OmkePom

Tis me al gelukt, Op mijn XPsp2 Schijf staat een toolkit, ACT20 Deze heb ik gedraaid en toen was het goed

Bij het Updaten van Windows krijg ik de volgende melding, De website heeft een fout geconstateerd en kan de gevraagde pagina niet weergeven. De onderstaande bronnen kunnen u wellicht helpen het probleem op te lossen: Foutnummer: 0x8007041D Google gebruikt maar blijkbaar moet er een duur Scan programma gebruikt worden om dit probleem te Fixen. Hoe dan ook Microsoft heeft zijn huid weer duur verkocht! Ik gebruik overigens XP 100% legaal Wie kan mij helpen om dit Update probleem zonder installatie van een duur Scan progje te installeren ?

Hoi, daar ben ik weer eens! De titel zegt het al, Als ik Utorrent gebruik, gaat het een tijdje goed maar dan opeens loopt Utorrent vast en geeft hij aan dat hij een DDL conflict heeft met een DDL van een ander programma. De melding geeft niet aan welk DDL of van welk programma het is. Utorrent is dan vastgelopen en er zit niks anders op dan opnieuw opstarten van de computer wil ik Utorrent weer gebruiken, gek genoeg kan je geen foutmeldingsrapport sturen. Zolang ik Utorrent op de achtergrond heb draaien is er niks aan de hand komt de melding ook niet. Melding komt ook niet altijd en ik weet dus ook niet wanneer het goed gaat en hoe lang. Als ik nu wist wat het conflict is en met wat, was het mogelijk makkelijker op te lossen! Wie weet raad ? - - - Updated - - - Dir is het bericht, Er is software op deze computer geinstalleerd dat ervoor zorgt dat Utorrent niet juist werkt. Dit wordt mogelijk veroorzaakt door de volgende DLL's DDL moet dus DLL zijn

Heb je maar PB gestuurd, mijn site hier noemen vind ik ongepast!

Gelukt!! Dikke Pluim !!! Uit dank zal ik jullie forum benoemen op mijn forum-site als ze hulp nodig blijken te hebben op PC gebied. (uiteraard met goedkeuring van jullie) Nogmaals mijn dank is groot!!!!!

WOW, tot zover gelukt ben van dat *** MyStart Tabblad af. Alleen krijg nu "Firefox kan de server op browser.newtab.url niet vinden" als ik nieuw tabblad aanvraag. Wil dat hier Google.nl komt. Hoe realiseer ik dit?

Onder Incredibar. niks gevonden! Onder MyStart iets gevonden, verwijderd maar geen resultaat. Ook niet na herstart PC of FireFox!

Oké gevonden, het zijn verborgen mappen dus kon ze niet zien. Inmiddels beide verwijderd maar geen gewenst resultaat ook niet na herstart van PC en FireFox!

Ja dat begrijp ik maar waar moet ik naar kijken/zoeken de bovengenoemde mappen bestaan niet en verder kan ik geen "verdachte mappen" vinden?

Ik begrijp je niet, wat bedoel je precies?

Deze mappen heb ik niet/kan ik niet vinden! Ook niet met de zoekfunctie!

Zover als ik (leek) op dit gebied kan zien heb ik geen "verdachte Plug-ins" heb ze allemaal uitgeschakeld maar geen resultaat. Ook niet na herstart PC en FireFox.

Ja FireFox ! In IE heb ik geen problemen, maar die gebruik ik niet ivm mijn WebSite.

Done! Maar geen verbetering.

Die is er nog steeds als ik een nieuw Tabblad open

Oké dat proces duurde heel lang, (meer dan 1uur) ComboFix gaf aan dat mijn virus programma (Ad-Aware Antivirus) op de achtergrond actief was terwijl ik hem uit de automatisch opstarten had uitgezet, mogelijk was dat de oorzaak ( hem uitzetten op verzoek van ComboFix kon ik dus niet) Logfile2 ComboFix, ComboFix 12-08-09.01 - Administrator 10-08-2012 12:35:46.6.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2015.1282 [GMT 2:00] Gestart vanuit: d:\documents and settings\Administrator\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: d:\documents and settings\Administrator\Bureaublad\CFScript.txt AV: Lavasoft Ad-Aware *Enabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C} FW: Lavasoft Ad-Aware *Disabled* {FF1CD5B7-1553-4625-A258-1775385CED33} FW: Sygate Personal Firewall *Enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} . FILE :: "D:\user.js" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . d:\documents and settings\All Users\Application Data\InstallMate d:\documents and settings\All Users\Application Data\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\_Setup.dll d:\documents and settings\All Users\Application Data\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\_Setupx.dll d:\documents and settings\All Users\Application Data\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\20120726140020.log d:\documents and settings\All Users\Application Data\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\Setup.dat d:\documents and settings\All Users\Application Data\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\Setup.exe d:\documents and settings\All Users\Application Data\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\Setup.ico d:\documents and settings\All Users\Application Data\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\TsuDll.dll d:\program files\Web Assistant d:\program files\Web Assistant\ExtensionUpdaterService.exe d:\program files\Web Assistant\Firefox\chrome.manifest d:\program files\Web Assistant\Firefox\chrome\content\libraries\DataExchangeScript.js d:\program files\Web Assistant\Firefox\chrome\content\main.js d:\program files\Web Assistant\Firefox\chrome\content\main.xul d:\program files\Web Assistant\Firefox\chrome\content\resources\localscript.js d:\program files\Web Assistant\Firefox\chrome\locale\en-US\overlay.dtd d:\program files\Web Assistant\Firefox\chrome\skin\overlay.css d:\program files\Web Assistant\Firefox\defaults\preferences\defaults.js d:\program files\Web Assistant\Firefox\install.rdf d:\program files\Web Assistant\InstallerHelper.dll d:\program files\Web Assistant\libraries\DataExchangeScript.js d:\program files\Web Assistant\resources\localscript.js d:\program files\Web Assistant\source.crx d:\program files\Web Assistant\unins000.dat d:\program files\Web Assistant\unins000.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-10 to 2012-08-10 )))))))))))))))))))))))))))))) . . 2012-08-09 19:44 . 2012-08-09 19:44 -------- d-----w- d:\documents and settings\All Users\Application Data\Ad-Aware Antivirus 2012-08-09 12:42 . 2012-08-09 12:43 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware 2012-08-09 12:42 . 2012-07-03 11:46 22344 ----a-w- d:\windows\system32\drivers\mbam.sys 2012-08-08 09:24 . 2012-08-08 09:24 -------- d-----w- d:\documents and settings\Administrator\Local Settings\Application Data\adaware 2012-08-08 09:24 . 2011-11-29 04:59 77816 ----a-w- d:\windows\system32\drivers\sbapifs.sys 2012-08-08 09:24 . 2011-11-29 04:59 21240 ----a-w- d:\windows\system32\drivers\sbaphd.sys 2012-08-08 09:24 . 2012-08-08 09:24 -------- d-----w- d:\windows\system32\drivers\VDD 2012-08-08 09:24 . 2012-08-08 09:36 -------- d-----w- d:\program files\Ad-Aware Antivirus 2012-08-08 09:15 . 2012-08-08 09:15 -------- d-----w- d:\program files\uTorrent 2012-08-08 09:10 . 2004-10-15 16:32 14568 ----a-w- d:\windows\system32\drivers\wg6n.sys 2012-08-08 09:10 . 2004-10-15 16:32 14568 ----a-w- d:\windows\system32\drivers\wg5n.sys 2012-08-08 09:10 . 2004-10-15 16:32 14568 ----a-w- d:\windows\system32\drivers\wg4n.sys 2012-08-08 09:10 . 2004-10-15 16:32 14568 ----a-w- d:\windows\system32\drivers\wg3n.sys 2012-08-08 09:10 . 2004-10-15 16:18 21075 ----a-w- d:\windows\system32\drivers\wpsdrvnt.sys 2012-08-08 09:10 . 2004-10-15 16:17 60496 ----a-w- d:\windows\system32\drivers\Teefer.sys 2012-08-08 09:10 . 2004-10-15 16:32 83096 ----a-w- d:\windows\system32\SSSensor.dll 2012-08-08 09:09 . 2012-08-08 09:09 -------- d-----w- d:\program files\Sygate 2012-08-08 09:04 . 2012-08-09 14:10 -------- d-----w- d:\documents and settings\All Users\Bureaublad 2012-08-08 09:04 . 2012-08-08 09:04 -------- d-----w- d:\program files\Mozilla Maintenance Service 2012-08-08 08:53 . 2012-08-08 08:53 -------- d-----w- d:\documents and settings\All Users\Application Data\GFI Software 2012-08-07 20:40 . 2012-08-07 20:41 -------- dc-h--w- d:\windows\ie8 2012-08-07 08:22 . 2012-08-07 08:22 -------- d-----w- d:\documents and settings\LocalService\Application Data\Ad-Aware Antivirus 2012-08-07 08:12 . 2012-08-09 14:08 -------- d-----w- d:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection 2012-08-07 08:12 . 2012-08-08 08:54 -------- d-----w- d:\documents and settings\All Users\Application Data\Lavasoft 2012-08-07 08:11 . 2012-08-07 08:11 -------- d-----w- d:\documents and settings\Administrator\Local Settings\Application Data\Downloaded Installations 2012-08-07 08:10 . 2012-08-08 11:18 -------- d-----w- d:\documents and settings\Administrator\Application Data\Ad-Aware Antivirus 2012-08-01 18:11 . 2012-08-01 18:11 -------- d-----w- d:\documents and settings\Administrator\Application Data\QuickScan 2012-07-26 12:03 . 2012-07-26 12:03 -------- d-----w- d:\documents and settings\All Users\Application Data\Premium 2012-07-26 12:03 . 2012-07-26 12:03 -------- d-----w- d:\documents and settings\Administrator\Application Data\SendSpace 2012-07-26 12:02 . 2012-07-26 12:02 453 ----a-w- D:\user.js 2012-07-21 08:40 . 2012-07-21 08:40 -------- d-----w- d:\program files\FileZilla FTP Client 2012-07-11 13:53 . 2012-08-07 16:22 -------- d-----w- d:\documents and settings\Administrator\Application Data\Skype 2012-07-11 13:52 . 2012-08-07 16:22 -------- d-----w- d:\documents and settings\All Users\Application Data\Skype . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-14 09:10 . 2012-06-03 10:59 426184 ----a-w- d:\windows\system32\FlashPlayerApp.exe 2012-06-14 09:10 . 2012-01-23 19:32 70344 ----a-w- d:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-13 13:55 . 2008-04-14 21:05 1866240 ----a-w- d:\windows\system32\win32k.sys 2012-06-05 15:49 . 2008-04-14 21:32 1372672 ----a-w- d:\windows\system32\msxml6.dll 2012-06-05 15:49 . 2008-04-14 21:32 1172480 ----a-w- d:\windows\system32\msxml3.dll 2012-06-04 15:35 . 2011-12-09 17:35 210968 ----a-w- d:\windows\system32\wuweb.dll 2012-06-04 04:32 . 2008-04-14 21:32 152576 ----a-w- d:\windows\system32\schannel.dll 2012-06-02 13:19 . 2011-12-09 18:40 18456 ----a-w- d:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2011-12-09 17:35 329240 ----a-w- d:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2011-12-09 17:35 219160 ----a-w- d:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2011-12-09 18:40 45080 ----a-w- d:\windows\system32\wups2.dll 2012-06-02 13:19 . 2011-12-09 17:35 53784 ----a-w- d:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2011-12-09 17:35 35864 ----a-w- d:\windows\system32\wups.dll 2012-06-02 13:19 . 2008-04-14 21:32 97304 ----a-w- d:\windows\system32\cdm.dll 2012-06-02 13:19 . 2011-12-09 18:40 15896 ----a-w- d:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2011-12-09 18:40 15896 ----a-w- d:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2011-12-09 17:35 577048 ----a-w- d:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2011-12-09 18:40 24088 ----a-w- d:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2011-12-09 17:35 1933848 ----a-w- d:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2011-12-12 13:05 18160 ----a-w- d:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2011-12-12 13:05 275696 ----a-w- d:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2011-12-12 13:05 214256 ----a-w- d:\windows\system32\muweb.dll 2012-05-31 13:22 . 2008-04-14 21:32 602624 ----a-w- d:\windows\system32\crypt32.dll 2012-07-14 00:15 . 2012-08-08 09:04 136672 ----a-w- d:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2012-05-11 . 13D1764BA6AEDF0E8846428CAF915738 . 6007808 . . [8.00.6001.19258] . . d:\windows\SoftwareDistribution\Download\b5933ec26f643e8f8ad1fe8edc9c0851\SP3GDR\mshtml.dll [-] 2012-05-11 . F45E5701FF03719D2AC7FE1B426FCABA . 6009344 . . [8.00.6001.23345] . . d:\windows\SoftwareDistribution\Download\b5933ec26f643e8f8ad1fe8edc9c0851\SP3QFE\mshtml.dll [-] 2012-03-01 . 6E0E7C508B5060F81992D5ED0B1A5556 . 5978624 . . [8.00.6001.19222] . . d:\windows\erdnt\cache\mshtml.dll [-] 2012-03-01 . 467D9D5FB15DD88E82768C6F31A7A5D4 . 5980672 . . [8.00.6001.23318] . . d:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll [-] 2012-02-28 . D16CF6C7AFB29B7546BFD20B4E355A9D . 3108864 . . [6.00.2900.6197] . . d:\windows\SoftwareDistribution\Download\f1ba4b72adaf0e6a441cc3ca7a29e329\sp3gdr\mshtml.dll [-] 2012-02-28 . 187B5BBB711C65C7D90D89C8F01C21B9 . 3109376 . . [6.00.2900.6197] . . d:\windows\SoftwareDistribution\Download\f1ba4b72adaf0e6a441cc3ca7a29e329\sp3qfe\mshtml.dll [-] 2011-12-19 . 88C35DAE443D1813939183D4FF8A1BA3 . 3108352 . . [6.00.2900.6182] . . d:\windows\SoftwareDistribution\Download\cdc91ba1237215fbe4072aa51f33b547\sp3gdr\mshtml.dll [-] 2011-12-19 . 69485422D35F1D286BA06F72C140F376 . 3108864 . . [6.00.2900.6182] . . d:\windows\SoftwareDistribution\Download\cdc91ba1237215fbe4072aa51f33b547\sp3qfe\mshtml.dll [-] 2011-12-17 . 5C55673322584D9F5A32D0971D83858B . 5979136 . . [8.00.6001.19190] . . d:\windows\SoftwareDistribution\Download\c9f2707a00294cb13687bcaa073af62b\SP3GDR\mshtml.dll [-] 2011-12-17 . 46FE106946083872716147AD223F20C1 . 5980160 . . [8.00.6001.23286] . . d:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll [-] 2011-12-17 . 46FE106946083872716147AD223F20C1 . 5980160 . . [8.00.6001.23286] . . d:\windows\SoftwareDistribution\Download\c9f2707a00294cb13687bcaa073af62b\SP3QFE\mshtml.dll [-] 2011-11-04 . 958ECE072DA2D840BD3658A3AB708F58 . 5978112 . . [8.00.6001.19170] . . d:\windows\SoftwareDistribution\Download\607c4e82652dceecca4f889cc90a0d88\SP3GDR\mshtml.dll [-] 2011-11-04 . E43D37858B634BDE1E099E92F0202458 . 5978624 . . [8.00.6001.23266] . . d:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll [-] 2011-11-04 . E43D37858B634BDE1E099E92F0202458 . 5978624 . . [8.00.6001.23266] . . d:\windows\SoftwareDistribution\Download\607c4e82652dceecca4f889cc90a0d88\SP3QFE\mshtml.dll [-] 2011-11-03 . C26CF1A39FEBAF9D2AD70BE6ABB18A80 . 3108352 . . [6.00.2900.6169] . . d:\windows\ie8\mshtml.dll [-] 2011-11-03 . 11244F9DFE66A4E96C6D53646C2F1747 . 3108864 . . [6.00.2900.6169] . . d:\windows\$hf_mig$\KB2618444\SP3QFE\mshtml.dll [-] 2011-09-05 . 538D8FB09C46E62ED0C59A9C7B12C9BF . 3107328 . . [6.00.2900.6148] . . d:\windows\SoftwareDistribution\Download\8c75e351745ce345a9cb71e64cbac520\sp3gdr\mshtml.dll [-] 2011-09-05 . DFEC0338F440C7B1A6E16ED92CE0F8F1 . 3107840 . . [6.00.2900.6148] . . d:\windows\SoftwareDistribution\Download\8c75e351745ce345a9cb71e64cbac520\sp3qfe\mshtml.dll [-] 2011-06-27 . B3C512EB1950AD3BCF1C14C5D38A405B . 3105792 . . [6.00.2900.6129] . . d:\windows\$NtUninstallKB2618444$\mshtml.dll [-] 2011-06-27 . 796C3ABC2779096E1B1255ED920AE11A . 3106304 . . [6.00.2900.6129] . . d:\windows\$hf_mig$\KB2559049\SP3QFE\mshtml.dll [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . d:\windows\SoftwareDistribution\Download\683a60b6a6d129ddadfed78b3a85c27a\SP3GDR\mshtml.dll [-] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . d:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll [-] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . d:\windows\SoftwareDistribution\Download\683a60b6a6d129ddadfed78b3a85c27a\SP3QFE\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . d:\windows\system32\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . d:\windows\system32\dllcache\mshtml.dll [-] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . d:\windows\$NtUninstallKB2559049$\mshtml.dll . [-] 2012-05-16 . C1466A8E803261BB11FC25EF096E4E3D . 916992 . . [8.00.6001.19272] . . d:\windows\SoftwareDistribution\Download\b5933ec26f643e8f8ad1fe8edc9c0851\SP3GDR\wininet.dll [-] 2012-05-16 . 7FC207568D4D9AAFC266FC84F716FEC1 . 920064 . . [8.00.6001.23359] . . d:\windows\SoftwareDistribution\Download\b5933ec26f643e8f8ad1fe8edc9c0851\SP3QFE\wininet.dll [-] 2012-03-01 . CFF17B16BFF8179FBBA29075245E8BE1 . 916992 . . [8.00.6001.19222] . . d:\windows\erdnt\cache\wininet.dll [-] 2012-03-01 . B2E54BC4C5B399547EE3C8188DBBA509 . 919552 . . [8.00.6001.23318] . . d:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll [-] 2012-02-28 . 177727EFDC9D9F921D2E704E5949757F . 670208 . . [6.00.2900.6197] . . d:\windows\SoftwareDistribution\Download\f1ba4b72adaf0e6a441cc3ca7a29e329\sp3gdr\wininet.dll [-] 2012-02-28 . B40C25E9387B7F638D69787F89BE8DD4 . 671744 . . [6.00.2900.6197] . . d:\windows\SoftwareDistribution\Download\f1ba4b72adaf0e6a441cc3ca7a29e329\sp3qfe\wininet.dll [-] 2011-12-19 . 09A397373E34DD2A77D4450641B9C5F6 . 670208 . . [6.00.2900.6182] . . d:\windows\SoftwareDistribution\Download\cdc91ba1237215fbe4072aa51f33b547\sp3gdr\wininet.dll [-] 2011-12-19 . A9530DFEF6A283BCA7FFE77E47344BE2 . 671744 . . [6.00.2900.6182] . . d:\windows\SoftwareDistribution\Download\cdc91ba1237215fbe4072aa51f33b547\sp3qfe\wininet.dll [-] 2011-12-17 . 03CB14FB6B75EC8AC2FDEC54E904C30B . 916992 . . [8.00.6001.19190] . . d:\windows\SoftwareDistribution\Download\c9f2707a00294cb13687bcaa073af62b\SP3GDR\wininet.dll [-] 2011-12-17 . 38C3CDBC40464D40C7B716C8E154B86C . 919552 . . [8.00.6001.23286] . . d:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll [-] 2011-12-17 . 38C3CDBC40464D40C7B716C8E154B86C . 919552 . . [8.00.6001.23286] . . d:\windows\SoftwareDistribution\Download\c9f2707a00294cb13687bcaa073af62b\SP3QFE\wininet.dll [-] 2011-11-04 . D47FE623B45DF066647469DB73AE3215 . 916992 . . [8.00.6001.19165] . . d:\windows\SoftwareDistribution\Download\607c4e82652dceecca4f889cc90a0d88\SP3GDR\wininet.dll [-] 2011-11-04 . A484703720C95391777DF05F2458FEF8 . 919552 . . [8.00.6001.23261] . . d:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll [-] 2011-11-04 . A484703720C95391777DF05F2458FEF8 . 919552 . . [8.00.6001.23261] . . d:\windows\SoftwareDistribution\Download\607c4e82652dceecca4f889cc90a0d88\SP3QFE\wininet.dll [-] 2011-11-01 . 50E9E4EB7ED2A7B680EE4D843916E7DF . 670208 . . [6.00.2900.6168] . . d:\windows\ie8\wininet.dll [-] 2011-11-01 . 7AC58A2566F7FF8AB5948C5F4CFA6674 . 671744 . . [6.00.2900.6168] . . d:\windows\$hf_mig$\KB2618444\SP3QFE\wininet.dll [-] 2011-09-05 . 638A3E908C1E401ADD81878082EFDEBC . 670208 . . [6.00.2900.6148] . . d:\windows\SoftwareDistribution\Download\8c75e351745ce345a9cb71e64cbac520\sp3gdr\wininet.dll [-] 2011-09-05 . 031A23A350F9A3A353F4D7144847CAD7 . 671744 . . [6.00.2900.6148] . . d:\windows\SoftwareDistribution\Download\8c75e351745ce345a9cb71e64cbac520\sp3qfe\wininet.dll [-] 2011-06-21 . 73D1B42C1F3983EE4DBC7DC8B03E30DF . 670208 . . [6.00.2900.6126] . . d:\windows\$NtUninstallKB2618444$\wininet.dll [-] 2011-06-21 . 18A02E70D82B57D68137528251197C78 . 671744 . . [6.00.2900.6126] . . d:\windows\$hf_mig$\KB2559049\SP3QFE\wininet.dll [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . d:\windows\SoftwareDistribution\Download\683a60b6a6d129ddadfed78b3a85c27a\SP3GDR\wininet.dll [-] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . d:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . d:\windows\SoftwareDistribution\Download\683a60b6a6d129ddadfed78b3a85c27a\SP3QFE\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . d:\windows\system32\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . d:\windows\system32\dllcache\wininet.dll [-] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . d:\windows\$NtUninstallKB2559049$\wininet.dll . ((((((((((((((((((((((((((((( SnapShot_2012-08-08_08.40.10 ))))))))))))))))))))))))))))))))))))))))) . + 2012-08-10 07:28 . 2012-08-10 07:28 16384 d:\windows\Temp\Perflib_Perfdata_84.dat - 2004-08-10 16:05 . 2004-08-10 16:05 99480 d:\windows\system32\FwsVpn.dll + 2004-10-15 16:31 . 2004-10-15 16:31 99480 d:\windows\system32\FwsVpn.dll - 2012-05-31 14:23 . 2012-07-11 06:30 34144 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe + 2012-05-31 14:23 . 2012-08-08 18:01 34144 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe - 2012-05-31 14:23 . 2012-07-11 06:30 42848 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe + 2012-05-31 14:23 . 2012-08-08 18:01 42848 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe - 2012-05-31 14:23 . 2012-07-11 06:30 19296 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2012-05-31 14:23 . 2012-08-08 18:01 19296 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2012-08-08 09:10 . 2012-08-08 09:10 4608 d:\windows\Installer\{F34D9A5F-484A-4E31-A9D3-908CB265B289}\IconC989D247.exe - 2004-08-10 19:39 . 2004-08-10 19:39 218264 d:\windows\system32\SetAid.dll + 2004-10-15 16:31 . 2004-10-15 16:31 218264 d:\windows\system32\SetAid.dll + 2012-08-08 09:10 . 2012-08-08 09:10 981504 d:\windows\Installer\13e3f.msi + 2012-05-31 14:23 . 2012-08-08 18:01 415584 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe - 2012-05-31 14:23 . 2012-07-11 06:30 415584 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe - 2012-05-31 14:23 . 2012-07-11 06:30 303456 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe + 2012-05-31 14:23 . 2012-08-08 18:01 303456 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe + 2012-05-31 14:23 . 2012-08-08 18:01 571232 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe - 2012-05-31 14:23 . 2012-07-11 06:30 571232 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe + 2012-05-31 14:23 . 2012-08-08 18:01 326496 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe - 2012-05-31 14:23 . 2012-07-11 06:30 326496 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe + 2012-05-31 14:23 . 2012-08-08 18:01 470616 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe - 2012-05-31 14:23 . 2012-07-11 06:30 470616 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe - 2012-05-31 14:23 . 2012-07-11 06:30 178528 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe + 2012-05-31 14:23 . 2012-08-08 18:01 178528 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe - 2012-08-07 08:12 . 2012-08-07 08:12 128896 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\UNINST_Uninstall_A_DE08FD120270402B91CB0B6B59AB5AF9.exe + 2012-08-08 09:24 . 2012-08-08 09:24 128896 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\UNINST_Uninstall_A_DE08FD120270402B91CB0B6B59AB5AF9.exe - 2012-08-07 08:12 . 2012-08-07 08:12 399232 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\NewShortcut4_2C44B39324B94969A0B2A3EFCFBC4594.exe + 2012-08-08 09:24 . 2012-08-08 09:24 399232 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\NewShortcut4_2C44B39324B94969A0B2A3EFCFBC4594.exe + 2012-08-08 09:24 . 2012-08-08 09:24 399232 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\NewShortcut1_FE807111CB594AE5B9A38430EB516D75.exe - 2012-08-07 08:12 . 2012-08-07 08:12 399232 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\NewShortcut1_FE807111CB594AE5B9A38430EB516D75.exe - 2012-08-07 08:12 . 2012-08-07 08:12 399232 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\ARPPRODUCTICON.exe + 2012-08-08 09:24 . 2012-08-08 09:24 399232 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\ARPPRODUCTICON.exe + 2012-08-08 09:24 . 2012-08-08 09:24 5836288 d:\windows\Installer\b788d.msi + 2012-05-31 14:23 . 2012-08-08 18:01 1479520 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe - 2012-05-31 14:23 . 2012-07-11 06:30 1479520 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe - 2012-05-31 14:23 . 2012-07-11 06:30 1858400 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe + 2012-05-31 14:23 . 2012-08-08 18:01 1858400 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe - 2012-05-31 14:23 . 2012-07-11 06:30 3792736 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe + 2012-05-31 14:23 . 2012-08-08 18:01 3792736 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe - 2012-05-31 14:23 . 2012-07-11 06:30 1449312 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2012-05-31 14:23 . 2012-08-08 18:01 1449312 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2010-10-20 11:35 . 2010-10-20 11:35 1858400 d:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.6029\WORDICON.EXE + 2011-03-18 20:59 . 2011-03-18 20:59 1422680 d:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.6029\WINWORD.EXE . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="d:\program files\uTorrent\uTorrent.exe" [2012-08-08 896400] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmcService"="d:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service] @="Ad-Aware Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "d:\\Documents and Settings\\Administrator\\Bureaublad\\Tottents\\RatioMaster.NET.exe"= "d:\\Program Files\\Java\\jre6\\bin\\java.exe"= "d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "d:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "d:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"= "d:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"= "d:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "d:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"= "d:\\Program Files\\uTorrent\\uTorrent.exe"= . R1 sbaphd;sbaphd;d:\windows\system32\drivers\sbaphd.sys [8-8-2012 11:24 21240] R1 SBRE;SBRE;d:\windows\system32\drivers\SBREDrv.sys [26-10-2011 14:23 101112] R2 Ad-Aware Service;Ad-Aware Service;d:\program files\Ad-Aware Antivirus\AdAwareService.exe [12-7-2012 18:32 1239952] R2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9-8-2012 14:42 655944] R2 SBAMSvc;Ad-Aware;d:\program files\Ad-Aware Antivirus\SBAMSvc.exe [19-12-2011 13:20 3289032] R2 sbapifs;sbapifs;d:\windows\system32\drivers\sbapifs.sys [8-8-2012 11:24 77816] R3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [9-8-2012 14:42 22344] S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;d:\windows\system32\DNINDIS5.sys [9-12-2011 20:19 17149] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;d:\program files\Microsoft Office\Office14\GROOVE.EXE [12-6-2011 11:15 31125880] S3 MozillaMaintenance;Mozilla Maintenance Service;d:\program files\Mozilla Maintenance Service\maintenanceservice.exe [8-8-2012 11:04 113120] S3 osppsvc;Office Software Protection Platform;d:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9-1-2010 21:37 4640000] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map . 2012-08-08 d:\windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job - d:\progra~1\AD-AWA~1\AdAwareLauncher.exe [2012-07-12 16:32] . . ------- Bijkomende Scan ------- . TCP: DhcpNameServer = 10.0.0.1 FF - ProfilePath - d:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08fbvv84.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - prefs.js: network.proxy.ftp - 118.97.208.194 FF - prefs.js: network.proxy.ftp_port - 3128 FF - prefs.js: network.proxy.http - 118.97.208.194 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.socks - 118.97.208.194 FF - prefs.js: network.proxy.socks_port - 3128 FF - prefs.js: network.proxy.ssl - 118.97.208.194 FF - prefs.js: network.proxy.ssl_port - 3128 FF - prefs.js: network.proxy.type - 0 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-08-10 12:45 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant] "ImagePath"="" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1275210071-651377827-1177238915-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ea,5f,1f,ef,a3,c9,c9,4c,99,39,53,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ea,5f,1f,ef,a3,c9,c9,4c,99,39,53,\ . Voltooingstijd: 2012-08-10 12:54:08 ComboFix-quarantined-files.txt 2012-08-10 10:54 ComboFix2.txt 2012-08-10 08:24 ComboFix3.txt 2012-08-08 08:48 ComboFix4.txt 2012-08-07 15:32 ComboFix5.txt 2012-08-10 10:34 . Pre-Run: 17.330.176.000 bytes beschikbaar Post-Run: 17.319.555.072 bytes beschikbaar . - - End Of File - - 87739BCE36F6A71A72F3B1037E04CEE6

ComboFix logfile, ComboFix 12-08-09.01 - Administrator 10-08-2012 10:06:57.5.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2015.1564 [GMT 2:00] Gestart vanuit: d:\documents and settings\Administrator\Bureaublad\ComboFix.exe AV: Lavasoft Ad-Aware *Enabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C} FW: Lavasoft Ad-Aware *Disabled* {FF1CD5B7-1553-4625-A258-1775385CED33} FW: Sygate Personal Firewall *Enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-10 to 2012-08-10 )))))))))))))))))))))))))))))) . . 2012-08-09 19:44 . 2012-08-09 19:44 -------- d-----w- d:\documents and settings\All Users\Application Data\Ad-Aware Antivirus 2012-08-09 12:42 . 2012-08-09 12:43 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware 2012-08-09 12:42 . 2012-07-03 11:46 22344 ----a-w- d:\windows\system32\drivers\mbam.sys 2012-08-08 09:24 . 2012-08-08 09:24 -------- d-----w- d:\documents and settings\Administrator\Local Settings\Application Data\adaware 2012-08-08 09:24 . 2011-11-29 04:59 77816 ----a-w- d:\windows\system32\drivers\sbapifs.sys 2012-08-08 09:24 . 2011-11-29 04:59 21240 ----a-w- d:\windows\system32\drivers\sbaphd.sys 2012-08-08 09:24 . 2012-08-08 09:24 -------- d-----w- d:\windows\system32\drivers\VDD 2012-08-08 09:24 . 2012-08-08 09:36 -------- d-----w- d:\program files\Ad-Aware Antivirus 2012-08-08 09:15 . 2012-08-08 09:15 -------- d-----w- d:\program files\uTorrent 2012-08-08 09:10 . 2004-10-15 16:32 14568 ----a-w- d:\windows\system32\drivers\wg6n.sys 2012-08-08 09:10 . 2004-10-15 16:32 14568 ----a-w- d:\windows\system32\drivers\wg5n.sys 2012-08-08 09:10 . 2004-10-15 16:32 14568 ----a-w- d:\windows\system32\drivers\wg4n.sys 2012-08-08 09:10 . 2004-10-15 16:32 14568 ----a-w- d:\windows\system32\drivers\wg3n.sys 2012-08-08 09:10 . 2004-10-15 16:18 21075 ----a-w- d:\windows\system32\drivers\wpsdrvnt.sys 2012-08-08 09:10 . 2004-10-15 16:17 60496 ----a-w- d:\windows\system32\drivers\Teefer.sys 2012-08-08 09:10 . 2004-10-15 16:32 83096 ----a-w- d:\windows\system32\SSSensor.dll 2012-08-08 09:09 . 2012-08-08 09:09 -------- d-----w- d:\program files\Sygate 2012-08-08 09:04 . 2012-08-09 14:10 -------- d-----w- d:\documents and settings\All Users\Bureaublad 2012-08-08 09:04 . 2012-08-08 09:04 -------- d-----w- d:\program files\Mozilla Maintenance Service 2012-08-08 08:53 . 2012-08-08 08:53 -------- d-----w- d:\documents and settings\All Users\Application Data\GFI Software 2012-08-07 20:40 . 2012-08-07 20:41 -------- dc-h--w- d:\windows\ie8 2012-08-07 08:22 . 2012-08-07 08:22 -------- d-----w- d:\documents and settings\LocalService\Application Data\Ad-Aware Antivirus 2012-08-07 08:12 . 2012-08-09 14:08 -------- d-----w- d:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection 2012-08-07 08:12 . 2012-08-08 08:54 -------- d-----w- d:\documents and settings\All Users\Application Data\Lavasoft 2012-08-07 08:11 . 2012-08-07 08:11 -------- d-----w- d:\documents and settings\Administrator\Local Settings\Application Data\Downloaded Installations 2012-08-07 08:10 . 2012-08-08 11:18 -------- d-----w- d:\documents and settings\Administrator\Application Data\Ad-Aware Antivirus 2012-08-01 18:11 . 2012-08-01 18:11 -------- d-----w- d:\documents and settings\Administrator\Application Data\QuickScan 2012-07-26 12:03 . 2012-07-26 12:03 -------- d-----w- d:\documents and settings\All Users\Application Data\Premium 2012-07-26 12:03 . 2012-07-26 12:03 -------- d-----w- d:\documents and settings\Administrator\Application Data\SendSpace 2012-07-26 12:02 . 2012-07-26 12:02 453 ----a-w- D:\user.js 2012-07-26 12:02 . 2012-08-07 11:55 -------- d-----w- d:\program files\Web Assistant 2012-07-26 12:00 . 2012-07-26 12:03 -------- d-----w- d:\documents and settings\All Users\Application Data\InstallMate 2012-07-21 08:40 . 2012-07-21 08:40 -------- d-----w- d:\program files\FileZilla FTP Client 2012-07-11 13:53 . 2012-08-07 16:22 -------- d-----w- d:\documents and settings\Administrator\Application Data\Skype 2012-07-11 13:52 . 2012-08-07 16:22 -------- d-----w- d:\documents and settings\All Users\Application Data\Skype . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-14 09:10 . 2012-06-03 10:59 426184 ----a-w- d:\windows\system32\FlashPlayerApp.exe 2012-06-14 09:10 . 2012-01-23 19:32 70344 ----a-w- d:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-13 13:55 . 2008-04-14 21:05 1866240 ----a-w- d:\windows\system32\win32k.sys 2012-06-05 15:49 . 2008-04-14 21:32 1372672 ----a-w- d:\windows\system32\msxml6.dll 2012-06-05 15:49 . 2008-04-14 21:32 1172480 ----a-w- d:\windows\system32\msxml3.dll 2012-06-04 15:35 . 2011-12-09 17:35 210968 ----a-w- d:\windows\system32\wuweb.dll 2012-06-04 04:32 . 2008-04-14 21:32 152576 ----a-w- d:\windows\system32\schannel.dll 2012-06-02 13:19 . 2011-12-09 18:40 18456 ----a-w- d:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2011-12-09 17:35 329240 ----a-w- d:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2011-12-09 17:35 219160 ----a-w- d:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2011-12-09 18:40 45080 ----a-w- d:\windows\system32\wups2.dll 2012-06-02 13:19 . 2011-12-09 17:35 53784 ----a-w- d:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2011-12-09 17:35 35864 ----a-w- d:\windows\system32\wups.dll 2012-06-02 13:19 . 2008-04-14 21:32 97304 ----a-w- d:\windows\system32\cdm.dll 2012-06-02 13:19 . 2011-12-09 18:40 15896 ----a-w- d:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2011-12-09 18:40 15896 ----a-w- d:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2011-12-09 17:35 577048 ----a-w- d:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2011-12-09 18:40 24088 ----a-w- d:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2011-12-09 17:35 1933848 ----a-w- d:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2011-12-12 13:05 18160 ----a-w- d:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2011-12-12 13:05 275696 ----a-w- d:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2011-12-12 13:05 214256 ----a-w- d:\windows\system32\muweb.dll 2012-05-31 13:22 . 2008-04-14 21:32 602624 ----a-w- d:\windows\system32\crypt32.dll 2012-07-14 00:15 . 2012-08-08 09:04 136672 ----a-w- d:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2012-05-11 . 13D1764BA6AEDF0E8846428CAF915738 . 6007808 . . [8.00.6001.19258] . . d:\windows\SoftwareDistribution\Download\b5933ec26f643e8f8ad1fe8edc9c0851\SP3GDR\mshtml.dll [-] 2012-05-11 . F45E5701FF03719D2AC7FE1B426FCABA . 6009344 . . [8.00.6001.23345] . . d:\windows\SoftwareDistribution\Download\b5933ec26f643e8f8ad1fe8edc9c0851\SP3QFE\mshtml.dll [-] 2012-03-01 . 6E0E7C508B5060F81992D5ED0B1A5556 . 5978624 . . [8.00.6001.19222] . . d:\windows\erdnt\cache\mshtml.dll [-] 2012-03-01 . 467D9D5FB15DD88E82768C6F31A7A5D4 . 5980672 . . [8.00.6001.23318] . . d:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll [-] 2012-02-28 . D16CF6C7AFB29B7546BFD20B4E355A9D . 3108864 . . [6.00.2900.6197] . . d:\windows\SoftwareDistribution\Download\f1ba4b72adaf0e6a441cc3ca7a29e329\sp3gdr\mshtml.dll [-] 2012-02-28 . 187B5BBB711C65C7D90D89C8F01C21B9 . 3109376 . . [6.00.2900.6197] . . d:\windows\SoftwareDistribution\Download\f1ba4b72adaf0e6a441cc3ca7a29e329\sp3qfe\mshtml.dll [-] 2011-12-19 . 88C35DAE443D1813939183D4FF8A1BA3 . 3108352 . . [6.00.2900.6182] . . d:\windows\SoftwareDistribution\Download\cdc91ba1237215fbe4072aa51f33b547\sp3gdr\mshtml.dll [-] 2011-12-19 . 69485422D35F1D286BA06F72C140F376 . 3108864 . . [6.00.2900.6182] . . d:\windows\SoftwareDistribution\Download\cdc91ba1237215fbe4072aa51f33b547\sp3qfe\mshtml.dll [-] 2011-12-17 . 5C55673322584D9F5A32D0971D83858B . 5979136 . . [8.00.6001.19190] . . d:\windows\SoftwareDistribution\Download\c9f2707a00294cb13687bcaa073af62b\SP3GDR\mshtml.dll [-] 2011-12-17 . 46FE106946083872716147AD223F20C1 . 5980160 . . [8.00.6001.23286] . . d:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll [-] 2011-12-17 . 46FE106946083872716147AD223F20C1 . 5980160 . . [8.00.6001.23286] . . d:\windows\SoftwareDistribution\Download\c9f2707a00294cb13687bcaa073af62b\SP3QFE\mshtml.dll [-] 2011-11-04 . 958ECE072DA2D840BD3658A3AB708F58 . 5978112 . . [8.00.6001.19170] . . d:\windows\SoftwareDistribution\Download\607c4e82652dceecca4f889cc90a0d88\SP3GDR\mshtml.dll [-] 2011-11-04 . E43D37858B634BDE1E099E92F0202458 . 5978624 . . [8.00.6001.23266] . . d:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll [-] 2011-11-04 . E43D37858B634BDE1E099E92F0202458 . 5978624 . . [8.00.6001.23266] . . d:\windows\SoftwareDistribution\Download\607c4e82652dceecca4f889cc90a0d88\SP3QFE\mshtml.dll [-] 2011-11-03 . C26CF1A39FEBAF9D2AD70BE6ABB18A80 . 3108352 . . [6.00.2900.6169] . . d:\windows\ie8\mshtml.dll [-] 2011-11-03 . 11244F9DFE66A4E96C6D53646C2F1747 . 3108864 . . [6.00.2900.6169] . . d:\windows\$hf_mig$\KB2618444\SP3QFE\mshtml.dll [-] 2011-09-05 . 538D8FB09C46E62ED0C59A9C7B12C9BF . 3107328 . . [6.00.2900.6148] . . d:\windows\SoftwareDistribution\Download\8c75e351745ce345a9cb71e64cbac520\sp3gdr\mshtml.dll [-] 2011-09-05 . DFEC0338F440C7B1A6E16ED92CE0F8F1 . 3107840 . . [6.00.2900.6148] . . d:\windows\SoftwareDistribution\Download\8c75e351745ce345a9cb71e64cbac520\sp3qfe\mshtml.dll [-] 2011-06-27 . B3C512EB1950AD3BCF1C14C5D38A405B . 3105792 . . [6.00.2900.6129] . . d:\windows\$NtUninstallKB2618444$\mshtml.dll [-] 2011-06-27 . 796C3ABC2779096E1B1255ED920AE11A . 3106304 . . [6.00.2900.6129] . . d:\windows\$hf_mig$\KB2559049\SP3QFE\mshtml.dll [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . d:\windows\SoftwareDistribution\Download\683a60b6a6d129ddadfed78b3a85c27a\SP3GDR\mshtml.dll [-] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . d:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll [-] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . d:\windows\SoftwareDistribution\Download\683a60b6a6d129ddadfed78b3a85c27a\SP3QFE\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . d:\windows\system32\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . d:\windows\system32\dllcache\mshtml.dll [-] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . d:\windows\$NtUninstallKB2559049$\mshtml.dll . [-] 2012-05-16 . C1466A8E803261BB11FC25EF096E4E3D . 916992 . . [8.00.6001.19272] . . d:\windows\SoftwareDistribution\Download\b5933ec26f643e8f8ad1fe8edc9c0851\SP3GDR\wininet.dll [-] 2012-05-16 . 7FC207568D4D9AAFC266FC84F716FEC1 . 920064 . . [8.00.6001.23359] . . d:\windows\SoftwareDistribution\Download\b5933ec26f643e8f8ad1fe8edc9c0851\SP3QFE\wininet.dll [-] 2012-03-01 . CFF17B16BFF8179FBBA29075245E8BE1 . 916992 . . [8.00.6001.19222] . . d:\windows\erdnt\cache\wininet.dll [-] 2012-03-01 . B2E54BC4C5B399547EE3C8188DBBA509 . 919552 . . [8.00.6001.23318] . . d:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll [-] 2012-02-28 . 177727EFDC9D9F921D2E704E5949757F . 670208 . . [6.00.2900.6197] . . d:\windows\SoftwareDistribution\Download\f1ba4b72adaf0e6a441cc3ca7a29e329\sp3gdr\wininet.dll [-] 2012-02-28 . B40C25E9387B7F638D69787F89BE8DD4 . 671744 . . [6.00.2900.6197] . . d:\windows\SoftwareDistribution\Download\f1ba4b72adaf0e6a441cc3ca7a29e329\sp3qfe\wininet.dll [-] 2011-12-19 . 09A397373E34DD2A77D4450641B9C5F6 . 670208 . . [6.00.2900.6182] . . d:\windows\SoftwareDistribution\Download\cdc91ba1237215fbe4072aa51f33b547\sp3gdr\wininet.dll [-] 2011-12-19 . A9530DFEF6A283BCA7FFE77E47344BE2 . 671744 . . [6.00.2900.6182] . . d:\windows\SoftwareDistribution\Download\cdc91ba1237215fbe4072aa51f33b547\sp3qfe\wininet.dll [-] 2011-12-17 . 03CB14FB6B75EC8AC2FDEC54E904C30B . 916992 . . [8.00.6001.19190] . . d:\windows\SoftwareDistribution\Download\c9f2707a00294cb13687bcaa073af62b\SP3GDR\wininet.dll [-] 2011-12-17 . 38C3CDBC40464D40C7B716C8E154B86C . 919552 . . [8.00.6001.23286] . . d:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll [-] 2011-12-17 . 38C3CDBC40464D40C7B716C8E154B86C . 919552 . . [8.00.6001.23286] . . d:\windows\SoftwareDistribution\Download\c9f2707a00294cb13687bcaa073af62b\SP3QFE\wininet.dll [-] 2011-11-04 . D47FE623B45DF066647469DB73AE3215 . 916992 . . [8.00.6001.19165] . . d:\windows\SoftwareDistribution\Download\607c4e82652dceecca4f889cc90a0d88\SP3GDR\wininet.dll [-] 2011-11-04 . A484703720C95391777DF05F2458FEF8 . 919552 . . [8.00.6001.23261] . . d:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll [-] 2011-11-04 . A484703720C95391777DF05F2458FEF8 . 919552 . . [8.00.6001.23261] . . d:\windows\SoftwareDistribution\Download\607c4e82652dceecca4f889cc90a0d88\SP3QFE\wininet.dll [-] 2011-11-01 . 50E9E4EB7ED2A7B680EE4D843916E7DF . 670208 . . [6.00.2900.6168] . . d:\windows\ie8\wininet.dll [-] 2011-11-01 . 7AC58A2566F7FF8AB5948C5F4CFA6674 . 671744 . . [6.00.2900.6168] . . d:\windows\$hf_mig$\KB2618444\SP3QFE\wininet.dll [-] 2011-09-05 . 638A3E908C1E401ADD81878082EFDEBC . 670208 . . [6.00.2900.6148] . . d:\windows\SoftwareDistribution\Download\8c75e351745ce345a9cb71e64cbac520\sp3gdr\wininet.dll [-] 2011-09-05 . 031A23A350F9A3A353F4D7144847CAD7 . 671744 . . [6.00.2900.6148] . . d:\windows\SoftwareDistribution\Download\8c75e351745ce345a9cb71e64cbac520\sp3qfe\wininet.dll [-] 2011-06-21 . 73D1B42C1F3983EE4DBC7DC8B03E30DF . 670208 . . [6.00.2900.6126] . . d:\windows\$NtUninstallKB2618444$\wininet.dll [-] 2011-06-21 . 18A02E70D82B57D68137528251197C78 . 671744 . . [6.00.2900.6126] . . d:\windows\$hf_mig$\KB2559049\SP3QFE\wininet.dll [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . d:\windows\SoftwareDistribution\Download\683a60b6a6d129ddadfed78b3a85c27a\SP3GDR\wininet.dll [-] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . d:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . d:\windows\SoftwareDistribution\Download\683a60b6a6d129ddadfed78b3a85c27a\SP3QFE\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . d:\windows\system32\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . d:\windows\system32\dllcache\wininet.dll [-] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . d:\windows\$NtUninstallKB2559049$\wininet.dll . ((((((((((((((((((((((((((((( SnapShot_2012-08-08_08.40.10 ))))))))))))))))))))))))))))))))))))))))) . + 2012-08-10 07:28 . 2012-08-10 07:28 16384 d:\windows\Temp\Perflib_Perfdata_84.dat - 2004-08-10 16:05 . 2004-08-10 16:05 99480 d:\windows\system32\FwsVpn.dll + 2004-10-15 16:31 . 2004-10-15 16:31 99480 d:\windows\system32\FwsVpn.dll - 2012-05-31 14:23 . 2012-07-11 06:30 34144 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe + 2012-05-31 14:23 . 2012-08-08 18:01 34144 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe - 2012-05-31 14:23 . 2012-07-11 06:30 42848 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe + 2012-05-31 14:23 . 2012-08-08 18:01 42848 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe - 2012-05-31 14:23 . 2012-07-11 06:30 19296 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2012-05-31 14:23 . 2012-08-08 18:01 19296 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2012-08-08 09:10 . 2012-08-08 09:10 4608 d:\windows\Installer\{F34D9A5F-484A-4E31-A9D3-908CB265B289}\IconC989D247.exe - 2004-08-10 19:39 . 2004-08-10 19:39 218264 d:\windows\system32\SetAid.dll + 2004-10-15 16:31 . 2004-10-15 16:31 218264 d:\windows\system32\SetAid.dll + 2012-08-08 09:10 . 2012-08-08 09:10 981504 d:\windows\Installer\13e3f.msi + 2012-05-31 14:23 . 2012-08-08 18:01 415584 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe - 2012-05-31 14:23 . 2012-07-11 06:30 415584 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe - 2012-05-31 14:23 . 2012-07-11 06:30 303456 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe + 2012-05-31 14:23 . 2012-08-08 18:01 303456 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe + 2012-05-31 14:23 . 2012-08-08 18:01 571232 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe - 2012-05-31 14:23 . 2012-07-11 06:30 571232 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe + 2012-05-31 14:23 . 2012-08-08 18:01 326496 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe - 2012-05-31 14:23 . 2012-07-11 06:30 326496 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe + 2012-05-31 14:23 . 2012-08-08 18:01 470616 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe - 2012-05-31 14:23 . 2012-07-11 06:30 470616 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe - 2012-05-31 14:23 . 2012-07-11 06:30 178528 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe + 2012-05-31 14:23 . 2012-08-08 18:01 178528 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe - 2012-08-07 08:12 . 2012-08-07 08:12 128896 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\UNINST_Uninstall_A_DE08FD120270402B91CB0B6B59AB5AF9.exe + 2012-08-08 09:24 . 2012-08-08 09:24 128896 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\UNINST_Uninstall_A_DE08FD120270402B91CB0B6B59AB5AF9.exe - 2012-08-07 08:12 . 2012-08-07 08:12 399232 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\NewShortcut4_2C44B39324B94969A0B2A3EFCFBC4594.exe + 2012-08-08 09:24 . 2012-08-08 09:24 399232 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\NewShortcut4_2C44B39324B94969A0B2A3EFCFBC4594.exe + 2012-08-08 09:24 . 2012-08-08 09:24 399232 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\NewShortcut1_FE807111CB594AE5B9A38430EB516D75.exe - 2012-08-07 08:12 . 2012-08-07 08:12 399232 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\NewShortcut1_FE807111CB594AE5B9A38430EB516D75.exe - 2012-08-07 08:12 . 2012-08-07 08:12 399232 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\ARPPRODUCTICON.exe + 2012-08-08 09:24 . 2012-08-08 09:24 399232 d:\windows\Installer\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}\ARPPRODUCTICON.exe + 2012-08-08 09:24 . 2012-08-08 09:24 5836288 d:\windows\Installer\b788d.msi + 2012-05-31 14:23 . 2012-08-08 18:01 1479520 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe - 2012-05-31 14:23 . 2012-07-11 06:30 1479520 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe - 2012-05-31 14:23 . 2012-07-11 06:30 1858400 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe + 2012-05-31 14:23 . 2012-08-08 18:01 1858400 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe - 2012-05-31 14:23 . 2012-07-11 06:30 3792736 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe + 2012-05-31 14:23 . 2012-08-08 18:01 3792736 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe - 2012-05-31 14:23 . 2012-07-11 06:30 1449312 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2012-05-31 14:23 . 2012-08-08 18:01 1449312 d:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2010-10-20 11:35 . 2010-10-20 11:35 1858400 d:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.6029\WORDICON.EXE + 2011-03-18 20:59 . 2011-03-18 20:59 1422680 d:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.6029\WINWORD.EXE . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="d:\program files\uTorrent\uTorrent.exe" [2012-08-08 896400] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmcService"="d:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service] @="Ad-Aware Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "d:\\Documents and Settings\\Administrator\\Bureaublad\\Tottents\\RatioMaster.NET.exe"= "d:\\Program Files\\Java\\jre6\\bin\\java.exe"= "d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "d:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "d:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"= "d:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"= "d:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "d:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"= "d:\\Program Files\\uTorrent\\uTorrent.exe"= . R1 sbaphd;sbaphd;d:\windows\system32\drivers\sbaphd.sys [8-8-2012 11:24 21240] R1 SBRE;SBRE;d:\windows\system32\drivers\SBREDrv.sys [26-10-2011 14:23 101112] R2 Ad-Aware Service;Ad-Aware Service;d:\program files\Ad-Aware Antivirus\AdAwareService.exe [12-7-2012 18:32 1239952] R2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9-8-2012 14:42 655944] R2 SBAMSvc;Ad-Aware;d:\program files\Ad-Aware Antivirus\SBAMSvc.exe [19-12-2011 13:20 3289032] R2 sbapifs;sbapifs;d:\windows\system32\drivers\sbapifs.sys [8-8-2012 11:24 77816] R3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [9-8-2012 14:42 22344] S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;d:\windows\system32\DNINDIS5.sys [9-12-2011 20:19 17149] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;d:\program files\Microsoft Office\Office14\GROOVE.EXE [12-6-2011 11:15 31125880] S3 MozillaMaintenance;Mozilla Maintenance Service;d:\program files\Mozilla Maintenance Service\maintenanceservice.exe [8-8-2012 11:04 113120] S3 osppsvc;Office Software Protection Platform;d:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9-1-2010 21:37 4640000] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map . 2012-08-08 d:\windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job - d:\progra~1\AD-AWA~1\AdAwareLauncher.exe [2012-07-12 16:32] . . ------- Bijkomende Scan ------- . TCP: DhcpNameServer = 10.0.0.1 FF - ProfilePath - d:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08fbvv84.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/mb139/?loc=IB_DS&a=6R8A9QAab7&&i=26&search= FF - prefs.js: network.proxy.ftp - 118.97.208.194 FF - prefs.js: network.proxy.ftp_port - 3128 FF - prefs.js: network.proxy.http - 118.97.208.194 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.socks - 118.97.208.194 FF - prefs.js: network.proxy.socks_port - 3128 FF - prefs.js: network.proxy.ssl - 118.97.208.194 FF - prefs.js: network.proxy.ssl_port - 3128 FF - prefs.js: network.proxy.type - 0 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-08-10 10:16 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant] "ImagePath"="" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1275210071-651377827-1177238915-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ea,5f,1f,ef,a3,c9,c9,4c,99,39,53,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ea,5f,1f,ef,a3,c9,c9,4c,99,39,53,\ . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(1480) d:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf d:\progra~1\MICROS~3\Office14\1043\GrooveIntlResource.dll d:\windows\system32\ieframe.dll d:\windows\system32\SSSensor.dll d:\windows\system32\webcheck.dll . Voltooingstijd: 2012-08-10 10:24:20 ComboFix-quarantined-files.txt 2012-08-10 08:24 ComboFix2.txt 2012-08-08 08:48 ComboFix3.txt 2012-08-07 15:32 ComboFix4.txt 2012-08-07 13:10 . Pre-Run: 17.227.997.184 bytes beschikbaar Post-Run: 17.359.151.104 bytes beschikbaar . - - End Of File - - 61EC3CF149CBDEBF9AABAF338A67002C

Logfile AdwCleaner, # AdwCleaner v1.608 - Logfile created 08/10/2012 at 09:14:03 # Updated 27/05/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Administrator - XXXYYY-80BD7E39 # Running from : D:\Documents and Settings\Administrator\Bureaublad\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** Key Deleted : HKCU\Software\Softonic ***** [Registre - GUID] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Registry is clean. -\\ Mozilla Firefox v14.0.1 (nl) Profile name : default File : D:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08fbvv84.default\prefs.js [OK] File is clean. ************************* AdwCleaner[R1].txt - [2679 octets] - [07/08/2012 14:11:34] AdwCleaner[s1].txt - [309 octets] - [07/08/2012 14:12:11] AdwCleaner[s2].txt - [2960 octets] - [07/08/2012 14:12:44] AdwCleaner[R2].txt - [1078 octets] - [07/08/2012 14:19:18] AdwCleaner[s3].txt - [1139 octets] - [07/08/2012 14:19:49] AdwCleaner[R3].txt - [1199 octets] - [07/08/2012 18:06:01] AdwCleaner[s4].txt - [1259 octets] - [07/08/2012 18:06:23] AdwCleaner[R4].txt - [1368 octets] - [08/08/2012 10:17:35] AdwCleaner[s5].txt - [1288 octets] - [10/08/2012 09:14:03] ########## EOF - D:\AdwCleaner[s5].txt - [1416 octets] ##########

Het Logje... Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:26:40, on 9-8-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\Sygate\SPF\smc.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Ad-Aware Antivirus\AdAwareService.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe D:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe D:\Program Files\uTorrent\uTorrent.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Windows Live\Messenger\msnmsgr.exe D:\Program Files\Windows Live\Contacts\wlcomm.exe D:\Documents and Settings\Administrator\Bureaublad\Brammes\AFIX\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [smcService] D:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKCU\..\Run: [uTorrent] "D:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1344358908750 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Ad-Aware Service - Lavasoft Limited - D:\Program Files\Ad-Aware Antivirus\AdAwareService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - D:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - D:\Program Files\Sygate\SPF\smc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - D:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 2987 bytes

Elke x als ik een nieuw Tabblad open krijg ik "MyStart" als start terwijl het voorheen een blanco Tabblad was. Als ik met MallWareBytes scan vind hij elke x wel wat meestal hetzelfde terwijl ik het steeds weer verwijder. Ook het opnieuw installeren van FireFox werkt niet. Wie kan mij helpen??