HPc

Het verwijderen van de babylon toolbar is inmiddels gelukt

Ik heb de addons van Babylon Toolbar verwijderd in Firefox. Maar ik heb nog steeds een werkbalk in de navigatiewerkbalk. Hoe kan ik deze verwijderen? ---------- Post toegevoegd om 16:37 ---------- Vorige post was om 16:30 ---------- Ik heb TDSSKiller.exe wel gedownload en op mijn bureaublad geplaatst, maar de scan is niet gelukt.

. DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.3.0 Run by Pela at 13:25:29 on 2012-03-04 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.1911.976 [GMT 1:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\STacSV.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\aestsrv.exe c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Windows\system32\taskhost.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVH.EXE C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\REGSVR32.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.bing.com/ mStart Page = about:blank BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - No File TB: {87775FDB-6972-41F9-AE51-8326E38CB206} - No File uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe mRun: [FreeFallProtection] c:\program files\stmicroelectronics\accelerometer\FF_Protection.exe mRun: [broadcom Wireless Manager UI] c:\program files\dell\dw wlan card\WLTRAY.exe mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell2.exe" /mode2 mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe" mRun: [DBRMTray] c:\dell\dbrm\reminder\DbrmTrayIcon.exe mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\users\pela\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe StartupFolder: c:\users\pela\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~2.lnk - c:\program files\openoffice.org 3\program\quickstart.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 193.74.208.65 194.119.228.67 192.168.1.1 TCP: Interfaces\{8CDE464C-1B4B-45A8-8B6D-CC932ED71A72} : DhcpNameServer = 193.74.208.65 194.119.228.67 192.168.1.1 TCP: Interfaces\{B71C7A36-ADC6-4C23-A10B-61F1FEB2305C} : DhcpNameServer = 193.74.208.65 194.119.228.67 192.168.1.1 TCP: Interfaces\{B71C7A36-ADC6-4C23-A10B-61F1FEB2305C}\2626F68723D293163613 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{B71C7A36-ADC6-4C23-A10B-61F1FEB2305C}\75966496F53353 : DhcpNameServer = 192.168.1.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: igfxcui - igfxdev.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\pela\appdata\roaming\mozilla\firefox\profiles\9ndw5now.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3106777&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - FF - prefs.js: browser.startup.homepage - hxxp://google.be FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre1.6.0_22\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre1.6.0_22\bin\new_plugin\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.id - d02d2a220000000000001c659d2da719 FF - user.js: extensions.BabylonToolbar_i.hardId - d02d2a220000000000001c659d2da719 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15380 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1721:09:07 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109985 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . ============= SERVICES / DRIVERS =============== . R0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\drivers\stdflt.sys [2010-9-5 16176] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928] R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_f39a6924a795ad94\AEstSrv.exe [2010-8-1 81920] R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2012-1-4 822624] R2 InstallFilterService;FF Install Filter Service;c:\program files\stmicroelectronics\accelerometer\InstallFilterService.exe [2010-9-5 60928] R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2011-10-1 508776] R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2010-9-5 2320920] R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Acceler.sys [2010-8-1 41648] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-9-5 29472] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2010-9-5 143968] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-8-1 125696] R3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2010-8-1 232960] R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-8-1 277536] R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2011-10-1 579944] R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2011-10-1 194408] R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2011-10-1 21864] R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2011-10-1 19304] R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2011-10-1 219496] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-6 136176] S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-2-29 652360] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\drivers\CtAudDrv.sys [2010-9-5 134144] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-11-15 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840] S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-6 136176] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-8-1 171520] S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-10-11 1343400] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] . =============== Created Last 30 ================ . 