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-07-16 05:26:54 . 2011-08-11 09:27:12 362496 —-a-w- C:\Windows\system32\wow64win.dll
    2011-07-16 05:26:53 . 2011-08-11 09:27:13 243200 —-a-w- C:\Windows\system32\wow64.dll
    2011-07-16 05:26:53 . 2011-08-11 09:27:12 13312 —-a-w- C:\Windows\system32\wow64cpu.dll
    2011-07-16 05:26:18 . 2011-08-11 09:27:13 214528 —-a-w- C:\Windows\system32\winsrv.dll
    2011-07-16 05:24:09 . 2011-08-11 09:27:12 16384 —-a-w- C:\Windows\system32
    tvdm64.dll
    2011-07-16 05:21:32 . 2011-08-11 09:27:13 422400 —-a-w- C:\Windows\system32\KernelBase.dll
    2011-07-16 05:17:46 . 2011-08-11 09:27:13 338432 —-a-w- C:\Windows\system32\conhost.exe
    2011-07-16 05:04:54 . 2011-08-11 09:27:12 3072 —ha-w- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:12 3072 —ha-w- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 6144 —ha-w- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 5120 —ha-w- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 4608 —ha-w- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 4608 —ha-w- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 —ha-w- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 —ha-w- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 —ha-w- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 —ha-w- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2011-07-16 04:36:09 . 2011-08-11 09:27:12 14336 —-a-w- C:\Windows\SysWow64
    tvdm64.dll
    2011-07-16 04:32:14 . 2011-08-11 09:27:13 44032 —-a-w- C:\Windows\apppatch\acwow64.dll
    2011-07-16 04:31:50 . 2011-08-11 09:27:13 25600 —-a-w- C:\Windows\SysWow64\setup16.exe
    2011-07-16 04:30:29 . 2011-08-11 09:27:12 5120 —-a-w- C:\Windows\SysWow64\wow32.dll
    2011-07-16 04:30:27 . 2011-08-11 09:27:12 272384 —-a-w- C:\Windows\SysWow64\KernelBase.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 4608 —ha-w- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 —ha-w- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 —ha-w- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 —ha-w- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 —ha-w- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 5120 —ha-w- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 4096 —ha-w- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    2011-07-16 02:26:12 . 2011-08-11 09:27:10 7680 —-a-w- C:\Windows\SysWow64\instnm.exe
    2011-07-16 02:26:11 . 2011-08-11 09:27:08 2048 —-a-w- C:\Windows\SysWow64\user.exe
    2011-07-16 02:21:47 . 2011-08-11 09:27:11 6144 —ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 02:21:47 . 2011-08-11 09:27:11 4608 —ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:21:47 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:21:47 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-07-09 02:44:55 . 2011-08-11 09:28:03 287744 —-a-w- C:\Windows\system32\drivers\mrxsmb10.sys
    2011-06-29 16:07:50 . 2011-06-29 16:07:50 64512 —-a-w- C:\Windows\SysWow64\devobj.dll
    2011-06-29 16:07:50 . 2011-06-29 16:07:50 44544 —-a-w- C:\Windows\SysWow64\devrtl.dll
    2011-06-29 16:07:50 . 2011-06-29 16:07:50 404992 —-a-w- C:\Windows\system32\umpnpmgr.dll
    2011-06-29 16:07:50 . 2011-06-29 16:07:50 252928 —-a-w- C:\Windows\SysWow64\drvinst.exe
    2011-06-29 16:07:50 . 2011-06-29 16:07:50 145920 —-a-w- C:\Windows\SysWow64\cfgmgr32.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 86528 —-a-w- C:\Windows\SysWow64\SearchFilterHost.exe
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 779264 —-a-w- C:\Windows\system32\mssvp.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 75264 —-a-w- C:\Windows\system32\msscntrs.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 666624 —-a-w- C:\Windows\SysWow64\mssvp.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 59392 —-a-w- C:\Windows\SysWow64\msscntrs.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 593408 —-a-w- C:\Windows\system32\SearchIndexer.exe
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 491520 —-a-w- C:\Windows\system32\mssph.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 428032 —-a-w- C:\Windows\SysWow64\SearchIndexer.exe
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 337408 —-a-w- C:\Windows\SysWow64\mssph.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 288256 —-a-w- C:\Windows\system32\mssphtb.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 249856 —-a-w- C:\Windows\system32\SearchProtocolHost.exe
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 2326016 —-a-w- C:\Windows\system32\tquery.dll


