Snarfyboy

30 juli 2012

Hij vind niks meer.

top bedankt!

28 juli 2012

Kape,

Bedankt, volgens mij is hij er vanaf.

heb toch even het logbestand gekopieerd.

zitten er nog bijzonderheden tussen dat je kan zien?

ComboFix 12-07-27.03 - Frans den Hoedt 28-07-2012 11:54:51.1.4 - x86

Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.2046.1271 [GMT 2:00]

Gestart vanuit: c:\users\Frans den Hoedt\Downloads\ComboFix.exe

AV: AVG Anti-Virus 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: AVG Anti-Virus 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\programdata\Amazon.ico

c:\programdata\MercadoLivre.ico

c:\windows\Installer\{5fecd64e-dce5-3524-9709-4ef8a7f6c9cb}\@

c:\windows\Installer\{5fecd64e-dce5-3524-9709-4ef8a7f6c9cb}\U\00000001.@

c:\windows\Installer\{5fecd64e-dce5-3524-9709-4ef8a7f6c9cb}\U\80000000.@

c:\windows\Installer\{5fecd64e-dce5-3524-9709-4ef8a7f6c9cb}\U\800000cb.@

.

Besmet exemplaar van c:\windows\system32\services.exe werd aangetroffen en gedesinfecteerd

Hersteld exemplaar van - c:\32788r22fwjfw\HarddiskVolumeShadowCopy5_!Windows!System32!services.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-28 to 2012-07-28 ))))))))))))))))))))))))))))))

.

2012-07-28 10:03 . 2012-07-28 10:06 -------- d-----w- c:\users\Frans den Hoedt\AppData\Local\temp

2012-07-28 10:03 . 2012-07-28 10:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-07-28 10:03 . 2012-07-28 10:03 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-07-28 00:15 . 2012-07-28 00:15 388096 ----a-r- c:\users\Frans den Hoedt\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-07-28 00:15 . 2012-07-28 00:15 -------- d-----w- c:\program files\Trend Micro

2012-07-27 23:18 . 2012-07-27 23:18 -------- d-----w- C:\$AVG

2012-07-27 23:04 . 2012-07-27 23:04 -------- d-----w- c:\users\Frans den Hoedt\AppData\Roaming\AVG2012

2012-07-27 23:03 . 2012-07-27 23:27 -------- d-----w- c:\programdata\AVG Secure Search

2012-07-27 23:03 . 2012-07-27 23:03 -------- d-----w- c:\program files\AVG Secure Search

2012-07-27 23:03 . 2012-07-27 23:03 -------- d-----w- c:\program files\Common Files\AVG Secure Search

2012-07-27 23:02 . 2012-07-28 09:30 -------- d-----w- c:\windows\system32\drivers\AVG

2012-07-27 23:02 . 2012-07-27 23:46 -------- d-----w- c:\programdata\AVG2012

2012-07-27 23:02 . 2012-07-27 23:02 -------- d-----w- c:\program files\AVG

2012-07-27 22:59 . 2012-07-27 22:59 -------- d--h--w- c:\programdata\Common Files

2012-07-27 22:59 . 2012-07-28 09:31 -------- d-----w- c:\programdata\MFAData

2012-07-27 21:39 . 2012-07-27 21:39 -------- d-----w- C:\Temp

2012-07-27 21:38 . 2012-07-27 22:56 -------- d-----w- c:\users\Frans den Hoedt\AppData\Local\Samsung

2012-07-27 21:38 . 2012-07-27 21:38 -------- d-----w- c:\users\Frans den Hoedt\AppData\Roaming\Samsung

2012-07-27 21:37 . 2012-06-04 07:59 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys

2012-07-27 21:37 . 2012-06-04 07:59 80824 ----a-w- c:\windows\system32\drivers\ssudbus.sys

2012-07-27 21:35 . 2012-06-26 14:03 4659712 ----a-w- c:\windows\system32\Redemption.dll

