Tommieh

Hallo Mensen, Hallo mensen. Ik heb laatst een nieuwe PC van 1300 euro gekocht maar ik merk dat de latency steeds oploopt naar 500 terwijl dat hier maar 20 hoort te zijn. Als ik de PC dan opnieuw opstart heb ik weer 20 voor een bepaalde tijd, soms 1 uur soms wel 3 uur. Aan de internet kabel kan het niet liggen want ik heb er al 2 nieuwe aan gekoppeld. Iemand een idee? PS: Heb alle tests van malwarebytes al gedraaid maar kwamen 0 bedreigingen uit. Groetjes, Tommie Hier is mijn Hijackthis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:41:58, on 6-11-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Tommie\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: uTorrentBar_NL - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [RoccatKone+] "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE" O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1285678663-4258229607-3555723805-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1285678663-4258229607-3555723805-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9822 bytes

Hallo Mensen, Hallo mensen. Ik heb laatst een nieuwe PC van 1300 euro gekocht maar ik merk dat de latency steeds oploopt naar 500 terwijl dat hier maar 20 hoort te zijn. Als ik de PC dan opnieuw opstart heb ik weer 20 voor een bepaalde tijd, soms 1 uur soms wel 3 uur. Aan de internet kabel kan het niet liggen want ik heb er al 2 nieuwe aan gekoppeld. Iemand een idee? PS: Heb alle tests van malwarebytes al gedraaid maar kwamen 0 bedreigingen uit. Windows staat er sinds vorige week pas op dus ik denk ook niet dat het een virus kan zijn. Groetjes, Tommie

Vlekkeloos verlopen, HEEL ERG BEDANKT! Super goede hulp, fantastisch! Heel duidelijk enz. Als ik nog ooit problemen krijg weet ik je te vinden Danku.

ComboFix 12-08-20.02 - Tommie 21-08-2012 9:26.2.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3327.2173 [GMT 2:00] Gestart vanuit: c:\users\Tommie\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Tommie\Desktop\CFScript.txt AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Web Assistant c:\program files\Web Assistant\ExtensionUpdaterService.exe c:\program files\Web Assistant\Firefox\chrome.manifest c:\program files\Web Assistant\Firefox\chrome\content\libraries\DataExchangeScript.js c:\program files\Web Assistant\Firefox\chrome\content\main.js c:\program files\Web Assistant\Firefox\chrome\content\main.xul c:\program files\Web Assistant\Firefox\chrome\content\resources\localscript.js c:\program files\Web Assistant\Firefox\chrome\locale\en-US\overlay.dtd c:\program files\Web Assistant\Firefox\chrome\skin\overlay.css c:\program files\Web Assistant\Firefox\defaults\preferences\defaults.js c:\program files\Web Assistant\Firefox\install.rdf c:\program files\Web Assistant\InstallerHelper.dll c:\program files\Web Assistant\libraries\DataExchangeScript.js c:\program files\Web Assistant\resources\localscript.js c:\program files\Web Assistant\source.crx c:\program files\Web Assistant\unins000.dat c:\program files\Web Assistant\unins000.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_Web Assistant Updater . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-21 to 2012-08-21 )))))))))))))))))))))))))))))) . . 2012-08-21 07:32 . 2012-08-21 07:32 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-08-18 16:36 . 2012-08-18 16:36 388096 ----a-r- c:\users\Tommie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-08-18 16:36 . 2012-08-18 16:36 -------- d-----w- c:\program files\Trend Micro 2012-08-18 13:14 . 2012-08-18 13:14 -------- d-----w- c:\users\Tommie\AppData\Roaming\Malwarebytes 2012-08-18 13:14 . 2012-08-18 13:14 -------- d-----w- c:\programdata\Malwarebytes 2012-08-18 13:14 . 2012-08-18 13:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-08-18 13:14 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-18 12:41 . 2012-08-18 12:41 -------- d-----w- c:\users\Tommie\temp 2012-08-18 12:41 . 2012-08-18 12:41 -------- d-----w- c:\users\Tommie\AppData\Roaming\TeamViewer 2012-08-17 09:30 . 2012-08-17 09:30 -------- d-----w- c:\users\Tommie\AppData\Roaming\AVG2012 2012-08-17 09:30 . 2012-08-17 09:30 -------- d-----w- c:\users\Tommie\AppData\Local\AVG Secure Search 2012-08-17 09:30 . 2012-08-20 21:54 -------- d-----w- c:\programdata\AVG Secure Search 2012-08-17 09:30 . 2012-08-17 09:30 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2012-08-17 09:30 . 2012-08-17 09:30 -------- d-----w- c:\program files\AVG Secure Search 2012-08-17 09:30 . 2012-08-17 09:30 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2012-08-17 09:29 . 2012-08-17 09:39 -------- d-----w- c:\programdata\AVG2012 2012-08-17 09:29 . 2012-08-17 09:29 -------- d-----w- C:\$AVG 2012-08-17 09:19 . 2012-08-17 09:19 -------- d-----w- c:\program files\Siber Systems 2012-08-17 09:06 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll 2012-08-17 09:06 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-08-17 09:06 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll 2012-08-17 09:06 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-17 09:05 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll 2012-08-17 09:05 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll 2012-08-17 09:05 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll 2012-08-15 09:26 . 