    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))


    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2011-07-13 07:59:20 1666144]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 12:16:28 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576]
    R2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:43 136176]
    R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 03:45:56 169312]
    R3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:43 136176]
    R3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys [x]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys [x]
    R3 McAWFwk;McAfee Activation Service;c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2010-08-30 13:42:00 220528]
    R3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys [x]
    R3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 19:47:18 108400]
    R3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 05:07:12 423280]
    R3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 19:47:16 67952]
    R3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 20:13:46 304496]
    R3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 10:44:10 851824]
    R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 13:55:00 537456]
    R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 13:56:02 384880]
    R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 13:57:16 101232]
    R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2011-04-20 08:50:52 1021840]
    R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [x]
    R4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936]
    R4 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2010-08-05 12:59:17 332272]
    S0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys [x]
    S0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [x]
    S0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\Drivers\SmartDefragDriver.sys [x]
    S1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [x]
    S2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 05:53:48 136360]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 03:16:06 13336]
    S2 iWinTrusted;iWinTrusted;C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2011-04-08 15:17:40 176848]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936]
    S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936]
    S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936]
    S2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-08-19 13:50:56 208272]
    S2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\system32\mfevtps.exe [x]
    S2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
    S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 12:27:22 632792]
    S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 01:01:56 367456]
    S2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys [x]
    S2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys [x]
    S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-08-12 14:15:34 257936]
    S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 08:59:10 104960]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 20:02:57 2320920]
    S2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 16:00:52 575856]
    S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 15:00:04 836608]
    S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys [x]
    S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
    S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys [x]
    S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [x]
    S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys [x]
    S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys [x]
    S3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys [x]
    S3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys [x]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [x]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys [x]


    — Andere Services/Drivers In Geheugen —

    *Deregistered* - mfeavfk01

    Inhoud van de 'Gedeelde Taken' map

    2011-09-16 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:44 . 2010-08-05 12:58:43]

    2011-09-15 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:44 . 2010-08-05 12:58:43]


    ——— x86-64 ———–


    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
    2010-08-05 12:59:17 750064 —-a-w- C:\ProgramData\Partner\Partner64.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "combofix"="C:\ComboFix\CF14085.3XE" [2009-07-14 01:39:01 344576]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    Supplementary scan did not complete!

  • Je schreef eerder: "Ik heb McAfee via XS4all, en Avira op advies van XS. Ik had blijkbaar een virus o.i.d".

    Wie is die XS? Welk forum was dat?

    En je hebt nog steeds Avira en McAfee in jouw Windows!
    Dus wat ga je daar nu aan doen?
  • XS is mijn provider XS4all; hun advies was om naast McAfee Avira te installen.
  • Welnu, dan moet je weten dat twee antivirusprogramma's meer kwaad dan goed doen!
    Dit wegens onderlinge conflicten!
    Daardoor loopt het beveiligingsniveau ook behoorlijk terug…..

    Dat was dus een "bullshit" advies van iemand bij je provider die er ook niks vanaf weet!

    Ga naar "Configuratieschrm\[b:46d1c53566]Programma's en onderdelen[/b:46d1c53566]" en verwijder Avira Antivir!

    Na een herstart van jouw PC doe je dan het volgende:

    [b:46d1c53566]Doe de ESET online scan (Klik).[/b:46d1c53566]
    [list:46d1c53566]
    [*:46d1c53566]Klik op de knop [b:46d1c53566]ESET Online Scanner[/b:46d1c53566]
    [*:46d1c53566]Zet een vinkje bij [b:46d1c53566]YES, I accept the Terms of Use[/b:46d1c53566]
    [*:46d1c53566]Klik op [b:46d1c53566]Start[/b:46d1c53566]
    [*:46d1c53566]Sta het ActiveX control toe om te installeren.
    [*:46d1c53566]Zet een vinkje bij de volgende opties:
    [list:46d1c53566][*:46d1c53566][b:46d1c53566]Remove found threats[/b:46d1c53566]
    [*:46d1c53566][b:46d1c53566]Scan archives[/b:46d1c53566][/list:u:46d1c53566]
    [*:46d1c53566]Klik vervolgens op [b:46d1c53566]
  • C:\Program Files (x86)\RealArcade\Installer\bin\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined
    C:\Users\Tweetzz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0008b8 Win32/OpenCandy application deleted - quarantined
    C:\Users\Tweetzz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0009c6 Win32/OpenCandy application deleted - quarantined
    C:\Users\Tweetzz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0009d0 Win32/OpenCandy application deleted - quarantined
    C:\Users\Tweetzz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0009d9 Win32/OpenCandy application deleted - quarantined
    C:\Users\Tweetzz\Downloads\GameHouse-Installer_am-foreigndreams_gamehouse_.exe Win32/OpenCandy application deleted - quarantined
    C:\Users\Tweetzz\Downloads\GameHouse-Installer_am-mysterynovel_gamehouse_.exe Win32/OpenCandy application deleted - quarantined
    C:\Users\Tweetzz\Downloads\GameHouse-Installer_amg-lostinreefs_gamehouse_.exe Win32/OpenCandy application deleted - quarantined
    C:\Users\Tweetzz\Downloads\WinMaximizer2011.exe a variant of Win32/SlowPCfighter application deleted - quarantined
  • Doe de ComboFix scan nogmaals.

    Het kan na opstarten van ComboFix gebeuren dat er een melding komt:

    - of ComboFix wil geupdated worden;
    - of ComboFix wil opnieuw gedownload worden.

    Krijg je dus zo'n melding, dan dit ook uitvoeren.

    Post wederom de inhoud van het log.
  • ComboFix 11-09-21.03 - Tweetzz 21-09-2011 19:37:34.2.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.3950.1863 [GMT 2:00]
    Gestart vanuit: C:\Users\Tweetzz\Downloads\ComboFix.exe
    AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))


    —- Voorgaande Run ——-

    C:\Program Files (x86)\iWin Games\iWINgameshookie.dll
    C:\ProgramData\Herofy\save.aps
    C:\Users\Tweetzz\AppData\Local\ApplicationHistory\Autorun.exe.4f151a3a.ini
    C:\Windows\SysWow64\comct332.ocx
    C:\Windows\SysWow64\mfc100deu.dll


    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    ——-\Service_Boonty Games


    (((((((((((((((((((( Bestanden Gemaakt van 2011-08-21 to 2011-09-21 ))))))))))))))))))))))))))))))