2012-07-27 21:35 . 2012-07-27 22:56 -------- d-----w- c:\program files\MarkAny

2012-07-27 21:35 . 2012-06-26 14:02 821824 ----a-w- c:\windows\system32\dgderapi.dll

2012-07-27 21:34 . 2012-07-27 21:35 -------- d-----w- c:\program files\Samsung

2012-07-27 21:34 . 2012-07-27 21:35 -------- d-----w- c:\programdata\Samsung

2012-07-27 21:30 . 2012-07-27 21:30 -------- d-----w- c:\users\Frans den Hoedt\AppData\Local\Downloaded Installations

2012-07-27 16:32 . 2012-07-27 16:32 -------- d-----w- c:\program files\iPod

2012-07-27 16:32 . 2012-07-27 16:33 -------- d-----w- c:\program files\iTunes

2012-07-23 19:45 . 2012-07-23 19:45 -------- d-sh--w- c:\windows\system32\%APPDATA%

2012-07-23 15:41 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2BF5D319-BB5C-4C77-89AE-CA326CE04F8F}\mpengine.dll

2012-07-17 18:02 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-07-10 20:09 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-07-04 15:48 . 2012-02-13 17:00 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{01DB0D9C-EDEC-4EB2-ACE6-E0932EF85825}\gapaengine.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-27 16:43 . 2012-04-04 16:03 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-27 16:43 . 2011-05-14 00:31 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-26 14:02 . 2012-06-26 14:02 90112 ----a-w- c:\windows\MAMCityDownload.ocx

2012-06-26 14:02 . 2012-06-26 14:02 330240 ----a-w- c:\windows\MASetupCaller.dll

2012-06-26 14:02 . 2012-06-26 14:02 30568 ----a-w- c:\windows\MusiccityDownload.exe

2012-06-26 14:02 . 2012-06-26 14:02 974848 ----a-w- c:\windows\system32\cis-2.4.dll

2012-06-26 14:02 . 2012-06-26 14:02 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll

2012-06-26 14:02 . 2012-06-26 14:02 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll

2012-06-26 14:02 . 2012-06-26 14:02 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll

2012-06-26 14:02 . 2012-06-26 14:02 57344 ----a-w- c:\windows\system32\MK_Lyric.dll

2012-06-26 14:02 . 2012-06-26 14:02 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll

2012-06-26 14:02 . 2012-06-26 14:02 569344 ----a-w- c:\windows\system32\muzdecode.ax

2012-06-26 14:02 . 2012-06-26 14:02 491520 ----a-w- c:\windows\system32\muzapp.dll

2012-06-26 14:02 . 2012-06-26 14:02 49152 ----a-w- c:\windows\system32\MaJGUILib.dll

2012-06-26 14:02 . 2012-06-26 14:02 45320 ----a-w- c:\windows\system32\MAMACExtract.dll

2012-06-26 14:02 . 2012-06-26 14:02 45056 ----a-w- c:\windows\system32\MaXMLProto.dll

2012-06-26 14:02 . 2012-06-26 14:02 45056 ----a-w- c:\windows\system32\MACXMLProto.dll

2012-06-26 14:02 . 2012-06-26 14:02 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll

2012-06-26 14:02 . 2012-06-26 14:02 352256 ----a-w- c:\windows\system32\MSLUR71.dll

2012-06-26 14:02 . 2012-06-26 14:02 258048 ----a-w- c:\windows\system32\muzoggsp.ax

2012-06-26 14:02 . 2012-06-26 14:02 245760 ----a-w- c:\windows\system32\MSCLib.dll

2012-06-26 14:02 . 2012-06-26 14:02 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe

2012-06-26 14:02 . 2012-06-26 14:02 200704 ----a-w- c:\windows\system32\muzwmts.dll

2012-06-26 14:02 . 2012-06-26 14:02 172032 ----a-w- c:\windows\system32\muzapp.exe

2012-06-26 14:02 . 2012-06-26 14:02 155648 ----a-w- c:\windows\system32\MSFLib.dll

2012-06-26 14:02 . 2012-06-26 14:02 143360 ----a-w- c:\windows\system32\3DAudio.ax

