Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Wie wil m'n Hijackthis log checken ivm performance?

None
8 antwoorden
  • M'n PC heeft last van performance problemen. CPU is druk bezet. Heb Iobit Malware laten draaien evenals CCleaner en FixRegCleaner. Schijfdefrag uitgevoerd. Daarna dit Hijackthis uitgevoerd. Iemand nog verbetersuggesties?

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:46:26, on 13-7-2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\windows\System32\smss.exe
    C:\windows\system32\winlogon.exe
    C:\windows\system32\services.exe
    C:\windows\system32\lsass.exe
    C:\windows\system32\svchost.exe
    C:\windows\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\windows\system32\svchost.exe
    C:\windows\Explorer.EXE
    C:\windows\system32\spoolsv.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\windows\RTHDCPL.EXE
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Fighters\SPAMfighter\sfagent.exe
    C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
    C:\Program Files\Citrix\ICA Client\concentr.exe
    C:\Program Files\Citrix\ICA Client\wfcrun32.exe
    C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe
    C:\Program Files\Fighters\Tray\FightersTray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
    C:\windows\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Documents and Settings\vd Wiel\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
    C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    C:\Program Files\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe
    C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
    C:\Program Files\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe
    C:\windows\System32\snmp.exe
    C:\Program Files\Fighters\SPAMfighter\sfus.exe
    C:\windows\system32\svchost.exe
    C:\Program Files\Fighters\FighterSuiteService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\windows\system32\mmc.exe
    C:\windows\system32\DfrgNtfs.exe
    C:\Documents and Settings\vd Wiel\Mijn documenten\Downloads\HijackThis.exe
    C:\Program Files\IObit\Advanced SystemCare 5\ASC.exe
    C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
    C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\SearchProtocolHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ig?hl=nl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=1414028700000000000000138ff92eb1&tlver=1.4.19.19&affID=19405
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.7.1.5\IPS\IPSBHO.DLL
    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\SPAMfighter\sfagent.exe
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
    O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [CommonToolkitTray] C:\Program Files\Fighters\Tray\FightersTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Philips Device Listener] "C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe"
    O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-app?lic=QU1VQUItWTJFUUgtQVhGTUgtUUdIUkEtOUFMWFItQw"&"inst=NzYtNzE2MDEwODIzLVFJWDErNC1YMjAxMCsyLUNJQTEwKzItU1AxKzEtU1AxVEIrMS1TVUQrMS1TMUkrMS1TVTMrMS1DSVArMi1ERFQrOTQ2Mi1ERDEwKzEtU1QxMEFQUCsxLVAxME0xMkMrMS1VMTArMS1UQk4rMS1GVUkrMg"&"prod=92"&"ver=10.0.1424
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\vd Wiel\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
    O4 - HKCU\..\Run: [sbitunesagent] C:\Program Files\Philips\Philips Songbird\songbirditunesagent.exe
    O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: ImageMixer for HDD Camcorder.lnk = ?
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: http://www.planet.nl
    O15 - Trusted Zone: http://*.mcafee.com (HKLM)
    O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
    O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
    O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
    O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
    O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
    O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
    O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
    O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1200501299765
    O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
    O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader4.cab
    O16 - DPF: {DAF94F73-2AA6-44D8-A562-A28831820D34} - http://www.pixum.de/int/EasyUpload/ImgUploader.cab
    O16 - DPF: {DB28CF23-0083-40B5-BF63-69925D672385} - http://www.nero.com/doc/NeroVersionChecker.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe
    O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\SPAMfighter\sfus.exe
    O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe


    End of file - 16822 bytes
    [/color:c60070cd3b]
  • Hallo PSL, je schrijft "Heb Iobit Malware laten draaien evenals CCleaner en FixRegCleaner".

    Heeft dat FixRegCleaner ook back-ups gemaakt van hetgeen het tool heeft verwijderd?
    Indien ja - dan de back-ups terugzetten.
    Want dit tool is volledig onbetrouwbaar en Iobit Malware vindt nog niet ééns 0,1% van wat MBAM vindt!
    Een waardeloos tool dus.

    Advies: Iobit Malware en FixRegCleaner verwijderen en nooit meer gebruiken.
    Het gebruik va registercleaners is af te raden.
    Je houdt er eerder een langzamer Windows door.
    Verwijder ook Advanced SystemCare 5; dit tool dat ontstaan is door leentjebuur te spelen bij westerse softwaremakers, conflicteert met vrijwel elke antivirussoftware. Dus dat kan ook een verklaring zijn voor de hoge CPU-last!
    N.B. Iobit is Chinees.


    We gaan meteen een diepe scan doen:

    [b:bf3c6cd969]Welk programma[/b:bf3c6cd969]: [b:bf3c6cd969]ComboFix[/b:bf3c6cd969][/color:bf3c6cd969]
    [b:bf3c6cd969]Waarvoor/waarom[/b:bf3c6cd969]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:bf3c6cd969]Moeilijkheidsgraad[/b:bf3c6cd969]: Lees alles eerst goed vanwege de voorbereidingsfase.
    [b:bf3c6cd969]Downloadlokatie[/b:bf3c6cd969]: Dit programma absoluut naar het bureaublad downloaden!
    [b:bf3c6cd969]Download ComboFix via één van deze locaties[/b:bf3c6cd969]:
    [list:bf3c6cd969][*:bf3c6cd969][b:bf3c6cd969]Bleepingcomputer[/b:bf3c6cd969]
    [*:bf3c6cd969][b:bf3c6cd969]ForoSpyware[/b:bf3c6cd969]
    [*:bf3c6cd969][b:bf3c6cd969]Geekstogo[/b:bf3c6cd969][/list:u:bf3c6cd969]
    [b:bf3c6cd969]Hier[/b:bf3c6cd969] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:bf3c6cd969]Hier[/color:bf3c6cd969][/b:bf3c6cd969] of [b:bf3c6cd969]hier[/b:bf3c6cd969][/color:bf3c6cd969] kan je lezen hoe je dat doet.

    [b:bf3c6cd969]Opmerkingen[/b:bf3c6cd969]:
    [list:bf3c6cd969][*:bf3c6cd969][b:bf3c6cd969]Voor alle duidelijkheid nogmaals[/b:bf3c6cd969]: ComboFix dient vanaf het bureaublad gestart te worden.
    [*:bf3c6cd969] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:bf3c6cd969]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:bf3c6cd969]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:bf3c6cd969]
    [b:bf3c6cd969]ComboFix is opgestart[/b:bf3c6cd969]:
    [list:bf3c6cd969][*:bf3c6cd969]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:bf3c6cd969]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:bf3c6cd969]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:bf3c6cd969]Wanneer ComboFix gereed is, zal het een logbestand voor je maken.
    [*:bf3c6cd969]Post de inhoud van dit logbestand in je volgende bericht.
    [*:bf3c6cd969]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:bf3c6cd969]
    [b:bf3c6cd969]Belangrijke opmerking[/b:bf3c6cd969]:
    [list:bf3c6cd969][*:bf3c6cd969][b:bf3c6cd969]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:bf3c6cd969][/b:bf3c6cd969]
    [*:bf3c6cd969][b:bf3c6cd969]Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.[/color:bf3c6cd969][/b:bf3c6cd969]
    [*:bf3c6cd969][b:bf3c6cd969]Start dan de computer opnieuw op.[/color:bf3c6cd969][/b:bf3c6cd969][/list:u:bf3c6cd969]
  • Dank voor jouw reactie. Ik ga er deze week mee aan de slag. Waarschijnlijk vrijdag a.s. Eerder heb ik geen tijd. Dan laat ik de resultaten weten.
  • Prima hoor, ik wacht je volgende bericht gewoon af.
  • Voila:

    ComboFix 12-07-18.04 - vd Wiel 18-07-2012 20:24:41.1.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1015.302 [GMT 2:00]
    Gestart vanuit: c:\documents and settings\vd Wiel\Mijn documenten\Downloads\ComboFix.exe
    AV: Norton AntiVirus *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    .
    WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Application Data\A99CD94C80.sys
    c:\documents and settings\All Users\Application Data\TEMP
    c:\documents and settings\vd Wiel\Mijn documenten\~WRL1122.tmp
    c:\documents and settings\vd Wiel\Mijn documenten\~WRL2166.tmp
    c:\documents and settings\vd Wiel\Mijn documenten\~WRL3923.tmp
    c:\documents and settings\vd Wiel\WINDOWS
    c:\windows\IsUn0413.exe
    c:\windows\system32\SET151.tmp
    c:\windows\system32\SET15D.tmp
    c:\windows\system32\SET4D.tmp
    c:\windows\system32\SET57.tmp
    c:\windows\system32\SET72.tmp
    c:\windows\system32\SET74.tmp
    c:\windows\system32\SET82.tmp
    c:\windows\system32\SETA4.tmp
    c:\windows\system32\Thumbs.db
    c:\windows\unin0413.exe
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-06-18 to 2012-07-18 ))))))))))))))))))))))))))))))
    .
    .
    2012-07-13 14:11 . 2012-07-13 14:11 ——– d—–w- c:\windows\system32\config\systemprofile\Application Data\IObit
    2012-07-13 08:45 . 2012-07-15 20:39 ——– d–h–r- c:\documents and settings\vd Wiel\Onlangs geopend
    2012-07-13 08:31 . 2012-07-13 08:31 ——– d—–w- c:\documents and settings\All Users\Application Data\IObit
    2012-07-13 08:30 . 2012-07-13 08:31 ——– d—–w- c:\documents and settings\vd Wiel\Application Data\IObit
    2012-07-13 08:30 . 2012-07-13 08:30 ——– d—–w- c:\program files\IObit
    2012-07-13 08:29 . 2012-07-13 08:30 ——– d—–w- c:\program files\CCleaner
    2012-07-08 09:17 . 2012-07-08 09:17 ——– d—–w- c:\documents and settings\vd Wiel\Application Data\Philips
    2012-07-08 08:35 . 2012-07-12 07:40 ——– d—–w- c:\documents and settings\vd Wiel\Application Data\Philips-Songbird
    2012-07-08 08:35 . 2012-07-08 08:36 ——– d—–w- c:\documents and settings\vd Wiel\Local Settings\Application Data\Philips-Songbird
    2012-07-08 08:34 . 2011-01-25 08:48 11264 —-a-w- c:\windows\system32\rockusbCoInstaller.dll
    2012-07-08 08:34 . 2012-07-08 08:34 ——– d—–w- c:\documents and settings\All Users\Application Data\{F0489EF2-D393-4114-85BA-A94D71D89543}
    2012-07-08 08:33 . 2012-07-08 08:34 ——– d—–w- c:\program files\Philips
    2012-06-24 07:41 . 2012-06-24 07:41 476936 —-a-w- c:\windows\system32
    pdeployJava1.dll
    2012-06-22 15:59 . 2012-06-22 15:59 ——– d—–w- c:\program files\iPod
    2012-06-22 15:59 . 2012-06-22 16:00 ——– d—–w- c:\program files\iTunes
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-07-12 07:42 . 2012-04-02 06:45 426184 —-a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-07-12 07:42 . 2011-05-18 07:54 70344 -c–a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-06-24 07:41 . 2007-11-19 13:35 73728 —-a-w- c:\windows\system32\javacpl.cpl
    2012-06-24 07:41 . 2010-04-21 07:49 472840 —-a-w- c:\windows\system32\deployJava1.dll
    2012-06-13 13:55 . 2006-03-02 12:00 1866240 —-a-w- c:\windows\system32\win32k.sys
    2012-06-05 15:49 . 2007-05-15 13:43 1372672 —-a-w- c:\windows\system32\msxml6.dll
    2012-06-05 15:49 . 2006-03-02 12:00 1172480 —-a-w- c:\windows\system32\msxml3.dll
    2012-06-04 04:32 . 2006-03-02 12:00 152576 —-a-w- c:\windows\system32\schannel.dll
    2012-06-02 13:19 . 2007-06-21 12:04 18456 —-a-w- c:\windows\system32\wuaueng.dll.mui
    2012-06-02 13:19 . 2007-03-24 11:01 329240 —-a-w- c:\windows\system32\wucltui.dll
    2012-06-02 13:19 . 2007-03-24 11:01 210968 —-a-w- c:\windows\system32\wuweb.dll
    2012-06-02 13:19 . 2007-03-24 11:01 219160 —-a-w- c:\windows\system32\wuaucpl.cpl
    2012-06-02 13:19 . 2007-03-24 11:01 53784 —-a-w- c:\windows\system32\wuauclt.exe
    2012-06-02 13:19 . 2007-03-24 11:01 35864 —-a-w- c:\windows\system32\wups.dll
    2012-06-02 13:19 . 2006-03-02 12:00 97304 —-a-w- c:\windows\system32\cdm.dll
    2012-06-02 13:19 . 2005-05-26 03:16 45080 —-a-w- c:\windows\system32\wups2.dll
    2012-06-02 13:19 . 2007-06-21 12:04 15896 —-a-w- c:\windows\system32\wuapi.dll.mui
    2012-06-02 13:19 . 2007-06-21 12:04 15896 —-a-w- c:\windows\system32\wuaucpl.cpl.mui
    2012-06-02 13:19 . 2007-03-24 11:01 577048 —-a-w- c:\windows\system32\wuapi.dll
    2012-06-02 13:19 . 2007-06-21 12:04 24088 —-a-w- c:\windows\system32\wucltui.dll.mui
    2012-06-02 13:19 . 2007-03-24 11:01 1933848 —-a-w- c:\windows\system32\wuaueng.dll
    2012-06-02 13:19 . 2008-01-17 08:11 18160 —-a-w- c:\windows\system32\mucltui.dll.mui
    2012-06-02 13:18 . 2008-01-17 08:11 275696 —-a-w- c:\windows\system32\mucltui.dll
    2012-06-02 13:18 . 2007-07-30 18:18 214256 —-a-w- c:\windows\system32\muweb.dll
    2012-05-31 13:22 . 2006-03-02 12:00 602624 —-a-w- c:\windows\system32\crypt32.dll
    2012-05-16 15:09 . 2006-03-02 12:00 916992 —-a-w- c:\windows\system32\wininet.dll
    2012-05-11 14:44 . 2006-03-02 12:00 43520 —-a-w- c:\windows\system32\licmgr10.dll
    2012-05-11 14:44 . 2006-03-02 12:00 1469440 ——w- c:\windows\system32\inetcpl.cpl
    2012-05-11 11:39 . 2006-03-02 12:00 385024 —-a-w- c:\windows\system32\html.iec
    2012-05-05 03:15 . 2006-03-02 12:00 2152960 —-a-w- c:\windows\system32
    toskrnl.exe
    2012-05-05 03:14 . 2004-08-04 00:58 2031104 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2012-05-02 13:47 . 2007-03-24 11:00 139656 —-a-w- c:\windows\system32\drivers\rdpwd.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-03 68856]
    "Garmin Lifetime Updater"="c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-05-23 1466760]
    "sbitunesagent"="c:\program files\Philips\Philips Songbird\songbirditunesagent.exe" [2012-07-10 266240]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-08-14 98304]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-08-14 114688]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2006-08-14 94208]
    "RTHDCPL"="RTHDCPL.EXE" [2006-06-28 16248320]
    "SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
    "PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-11 406016]
    "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
    "Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
    "InCD"="c:\program files\Ahead\InCD\InCD.exe" [2005-07-25 1397760]
    "sfagent"="c:\program files\Fighters\SPAMfighter\sfagent.exe" [2012-02-02 1197704]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240]
    "BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720]
    "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2011-04-25 305088]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
    "Garmin Lifetime Updater"="c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-05-23 1466760]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
    "CommonToolkitTray"="c:\program files\Fighters\Tray\FightersTray.exe" [2012-02-02 1453704]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
    "Philips Device Listener"="c:\program files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe" [2012-07-10 380416]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "AvgUninstallURL"="start http://www.avg.com/nl.special-uninstallation-feedback-app?lic=QU1VQUItWTJFUUgtQVhGTUgtUUdIUkEtOUFMWFItQw&inst=NzYtNzE2MDEwODIzLVFJWDErNC1YMjAxMCsyLUNJQTEwKzItU1AxKzEtU1AxVEIrMS1TVUQrMS1TMUkrMS1TVTMrMS1DSVArMi1ERFQrOTQ2Mi1ERDEwKzEtU1QxMEFQUCsxLVAxME0xMkMrMS1VMTArMS1UQk4rMS1GVUkrMg&prod=92&ver=10.0.1424" [?]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    .
    c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
    ImageMixer for HDD Camcorder.lnk - c:\program files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe [2007-4-7 1871872]
    Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "c:\\WINDOWS\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe"=
    "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
    "c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
    "c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
    "c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Documents and Settings\\vd Wiel\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
    "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
    .
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1307010.005\symds.sys [28-5-2012 11:15 340088]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1307010.005\symefa.sys [28-5-2012 11:15 905336]
    R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120711.002\BHDrvx86.sys [12-7-2012 12:50 821920]
    R1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAV\1307010.005\ccsetx86.sys [28-5-2012 11:15 132744]
    R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [25-4-2011 1:49 65584]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1307010.005\ironx86.sys [28-5-2012 11:15 149624]
    R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [15-6-2011 17:33 249648]
    R2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\19.7.1.5\ccsvchst.exe [28-5-2012 11:15 138232]
    R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\Fighters\SPAMfighter\sfus.exe [2-2-2012 17:07 215688]
    R2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [23-1-2012 14:40 1324680]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [31-5-2012 8:46 106656]
    R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120717.003\IDSXpx86.sys [18-7-2012 9:27 369632]
    S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7-1-2010 9:56 135664]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2-4-2012 8:45 250056]
    S3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [7-7-2011 19:31 195336]
    S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [14-11-2010 15:02 36608]
    S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7-1-2010 9:56 135664]
    S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [30-3-2010 19:50 160256]
    S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys –> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 07:42]
    .
    2012-07-13 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:57]
    .
    2012-07-17 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-25 13:34]
    .
    2012-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 07:56]
    .
    2012-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 07:56]
    .
    2012-07-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-57989841-839522115-1004Core.job
    - c:\documents and settings\vd Wiel\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-21 08:11]
    .
    2012-07-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-57989841-839522115-1004UA.job
    - c:\documents and settings\vd Wiel\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-21 08:11]
    .
    2012-07-18 c:\windows\Tasks\User_Feed_Synchronization-{28C2891D-CA27-4A30-AF3A-2313E2423CBF}.job
    - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/ig
    uInternet Settings,ProxyOverride = *.local
    IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    Trusted Zone: microsoft.com\office
    Trusted Zone: planet.nl\www
    Trusted Zone: //about.htm/
    Trusted Zone: //Exclude.htm/
    Trusted Zone: //LanguageSelection.htm/
    Trusted Zone: //Message.htm/
    Trusted Zone: //MyAgttryCmd.htm/
    Trusted Zone: //MyAgttryNag.htm/
    Trusted Zone: //MyNotification.htm/
    Trusted Zone: //NOCLessUpdate.htm/
    Trusted Zone: //quarantine.htm/
    Trusted Zone: //ScanNow.htm/
    Trusted Zone: //strings.vbs/
    Trusted Zone: //Template.htm/
    Trusted Zone: //Update.htm/
    Trusted Zone: //VirFound.htm/
    Trusted Zone: mcafee.com\*
    Trusted Zone: mcafeeasap.com\betavscan
    Trusted Zone: mcafeeasap.com\vs
    Trusted Zone: mcafeeasap.com\www
    TCP: DhcpNameServer = 88.159.1.200 88.159.1.201
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
    DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
    DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader4.cab
    DPF: {DAF94F73-2AA6-44D8-A562-A28831820D34} - hxxp://www.pixum.de/int/EasyUpload/ImgUploader.cab
    DPF: {DB28CF23-0083-40B5-BF63-69925D672385} - hxxp://www.nero.com/doc/NeroVersionChecker.cab
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0413.EXE
    AddRemove-Easy-WebPrint - c:\windows\IsUn0413.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-07-18 20:34
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NAV]
    "ImagePath"="\"c:\program files\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\19.7.1.5\diMaster.dll\" /prefetch:1"
    .
    Voltooingstijd: 2012-07-18 20:38:10
    ComboFix-quarantined-files.txt 2012-07-18 18:38
    .
    Pre-Run: 38.939.303.936 bytes beschikbaar
    Post-Run: 39.131.312.128 bytes beschikbaar
    .
    - - End Of File - - BF1F15665FFBDA0991950ACF8612A376
  • Hoe zit het nu met de Iobit programma's?
    Indien jij ze via de officiële weg hebt verwijderd is er nog veel achtergebleven.

    En controleer ook onderstaande lijst, of dat wel allemaal klopt, wat betreft als veilig bestemde websites:

    Trusted Zone: microsoft.com\office
    Trusted Zone: planet.nl\www
    Trusted Zone: //about.htm/
    Trusted Zone: //Exclude.htm/
    Trusted Zone: //LanguageSelection.htm/
    Trusted Zone: //Message.htm/
    Trusted Zone: //MyAgttryCmd.htm/
    Trusted Zone: //MyAgttryNag.htm/
    Trusted Zone: //MyNotification.htm/
    Trusted Zone: //NOCLessUpdate.htm/
    Trusted Zone: //quarantine.htm/
    Trusted Zone: //ScanNow.htm/
    Trusted Zone: //strings.vbs/
    Trusted Zone: //Template.htm/
    Trusted Zone: //Update.htm/
    Trusted Zone: //VirFound.htm/
    Trusted Zone: mcafee.com\*
    Trusted Zone: mcafeeasap.com\betavscan
    Trusted Zone: mcafeeasap.com\vs
    Trusted Zone: mcafeeasap.com\www
  • Iobit: heb ik inmiddels weggehaald.
    MCAffee heb ik inmiddels ook weggehaald, immers er zit Norton op.
    Waar kan ik de trusted zone links beheren?
  • Configuratiescherm/Internetopties.

    [b:cc00d37f81]Welk programma[/b:cc00d37f81]: [b:cc00d37f81]Emsisoft Emergency Kit 1.0[/b:cc00d37f81][/color:cc00d37f81]
    [b:cc00d37f81]Waarvoor/waarom[/b:cc00d37f81]: Detecteert en verwijdert malware
    [b:cc00d37f81]Moeilijkheidsgraad[/b:cc00d37f81]: geen.
    Download: [b:cc00d37f81]Emsisoft Emergency Kit[/color:cc00d37f81][/b:cc00d37f81]

    [b:cc00d37f81]Opmerkingen[/b:cc00d37f81]:[list:cc00d37f81][*:cc00d37f81]de download is gecomprimeerd, pak EmsisoftEmergencyKit.zip uit en plaats de nieuwe map op het bureaublad.
    [*:cc00d37f81]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:cc00d37f81]

    [b:cc00d37f81]Emsisoft Emergency Kit opstarten[/b:cc00d37f81] door de map "[b:cc00d37f81]EmsisoftEmergencyKit[/b:cc00d37f81]" te openen
    [list:cc00d37f81][list:cc00d37f81][*:cc00d37f81][b:cc00d37f81]Windows 2000[/color:cc00d37f81][/b:cc00d37f81] en [b:cc00d37f81]Windows XP[/b:cc00d37f81][/color:cc00d37f81]: dubbelklik op "Start.exe".
    [*:cc00d37f81][b:cc00d37f81]Windows Vista[/b:cc00d37f81][/color:cc00d37f81] en [b:cc00d37f81]Windows 7[/b:cc00d37f81][/color:cc00d37f81]: via rechtsklik op "Start.exe" en kies voor "Als Administrator uitvoeren".[/list:u:cc00d37f81][/list:u:cc00d37f81]

    [b:cc00d37f81]Scannen[/b:cc00d37f81]:
    [list:cc00d37f81][*:cc00d37f81] Klik nu in het keuzescherm op "[b:cc00d37f81]Emergency Kit Scanner[/b:cc00d37f81]" en aansluitend komt dan de melding,
    dat het is aanbevolen om eerst te updaten.

    [img:cc00d37f81]http://www.imgdumper.nl/uploads5/4f8d1a3bd534a/4f8d1a3bd3fbd-EmsisoftEK11.jpg[/img:cc00d37f81]


    [*:cc00d37f81]Doe dit dan ook door te klikken op "[b:cc00d37f81]Ja[/b:cc00d37f81]"
    [*:cc00d37f81]Wanneer het updaten gereed is volgt de melding "[b:cc00d37f81]Update proces is succesvol afgerond[/b:cc00d37f81]"
    [*:cc00d37f81]Klik nu op"[b:cc00d37f81]Menu[/b:cc00d37f81]" en dan op "[b:cc00d37f81]Scan PC[/b:cc00d37f81]"
    [*:cc00d37f81] Selecteer de optie "[b:cc00d37f81]Diep[/b:cc00d37f81]" als deze niet standaard al zo is ingesteld.
    [*:cc00d37f81] Klik aansluitend op de knop "[b:cc00d37f81]Scan[/b:cc00d37f81]"
    [list:cc00d37f81][*:cc00d37f81]Wees geduldig en doe verder niets met de computer gedurende de scan,
    daar de scan geruime tijd kan duren.[/list:u:cc00d37f81]
    [*:cc00d37f81] Het venster met de waarschuwing over een verhoogd risico kan gesloten worden, wanneer de scan gereed is.


    [*:cc00d37f81] Zorg ervoor dat alle gevonden items zijn aangevinkt en klik dan op de knop "[b:cc00d37f81]Verwijder geselecteerde[/b:cc00d37f81]" - dan zal de volgende melding komen:

    [img:cc00d37f81]http://www.imgdumper.nl/uploads5/4f8d1a4d63784/4f8d1a4d61ffa-EmsisoftEK2.jpg[/img:cc00d37f81]


    [*:cc00d37f81]Klik aansluitend dus op "[b:cc00d37f81]Ja[/b:cc00d37f81]"
    [*:cc00d37f81] Wanneer het verwijderen klaar is, klik dan op de knop "[b:cc00d37f81]View report[/b:cc00d37f81]" en selecteer het tekstbestand van deze scan met de naam zoals: [b:cc00d37f81]a2scan_110730-111615.txt[/b:cc00d37f81]
    [*:cc00d37f81] Plaats de inhoud van dat LOG bestand straks in het nieuwe bericht.[/list:u:cc00d37f81]
    [b:cc00d37f81]Notabene:[/b:cc00d37f81][/color:cc00d37f81] Herstart nu de computer.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.