2012-08-15 09:26 -------- d-----w- c:\users\Tommie\AppData\Local\Adobe 2012-08-15 09:25 . 2012-08-15 09:25 -------- d-----w- c:\program files\Common Files\Adobe 2012-08-14 19:06 . 2012-08-14 19:06 -------- d-----w- c:\programdata\ROCCAT 2012-08-14 19:05 . 2012-08-14 19:05 -------- d-----w- c:\program files\ROCCAT 2012-08-14 19:05 . 2012-08-14 19:05 -------- d-----w- c:\program files\Common Files\InstallShield 2012-08-14 07:19 . 2012-08-14 07:19 -------- d-----w- c:\users\Tommie\AppData\Roaming\Razer 2012-08-14 07:19 . 2012-08-14 07:19 -------- d-----w- c:\program files\Razer 2012-08-14 07:19 . 2008-09-12 14:22 65536 ----a-w- c:\windows\system32\Arctosa.cpl 2012-08-07 16:39 . 2012-08-21 07:21 -------- d-----w- c:\windows\system32\drivers\AVG 2012-08-07 12:08 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D67B0B58-7AA1-48E9-AF4F-FC293ADC7B17}\mpengine.dll 2012-08-01 19:38 . 2012-08-01 19:38 -------- d-----w- c:\users\Tommie\AppData\Local\DDMSettings 2012-08-01 19:33 . 2012-08-01 19:52 -------- d-----w- c:\users\Tommie\AppData\Roaming\DivX 2012-08-01 19:33 . 2012-08-01 19:33 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2012-08-01 19:32 . 2012-08-01 19:33 -------- d-----w- c:\program files\Common Files\DivX Shared 2012-08-01 19:31 . 2012-08-01 19:33 -------- d-----w- c:\program files\DivX 2012-08-01 19:30 . 2012-08-01 19:37 -------- d-----w- c:\programdata\DivX 2012-07-26 09:45 . 2012-08-08 17:10 -------- d-----w- c:\users\Tommie\AppData\Local\ElevatedDiagnostics . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-14 22:10 . 2012-05-27 19:31 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-14 22:10 . 2012-05-27 19:31 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-19 12:31 . 2012-06-19 12:31 235 ----a-w- c:\windows\system32\nxEuUninstall.bat 2012-06-19 12:31 . 2012-06-19 12:31 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe 2012-06-06 09:25 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2012-06-06 06:49 . 2012-06-06 06:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-06-06 05:05 . 2012-07-12 13:35 1390080 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 05:05 . 2012-07-12 13:35 1236992 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 05:03 . 2012-07-12 13:35 805376 ----a-w- c:\windows\system32\cdosys.dll 2012-06-02 22:19 . 2012-06-21 07:55 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 07:55 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 07:54 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 07:54 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-21 07:55 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:12 . 2012-06-21 07:55 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12 . 2012-06-21 07:54 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-21 07:54 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:12 . 2012-06-21 07:54 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 04:45 . 2012-07-12 13:35 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 04:45 . 2012-07-12 13:35 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 04:40 . 2012-07-12 13:35 369336 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 04:40 . 2012-07-12 13:35 225280 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 04:39 . 2012-07-12 13:35 219136 ----a-w- c:\windows\system32\ncrypt.dll 2012-05-31 18:38 . 2012-05-31 18:38 11867 ----a-w- c:\users\Tommie\AppData\Roaming\TheHunterSettings_live.bin 2012-05-31 13:09 . 2012-05-31 13:05 26 ----a-w- C:\Zombe1.2.4.zip 2012-05-31 10:25 . 2012-05-27 19:32 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-05-28 13:54 . 2012-05-28 13:54 178624 ----a-w- c:\windows\system32\tadefxapo2.dll 2012-05-28 13:54 . 2012-05-28 13:54 1379760 ----a-w- c:\windows\system32\tosade.dll 2012-05-28 13:54 . 2012-05-28 13:54 134584 ----a-w- c:\windows\system32\tadefxapo.dll 2012-05-28 13:54 . 2012-05-28 13:54 74080 ----a-w- c:\windows\system32\SFCOM.dll 2012-05-28 13:54 . 2012-05-28 13:54 68960 ----a-w- c:\windows\system32\SFAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 58264 ----a-w- c:\windows\system32\TepeqAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 345328 ----a-w- c:\windows\system32\SRSTSXT.dll 2012-05-28 13:54 . 2012-05-28 13:54 214368 ----a-w- c:\windows\system32\SFNHK.dll 2012-05-28 13:54 . 2012-05-28 13:54 191080 ----a-w- c:\windows\system32\SFSS_APO.dll 2012-05-28 13:54 . 2012-05-28 13:54 185584 ----a-w- c:\windows\system32\SRSTSHD.dll 2012-05-28 13:54 . 2012-05-28 13:54 1783056 ----a-w- c:\windows\system32\WavesLib.dll 2012-05-28 13:54 . 2012-05-28 13:54 173296 ----a-w- c:\windows\system32\SRSHP360.dll 2012-05-28 13:54 . 2012-05-28 13:54 1725784 ----a-w- c:\windows\system32\WavesGUILib.dll 2012-05-28 13:54 . 2012-05-28 13:54 140528 ----a-w- c:\windows\system32\SRSWOW.dll 2012-05-28 13:54 . 2012-05-28 13:54 83560 ----a-w- c:\windows\system32\RtkCoInstII.dll 2012-05-28 13:54 . 2012-05-28 13:54 3319400 ----a-w- c:\windows\system32\RtkAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 2359400 ----a-w- c:\windows\system32\RtkPgExt.dll 2012-05-28 13:54 . 