2012-06-26 14:02 . 2012-06-26 14:02 135168 ----a-w- c:\windows\system32\muzaf1.dll

2012-06-26 14:02 . 2012-06-26 14:02 131072 ----a-w- c:\windows\system32\muzmpgsp.ax

2012-06-26 14:02 . 2012-06-26 14:02 122880 ----a-w- c:\windows\system32\muzeffect.ax

2012-06-26 14:02 . 2012-06-26 14:02 118784 ----a-w- c:\windows\system32\MaDRM.dll

2012-06-26 14:02 . 2012-06-26 14:02 110592 ----a-w- c:\windows\system32\muzmp4sp.ax

2012-06-02 22:19 . 2012-06-21 14:26 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-21 14:26 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-21 14:26 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-21 14:26 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:19 . 2012-06-21 14:26 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:12 . 2012-06-21 14:26 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:12 . 2012-06-21 14:26 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-06-21 14:26 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:12 . 2012-06-21 14:26 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-05-01 04:44 . 2012-06-19 16:23 164352 ----a-w- c:\windows\system32\profsvc.dll

2011-06-09 10:03 . 2011-07-27 12:26 143240 ----a-w- c:\program files\Common Files\ApnStub.exe

2010-01-26 09:11 . 2011-05-06 18:33 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe

2012-06-20 17:36 . 2011-03-24 20:01 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-07-27 23:03 1811296 ----a-w- c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-07-27 1811296]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"P17RunE"="P17RunE.dll" [2008-03-28 14848]

"SPC500NC_Monitor"="c:\windows\Philips\SPC500NC\Monitor.exe" [2006-11-03 319488]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]

"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-07-27 939872]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2012-06-07 17:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]

2012-07-16 11:24 21432 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]

2012-07-16 11:23 975800 ----a-w- c:\program files\Samsung\Kies\Kies.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]

2012-07-16 11:23 3524536 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]

2012-07-27 21:26 1193176 ----a-w- c:\program files\Spotify\Data\SpotifyWebHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

R0 ElbyVCD;ElbyVCD;c:\windows\system32\DRIVERS\ElbyVCD.sys [x]

R1 MpKsl0032d3ca;MpKsl0032d3ca;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5513944E-71E9-47EC-B3D8-72F842A02434}\MpKsl0032d3ca.sys [x]

R1 MpKsl007c5f40;MpKsl007c5f40;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{609EDC06-5054-4C56-8AF1-EDD9F6A944CE}\MpKsl007c5f40.sys [x]

R1 MpKsl06311cf3;MpKsl06311cf3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6D856812-FA6F-4862-8387-EF565E32C6A6}\MpKsl06311cf3.sys [x]

R1 MpKsl0897f2b9;MpKsl0897f2b9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ECA8518F-D7A4-4077-8713-66120E35262A}\MpKsl0897f2b9.sys [x]

R1 MpKsl0a7b226d;MpKsl0a7b226d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CD440D6-1FEA-4F33-BD28-833DDF0E97C7}\MpKsl0a7b226d.sys [x]

R1 MpKsl0ef6d29e;MpKsl0ef6d29e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27193409-7D00-425A-8DC7-1357C3FF8B70}\MpKsl0ef6d29e.sys [x]

R1 MpKsl0f172eea;MpKsl0f172eea;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F1F8284-4A0B-4218-BF6B-DA65D9B8544F}\MpKsl0f172eea.sys [x]

R1 MpKsl0fdc280f;MpKsl0fdc280f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DC5CCFC1-C679-4226-AD59-49890A45D953}\MpKsl0fdc280f.sys [x]

R1 MpKsl14595918;MpKsl14595918;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FE47E76E-D410-4249-9B24-74DDC4BEB45D}\MpKsl14595918.sys [x]

R1 MpKsl169151a3;MpKsl169151a3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3EA00DF1-A5EB-40F7-B73B-8B353B973193}\MpKsl169151a3.sys [x]