    2011-09-21 17:43:45 . 2011-09-21 17:43:45 ——– d—–w- C:\Users\Default\AppData\Local\temp
    2011-09-21 15:48:24 . 2011-09-21 15:48:40 ——– d—–w- C:\Program Files (x86)\Be Rich
    2011-09-21 15:47:06 . 2011-09-21 15:47:20 ——– d—–w- C:\Program Files (x86)\Shop-n-Spree - SuperMarkt
    2011-09-21 15:45:36 . 2011-09-21 15:45:48 ——– d—–w- C:\Program Files (x86)\Chloe's Droomresort
    2011-09-21 05:44:06 . 2011-09-21 05:44:06 ——– d—–w- C:\Program Files (x86)\ESET
    2011-09-21 05:28:50 . 2011-09-21 05:28:50 ——– d—–w- C:\Program Files (x86)\Lavalys
    2011-09-20 17:28:49 . 2011-09-20 17:47:20 ——– d—–w- C:\ProgramData\FarmFrenzy_Vikings
    2011-09-20 13:28:55 . 2011-08-12 04:10:01 8862544 —-a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DC31453D-B4CE-4846-AA20-8F6D11028867}\mpengine.dll
    2011-09-18 14:23:51 . 2011-09-18 14:23:54 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Mayan Puzzle
    2011-09-16 16:11:57 . 2011-09-16 16:11:57 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\BULKYPIX
    2011-09-16 13:51:07 . 2011-09-16 13:51:07 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\SMIGames
    2011-09-14 10:50:20 . 2011-09-14 10:50:20 388096 —-a-r- C:\Users\Tweetzz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-09-14 10:50:18 . 2011-09-14 10:50:18 ——– d—–w- C:\Program Files (x86)\Trend Micro
    2011-09-14 10:35:50 . 2011-09-14 10:35:50 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Malwarebytes
    2011-09-14 10:35:34 . 2011-09-14 10:35:34 ——– d—–w- C:\ProgramData\Malwarebytes
    2011-09-14 10:35:28 . 2011-08-31 15:00:50 25416 —-a-w- C:\Windows\system32\drivers\mbam.sys
    2011-09-14 10:35:23 . 2011-09-14 10:35:37 ——– d—–w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-09-13 08:59:10 . 2011-09-14 10:22:13 ——– d—–w- C:\Program Files (x86)\Cursed Memories - The Secret of Agony Creek Collector's Edition
    2011-09-12 12:46:41 . 2011-09-12 12:46:41 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Clockwork Pixels
    2011-09-08 17:27:34 . 2011-09-16 16:19:14 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\PeaceCraft3
    2011-09-08 17:26:36 . 2011-09-09 15:10:46 ——– d—–w- C:\Program Files (x86)\My Kingdom for the Princess III
    2011-09-08 17:24:51 . 2011-09-08 17:25:08 ——– d—–w- C:\Program Files (x86)\Magic Farm 2
    2011-09-07 14:22:03 . 2011-09-07 14:22:03 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\KeepersOfDryandra
    2011-09-07 10:54:33 . 2011-08-19 14:33:16 27992 —-a-w- C:\Windows\system32\SmartDefragBootTime.exe
    2011-09-07 10:54:33 . 2010-11-26 16:02:18 17720 —-a-w- C:\Windows\system32\drivers\SmartDefragDriver.sys
    2011-09-01 11:47:34 . 2011-09-01 11:47:34 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\casualArts
    2011-09-01 11:47:34 . 2011-09-01 11:47:34 ——– d—–w- C:\ProgramData\casualArts
    2011-08-30 16:34:03 . 2011-08-30 16:34:03 ——– d—–w- C:\ProgramData\Desktop Gaming
    2011-08-29 12:54:42 . 2011-08-29 12:56:50 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Phantasmat_zylom_ce
    2011-08-29 10:39:51 . 2011-08-29 10:39:51 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Fenomen Games
    2011-08-29 10:24:00 . 2011-09-21 11:28:22 ——– d—–w- C:\Zylom Games
    2011-08-25 11:20:38 . 2011-08-25 11:20:38 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Casual Box
    2011-08-24 17:22:40 . 2011-08-24 17:22:40 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\BrandX Games
    2011-08-24 09:04:07 . 2011-08-24 09:04:07 ——– d—–w- C:\Users\Tweetzz\AppData\Roaming\Pirate Stories Kit Ellis
    2011-08-24 06:03:30 . 2011-07-09 05:14:10 2048 —-a-w- C:\Windows\system32\tzres.dll
    2011-08-24 06:03:29 . 2011-07-09 04:30:52 2048 —-a-w- C:\Windows\SysWow64\tzres.dll
    .


    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2011-08-19 13:59:28 . 2010-12-26 12:32:23 158832 —-a-w- C:\Windows\system32\mfevtps.exe
    2011-08-17 15:42:49 . 2011-08-17 15:42:48 2560 —-a-w- C:\Windows\_MSRSTRT.EXE
    2011-08-15 08:00:06 . 2010-12-26 12:32:46 9984 —-a-w- C:\Windows\system32\drivers\mfeclnk.sys
    2011-08-15 08:00:06 . 2010-12-26 12:32:42 75672 —-a-w- C:\Windows\system32\drivers\mfenlfk.sys
    2011-08-15 08:00:06 . 2010-12-26 12:32:42 283744 —-a-w- C:\Windows\system32\drivers\mfewfpk.sys
    2011-08-15 08:00:06 . 2010-12-26 12:32:41 65128 —-a-w- C:\Windows\system32\drivers\cfwids.sys
    2011-08-15 08:00:06 . 2010-12-26 12:32:41 481504 —-a-w- C:\Windows\system32\drivers\mfefirek.sys
    2011-08-15 08:00:06 . 2010-12-26 12:32:41 228752 —-a-w- C:\Windows\system32\drivers\mfeavfk.sys
    2011-08-15 08:00:06 . 2010-12-26 12:32:41 100904 —-a-w- C:\Windows\system32\drivers\mferkdet.sys
    2011-08-15 08:00:06 . 2010-08-24 19:57:38 642824 —-a-w- C:\Windows\system32\drivers\mfehidk.sys
    2011-08-15 08:00:06 . 2010-08-24 19:57:38 158584 —-a-w- C:\Windows\system32\drivers\mfeapfk.sys
    2011-07-22 05:35:08 . 2011-08-11 10:04:20 1638912 —-a-w- C:\Windows\system32\mshtml.tlb
    2011-07-22 04:56:17 . 2011-08-11 10:04:20 1638912 —-a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-07-16 05:26:54 . 2011-08-11 09:27:12 362496 —-a-w- C:\Windows\system32\wow64win.dll
    2011-07-16 05:26:53 . 2011-08-11 09:27:13 243200 —-a-w- C:\Windows\system32\wow64.dll
    2011-07-16 05:26:53 . 2011-08-11 09:27:12 13312 —-a-w- C:\Windows\system32\wow64cpu.dll
    2011-07-16 05:26:18 . 2011-08-11 09:27:13 214528 —-a-w- C:\Windows\system32\winsrv.dll
    2011-07-16 05:24:09 . 2011-08-11 09:27:12 16384 —-a-w- C:\Windows\system32
    tvdm64.dll
    2011-07-16 05:21:32 . 2011-08-11 09:27:13 422400 —-a-w- C:\Windows\system32\KernelBase.dll
    2011-07-16 05:17:46 . 2011-08-11 09:27:13 338432 —-a-w- C:\Windows\system32\conhost.exe
    2011-07-16 05:04:54 . 2011-08-11 09:27:12 3072 —ha-w- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:12 3072 —ha-w- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 6144 —ha-w- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 5120 —ha-w- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 4608 —ha-w- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 4608 —ha-w- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 —ha-w- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 —ha-w- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 —ha-w- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 —ha-w- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2011-07-16 04:36:09 . 2011-08-11 09:27:12 14336 —-a-w- C:\Windows\SysWow64
    tvdm64.dll
    2011-07-16 04:32:14 . 2011-08-11 09:27:13 44032 —-a-w- C:\Windows\apppatch\acwow64.dll
    2011-07-16 04:31:50 . 2011-08-11 09:27:13 25600 —-a-w- C:\Windows\SysWow64\setup16.exe
    2011-07-16 04:30:29 . 2011-08-11 09:27:12 5120 —-a-w- C:\Windows\SysWow64\wow32.dll
    2011-07-16 04:30:27 . 2011-08-11 09:27:12 272384 —-a-w- C:\Windows\SysWow64\KernelBase.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 4608 —ha-w- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 —ha-w- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 —ha-w- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 —ha-w- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 —ha-w- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 5120 —ha-w- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 4096 —ha-w- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    2011-07-16 02:26:12 . 2011-08-11 09:27:10 7680 —-a-w- C:\Windows\SysWow64\instnm.exe
    2011-07-16 02:26:11 . 2011-08-11 09:27:08 2048 —-a-w- C:\Windows\SysWow64\user.exe
    2011-07-16 02:21:47 . 2011-08-11 09:27:11 6144 —ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 02:21:47 . 2011-08-11 09:27:11 4608 —ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:21:47 . 2011-08-11 09:27:11 3584 —ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:21:47 . 2011-08-11 09:27:11 3072 —ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-07-09 02:44:55 . 2011-08-11 09:28:03 287744 —-a-w- C:\Windows\system32\drivers\mrxsmb10.sys
    2011-06-29 16:07:50 . 2011-06-29 16:07:50 64512 —-a-w- C:\Windows\SysWow64\devobj.dll
    2011-06-29 16:07:50 . 2011-06-29 16:07:50 44544 —-a-w- C:\Windows\SysWow64\devrtl.dll
    2011-06-29 16:07:50 . 2011-06-29 16:07:50 404992 —-a-w- C:\Windows\system32\umpnpmgr.dll
    2011-06-29 16:07:50 . 2011-06-29 16:07:50 252928 —-a-w- C:\Windows\SysWow64\drvinst.exe
    2011-06-29 16:07:50 . 2011-06-29 16:07:50 145920 —-a-w- C:\Windows\SysWow64\cfgmgr32.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 86528 —-a-w- C:\Windows\SysWow64\SearchFilterHost.exe
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 779264 —-a-w- C:\Windows\system32\mssvp.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 75264 —-a-w- C:\Windows\system32\msscntrs.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 666624 —-a-w- C:\Windows\SysWow64\mssvp.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 59392 —-a-w- C:\Windows\SysWow64\msscntrs.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 593408 —-a-w- C:\Windows\system32\SearchIndexer.exe
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 491520 —-a-w- C:\Windows\system32\mssph.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 428032 —-a-w- C:\Windows\SysWow64\SearchIndexer.exe
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 337408 —-a-w- C:\Windows\SysWow64\mssph.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 288256 —-a-w- C:\Windows\system32\mssphtb.dll
    2011-06-29 16:07:40 . 2011-06-29 16:07:40 249856 —-a-w- C:\Windows\system32\SearchProtocolHost.exe


    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))


    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-05 12:59:15 39408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2011-07-13 07:59:20 1666144]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 12:16:28 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576]
    R2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:43 136176]
    R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 03:45:56 169312]
    R3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Users\Tweetzz\AppData\Local\Temp\EverestDriver.sys [x]
    R3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:43 136176]
    R3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys [x]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys [x]
    R3 McAWFwk;McAfee Activation Service;c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2010-08-30 13:42:00 220528]
    R3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys [x]
    R3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 19:47:18 108400]
    R3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 05:07:12 423280]
    R3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 19:47:16 67952]
    R3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 20:13:46 304496]
    R3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 10:44:10 851824]
    R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 13:55:00 537456]
    R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 13:56:02 384880]
    R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 13:57:16 101232]
    R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [x]
    R4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936]
    R4 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2010-08-05 12:59:17 332272]
    S0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys [x]
    S0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [x]
    S0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\Drivers\SmartDefragDriver.sys [x]
    S1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [x]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 03:16:06 13336]
    S2 iWinTrusted;iWinTrusted;C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2011-04-08 15:17:40 176848]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936]
    S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936]
    S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936]
    S2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-08-19 13:50:56 208272]
    S2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\system32\mfevtps.exe [x]
    S2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
    S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 12:27:22 632792]
    S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 01:01:56 367456]
    S2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys [x]
    S2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys [x]
    S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-08-12 14:15:34 257936]
    S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 08:59:10 104960]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 20:02:57 2320920]
    S2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 16:00:52 575856]
    S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 15:00:04 836608]
    S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys [x]
    S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
    S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys [x]
    S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [x]
    S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys [x]
    S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys [x]
    S3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys [x]
    S3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys [x]
    S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2011-04-20 08:50:52 1021840]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [x]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys [x]


    — Andere Services/Drivers In Geheugen —

    *Deregistered* - mfeavfk01

    Inhoud van de 'Gedeelde Taken' map

    2011-09-21 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:44 . 2010-08-05 12:58:43]

    2011-09-21 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:44 . 2010-08-05 12:58:43]


    ——— x86-64 ———–


    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
    2010-08-05 12:59:17 750064 —-a-w- C:\ProgramData\Partner\Partner64.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0

    ——- Bijkomende Scan ——-

    uLocal Page = C:\Windows\system32\blank.htm
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2527944
    uInternet Settings,ProxyOverride = <local>
    IE: Google Sidewiki… - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    TCP: DhcpNameServer = 192.168.178.1


    ——- Bestandsassociaties ——-

    JSEFile=NOTEPAD.EXE %1

    - - - - ORPHANS VERWIJDERD - - - -

    HKLM-Run-combofix - C:\ComboFix\CF14085.3XE

  • Hoi Tweetzz, hoe draait jouw Windows inmiddels.

    En een speciale vraag: hoe lang zit jij nog vast aan McAfee?
  • geen problemen meer, kwam echt door een bombardement van mails uit de Arabische Emiraten.

    McAfee? Hoezo? Heb ik gratis via Xs4all.

    PS: Abraham, ontzettend bedankt tot nu toe!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  • Er moet nig wat geregeld worden:

    sluit alle openstaande webvensters - behalve dit venster, dat je sluit voor het moment, dat je op de knop [b:d62968bd63]Fix checked[/b:d62968bd63] klikt!


    Start nu HijackThis middels rechtsklik met Administratorrechten (lukt dat niet ga dan naar de installatielokatie van HijackThis en start "hijackthis.exe" vervolgens met administratorrechten.)en klik op de knop [b:d62968bd63]Do a Scan only,

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2527944[/b:d62968bd63]
    [list:d62968bd63][*:d62968bd63] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen
    [*:d62968bd63] Sluit nu de webbrowser en vervolgens klik je daarna op de knop [b:d62968bd63]Fix checked[/b:d62968bd63]
    [*:d62968bd63] Klik hierna HijackThis op uit.[/list:u:d62968bd63]


    Wat McAfee betreft, dat hele pakket sucks!
    Bijna één op de twee aanvragen in Hijack This betreft Windows'en slecht beveiligd door McAfee.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.