2012-05-28 13:54 1378920 ----a-w- c:\windows\system32\RtkApoApi.dll 2012-05-28 13:54 . 2012-05-28 13:54 13416 ----a-w- c:\windows\system32\RtkCoLDR.dll 2012-05-28 13:54 . 2012-05-28 13:54 88408 ----a-w- c:\windows\system32\R4EEA32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 78680 ----a-w- c:\windows\system32\RTEEL32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 64856 ----a-w- c:\windows\system32\RTEEG32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 61272 ----a-w- c:\windows\system32\R4EEG32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 587096 ----a-w- c:\windows\system32\MaxxAudioRealtek2.dll 2012-05-28 13:54 . 2012-05-28 13:54 3921448 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys 2012-05-28 13:54 . 2012-05-28 13:54 359768 ----a-w- c:\windows\system32\RTEEP32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 345944 ----a-w- c:\windows\system32\R4EED32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 3327320 ----a-w- c:\windows\system32\MaxxAudioRealtek.dll 2012-05-28 13:54 . 2012-05-28 13:54 3296600 ----a-w- c:\windows\system32\R4EEP32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 295768 ----a-w- c:\windows\system32\RP3DHT32.dll 2012-05-28 13:54 . 2012-05-28 13:54 295768 ----a-w- c:\windows\system32\RP3DAA32.dll 2012-05-28 13:54 . 2012-05-28 13:54 2684416 ----a-w- c:\windows\system32\RCoRes.dat 2012-05-28 13:54 . 2012-05-28 13:54 252760 ----a-w- c:\windows\system32\MaxxVolumeSDAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 170840 ----a-w- c:\windows\system32\RTEED32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 1497704 ----a-w- c:\windows\system32\RTSndMgr.cpl 2012-05-28 13:54 . 2012-05-28 13:54 103256 ----a-w- c:\windows\system32\R4EEL32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 1836376 ----a-w- c:\windows\system32\MaxxAudioEQ.dll 2012-05-28 13:54 . 2012-05-28 13:54 357712 ----a-w- c:\windows\system32\KAAPORT.dll 2012-05-28 13:54 . 2012-05-28 13:54 259928 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll 2012-05-28 13:54 . 2012-05-28 13:54 232792 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll 2012-05-28 13:54 . 2012-05-28 13:54 132368 ----a-w- c:\windows\system32\MaxxAudioAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 631400 ----a-w- c:\windows\system32\DTSSymmetryDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 601704 ----a-w- c:\windows\system32\DTSVoiceClarityDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 413696 ----a-w- c:\windows\system32\DTSU2PLFX32.dll 2012-05-28 13:54 . 2012-05-28 13:54 390656 ----a-w- c:\windows\system32\DTSU2PGFX32.dll 2012-05-28 13:54 . 2012-05-28 13:54 327168 ----a-w- c:\windows\system32\DTSU2PREC32.dll 2012-05-28 13:54 . 2012-05-28 13:54 1740352 ----a-w- c:\windows\system32\FMAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 1509480 ----a-w- c:\windows\system32\DTSS2SpeakerDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 1292904 ----a-w- c:\windows\system32\DTSS2HeadphoneDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 654952 ----a-w- c:\windows\system32\DTSBassEnhancementDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 458344 ----a-w- c:\windows\system32\DTSNeoPCDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 389736 ----a-w- c:\windows\system32\DTSGainCompensatorDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 375400 ----a-w- c:\windows\system32\DTSLimiterDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 218728 ----a-w- c:\windows\system32\DTSGFXAPONS.dll 2012-05-28 13:54 . 2012-05-28 13:54 218728 ----a-w- c:\windows\system32\DTSGFXAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 218216 ----a-w- c:\windows\system32\DTSLFXAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 1220200 ----a-w- c:\windows\system32\DTSBoostDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 96160 ----a-w- c:\windows\system32\AERTARen.dll 2012-05-28 13:54 . 2012-05-28 13:54 175200 ----a-w- c:\windows\system32\AERTACap.dll 2012-05-28 13:42 . 2012-05-28 13:42 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll 2012-05-28 13:42 . 2012-05-28 13:42 115640 ----a-w- c:\windows\system32\Vxdif.dll 2012-05-28 13:42 . 2012-05-28 13:42 284792 ----a-w- c:\windows\system32\drivers\Apfiltr.sys 2012-05-28 12:36 . 2012-05-28 12:36 22616 ----a-w- c:\windows\system32\drivers\johci.sys 2012-05-28 12:34 . 2012-05-28 12:34 953856 ----a-w- c:\windows\system32\fdco2.dll 2012-05-28 12:34 . 2012-05-28 12:34 298216 ----a-w- c:\windows\system32\drivers\nvmf6232.sys 2012-05-28 12:34 . 2012-05-28 12:34 240232 ----a-w- c:\windows\system32\nvconrm.dll 2012-05-28 12:29 . 2012-05-28 12:29 9888360 ----a-w- c:\windows\system32\RtsUStoricon.dll 2012-05-28 12:29 . 2012-05-28 12:29 313960 ----a-w- c:\windows\system32\RtsUStor.dll 2012-05-28 12:29 . 2012-05-28 12:29 197224 ----a-w- c:\windows\system32\drivers\RtsUStor.sys 2012-05-28 10:33 . 2012-05-28 10:33 772552 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-05-28 10:33 . 2012-05-28 10:33 687560 ----a-w- c:\windows\system32\deployJava1.dll 2012-05-27 21:33 . 2012-05-27 21:33 372840 ----a-w- c:\windows\system32\nvraiins.dll 2012-05-27 21:33 . 2012-05-27 21:33 372840 ----a-w- c:\windows\system32\nvraidco.dll 2012-05-27 21:33 . 2012-05-27 21:33 215656 ----a-w- c:\windows\system32\drivers\nvstor32.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-08-17 09:30 2045024 ----a-w- c:\program files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll" [2012-08-17 2045024] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-06-19 1020816] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] "KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-06-19 438272] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-05-28 11487848] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2012-05-28 488816] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "Arctosa"="c:\program files\Razer\Arctosa\razerhid.exe" [2008-10-06 147456] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-08-17 1162848] "ROC_roc_ssl_v12"="c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-08-17 1020512] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] R3 EagleXNt;EagleXNt; [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x] S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x] S0 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys [x] S1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\Tommie\Downloads\emergencykit\Run\a2ddax86.sys [x] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [x] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x] S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [x] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [x] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 vToolbarUpdater12.2.0;vToolbarUpdater12.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe [x] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x] S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-27 22:10] . 2012-08-21 c:\windows\Tasks\DriverScanner.job - c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2012-05-27 12:07] . 2012-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-05-27 20:29] . 2012-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-05-27 20:29] . 2012-08-21 c:\windows\Tasks\SpeedUpMyPC.job - c:\program files\Uniblue\SpeedUpMyPC\spmonitor.exe [2012-05-28 12:27] . . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = *.local IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 - c:\program files\Web Assistant\unins000.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="SafariDownload" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="SafariExtension" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="SafariHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="SafariHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="SafariHTML" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\progra~1\AVG\AVG2012\avgrsx.exe c:\program files\AVG\AVG2012\avgcsrvx.exe c:\windows\system32\taskhost.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\AVG\AVG2012\avgnsx.exe c:\program files\AVG\AVG2012\avgemcx.exe c:\windows\system32\conhost.exe c:\program files\AVG\AVG2012\avgcsrvx.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Voltooingstijd: 2012-08-21 09:38:23 - machine werd herstart ComboFix-quarantined-files.txt 2012-08-21 07:38 ComboFix2.txt 2012-08-20 22:10 . Pre-Run: 840.088.891.392 bytes beschikbaar Post-Run: 839.898.869.760 bytes beschikbaar . - - End Of File - - FCF0B160BD8D2377BCB44E3007F91A63

Ik mis opeens dat pijltje rechtsonder in de taakbalk waar normaal programmas staan die open staan ( zoals AVG enzo) voor de rest geen problemen gehad, ging meteen goed. (wel AVG en MAMB uitgezet.) ComboFix 12-08-20.02 - Tommie 20-08-2012 23:57:55.1.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3327.2383 [GMT 2:00] Gestart vanuit: c:\users\Tommie\Desktop\ComboFix.exe AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Incredibar.com c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe c:\users\Tommie\AppData\Local\Temp\{D66F4E86-2B78-4C62-B10F-E7D2B92FA0D0}\fpb.tmp c:\windows\system32\URTTemp c:\windows\system32\URTTemp\regtlib.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-20 to 2012-08-20 )))))))))))))))))))))))))))))) . . 2012-08-20 22:03 . 2012-08-20 22:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-08-18 16:36 . 2012-08-18 16:36 388096 ----a-r- c:\users\Tommie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-08-18 16:36 . 2012-08-18 16:36 -------- d-----w- c:\program files\Trend Micro 2012-08-18 13:14 . 2012-08-18 13:14 -------- d-----w- c:\users\Tommie\AppData\Roaming\Malwarebytes 2012-08-18 13:14 . 2012-08-18 13:14 -------- d-----w- c:\programdata\Malwarebytes 2012-08-18 13:14 . 2012-08-18 13:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-08-18 13:14 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-18 12:41 . 2012-08-18 12:41 -------- d-----w- c:\users\Tommie\temp 2012-08-18 12:41 . 2012-08-18 12:41 -------- d-----w- c:\users\Tommie\AppData\Roaming\TeamViewer 2012-08-17 09:30 . 2012-08-17 09:30 -------- d-----w- c:\users\Tommie\AppData\Roaming\AVG2012 2012-08-17 09:30 . 2012-08-17 09:30 -------- d-----w- c:\users\Tommie\AppData\Local\AVG Secure Search 2012-08-17 09:30 . 2012-08-20 21:54 -------- d-----w- c:\programdata\AVG Secure Search 2012-08-17 09:30 . 2012-08-17 09:30 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2012-08-17 09:30 . 2012-08-17 09:30 -------- d-----w- c:\program files\AVG Secure Search 2012-08-17 09:30 . 2012-08-17 09:30 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2012-08-17 09:29 . 2012-08-17 09:39 -------- d-----w- c:\programdata\AVG2012 2012-08-17 09:29 . 2012-08-17 09:29 -------- d-----w- C:\$AVG 2012-08-17 09:19 . 2012-08-17 09:19 -------- d-----w- c:\program files\Siber Systems 2012-08-17 09:06 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll 2012-08-17 09:06 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-08-17 09:06 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll 2012-08-17 09:06 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-17 09:05 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll 2012-08-17 09:05 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll 2012-08-17 09:05 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll 2012-08-15 09:26 . 2012-08-15 09:26 -------- d-----w- c:\users\Tommie\AppData\Local\Adobe 2012-08-15 09:25 . 2012-08-15 09:25 -------- d-----w- c:\program files\Common Files\Adobe 2012-08-14 19:06 . 2012-08-14 19:06 -------- d-----w- c:\programdata\ROCCAT 2012-08-14 19:05 . 2012-08-14 19:05 -------- d-----w- c:\program files\ROCCAT 2012-08-14 19:05 . 2012-08-14 19:05 -------- d-----w- c:\program files\Common Files\InstallShield 2012-08-14 07:19 . 2012-08-14 07:19 -------- d-----w- c:\users\Tommie\AppData\Roaming\Razer 2012-08-14 07:19 . 2012-08-14 07:19 -------- d-----w- c:\program files\Razer 2012-08-14 07:19 . 2008-09-12 14:22 65536 ----a-w- c:\windows\system32\Arctosa.cpl 2012-08-07 16:39 . 2012-08-20 11:19 -------- d-----w- c:\windows\system32\drivers\AVG 2012-08-07 12:08 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D67B0B58-7AA1-48E9-AF4F-FC293ADC7B17}\mpengine.dll 2012-08-01 19:38 . 2012-08-01 19:38 -------- d-----w- c:\users\Tommie\AppData\Local\DDMSettings 2012-08-01 19:33 . 2012-08-01 19:52 -------- d-----w- c:\users\Tommie\AppData\Roaming\DivX 2012-08-01 19:33 . 2012-08-01 19:33 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2012-08-01 19:32 . 2012-08-01 19:33 -------- d-----w- c:\program files\Common Files\DivX Shared 2012-08-01 19:31 . 2012-08-01 19:33 -------- d-----w- c:\program files\DivX 2012-08-01 19:30 . 2012-08-01 19:37 -------- d-----w- c:\programdata\DivX 2012-07-26 09:45 . 2012-08-08 17:10 -------- d-----w- c:\users\Tommie\AppData\Local\ElevatedDiagnostics . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-14 22:10 . 2012-05-27 19:31 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-14 22:10 . 2012-05-27 19:31 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-19 12:31 . 2012-06-19 12:31 235 ----a-w- c:\windows\system32\nxEuUninstall.bat 2012-06-19 12:31 . 2012-06-19 12:31 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe 2012-06-06 09:25 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2012-06-06 06:49 . 2012-06-06 06:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-06-06 05:05 . 2012-07-12 13:35 1390080 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 05:05 . 2012-07-12 13:35 1236992 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 05:03 . 2012-07-12 13:35 805376 ----a-w- c:\windows\system32\cdosys.dll 2012-06-02 22:19 . 2012-06-21 07:55 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 07:55 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 07:54 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 07:54 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-21 07:55 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:12 . 2012-06-21 07:55 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12 . 2012-06-21 07:54 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-21 07:54 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:12 . 2012-06-21 07:54 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 04:45 . 2012-07-12 13:35 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 04:45 . 2012-07-12 13:35 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 04:40 . 2012-07-12 13:35 369336 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 04:40 . 2012-07-12 13:35 225280 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 04:39 . 2012-07-12 13:35 219136 ----a-w- c:\windows\system32\ncrypt.dll 2012-05-31 18:38 . 2012-05-31 18:38 11867 ----a-w- c:\users\Tommie\AppData\Roaming\TheHunterSettings_live.bin 2012-05-31 13:09 . 2012-05-31 13:05 26 ----a-w- C:\Zombe1.2.4.zip 2012-05-31 10:25 . 2012-05-27 19:32 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-05-28 13:54 . 2012-05-28 13:54 178624 ----a-w- c:\windows\system32\tadefxapo2.dll 2012-05-28 13:54 . 2012-05-28 13:54 1379760 ----a-w- c:\windows\system32\tosade.dll 2012-05-28 13:54 . 2012-05-28 13:54 134584 ----a-w- c:\windows\system32\tadefxapo.dll 2012-05-28 13:54 . 2012-05-28 13:54 74080 ----a-w- c:\windows\system32\SFCOM.dll 2012-05-28 13:54 . 2012-05-28 13:54 68960 ----a-w- c:\windows\system32\SFAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 58264 ----a-w- c:\windows\system32\TepeqAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 345328 ----a-w- c:\windows\system32\SRSTSXT.dll 2012-05-28 13:54 . 2012-05-28 13:54 214368 ----a-w- c:\windows\system32\SFNHK.dll 2012-05-28 13:54 . 2012-05-28 13:54 191080 ----a-w- c:\windows\system32\SFSS_APO.dll 2012-05-28 13:54 . 2012-05-28 13:54 185584 ----a-w- c:\windows\system32\SRSTSHD.dll 2012-05-28 13:54 . 2012-05-28 13:54 1783056 ----a-w- c:\windows\system32\WavesLib.dll 2012-05-28 13:54 . 2012-05-28 13:54 173296 ----a-w- c:\windows\system32\SRSHP360.dll 2012-05-28 13:54 . 2012-05-28 13:54 1725784 ----a-w- c:\windows\system32\WavesGUILib.dll 2012-05-28 13:54 . 2012-05-28 13:54 140528 ----a-w- c:\windows\system32\SRSWOW.dll 2012-05-28 13:54 . 2012-05-28 13:54 83560 ----a-w- c:\windows\system32\RtkCoInstII.dll 2012-05-28 13:54 . 2012-05-28 13:54 3319400 ----a-w- c:\windows\system32\RtkAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 2359400 ----a-w- c:\windows\system32\RtkPgExt.dll 2012-05-28 13:54 . 2012-05-28 13:54 1378920 ----a-w- c:\windows\system32\RtkApoApi.dll 2012-05-28 13:54 . 2012-05-28 13:54 13416 ----a-w- c:\windows\system32\RtkCoLDR.dll 2012-05-28 13:54 . 2012-05-28 13:54 88408 ----a-w- c:\windows\system32\R4EEA32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 78680 ----a-w- c:\windows\system32\RTEEL32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 64856 ----a-w- c:\windows\system32\RTEEG32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 61272 ----a-w- c:\windows\system32\R4EEG32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 587096 ----a-w- c:\windows\system32\MaxxAudioRealtek2.dll 2012-05-28 13:54 . 2012-05-28 13:54 3921448 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys 2012-05-28 13:54 . 2012-05-28 13:54 359768 ----a-w- c:\windows\system32\RTEEP32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 345944 ----a-w- c:\windows\system32\R4EED32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 3327320 ----a-w- c:\windows\system32\MaxxAudioRealtek.dll 2012-05-28 13:54 . 2012-05-28 13:54 3296600 ----a-w- c:\windows\system32\R4EEP32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 295768 ----a-w- c:\windows\system32\RP3DHT32.dll 2012-05-28 13:54 . 2012-05-28 13:54 295768 ----a-w- c:\windows\system32\RP3DAA32.dll 2012-05-28 13:54 . 2012-05-28 13:54 2684416 ----a-w- c:\windows\system32\RCoRes.dat 2012-05-28 13:54 . 2012-05-28 13:54 252760 ----a-w- c:\windows\system32\MaxxVolumeSDAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 170840 ----a-w- c:\windows\system32\RTEED32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 1497704 ----a-w- c:\windows\system32\RTSndMgr.cpl 2012-05-28 13:54 . 2012-05-28 13:54 103256 ----a-w- c:\windows\system32\R4EEL32A.dll 2012-05-28 13:54 . 2012-05-28 13:54 1836376 ----a-w- c:\windows\system32\MaxxAudioEQ.dll 2012-05-28 13:54 . 2012-05-28 13:54 357712 ----a-w- c:\windows\system32\KAAPORT.dll 2012-05-28 13:54 . 2012-05-28 13:54 259928 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll 2012-05-28 13:54 . 2012-05-28 13:54 232792 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll 2012-05-28 13:54 . 2012-05-28 13:54 132368 ----a-w- c:\windows\system32\MaxxAudioAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 631400 ----a-w- c:\windows\system32\DTSSymmetryDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 601704 ----a-w- c:\windows\system32\DTSVoiceClarityDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 413696 ----a-w- c:\windows\system32\DTSU2PLFX32.dll 2012-05-28 13:54 . 2012-05-28 13:54 390656 ----a-w- c:\windows\system32\DTSU2PGFX32.dll 2012-05-28 13:54 . 2012-05-28 13:54 327168 ----a-w- c:\windows\system32\DTSU2PREC32.dll 2012-05-28 13:54 . 2012-05-28 13:54 1740352 ----a-w- c:\windows\system32\FMAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 1509480 ----a-w- c:\windows\system32\DTSS2SpeakerDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 1292904 ----a-w- c:\windows\system32\DTSS2HeadphoneDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 654952 ----a-w- c:\windows\system32\DTSBassEnhancementDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 458344 ----a-w- c:\windows\system32\DTSNeoPCDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 389736 ----a-w- c:\windows\system32\DTSGainCompensatorDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 375400 ----a-w- c:\windows\system32\DTSLimiterDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 218728 ----a-w- c:\windows\system32\DTSGFXAPONS.dll 2012-05-28 13:54 . 2012-05-28 13:54 218728 ----a-w- c:\windows\system32\DTSGFXAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 218216 ----a-w- c:\windows\system32\DTSLFXAPO.dll 2012-05-28 13:54 . 2012-05-28 13:54 1220200 ----a-w- c:\windows\system32\DTSBoostDLL.dll 2012-05-28 13:54 . 2012-05-28 13:54 96160 ----a-w- c:\windows\system32\AERTARen.dll 2012-05-28 13:54 . 2012-05-28 13:54 175200 ----a-w- c:\windows\system32\AERTACap.dll 2012-05-28 13:42 . 2012-05-28 13:42 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll 2012-05-28 13:42 . 2012-05-28 13:42 115640 ----a-w- c:\windows\system32\Vxdif.dll 2012-05-28 13:42 . 2012-05-28 13:42 284792 ----a-w- c:\windows\system32\drivers\Apfiltr.sys 2012-05-28 12:36 . 2012-05-28 12:36 22616 ----a-w- c:\windows\system32\drivers\johci.sys 2012-05-28 12:34 . 2012-05-28 12:34 953856 ----a-w- c:\windows\system32\fdco2.dll 2012-05-28 12:34 . 2012-05-28 12:34 298216 ----a-w- c:\windows\system32\drivers\nvmf6232.sys 2012-05-28 12:34 . 2012-05-28 12:34 240232 ----a-w- c:\windows\system32\nvconrm.dll 2012-05-28 12:29 . 2012-05-28 12:29 9888360 ----a-w- c:\windows\system32\RtsUStoricon.dll 2012-05-28 12:29 . 2012-05-28 12:29 313960 ----a-w- c:\windows\system32\RtsUStor.dll 2012-05-28 12:29 . 2012-05-28 12:29 197224 ----a-w- c:\windows\system32\drivers\RtsUStor.sys 2012-05-28 10:33 . 2012-05-28 10:33 772552 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-05-28 10:33 . 2012-05-28 10:33 687560 ----a-w- c:\windows\system32\deployJava1.dll 2012-05-27 21:33 . 2012-05-27 21:33 372840 ----a-w- c:\windows\system32\nvraiins.dll 2012-05-27 21:33 . 2012-05-27 21:33 372840 ----a-w- c:\windows\system32\nvraidco.dll 2012-05-27 21:33 . 2012-05-27 21:33 215656 ----a-w- c:\windows\system32\drivers\nvstor32.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-08-17 09:30 2045024 ----a-w- c:\program files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll" [2012-08-17 2045024] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-06-19 1020816] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] "KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-06-19 438272] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-05-28 11487848] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2012-05-28 488816] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "Arctosa"="c:\program files\Razer\Arctosa\razerhid.exe" [2008-10-06 147456] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-08-17 1162848] "ROC_roc_ssl_v12"="c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-08-17 1020512] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] R3 EagleXNt;EagleXNt; [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x] S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x] S0 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys [x] S1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\Tommie\Downloads\emergencykit\Run\a2ddax86.sys [x] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [x] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x] S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [x] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [x] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 vToolbarUpdater12.2.0;vToolbarUpdater12.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe [x] S2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x] S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-27 22:10] . 2012-08-20 c:\windows\Tasks\DriverScanner.job - c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2012-05-27 12:07] . 2012-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-05-27 20:29] . 2012-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-05-27 20:29] . 2012-08-20 c:\windows\Tasks\SpeedUpMyPC.job - c:\program files\Uniblue\SpeedUpMyPC\spmonitor.exe [2012-05-28 12:27] . . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = *.local IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) HKLM-Run-HF_G_Jul - c:\program files\AVG Secure Search\HF_G_Jul.exe AddRemove-incredibar - c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="SafariDownload" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="SafariExtension" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="SafariHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="SafariHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\S-1-5-21-254791357-1067883392-4251301817-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice] @Denied: (2) (S-1-5-21-254791357-1067883392-4251301817-1001) @Denied: (2) (LocalSystem) "Progid"="SafariHTML" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\progra~1\AVG\AVG2012\avgrsx.exe c:\program files\AVG\AVG2012\avgcsrvx.exe c:\windows\system32\taskhost.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\AVG\AVG2012\avgnsx.exe c:\program files\AVG\AVG2012\avgemcx.exe c:\windows\system32\conhost.exe c:\program files\AVG\AVG2012\avgcsrvx.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Voltooingstijd: 2012-08-21 00:10:38 - machine werd herstart ComboFix-quarantined-files.txt 2012-08-20 22:10 . Pre-Run: 839.635.681.280 bytes beschikbaar Post-Run: 841.468.231.680 bytes beschikbaar . - - End Of File - - D817F04F5955CCF18E3BB97D351132EC

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:27:01, on 20-8-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Razer\Arctosa\razerhid.exe C:\Program Files\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [Arctosa] "C:\Program Files\Razer\Arctosa\razerhid.exe" O4 - HKLM\..\Run: [RoccatKone+] "C:\Program Files\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Tommie\Desktop\PartyPoker.lnk (file missing) (HKCU) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Tommie\Desktop\PartyPoker.lnk (file missing) (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: vToolbarUpdater12.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- End of file - 9852 bytes

Kan het misschien kloppen dat het niet heeft gewerkt? omdat als ik het intypte opende een schermpje en ging meteen weer weg zonder dat ik kon zien wat het was. ik heb dus : sc stop "Web Assistant Updater" en sc delete "Web Assistant Updater" ingetoetst. Ook zonder de " toen kreeg ik hetzelfde

Dankjewel voor de post kape, Ik heb de files die u me heeft verteld met fix checked 'verwijderd', ik heb ook de MBAM volledige scan uitgevoerd samen met 4 andere malware scans en hier is de log van de malware scan ( al vanmiddag gedaan). Ik heb eerst een snelle scan gedaan en daarna de volledige scan, hier is het resultaat: SNELLE SCAN: Malwarebytes Anti-Malware (-evaluatieversie-) 1.62.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2012.08.18.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Tommie :: TOMMIE-PC [administrator] Realtime bescherming: Ingeschakeld 18-8-2012 15:19:00 mbam-log-2012-08-18 (15-19-00).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 205808 Verstreken tijd: 8 minuut/minuten, Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerProUpdater (Trojan.Dropper.H) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 5 C:\ProgramData\OptimizerPro\updater.exe (Trojan.Dropper.H) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Tommie\Downloads\setup.exe (PUP.BundleInstaller.VG) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Tommie\Downloads\DownloadSetup (1).exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Tommie\Downloads\DownloadSetup (2).exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Tommie\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) VOLLEDIGE SCAN: Malwarebytes Anti-Malware (-evaluatieversie-) 1.62.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2012.08.18.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Tommie :: TOMMIE-PC [administrator] Realtime bescherming: Ingeschakeld 18-8-2012 18:53:29 mbam-log-2012-08-18 (18-53-29).txt Scantype: Volledige scan (C:\|) Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 376266 Verstreken tijd: 1 uur/uren, 1 minuut/minuten, 1 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

Snap ik, dankje Dan maar rustig afwachten ;p

Weet iemand misschien of het lang duurt voordat een expert post? Omdat ik graag snel dit probleem weg wil hebben (ik snap dat iedereen dat wilt haha).

dankje , hopelijk is alles goed. ik heb de laatste tijd wat aan online bankieren gedaan ;O (ik heb ook niets aparts gedownload en de telefoniste heeft alleen toegang tot mijn pc gehad via teamviewer voor 10 minuten. (ik heb niets raars moeten downloaden of gegevens door moeten geven.)

Is dit goed ? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:37:41, on 18-8-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Razer\Arctosa\razerhid.exe C:\Program Files\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskmgr.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediBar.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [Arctosa] "C:\Program Files\Razer\Arctosa\razerhid.exe" O4 - HKLM\..\Run: [RoccatKone+] "C:\Program Files\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe O4 - HKCU\..\Run: [Driver Pro] C:\Program Files\Driver Pro\DPLauncher.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-254791357-1067883392-4251301817-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-254791357-1067883392-4251301817-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: CurseClientStartup.ccip O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Tommie\Desktop\PartyPoker.lnk (HKCU) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Tommie\Desktop\PartyPoker.lnk (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: vToolbarUpdater12.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- End of file - 10557 bytes PS: Bedankt voor de snelle hulp!

Beste forum lezers, Ik kreeg vanmiddag een telefoontje van 'microsoft'. Ze hadden al eens gebeld maar toen had ik opgehangen omdat ik dacht dat ze weer iets wilden aansmeren. Deze keer bleef ik dus aan de lijn hangen en zei ze dat hun een signaal binnenkregen dat mijn PC geinfecteerd was. Dit kon mijn virusscanner (AVG 2012) niet zien omdat het geen gewoon virus was. Ik moest van haar teamviewer downloaden en zo kon ze haar muis bewegen en liet ze zien wat er mis was. Wat heeft ze gedaan? Start> rechtermuisknop op Computer > beheren > logboeken> aangepaste logboeken > beheergebeurtenissen (ofzoiets). daar stonden maar liefst 46.000 foutmeldingen en waarschuwingen. en 63 kritieke waarschuwingen. Ze deed toen: Start> uitvoeren: cd.. en ze deed : start> uitvoeren> inf programs and folders En daar kwam ook weer een hele lijst met bestanden uit.. Er stond ook dat mijn pc niet met id protection beschermd word en hun verkochten een programma dat ik wel id protection zou krijgen (van een .com site die redelijk bekend was). Dit kosste natuurlijk geld en ik heb dit niet gedaan en na nog een tijdje gepraat te hebben hebben we het gesprek beëindigd. Mijn vraag is dus, wat moet ik doen? mijn computer werkt nog gewoon snel en zo ik merk er eigenlijk niets aan. Kan de telefoniste misschien iets gedaan hebben waardoor het binnenkort niet weer goed werkt? Ze heeft alleen gedaan wat ik heb beschreven.