R1 MpKsl17066fbd;MpKsl17066fbd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3C82427C-283E-49D1-97F7-0FD04B9D35E6}\MpKsl17066fbd.sys [x]

R1 MpKsl187ca231;MpKsl187ca231;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E7AC00E8-F3FA-4CD6-9C39-CA684A5D06F5}\MpKsl187ca231.sys [x]

R1 MpKsl1ee53307;MpKsl1ee53307;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{977DCA4D-D0F9-45BF-802E-123617BDA4F3}\MpKsl1ee53307.sys [x]

R1 MpKsl20d320b0;MpKsl20d320b0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{26675D0C-2DBD-4579-8176-101CDD7EB0BE}\MpKsl20d320b0.sys [x]

R1 MpKsl230fe61e;MpKsl230fe61e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{960E529F-985D-4B05-80FA-61095A8C4C32}\MpKsl230fe61e.sys [x]

R1 MpKsl235f0382;MpKsl235f0382;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{31F2FC45-63A7-482A-AE1A-9FB1A0B960AC}\MpKsl235f0382.sys [x]

R1 MpKsl28467d61;MpKsl28467d61;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3655FC3A-41B6-40DF-9BA3-C897CD1ACEE7}\MpKsl28467d61.sys [x]

R1 MpKsl297ab8ec;MpKsl297ab8ec;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A2FD0D0-C94F-4375-8E2C-8B64F04A1CFA}\MpKsl297ab8ec.sys [x]

R1 MpKsl2bd68102;MpKsl2bd68102;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DF2C9347-F467-4296-B7E7-DFC469894094}\MpKsl2bd68102.sys [x]

R1 MpKsl3b0ca987;MpKsl3b0ca987;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA561FB0-B5F3-468A-8828-5BA8D49537BA}\MpKsl3b0ca987.sys [x]

R1 MpKsl3dfd5438;MpKsl3dfd5438;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{59634699-EC1B-4B13-9EB4-5757D63D38C6}\MpKsl3dfd5438.sys [x]

R1 MpKsl3eee5d8d;MpKsl3eee5d8d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A10F4618-78A1-417A-8121-43CAF018A044}\MpKsl3eee5d8d.sys [x]

R1 MpKsl43f68938;MpKsl43f68938;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DC5CCFC1-C679-4226-AD59-49890A45D953}\MpKsl43f68938.sys [x]

R1 MpKsl49bbc9a5;MpKsl49bbc9a5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E8A4F03C-7DBD-425C-8E43-D61557ACBA6F}\MpKsl49bbc9a5.sys [x]

R1 MpKsl4ab5a3ea;MpKsl4ab5a3ea;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C7FB8B15-5530-48C2-877D-63908C5AD2BD}\MpKsl4ab5a3ea.sys [x]

R1 MpKsl51249803;MpKsl51249803;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{93F71F65-C160-4E29-8B24-F76482BA6075}\MpKsl51249803.sys [x]

R1 MpKsl52200d8e;MpKsl52200d8e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B295E763-25A4-470F-B563-7D7043D3848E}\MpKsl52200d8e.sys [x]

R1 MpKsl52b18e05;MpKsl52b18e05;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{72FD88D3-1300-444C-AD84-45EB79DEE8D7}\MpKsl52b18e05.sys [x]

R1 MpKsl559700cf;MpKsl559700cf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA0C8AEB-F404-4556-BDAF-F9A4D34FC312}\MpKsl559700cf.sys [x]

R1 MpKsl559999b2;MpKsl559999b2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BCD12157-C511-47BA-B847-6F2A737E769D}\MpKsl559999b2.sys [x]

R1 MpKsl57ee7fb7;MpKsl57ee7fb7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61D57DD3-8753-4703-AACC-9846B236EA20}\MpKsl57ee7fb7.sys [x]

R1 MpKsl5812b290;MpKsl5812b290;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABD2B0AE-D457-40D7-9684-EED6BB6B15C0}\MpKsl5812b290.sys [x]

R1 MpKsl5c603428;MpKsl5c603428;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49D1DE86-B364-4C86-869F-06996174B794}\MpKsl5c603428.sys [x]

