Ja ik heb ook last van Mystart.

[hammie]

Hoi Kape

De links werken weer na restart,had dat zelf kunnen bedenken,beetje dom.

Maar Mystart bij nieuw tabblad is er nog steeds,heeft ComboFix nog iets opgeleverd?

Ton

[kape]

Maar Mystart bij nieuw tabblad is er nog steeds,heeft ComboFix nog iets opgeleverd?

Probleem met Combofix is dat daaruit blijkt dat je blijkbaar behoorlijk wat eigen mappen hebt aangemaakt, waardoor het niet meteen duidelijk is of deze nuttig of problematisch zijn. Dit bvb. C:\searchplugins is een map waar ik sterke bedenkingen bij heb ... maar heb je die zelf gecreëerd of niet ? En zo zijn er nog. Mogelijk zitten daar nog verwijzingen naar MyStart in, maar dat is niet meteen controleerbaar ???

[hammie]

Kape

C:\searchplugins is een lege map waarvan ik niet weet waar die vandaan is gekomen.

Is nu verwijderd.Zie ook MSOCache ook niet van mij zie att. 1Nwe Map is alles wat wij gedaan hebben.Pogr.Files att.2, ProgrData att.3, Qoobox att.4, Widows att.5.

Verders kan ik in geen een folder iets byzonders vinden.Als dit niks opbrengt zal ik er maar mee moeten leven.Er zijn veel ergere toestanden dan dit probleem.

Ton

[hammie]

Kape

Heb opstartpagina op Nieuw Tabblad gezet,als ik nu bovenin dupliceer krijg ik toch weer Mystart.

Als ik opstart met gekozen pagina Google kan ik hem wel dupliceren tot een 2de google pagina.

Daar iets aan ? Zal wel niet.

Ton

[kape]

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

C:\user.js

Folder::

C:\searchplugins

c:\windows\system32\searchplugins

c:\windows\system32\Extensions

c:\programdata\Sidekick Manager

c:\Qoobox

Registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

[hammie]

Hoi Kape

Result Combofix:

ComboFix 12-07-27.03 - Ton 27-07-2012 12:27:34.2.4 - x86

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3061.1701 [GMT 2:00]

Gestart vanuit: c:\nieuwe map\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Ton\Desktop\CFScript..txt

AV: BullGuard Antivirus *Disabled/Outdated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}

FW: BullGuard Firewall *Disabled* {68747E43-7A47-EA26-053F-CB84640E3E67}

SP: BullGuard Antispyware *Disabled/Outdated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"C:\user.js"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Sidekick Manager

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\bProtect.settings

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\chrome.manifest

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-10.0.2.dll

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-11.0.dll

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-12.0.dll

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-13.0.dll

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-14.0.1.dll

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-3.6.dll

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-3.6.xpt

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-5.0.dll

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-6.0.2.dll

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-7.0.1.dll

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-8.0.1.dll

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-9.0.1.dll

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\bprotector.js

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\overlay.xul

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\install.rdf

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\sidemngr.dll

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\sidemngr.exe

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22

c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\Uninstall Manager.exe

C:\user.js

c:\windows\system32\Extensions

c:\windows\system32\searchplugins

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_Sidekick Manager

-------\Service_Sidekick Manager

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-27 to 2012-07-27 ))))))))))))))))))))))))))))))

.

.

2012-07-27 10:34 . 2012-07-27 10:34 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-07-27 09:54 . 2012-07-16 00:41 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F461CCB-9AC6-47DB-8583-072FB2FF9D6A}\mpengine.dll

2012-07-25 17:00 . 2012-07-25 17:00 -------- d-----w- c:\program files\Mozilla Maintenance Service

2012-07-25 10:50 . 2012-07-25 10:50 -------- d-----w- c:\programdata\IBUpdaterService

2012-07-25 10:49 . 2012-07-25 10:35 666272 ----a-w- c:\program files\Uninstall Information\ib_uninst_514\uninstall.exe

2012-07-25 10:49 . 2012-07-25 10:35 666272 ----a-w- c:\program files\Uninstall Information\ib_uninst_546\uninstall.exe

2012-07-24 19:55 . 2012-07-24 19:55 -------- d-----w- c:\windows\nl

2012-07-24 19:55 . 2012-03-08 16:32 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2012-07-24 19:55 . 2012-07-24 19:55 -------- dc----w- c:\windows\system32\DRVSTORE

2012-07-24 19:48 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll

2012-07-24 19:44 . 2012-07-24 19:44 7450888 ----a-w- c:\program files\Common Files\Windows Live\.cache\c23dde051cd69d405\bingbarsetup.exe

2012-07-24 19:44 . 2012-07-24 19:44 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\b92c066b1cd69d404\MeshBetaRemover.exe

2012-07-24 19:44 . 2012-07-24 19:44 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\b62beb751cd69d403\DXSETUP.exe

2012-07-24 19:44 . 2012-07-24 19:44 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\b62beb751cd69d403\DSETUP.dll

2012-07-24 19:44 . 2012-07-24 19:44 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\b62beb751cd69d403\dsetup32.dll

2012-07-24 19:44 . 2012-07-24 19:44 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\b27e68e11cd69d402\DSETUP.dll

2012-07-24 19:44 . 2012-07-24 19:44 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\b27e68e11cd69d402\DXSETUP.exe

2012-07-24 19:44 . 2012-07-24 19:44 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\b27e68e11cd69d402\dsetup32.dll

2012-07-23 20:45 . 2012-07-23 20:45 -------- d-----w- c:\programdata\Malwarebytes

2012-07-23 20:45 . 2012-07-23 20:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-07-23 20:45 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-23 16:21 . 2012-07-23 16:25 -------- d-----w- C:\Food

2012-07-23 13:26 . 2012-07-23 13:26 -------- d-----w- c:\programdata\Western Digital

2012-07-23 13:25 . 2012-07-23 13:25 -------- d-----w- c:\program files\Western Digital

2012-07-23 12:37 . 2012-07-27 10:25 -------- d-----w- C:\Nieuwe map

2012-07-21 22:32 . 2012-07-21 22:32 -------- d-----w- c:\users\Public\CyberLink

2012-07-21 16:51 . 2012-07-21 17:14 -------- d-----w- C:\The Best From PublicInvasion.com

2012-07-21 14:02 . 2012-07-21 22:36 -------- d-----w- C:\Cees Nieuw

2012-07-21 13:59 . 2012-07-21 13:59 -------- d-----w- c:\program files\CDex_150

2012-07-21 11:50 . 2012-07-26 20:28 -------- d-----w- C:\UtorTop40

2012-07-20 20:57 . 2012-07-20 20:57 -------- d-----w- c:\windows\system32\EventProviders

2012-07-20 18:50 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\system32\dfshim.dll

2012-07-20 18:50 . 2010-11-20 12:19 3215872 ----a-w- c:\windows\system32\mstscax.dll

2012-07-20 18:50 . 2010-11-20 10:24 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys

2012-07-20 18:50 . 2010-11-20 12:18 1171456 ----a-w- c:\windows\system32\d3d10warp.dll

2012-07-20 18:50 . 2010-11-20 12:19 954752 ----a-w- c:\windows\system32\mfc40.dll

2012-07-20 18:50 . 2010-11-20 12:19 954288 ----a-w- c:\windows\system32\mfc40u.dll

2012-07-20 18:50 . 2010-11-20 12:21 423936 ----a-w- c:\windows\system32\secproc_isv.dll

2012-07-20 18:50 . 2010-11-20 12:20 428032 ----a-w- c:\windows\system32\secproc.dll

2012-07-20 18:50 . 2010-11-20 12:17 327168 ----a-w- c:\windows\system32\RMActivate_isv.exe

2012-07-20 18:50 . 2010-11-20 12:17 322048 ----a-w- c:\windows\system32\RMActivate.exe

2012-07-20 18:48 . 2010-11-20 12:19 2576384 ----a-w- c:\windows\system32\gameux.dll

2012-07-20 18:47 . 2010-11-20 12:21 21504 ----a-w- c:\windows\system32\rdprefdrvapi.dll

2012-07-20 18:28 . 2012-07-26 19:00 -------- d-----w- C:\Torrents

2012-07-20 18:25 . 2012-07-21 11:51 -------- d-----w- C:\UtorMuziek

2012-07-20 18:23 . 2012-07-20 18:23 -------- d-----w- C:\UtorOpruimen

2012-07-20 18:22 . 2012-07-26 20:28 -------- d-----w- C:\UtorReady

2012-07-20 18:17 . 2012-07-26 20:01 -------- d-----w- C:\UtorDown

2012-07-20 18:11 . 2012-07-20 18:11 -------- d-----w- c:\program files\Teletekstbrowser

2012-07-20 17:26 . 2012-07-20 17:26 -------- d-----w- c:\program files\johnsadventures.com

2012-07-20 16:25 . 2012-07-20 16:25 -------- d-----w- c:\program files\OpenOffice.org 3

2012-07-20 16:17 . 2012-07-20 16:17 -------- d-----w- c:\program files\Perion

2012-07-20 15:12 . 2012-07-20 15:12 -------- d-----w- c:\program files\Gadwin Systems

2012-07-20 14:49 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-07-20 14:49 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll

2012-07-20 14:48 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe

2012-07-20 14:23 . 2012-07-20 14:23 -------- d-----w- c:\program files\Common Files\PX Storage Engine

2012-07-20 14:22 . 2012-07-20 14:23 -------- d-----w- c:\program files\Common Files\DivX Shared

2012-07-20 14:20 . 2012-07-20 14:23 -------- d-----w- c:\program files\DivX

2012-07-20 14:20 . 2012-07-20 14:20 -------- d-----w- c:\program files\uTorrent

2012-07-20 14:17 . 2012-07-20 14:26 -------- d-----w- c:\programdata\DivX

2012-07-20 14:10 . 2012-07-20 14:10 -------- d-----w- c:\program files\Common Files\xing shared

2012-07-20 14:10 . 2012-07-20 14:11 -------- d-----w- c:\program files\Real

2012-07-20 14:01 . 2012-07-20 14:01 -------- d-----w- c:\programdata\InstallShield

2012-07-20 13:59 . 2012-07-20 14:03 -------- d-----w- c:\program files\Jasc Software Inc

2012-07-20 13:59 . 2012-07-20 14:00 -------- d-----w- c:\program files\Common Files\Jasc Software Inc

2012-07-20 13:44 . 1998-07-30 11:51 305152 ----a-w- c:\windows\IsUninst.exe

2012-07-20 13:19 . 2012-07-21 13:26 -------- d-----w- c:\programdata\ArcSoft

2012-07-20 13:18 . 2006-11-10 13:05 18688 ----a-w- c:\windows\system32\drivers\afc.sys

2012-07-20 13:17 . 2012-07-20 13:18 -------- d-----w- c:\program files\Common Files\ArcSoft

2012-07-20 13:17 . 2012-07-20 13:17 -------- d-----w- c:\program files\ArcSoft

2012-07-20 13:14 . 2012-07-20 13:14 217 ----a-w- c:\windows\system32\AF15IRTBL.bin

2012-07-20 13:03 . 2009-06-22 16:58 89600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL

2012-07-20 12:06 . 2012-07-20 17:38 -------- d-----r- C:\Qwerty Taakbalk

2012-07-20 10:34 . 1997-01-03 13:00 15664 ----a-w- c:\windows\system32\PSUITE.SCR

2012-07-20 10:33 . 2012-07-20 10:33 -------- d-----w- c:\program files\MGI

2012-07-20 09:51 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll

2012-07-20 09:50 . 2012-03-31 04:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2012-07-20 09:49 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll

2012-07-20 09:48 . 2012-01-04 08:58 442880 ----a-w- c:\windows\system32\ntshrui.dll

2012-07-20 09:48 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll

2012-07-20 09:48 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\system32\mfc42.dll

2012-07-20 09:48 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\system32\mfc42u.dll

2012-07-20 09:48 . 2011-02-23 04:47 69632 ----a-w- c:\windows\system32\drivers\bowser.sys

2012-07-20 09:48 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe

2012-07-20 09:48 . 2011-04-22 19:14 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2012-07-20 09:48 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll

2012-07-20 09:48 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll

2012-07-20 09:48 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll

2012-07-20 09:46 . 2010-11-20 12:29 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2012-07-20 09:46 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2012-07-20 09:46 . 2010-11-20 11:56 107520 ----a-w- c:\windows\system32\cdd.dll

2012-07-19 23:50 . 2012-07-19 23:49 308296 ----a-w- c:\windows\system32\drivers\Trufos.sys

2012-07-19 23:49 . 2012-07-19 23:49 53088 ----a-w- c:\windows\system32\BGLsp.dll

2012-07-19 23:49 . 2012-07-19 23:49 100216 ----a-w- c:\windows\system32\BgGamingMonitor.dll

2012-07-19 23:48 . 2012-07-19 23:48 -------- d-----w- c:\program files\Common Files\BullGuard Ltd

2012-07-19 23:43 . 2012-07-19 23:49 20040 ----a-w- c:\windows\system32\drivers\NSNetmon.sys

2012-07-19 23:43 . 2012-07-19 23:49 216136 ----a-w- c:\windows\system32\drivers\NSKernel.sys

2012-07-19 23:00 . 2012-07-19 23:00 -------- d-----w- c:\program files\Google

2012-07-19 22:45 . 2012-07-19 23:43 61152 ----a-w- c:\windows\system32\drivers\BdSpy.sys

2012-07-19 22:45 . 2012-07-19 22:44 122744 ----a-w- c:\windows\system32\BdInstHk.dll

2012-07-19 22:35 . 2012-07-19 22:35 -------- d-----w- c:\program files\BullGuard Ltd

2012-07-19 22:12 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll

2012-07-19 22:12 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll

2012-07-19 22:05 . 2012-07-20 22:07 -------- d-----w- c:\program files\Microsoft.NET

2012-07-19 22:01 . 2012-07-19 22:01 -------- d-----w- c:\program files\AnalogX

2012-07-19 22:01 . 2012-07-19 22:01 -------- d-----r- C:\MSOCache

2012-07-19 21:57 . 2012-07-19 21:57 231248 ----a-w- c:\windows\system32\drivers\truecrypt.sys

2012-07-19 21:57 . 2012-07-19 21:57 -------- d-----w- c:\program files\TrueCrypt

2012-07-19 21:30 . 2012-07-19 21:30 -------- d-----w- c:\windows\system32\wbem\en-US

2012-07-19 21:28 . 2012-07-23 21:12 -------- d--h--w- c:\windows\msdownld.tmp

2012-07-19 21:22 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll

2012-07-19 21:22 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-07-19 21:22 . 2010-11-20 10:21 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys

2012-07-18 16:08 . 2012-07-26 15:05 -------- d-----w- C:\UtorOpruimen Muziek

2012-07-18 14:22 . 2012-07-26 18:27 -------- d-----w- C:\UtorDHP

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-24 19:50 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-07-20 21:42 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll

2012-07-20 14:10 . 2003-03-18 19:14 499712 ----a-w- c:\windows\system32\msvcp71.dll

2012-07-20 14:10 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\msvcr71.dll

2012-07-19 23:49 . 2010-07-08 14:00 33920 ----a-r- c:\windows\system32\drivers\Afw.sys

2012-07-19 23:49 . 2010-07-08 14:00 339584 ----a-r- c:\windows\system32\drivers\AfwCore.sys

2012-07-19 21:29 . 2012-07-19 21:29 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-07-19 21:29 . 2012-07-19 21:29 63488 ----a-w- c:\windows\system32\tdc.ocx

2012-07-19 21:29 . 2012-07-19 21:29 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-07-19 21:29 . 2012-07-19 21:29 152064 ----a-w- c:\windows\system32\wextract.exe

2012-06-12 02:40 . 2012-07-20 14:50 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-06-02 22:19 . 2012-07-19 21:18 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-07-19 21:18 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-07-19 21:18 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-07-19 21:18 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:19 . 2012-07-19 21:18 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:12 . 2012-07-19 21:18 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:12 . 2012-07-19 21:18 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-07-19 21:18 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:12 . 2012-07-19 21:18 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-05-31 10:25 . 2010-01-23 02:42 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-07-14 00:15 . 2012-07-25 17:00 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

"Gadwin PrintScreen 3.5"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2006-07-08 1101824]

"BackgroundSwitcher"="c:\program files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe" [2011-05-15 119104]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-12-22 8120864]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RtHDVBg.exe" [2009-12-22 678432]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-14 1549608]

"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]

"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]

"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-17 98304]

"BullGuard"="c:\program files\BullGuard Ltd\BullGuard\BullGuard.exe" [2012-07-19 1756000]

"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]

"TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2012-07-20 296096]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

.

c:\users\Ton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Capture.lnk - c:\program files\AnalogX\Capture\capture.exe [2012-7-20 127472]

PrintScreen.lnk - c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe [2006-7-8 1101824]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

TMMonitor.lnk - c:\program files\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2012-7-20 258048]

WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-9-8 5185536]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]

@="Service"

.

R2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]

R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S1 AFW;Agnitum Firewall Driver;c:\windows\system32\DRIVERS\afw.sys [x]

S1 BdSpy;BdSpy;c:\windows\system32\DRIVERS\BdSpy.sys [x]

S1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\DRIVERS\NSKernel.sys [x]

S1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\DRIVERS\NSNetmon.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 BsBackup;BullGuard backup service;c:\windows\System32\SvcHost.exe [x]

S2 BsBhvScan;BullGuard behavioural detection service;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [x]

S2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe [x]

S2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe [x]

S2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe [x]

S2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe [x]

S2 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [x]

S2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [x]

S2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [x]

S2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [x]

S3 afwcore;afwcore;c:\windows\system32\DRIVERS\afwcore.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]

S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

BullGuard_Main REG_MULTI_SZ BsMain

BullGuard REG_MULTI_SZ BsFileScan BsFire

BullGuard_LowPriv REG_MULTI_SZ BsBrowser

BullGuard_Backup REG_MULTI_SZ BsBackup

BullGuard_Proxy REG_MULTI_SZ BsMailProxy

.

Inhoud van de 'Gedeelde Taken' map

.

2012-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-19 23:00]

.

2012-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-19 23:00]

.

2012-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-431356073-1885055134-1978963642-1000Core.job

- c:\users\Ton\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-25 10:35]

.

2012-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-431356073-1885055134-1978963642-1000UA.job

- c:\users\Ton\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-25 10:35]

.

.

------- Bijkomende Scan -------

.

uStart Page = https://www.google.nl/

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay, de wereldwijde online handelsplaats

LSP: c:\windows\system32\BGLsp.dll

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Ton\AppData\Roaming\Mozilla\Firefox\Profiles\1ftp8yt5.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.nl/

.

- - - - ORPHANS VERWIJDERD - - - -

.

AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\Sidekick Manager\2.2.513.159\{16cdff19-861d-48e3-a751-d99a27784753}\Uninstall Manager.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\atieclxx.exe

c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

c:\windows\system32\taskhost.exe

c:\program files\CyberLink\Shared files\RichVideo.exe

c:\program files\Microsoft\BingBar\SeaPort.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\windows\system32\conhost.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

c:\program files\Synaptics\SynTP\SynTPHelper.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\windows\system32\sppsvc.exe

c:\\?\c:\windows\system32\wbem\WMIADAP.EXE

.

**************************************************************************

.

Voltooingstijd: 2012-07-27 12:42:15 - machine werd herstart

ComboFix-quarantined-files.txt 2012-07-27 10:42

ComboFix2.txt 2012-07-25 14:42

.

Pre-Run: 174.587.432.960 bytes beschikbaar

Post-Run: 174.450.425.856 bytes beschikbaar

.

- - End Of File - - 04E84F7F21996D9D51D9EEC5F7F6FABE

[hammie]

Hallo Kape

Kan na combofix geen achtergrond meer instellen,niet via foto zelf right click(als bur.acht.gebr.)

en ook niet via John's Backgrond Switcher(die doet helemaal niks meer,wel verwijderd en opnieuw

geinstalleerd.Heb nog geen herstel gedaan,wat is dit nu weer?

27 juli 2012 aangepast door kape

[hammie]

Krijg deze waarschuing steeds.Zie Att.

[kape]

Heb je - nà het gebruik van Combofix - de PC al opnieuw opgestart ?

[hammie]

Ja zeker deed hij zelf en heb 't zelf ook al 2x gedaan.