2012-03-04 10:01:31 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4f846235-1e18-4ad9-9606-27428de2e78f}\offreg.dll 2012-03-03 22:36:34 637848 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-03-03 20:25:36 -------- d-s---w- C:\ComboFix 2012-03-02 15:49:59 -------- d-----w- c:\windows\system32\EventProviders 2012-03-02 09:34:24 6552120 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4f846235-1e18-4ad9-9606-27428de2e78f}\mpengine.dll 2012-03-01 16:24:53 388096 ----a-r- c:\users\pela\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2012-02-29 16:42:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-02-23 18:48:12 -------- d-----w- C:\temp 2012-02-23 18:37:02 -------- d-----w- c:\users\pela\appdata\local\Trend Micro 2012-02-23 18:26:56 -------- d-----w- c:\program files\Trend Micro 2012-02-21 16:24:29 -------- d-----w- c:\users\pela\appdata\roaming\ACD Systems 2012-02-21 16:24:29 -------- d-----w- c:\users\pela\appdata\local\ACD Systems 2012-02-21 16:22:32 -------- d-----w- c:\program files\common files\ACD Systems 2012-02-21 16:21:27 -------- d-----w- c:\users\pela\appdata\local\Downloaded Installations 2012-02-21 16:10:34 -------- d-----w- c:\users\pela\appdata\roaming\TuneUp Software 2012-02-21 16:09:53 -------- d-----w- c:\programdata\TuneUp Software 2012-02-21 16:09:41 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-02-21 16:07:35 -------- d-----w- c:\users\pela\appdata\roaming\uTorrent 2012-02-14 22:56:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-02-14 22:56:01 1798656 ----a-w- c:\windows\system32\jscript9.dll 2012-02-14 22:56:01 141112 ----a-w- c:\program files\internet explorer\sqmapi.dll 2012-02-14 22:56:00 194048 ----a-w- c:\program files\internet explorer\IEShims.dll 2012-02-14 22:56:00 1127424 ----a-w- c:\windows\system32\wininet.dll 2012-02-14 22:55:59 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll 2012-02-14 22:55:57 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2012-02-14 21:29:53 478208 ----a-w- c:\windows\system32\timedate.cpl 2012-02-14 21:29:45 690688 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-14 21:29:42 442880 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-14 21:29:39 2340864 ----a-w- c:\windows\system32\win32k.sys 2012-02-11 21:56:17 -------- d-----w- c:\users\pela\appdata\local\Apps 2012-02-10 20:03:52 -------- d-----w- c:\users\pela\appdata\roaming\Systweak 2012-02-10 20:03:50 17280 ----a-w- c:\windows\system32\roboot.exe 2012-02-07 15:46:06 -------- d-----w- c:\users\pela\appdata\local\CrashDumps 2012-02-07 00:13:26 150200 ----a-w- c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru_bak\components\kavlinkfilter.dll 2012-02-05 20:17:05 -------- d-----w- C:\Recovery - 20110919150711 . ==================== Find3M ==================== . 2012-03-03 22:36:15 567696 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-03 19:58:20 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-01-29 04:10:42 237072 ------w- c:\windows\system32\MpSigStub.exe . =================== ROOTKIT ==================== . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Windows 6.1.7600 Disk: WDC_WD25 rev.01.0 -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 . device: opened successfully user: MBR read successfully . Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x87A44FA9]<< _asm { PUSH EBP; MOV EBP, ESP; PUSH EBX; MOV EBX, [EBP+0xc]; PUSH ESI; XOR EDX, EDX; CMP [0x87a4cd34], EDX; PUSH EDI; MOV EDI, [EBX+0x60]; JZ 0x187; MOV EAX, [EBP+0x8]; } 1 ntkrnlpa!IofCallDriver[0x82C48458] -> \Device\Harddisk0\DR0[0x87A297F0] 3 CLASSPNP[0x88BAA59E] -> ntkrnlpa!IofCallDriver[0x82C48458] -> [0x87A29020] \Driver\stdflt[0x879E93D0] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0x87A44FA9 kernel: MBR read successfully _asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [bP+0x0], 0x0; } user != kernel MBR !!! error: Read Kan de opdracht niet uitvoeren door een fout in een I/O-apparaat. sectors 488397151 (+0): user != kernel Warning: possible TDL4 rootkit infection ! TDL4 rootkit infection detected ! Use: "mbr.exe -f" to fix. . ============= FINISH: 13:32:04,15 ===============

log van checkup.txt Results of screen317's Security Check version 0.99.31 Windows 7 x86 (UAC is enabled) Internet Explorer 9 `````````````````````````````` Antivirus/Firewall Check: WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Java 7 Update 3 Adobe Reader X (10.1.2) Mozilla Firefox (7.0.1) ```````````````````````````````` Process Check: objlist.exe by Laurent ``````````End of Log````````````

- Bedoelt u met "Alle mappen van dit type" alle mappen met accolades met cijfers in of enkel de specifieke cijfers. - Na het installeren van java kreeg ik volgende foutmelding: Error melding Wrapper. CreateFile failed with errors: Toegang geweigerd. Is Java nu OK, of dient dit nogmaals geïnstalleerd te worden?

Ik heb per ongeluk de logfile van Attach.txt ook gepost , kan die verwijderd worden uit het forum

logfile van DDS.txt: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_22 Run by Pela at 21:41:15 on 2012-03-03 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.1911.1084 [GMT 1:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\STacSV.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\aestsrv.exe c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\REGSVR32.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.bing.com/ mStart Page = about:blank BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre1.6.0_22\bin\jp2ssv.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - No File TB: {87775FDB-6972-41F9-AE51-8326E38CB206} - No File uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe mRun: [FreeFallProtection] c:\program files\stmicroelectronics\accelerometer\FF_Protection.exe mRun: [broadcom Wireless Manager UI] c:\program files\dell\dw wlan card\WLTRAY.exe mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell2.exe" /mode2 mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe" mRun: [DBRMTray] c:\dell\dbrm\reminder\DbrmTrayIcon.exe mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\users\pela\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe StartupFolder: c:\users\pela\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~2.lnk - c:\program files\openoffice.org 3\program\quickstart.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 193.74.208.65 194.119.228.67 192.168.1.1 TCP: Interfaces\{8CDE464C-1B4B-45A8-8B6D-CC932ED71A72} : DhcpNameServer = 193.74.208.65 194.119.228.67 192.168.1.1 TCP: Interfaces\{B71C7A36-ADC6-4C23-A10B-61F1FEB2305C} : DhcpNameServer = 193.74.208.65 194.119.228.67 192.168.1.1 TCP: Interfaces\{B71C7A36-ADC6-4C23-A10B-61F1FEB2305C}\2626F68723D293163613 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{B71C7A36-ADC6-4C23-A10B-61F1FEB2305C}\75966496F53353 : DhcpNameServer = 192.168.1.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: igfxcui - igfxdev.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\pela\appdata\roaming\mozilla\firefox\profiles\9ndw5now.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3106777&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?AF=109985&babsrc=HP_ss&mntrId=d02d2a220000000000001c659d2da719 FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2865317&SearchSource=2&q= FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre1.6.0_22\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre1.6.0_22\bin\new_plugin\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.id - d02d2a220000000000001c659d2da719 FF - user.js: extensions.BabylonToolbar_i.hardId - d02d2a220000000000001c659d2da719 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15380 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1721:09:07 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109985 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . ============= SERVICES / DRIVERS =============== . R0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\drivers\stdflt.sys [2010-9-5 16176] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928] R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_f39a6924a795ad94\AEstSrv.exe [2010-8-1 81920] R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2012-1-4 822624] R2 InstallFilterService;FF Install Filter Service;c:\program files\stmicroelectronics\accelerometer\InstallFilterService.exe [2010-9-5 60928] R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2011-10-1 508776] R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2010-9-5 2320920] R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Acceler.sys [2010-8-1 41648] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-9-5 29472] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2010-9-5 143968] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-8-1 125696] R3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2010-8-1 232960] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-8-1 277536] R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2011-10-1 579944] R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2011-10-1 194408] R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2011-10-1 21864] R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2011-10-1 19304] R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2011-10-1 219496] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-6 136176] S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-2-29 652360] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\drivers\CtAudDrv.sys [2010-9-5 134144] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-11-15 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840] S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-6 136176] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-8-1 171520] S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-10-11 1343400] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] . =============== Created Last 30 ================ . 2012-03-03 20:25:36 -------- d-s---w- C:\ComboFix 2012-03-03 09:28:42 -------- d-----w- c:\users\pela\appdata\local\{369F9106-3F17-4BD2-A021-B959D40E108B} 2012-03-03 09:28:31 -------- d-----w- c:\users\pela\appdata\local\{A82FA601-16C7-46AC-988A-D6B84BC5E7AA} 2012-03-02 15:49:59 -------- d-----w- c:\windows\system32\EventProviders 2012-03-02 09:34:24 6552120 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4f846235-1e18-4ad9-9606-27428de2e78f}\mpengine.dll 2012-03-02 09:03:38 -------- d-----w- c:\users\pela\appdata\local\{27A2DED4-CDE9-4129-8993-18A1DBABC47C} 2012-03-02 09:03:26 -------- d-----w- c:\users\pela\appdata\local\{4C11D2EB-E91F-4B40-B376-178ECB697649} 2012-03-01 20:50:51 -------- d-----w- c:\users\pela\appdata\local\{2DF90DAE-9CEC-4286-AF54-D5F311B261A4} 2012-03-01 20:50:39 -------- d-----w- c:\users\pela\appdata\local\{63CCFC06-6D62-43F3-BDA0-863967525DD0} 2012-03-01 16:24:53 388096 ----a-r- c:\users\pela\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2012-02-29 16:42:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-02-25 14:00:14 -------- d-----w- c:\users\pela\appdata\local\{A92B3814-6E78-41F6-B8CA-04F61BCCDFF7} 2012-02-25 13:59:48 -------- d-----w- c:\users\pela\appdata\local\{FA24F8D0-1B47-4FDA-98DF-B5A6340CF410} 2012-02-25 13:25:01 -------- d-----w- c:\users\pela\appdata\local\{559A603A-3BCF-4D1D-AAAB-16B276863741} 2012-02-24 10:21:10 -------- d-----w- c:\users\pela\appdata\local\{6BADB7A2-7FCD-4691-91FC-F36ADFD9BA99} 2012-02-24 10:20:58 -------- d-----w- c:\users\pela\appdata\local\{8B42896C-78A4-4CE6-9D91-11A31B694307} 2012-02-23 18:50:53 -------- d-----w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} 2012-02-23 18:48:12 -------- d-----w- C:\temp 2012-02-23 18:37:02 -------- d-----w- c:\users\pela\appdata\local\Trend Micro 2012-02-23 18:26:56 -------- d-----w- c:\program files\Trend Micro 2012-02-23 16:39:46 -------- d-----w- c:\users\pela\appdata\local\{EC5D121C-268C-41B2-950D-3BEAF0B41C49} 2012-02-23 16:39:32 -------- d-----w- c:\users\pela\appdata\local\{F41ABD6C-E13E-4AF5-9B79-EC864CFCBDF9} 2012-02-22 10:16:51 -------- d-----w- c:\users\pela\appdata\local\{6B129761-0611-47FE-9BF0-D253CDE61CA0} 2012-02-22 10:16:39 -------- d-----w- c:\users\pela\appdata\local\{B0CB2EE7-00BD-4418-B7A6-523B71BF5082} 2012-02-21 16:24:29 -------- d-----w- c:\users\pela\appdata\roaming\ACD Systems 2012-02-21 16:24:29 -------- d-----w- c:\users\pela\appdata\local\ACD Systems 2012-02-21 16:22:32 -------- d-----w- c:\program files\common files\ACD Systems 2012-02-21 16:21:27 -------- d-----w- c:\users\pela\appdata\local\Downloaded Installations 2012-02-21 16:10:34 -------- d-----w- c:\users\pela\appdata\roaming\TuneUp Software 2012-02-21 16:09:53 -------- d-----w- c:\programdata\TuneUp Software 2012-02-21 16:09:41 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-02-21 16:07:35 -------- d-----w- c:\users\pela\appdata\roaming\uTorrent 2012-02-21 15:37:30 -------- d-----w- c:\users\pela\appdata\local\{1A801A0E-9CF1-48DD-A8C5-B38780EF0256} 2012-02-20 11:47:05 -------- d-----w- c:\users\pela\appdata\local\{B9BF410A-9BA7-4989-B049-726821C3FEAC} 2012-02-20 11:46:49 -------- d-----w- c:\users\pela\appdata\local\{30D83EF7-E5A7-4E47-9BB7-E2CD8E167426} 2012-02-20 10:34:54 -------- d-----w- c:\users\pela\appdata\local\{63828642-BB5D-48D1-AB0D-D44BDCE7BE50} 2012-02-20 09:04:18 -------- d-----w- c:\users\pela\appdata\local\{25A10A09-DC63-40E5-9D7A-67C4BCB39BDE} 2012-02-20 06:41:55 -------- d-----w- c:\users\pela\appdata\local\{5934AFC9-383B-47C4-B610-7DDF1895BEC4} 2012-02-19 14:13:47 -------- d-----w- c:\users\pela\appdata\local\{F40F2FB2-5DCA-4805-9879-E708F2D1A3B7} 2012-02-18 18:08:32 -------- d-----w- c:\users\pela\appdata\local\{FFADBA2C-03D4-4449-BDB3-5690865E5BEE} 2012-02-17 21:01:46 0 ----a-w- c:\windows\system32\sho8778.tmp 2012-02-17 19:43:01 -------- d-----w- c:\users\pela\appdata\local\{9816B7CF-23F5-4769-975C-D0B77FC74ACC} 2012-02-17 17:32:37 -------- d-----w- c:\users\pela\appdata\local\{B29A78DF-8B4D-4807-BBB9-23215CD33202} 2012-02-17 12:12:46 -------- d-----w- c:\users\pela\appdata\local\{C4AF6A20-1ABD-447F-A6DA-77232208D185} 2012-02-16 23:43:00 -------- d-----w- c:\users\pela\appdata\local\{5D5B1915-F0C8-4B8A-BA47-F559AD6CB533} 2012-02-16 08:13:38 -------- d-----w- c:\users\pela\appdata\local\{01247F45-4D08-4F26-81FD-F735A16B4AD5} 2012-02-16 08:11:50 -------- d-----w- c:\users\pela\appdata\local\{EB7FE929-BCA5-4F35-98FE-DB2626C57E8E} 2012-02-15 23:42:47 -------- d-----w- c:\users\pela\appdata\local\{3DCD22EB-F99C-428D-8F31-8B1013BF02AA} 2012-02-15 09:25:23 -------- d-----w- c:\users\pela\appdata\local\{FE8164A0-2267-4CDC-B55F-A8C946253D21} 2012-02-15 09:23:08 -------- d-----w- c:\users\pela\appdata\local\{E075FC58-C059-4D81-87BA-888FEC527840} 2012-02-14 22:56:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-02-14 22:56:01 1798656 ----a-w- c:\windows\system32\jscript9.dll 2012-02-14 22:56:01 141112 ----a-w- c:\program files\internet explorer\sqmapi.dll 2012-02-14 22:56:00 194048 ----a-w- c:\program files\internet explorer\IEShims.dll 2012-02-14 22:56:00 1127424 ----a-w- c:\windows\system32\wininet.dll 2012-02-14 22:55:59 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll 2012-02-14 22:55:57 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2012-02-14 21:29:53 478208 ----a-w- c:\windows\system32\timedate.cpl 2012-02-14 21:29:45 690688 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-14 21:29:42 442880 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-14 21:29:39 2340864 ----a-w- c:\windows\system32\win32k.sys 2012-02-14 21:22:38 -------- d-----w- c:\users\pela\appdata\local\{72697C93-B8F9-4935-BE70-E19CAC06E5B0} 2012-02-14 21:21:49 -------- d-----w- c:\users\pela\appdata\local\{924232E5-065E-47FA-8884-22E9053698EE} 2012-02-13 21:41:52 -------- d-----w- c:\users\pela\appdata\local\{DE45E181-96FC-460C-986D-0313B748299C} 2012-02-13 19:59:35 0 ----a-w- c:\windows\system32\shoDEDA.tmp 2012-02-13 01:14:23 0 ----a-w- c:\windows\system32\shoAAC0.tmp 2012-02-13 00:21:40 -------- d-----w- c:\users\pela\appdata\local\{F3F15DCA-E645-45C7-9F6D-F06CCE3965A6} 2012-02-13 00:21:18 -------- d-----w- c:\users\pela\appdata\local\{DF504631-0E7A-45AD-928B-341995AACF9E} 2012-02-12 22:13:11 -------- d-----w- c:\users\pela\appdata\local\{60024CBB-7790-43B6-BC25-8B942547E862} 2012-02-12 00:24:57 0 ----a-w- c:\windows\system32\shoAA27.tmp 2012-02-11 21:56:17 -------- d-----w- c:\users\pela\appdata\local\Apps 2012-02-11 21:02:17 -------- d-----w- c:\users\pela\appdata\local\{74CDC542-2DE6-406C-A06F-1CBD2991BAA6} 2012-02-11 12:41:03 -------- d-----w- c:\users\pela\appdata\local\{07DDF2FF-F13B-45F9-8DB3-1A28F51C6913} 2012-02-10 20:47:18 0 ----a-w- c:\windows\system32\sho60F3.tmp 2012-02-10 20:35:00 -------- d-----w- c:\users\pela\appdata\local\{B7606FE2-D93C-4F1C-B781-D210E75BF15F} 2012-02-10 20:09:00 -------- d-----w- c:\users\pela\appdata\local\Babylon 2012-02-10 20:08:58 -------- d-----w- c:\users\pela\appdata\roaming\Babylon 2012-02-10 20:08:58 -------- d-----w- c:\programdata\Babylon 2012-02-10 20:03:52 -------- d-----w- c:\users\pela\appdata\roaming\Systweak 2012-02-10 20:03:50 17280 ----a-w- c:\windows\system32\roboot.exe 2012-02-10 19:45:51 -------- d-----w- c:\users\pela\appdata\local\{A664D344-1D55-4E8B-84FB-1C42D98FF2A5} 2012-02-09 20:56:20 -------- d-----w- c:\users\pela\appdata\local\{44B8F20C-74AD-4BAE-BADE-8F69892A3DC9} 2012-02-09 18:32:37 -------- d-----w- c:\users\pela\appdata\local\{7E6E93F9-1B24-4671-81EB-5116CF8B44F7} 2012-02-09 16:57:36 -------- d-----w- c:\users\pela\appdata\local\{78E8D0BB-3224-443B-9AD4-6757C1C9AD50} 2012-02-07 15:46:06 -------- d-----w- c:\users\pela\appdata\local\CrashDumps 2012-02-07 15:23:42 -------- d-----w- c:\users\pela\appdata\local\{10970020-C67C-4072-A376-302DFE1ABE53} 2012-02-07 15:23:31 -------- d-----w- c:\users\pela\appdata\local\{DF72EFCE-220E-4F1A-896D-07ED756B0FEE} 2012-02-07 15:22:16 -------- d-----w- c:\users\pela\appdata\local\{E9030A75-0292-48E2-8F36-48D847971E08} 2012-02-07 00:13:26 150200 ----a-w- c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru_bak\components\kavlinkfilter.dll 2012-02-06 19:38:20 -------- d-----w- c:\users\pela\appdata\local\{D6CCFE55-E753-4BB5-A4FD-015FCBB51C87} 2012-02-06 19:38:09 -------- d-----w- c:\users\pela\appdata\local\{449C9149-D600-456F-B718-F0BAF9572D47} 2012-02-06 10:04:10 -------- d-----w- c:\users\pela\appdata\local\{3D9E2B14-4E8A-4EF6-ACCD-70E15F9ECE50} 2012-02-05 20:38:30 -------- d-----w- c:\users\pela\appdata\local\{422CB62B-4C61-4B2A-8823-A308BDE8E042} 2012-02-05 20:17:05 -------- d-----w- C:\Recovery - 20110919150711 2012-02-05 20:07:13 -------- d-----w- c:\users\pela\appdata\local\{CE17D68C-B780-4D5F-A423-CD2C257FD210} 2012-02-04 13:13:43 -------- d-----w- c:\users\pela\appdata\local\{B4EF8D2C-31CC-48F3-B429-9E02E0B5499C} 2012-02-04 13:13:32 -------- d-----w- c:\users\pela\appdata\local\{0E1B5114-469E-4C47-B797-FBCE11F0AB7C} 2012-02-04 08:47:22 -------- d-----w- c:\users\pela\appdata\local\{76A207D0-B59C-4A5C-82C4-AA6AF8BC5CA7} 2012-02-03 19:06:42 -------- d-----w- c:\users\pela\appdata\local\{1995B91C-FF30-4953-B690-7C7E834B6DD1} 2012-02-03 19:06:24 -------- d-----w- c:\users\pela\appdata\local\{62F78D6A-A0AE-4851-9749-B3BDB23C4475} . ==================== Find3M ==================== . 2012-03-03 19:58:20 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-01-29 04:10:42 237072 ------w- c:\windows\system32\MpSigStub.exe . =================== ROOTKIT ==================== . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Windows 6.1.7600 Disk: WDC_WD25 rev.01.0 -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 . device: opened successfully user: MBR read successfully . Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x87A44FA9]<< _asm { PUSH EBP; MOV EBP, ESP; PUSH EBX; MOV EBX, [EBP+0xc]; PUSH ESI; XOR EDX, EDX; CMP [0x87a4cd34], EDX; PUSH EDI; MOV EDI, [EBX+0x60]; JZ 0x187; MOV EAX, [EBP+0x8]; } 1 ntkrnlpa!IofCallDriver[0x82C42458] -> \Device\Harddisk0\DR0[0x87A2DAC8] 3 CLASSPNP[0x88DA859E] -> ntkrnlpa!IofCallDriver[0x82C42458] -> [0x87A2C350] kernel: MBR read successfully _asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [bP+0x0], 0x0; } user != kernel MBR !!! error: Read Kan de opdracht niet uitvoeren door een fout in een I/O-apparaat. sectors 488397151 (+0): user != kernel . ============= FINISH: 21:47:19,91 =============== logfile van Attach.txt: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 30/09/2010 12:26:37 System Uptime: 3/03/2012 21:20:25 (0 hours ago) . Motherboard: Dell Inc. | | 0G2R51 Processor: Intel® Core i3 CPU M 350 @ 2.27GHz | CPU 1 | 2261/533mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 218 GiB total, 164,512 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP192: 21/02/2012 16:42:14 - Windows Update RP193: 21/02/2012 17:09:59 - TuneUp Utilities 2012 is geïnstalleerd RP194: 21/02/2012 17:22:13 - Installed ACDSee Pro 3. RP195: 22/02/2012 11:20:13 - Windows Update RP196: 23/02/2012 19:56:06 - Removed Java 6 Update 29 RP197: 23/02/2012 21:01:25 - TuneUp Utilities 2012 is verwijderd RP198: 23/02/2012 21:02:24 - TuneUp Utilities Language Pack (nl-NL) is verwijderd RP199: 23/02/2012 21:03:45 - Removed Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 RP200: 23/02/2012 21:04:26 - Microsoft Visual C++ 2005 Redistributable is verwijderd RP201: 23/02/2012 21:04:58 - Removed Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 RP202: 23/02/2012 21:05:24 - Removed Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 RP203: 23/02/2012 21:05:53 - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 RP204: 23/02/2012 22:59:36 - Removed ACDSee Pro 3. RP205: 24/02/2012 0:39:17 - Windows Update RP206: 24/02/2012 14:52:18 - Windows Update RP207: 24/02/2012 18:58:04 - Removed Adobe Reader 9.5.0 - Nederlands. RP208: 27/02/2012 18:27:44 - Installed Adobe Reader X (10.1.0) - Nederlands. RP209: 28/02/2012 10:18:48 - Windows Update RP210: 1/03/2012 17:24:25 - Installed HiJackThis RP211: 2/03/2012 10:33:57 - Windows Update RP212: 2/03/2012 23:40:12 - Removed Adobe Reader X (10.1.2) - Nederlands. . ==== Installed Programs ====================== . Accelerometer Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.2) - Nederlands Advanced Audio FX Engine Canon MP Navigator EX 3.0 Canon MP550 series MP Drivers Cisco LEAP Module Cisco PEAP Module CyberLink PowerDVD 9.5 D3DX10 Dell Backup and Recovery Manager Dell Edoc Viewer Dell Touchpad Dell Webcam Central Download Updater (AOL LLC) DW WLAN Card Utility Google Chrome Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper HiJackThis Intel® Graphics Media Accelerator Driver Intel® Management Engine Components Java Auto Updater Java 6 Update 22 Junk Mail filter update Live! Cam Avatar Creator Malwarebytes Anti-Malware versie 1.60.1.1000 Martindale (Single-user Version) Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office Klik-en-Klaar 2010 Microsoft Office Starter 2010 - Nederlands Microsoft PowerPoint Viewer Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 7.0.1 (x86 nl) MSVCRT OpenOffice.org 3.3 QuickSet32 Roxio Creator Audio Roxio Creator Copy Roxio Creator Data Roxio Creator DE 10.3 Roxio Creator Tools Roxio Express Labeler 3 Roxio Update Manager Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) WIDCOMM Bluetooth Software Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== End Of File ===========================

Ook in de veilige modus wordt er weer gescand maar ik krijg geen logje (gezocht naar combofix.txt) (Toch bedankt voor alle moeite tot nu toe:-))

Ik heb Combofix verwijderd Daarna terug gedownload via link 1, wat niet lukte --> melding: Combofix wordt niet veel gedownload en is mogelijk schadelijk voor uw computer (Nochtans heb ik mijn antivirusprogramma verwijderd) Daarna via link 2 gedownload, maar ik krijg weer geen logje

Ik heb TrenMicro uitgeschakeld voor Combofix en het logje lukte niet. Daarna heb ik TrenMicro verwijderd --> nog steeds geen logje. Pc gaat nu wel veel sneller. Maar ik kreeg Combofix niet geïnstalleerd via link 1. Via link 2 is dit wel gelukt. Moet ik Combofix misschien verwijderen en terug installeren?

nee, niet te vinden, ik heb "combofix.txt" ingetikt bij "programma's en bestanden zoeken" en er werd niets gevonden

Ook als ik in de veilige modus start voert Combofix wel een scan uit, maar er wordt geen logje gemaakt achteraf.

- Ik heb de opdracht met combofix uitgevoerd maar er komt helemaal geen logje; combofix wordt meteen afgesloten. - Ook is het niet gelukt om het service pack 1 voor windows 7 te installeren. Na installatie krijg ik volgende foutmelding: Fout 0x800f0a12 Ik heb dan de suggesties opgevolgd van volgende website Fout bij de installatie van Windows 7 en Windows Server 2008 R2 Service Pack 1 (SP1): 0x800F0A12 Maar dan lukt het nog steeds niet. Er is geen speciale reden waarom ik het service pack 1 voor windows 7 nog niet geinstalleerd heb. Wel had ik een virus op mijn laptop (+/- 2 maanden geleden) na het openen van een e-mail. Daarna heb ik een antivirus programma gedownload, het virus werd verwijderd maar ook al mijn programma's en documenten. Daarna heb ik systeemherstel uitgevoerd. Waarna mijn programma's terug werkten maar mijn documenten zijn verdwenen. Het probleem met secure.bidvertiser.com is er eigenlijk sindsdien. Ook kan ik mijn laptop niet normaal afsluiten --> altijd via "Afsluiten forceren" omdat er nog een programma open zou zijn, wat volgens mij niet zo is.

De Fix met HijackThis lukt niet De 2 regels blijven erin staan. Als ik Hijack This opstart krijg ik ook steeds het volgende: "For some reason your system denied write access tot the Host file. If any hijacked domains are in the file Hijack This may Not be able to fix this. If that happens you need to edit the file yourself. To do this click Start Run and type notepad C:\Windows\System 32\drivers\etc\hosts and press Enter Find the lines Hijack This reports and delet them Save the file as "hosts" (with quotes) and reboot Zie hieronder terug het logje van Hijack This Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:15:45, on 2/03/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\dell\DBRM\Reminder\DbrmTrayicon.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.6.0_22\bin\jp2ssv.dll O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe O4 - HKLM\..\Run: [FreeFallProtection] C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 O4 - HKLM\..\Run: [RemoteControl9] "c:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "c:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [DBRMTray] C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" O4 - HKLM\..\Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL "" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O9 - Extra button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\aestsrv.exe O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: FF Install Filter Service (InstallFilterService) - Unknown owner - C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- End of file - 9677 bytes

MBAM logje Malwarebytes Anti-Malware (-evaluatieversie-) 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.03.01.07 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 Pela :: PELA-PC [administrator] Realtime bescherming: Uitgeschakeld 1/03/2012 22:40:04 mbam-log-2012-03-01 (22-40-04).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 174731 Verstreken tijd: 8 minuut/minuten, 46 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Hijack This logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:53:33, on 1/03/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\dell\DBRM\Reminder\DbrmTrayicon.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.6.0_22\bin\jp2ssv.dll O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe O4 - HKLM\..\Run: [FreeFallProtection] C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 O4 - HKLM\..\Run: [RemoteControl9] "c:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "c:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [DBRMTray] C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" O4 - HKLM\..\Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL "" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O9 - Extra button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\aestsrv.exe O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: FF Install Filter Service (InstallFilterService) - Unknown owner - C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- End of file - 9953 bytes ---------- Post toegevoegd om 23:03 ---------- Vorige post was om 22:54 ---------- Malwarebytes Anti-Malware heeft niets gedetecteerd maar secure.bidvertiser verschijnt nog steeds

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:31:20, on 1/03/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\dell\DBRM\Reminder\DbrmTrayicon.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\Windows\system32\taskhost.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\taskeng.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - (no file) R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.6.0_22\bin\jp2ssv.dll O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe O4 - HKLM\..\Run: [FreeFallProtection] C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 O4 - HKLM\..\Run: [RemoteControl9] "c:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "c:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [DBRMTray] C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" O4 - HKLM\..\Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL "" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O9 - Extra button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\aestsrv.exe O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: FF Install Filter Service (InstallFilterService) - Unknown owner - C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- End of file - 10190 bytes

Hallo, Ik heb hetzelfde probleem als in het forum op http://www.pc-helpforum.be/f201/virus-spyware-google-34188/ Als ik iets zoek in google en dan op de link klik word ik doorgelinkt naar een datingsite of een spelletjessite, of een site waar ze internet tv aanbieden In de adresbalk komt dan ook http://secure.bidvertiser.com/... Hoe geraak ik hier vanaf?