R1 MpKsl64dde1c4;MpKsl64dde1c4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{312FC048-E414-47C7-9E1F-ABD3D17FE63F}\MpKsl64dde1c4.sys [x]

R1 MpKsl6711d14a;MpKsl6711d14a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C7FB8B15-5530-48C2-877D-63908C5AD2BD}\MpKsl6711d14a.sys [x]

R1 MpKsl69db0ae1;MpKsl69db0ae1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5AC92503-60BF-4285-AA48-3142E4F6E23F}\MpKsl69db0ae1.sys [x]

R1 MpKsl6a48d2e6;MpKsl6a48d2e6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E1B4A0D5-58F6-4500-BCB9-D05EE589707E}\MpKsl6a48d2e6.sys [x]

R1 MpKsl6f7d0168;MpKsl6f7d0168;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27193409-7D00-425A-8DC7-1357C3FF8B70}\MpKsl6f7d0168.sys [x]

R1 MpKsl7032f7d8;MpKsl7032f7d8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3111EC53-E5F4-4163-8F51-4A2945AFC402}\MpKsl7032f7d8.sys [x]

R1 MpKsl70ba4150;MpKsl70ba4150;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{01439D6B-3003-4FDC-9CB0-30AEA59415D8}\MpKsl70ba4150.sys [x]

R1 MpKsl73064b0f;MpKsl73064b0f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{72FD88D3-1300-444C-AD84-45EB79DEE8D7}\MpKsl73064b0f.sys [x]

R1 MpKsl7467e69d;MpKsl7467e69d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CCDC233C-09FA-4CB2-9967-8AC669528226}\MpKsl7467e69d.sys [x]

R1 MpKsl74e42d40;MpKsl74e42d40;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F1C774C6-3E92-4028-9570-6280E5FB96B6}\MpKsl74e42d40.sys [x]

R1 MpKsl7e60954d;MpKsl7e60954d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3111EC53-E5F4-4163-8F51-4A2945AFC402}\MpKsl7e60954d.sys [x]

R1 MpKsl7fec24a8;MpKsl7fec24a8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A1E9D6E4-B0BF-45DC-8714-005F76AC24E3}\MpKsl7fec24a8.sys [x]

R1 MpKsl8716f645;MpKsl8716f645;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9DB5BD0E-8DD6-4BBD-B13D-DF7FDF03BFA3}\MpKsl8716f645.sys [x]

R1 MpKsl88e9cef1;MpKsl88e9cef1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{88537732-CB0E-4224-9212-11C839504FF9}\MpKsl88e9cef1.sys [x]

R1 MpKsl8a2d9af6;MpKsl8a2d9af6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27193409-7D00-425A-8DC7-1357C3FF8B70}\MpKsl8a2d9af6.sys [x]

R1 MpKsl8d23fcf9;MpKsl8d23fcf9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{78BB7497-BD82-4847-B007-AAD9352E1A36}\MpKsl8d23fcf9.sys [x]

R1 MpKsl95baa29a;MpKsl95baa29a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B876DC1F-33AD-4FB5-AF0B-50EBCDBE777F}\MpKsl95baa29a.sys [x]

R1 MpKsl96463115;MpKsl96463115;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F7920119-B3FE-4999-806D-B70B73761C5C}\MpKsl96463115.sys [x]

R1 MpKsla20622d2;MpKsla20622d2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B9AE8670-3B62-4ACD-A35B-33D044AE48BB}\MpKsla20622d2.sys [x]

R1 MpKsla5c1326f;MpKsla5c1326f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{52AAF0A9-3FA6-49EC-BCE2-C9C8EB7830DA}\MpKsla5c1326f.sys [x]

R1 MpKsla66b46fb;MpKsla66b46fb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D2D81DC1-12DC-40D0-BD17-B0D53CAAACF5}\MpKsla66b46fb.sys [x]

R1 MpKsla7609033;MpKsla7609033;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA5DAFA5-575E-40C4-8ADA-471D25A58073}\MpKsla7609033.sys [x]

R1 MpKslb40bed02;MpKslb40bed02;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2D5A4D8A-7205-49E9-BE21-7104DD16B5AE}\MpKslb40bed02.sys [x]

R1 MpKslb6587e5f;MpKslb6587e5f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{59634699-EC1B-4B13-9EB4-5757D63D38C6}\MpKslb6587e5f.sys [x]

R1 MpKslb779fdcb;MpKslb779fdcb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{41C77235-609B-46CA-BCFA-1B0277247D8A}\MpKslb779fdcb.sys [x]

R1 MpKslc144f9c4;MpKslc144f9c4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E63C813C-4326-4664-987C-E426B7CE62AC}\MpKslc144f9c4.sys [x]

R1 MpKslc411f35b;MpKslc411f35b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A2FD0D0-C94F-4375-8E2C-8B64F04A1CFA}\MpKslc411f35b.sys [x]

R1 MpKslcb88134b;MpKslcb88134b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{31F2FC45-63A7-482A-AE1A-9FB1A0B960AC}\MpKslcb88134b.sys [x]

R1 MpKslce8e7a81;MpKslce8e7a81;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{52AAF0A9-3FA6-49EC-BCE2-C9C8EB7830DA}\MpKslce8e7a81.sys [x]

R1 MpKsld1fa9a48;MpKsld1fa9a48;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{26675D0C-2DBD-4579-8176-101CDD7EB0BE}\MpKsld1fa9a48.sys [x]

R1 MpKsld7250ec0;MpKsld7250ec0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F1C774C6-3E92-4028-9570-6280E5FB96B6}\MpKsld7250ec0.sys [x]

R1 MpKsldf53bdeb;MpKsldf53bdeb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6D856812-FA6F-4862-8387-EF565E32C6A6}\MpKsldf53bdeb.sys [x]

R1 MpKsle1e5f901;MpKsle1e5f901;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2D5A4D8A-7205-49E9-BE21-7104DD16B5AE}\MpKsle1e5f901.sys [x]

R1 MpKsle3aaf291;MpKsle3aaf291;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{88537732-CB0E-4224-9212-11C839504FF9}\MpKsle3aaf291.sys [x]

R1 MpKsle588d67a;MpKsle588d67a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49D1DE86-B364-4C86-869F-06996174B794}\MpKsle588d67a.sys [x]

R1 MpKsle5a5b549;MpKsle5a5b549;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9DB5BD0E-8DD6-4BBD-B13D-DF7FDF03BFA3}\MpKsle5a5b549.sys [x]

R1 MpKsle5d10605;MpKsle5d10605;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D37436D5-DEF7-43CB-AEC1-880E7ED3272B}\MpKsle5d10605.sys [x]

R1 MpKsle9312907;MpKsle9312907;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A1CCD78E-83F1-4F89-94FA-83719FB70372}\MpKsle9312907.sys [x]

R1 MpKsleb9d2d15;MpKsleb9d2d15;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B417A030-331A-4B45-A90A-B0D16B80E9C0}\MpKsleb9d2d15.sys [x]

R1 MpKslebf9453e;MpKslebf9453e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0FC84575-C309-4DE2-B5CC-226119BB1C1F}\MpKslebf9453e.sys [x]

R1 MpKsled20dea0;MpKsled20dea0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6D856812-FA6F-4862-8387-EF565E32C6A6}\MpKsled20dea0.sys [x]

R1 MpKslf2777e28;MpKslf2777e28;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3111EC53-E5F4-4163-8F51-4A2945AFC402}\MpKslf2777e28.sys [x]

R1 MpKslf55c3445;MpKslf55c3445;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EBAC727A-FB91-4335-A920-55F5D2ED21F0}\MpKslf55c3445.sys [x]

R1 MpKslf90846de;MpKslf90846de;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABD2B0AE-D457-40D7-9684-EED6BB6B15C0}\MpKslf90846de.sys [x]

R1 MpKslfa633d53;MpKslfa633d53;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CD440D6-1FEA-4F33-BD28-833DDF0E97C7}\MpKslfa633d53.sys [x]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]

R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [x]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]

R4 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [x]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]

S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]

S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]

S3 Ph3xIB32;Philips 713x VU PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]

S3 SPC500NC;Philips SPC500NC Webcam;c:\windows\system32\DRIVERS\SPC500NC.SYS [x]

.

Inhoud van de 'Gedeelde Taken' map

.

2012-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 16:43]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://google.nl/

mStart Page = hxxp://nl.woofi.info

uInternet Settings,ProxyOverride = *.local

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 62.179.104.196 213.46.228.196

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll

FF - ProfilePath - c:\users\Frans den Hoedt\AppData\Roaming\Mozilla\Firefox\Profiles\9ng8d4u0.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B42e9cc5e-7d69-47ab-8b25-3ae2a0407973%7D&mid=e22ea4d4ce4547d0bf15d1530ba99584-f2de9f68bb51252802dcfda3d7e3ad66ba1613e3&ds=AVG&v=10.0.0.7〈=nl&pr=pr&d=2012-07-28%2001%3A03%3A21&sap=ku&q=

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS VERWIJDERD - - - -

.

HKCU-Run-ISUSPM - c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe

SafeBoot-MsMpSvc

MSConfigStartUp-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe

AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe

AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe

AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe

AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe

AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe

AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe

AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe

AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe

AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe

AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe

AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe

AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe

AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe

AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe

AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe

AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe

AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe

AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe

AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\nvvsvc.exe

c:\program files\Creative\Shared Files\CTAudSvc.exe

c:\program files\NVIDIA Corporation\Display\nvxdsync.exe

c:\windows\system32\nvvsvc.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\taskhost.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\conhost.exe

c:\windows\System32\rundll32.exe

c:\windows\system32\WUDFHost.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\windows\system32\DllHost.exe

c:\windows\system32\sppsvc.exe

.

**************************************************************************

.

Voltooingstijd: 2012-07-28 12:11:26 - machine werd herstart

ComboFix-quarantined-files.txt 2012-07-28 10:11

.

Pre-Run: 189.714.059.264 bytes beschikbaar

Post-Run: 189.641.936.896 bytes beschikbaar

.

- - End Of File - - D4BA3770B2840E52270EA9FFE59D2BCC

28 juli 2012

Goededag,

Mijn computer kon ik niet meer update en toen heb ik een scan uitgevoerd van AVG.

daar kwamen 5 virussen uit het scanbestand tot mijn verbazing.

4 van deze zijn gerepareerd/verwijderd door de scan maar van dit Trojaans paard kom ik niet vanaf.

Op een ander forum kwam ik een zelfde probleem tegen en daar werd iemand stap voor stap duidelijk geholpen na een scan die hij moest maken met het programma Hijjackthis.

Ik heb gelijk ook even een scan gemaakt en hoop dat iemand mij kan helpen tegen dit virus.

Zie hieronder en alvast bedankt voor de moeite!

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 2:18:57, on 28-7-2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16447)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\rundll32.exe

C:\Windows\Philips\SPC500NC\Monitor.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Program Files\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files\Samsung\Kies\Kies.exe

C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

Eazel search

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

Eazel search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

Eazel search

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry

O4 - HKLM\..\Run: [sPC500NC_Monitor] C:\Windows\Philips\SPC500NC\Monitor.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Program Files\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-1476420548-3530872497-1026628333-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-1476420548-3530872497-1026628333-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)

O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe

--

End of file - 9720 bytes

Inloggen

Snarfyboy

Items

Registratiedatum

Laatst bezocht

Inhoudstype

Profielen

Forums

Store

Berichten die geplaatst zijn door Snarfyboy

C:\Windows\System32\services.exe - Trojaans paard Patched_c.LYU

C:\Windows\System32\services.exe - Trojaans paard Patched_c.LYU

C:\Windows\System32\services.exe - Trojaans paard Patched_c.LYU

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie