hotmail gehackt?

[Vincent4451]

Beste,

Ik bezit al meer dan 10j een e-mailaccount bij hotmail. Gisteren kon ik er nog op, deze middag kwam er volgende melding:

Het lijkt erop dat iemand anders je account gebruikt

Om jou—en alleen jou—weer toegang tot ***********@hotmail.com te kunnen bieden, moeten we controleren of het jouw e-mailadres is.

Ik volgde reeds de raad om via de site: https://account.live.com/password/reset het paswoord te veranderen, na het invullen van het antwoord op de beveiligingsvraag kon in m'n paswoord veranderen wat lukte, maar bij het opnieuw inloggen (met het nieuwe paswoord) krijg ik opnieuw bovenstaande melding?

Ook vanmiddag werd een mail verstuurd vanuit m'n hotmailadres naar verschillende mensen uit m'n contactlijst, dit met een link (spam / virus)

Weet iemand raad aub?

26 maart 2013 aangepast door Vincent4451

[Vincent4451]

alvast ook logje hijackthis:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:01:22, on 26/03/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16470)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe

C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFGH7KOK\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\RunOnce: [uninstall C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 8303 bytes

[clarkie]

De experts zijn verwittigd, zodra ze online komen helpen ze je verder.

[kape]

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O4 - HKCU\..\RunOnce: [uninstall C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Hier kan je lezen hoe je Combofix moet gebruiken.

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: klik hier of hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

[Vincent4451]

Combofix:

ComboFix 13-03-27.01 - Eigenaar 27/03/2013 18:57:16.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.6126.4550 [GMT 1:00]

Gestart vanuit: C:\Users\Eigenaar\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

C:\Users\Eigenaar\AppData\Local\assembly\tmp

C:\Users\Eigenaar\AppData\Local\Temp\IntResource.dll

(((((((((((((((((((( Bestanden Gemaakt van 2013-02-27 to 2013-03-27 ))))))))))))))))))))))))))))))

2013-03-27 17:44:52 . 2013-03-14 22:28:54 9311288 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A1489114-3A6E-4C54-A023-6B693B77EEDF}\mpengine.dll

2013-03-26 21:56:58 . 2013-03-26 21:56:58 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help

2013-03-26 16:39:04 . 2013-03-26 16:38:55 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3EFD86D4-EE76-4918-9F12-EC3A54163201}\gapaengine.dll

2013-03-26 16:38:58 . 2013-03-14 22:28:54 9311288 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-03-26 16:38:03 . 2013-03-26 16:38:03 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2013-03-26 16:37:59 . 2013-03-26 16:38:09 -------- d-----w- C:\Program Files\Microsoft Security Client

2013-03-26 16:32:49 . 2013-03-15 06:28:52 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DDC9CBC3-0618-468A-B6CE-0972CF7C24BF}\mpengine.dll

2013-03-26 16:31:58 . 2013-02-12 04:12:05 19968 ----a-w- C:\Windows\system32\drivers\usb8023.sys

2013-03-24 20:10:19 . 2013-03-24 20:10:19 -------- d-----w- C:\Users\Eigenaar\AppData\Local\CrashDumps

2013-03-24 20:05:47 . 2013-03-24 20:05:47 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation

2013-03-24 20:05:47 . 2013-03-24 20:05:47 -------- d-----w- C:\Program Files (x86)\AGEIA Technologies

2013-03-24 20:02:34 . 2013-03-24 20:02:34 -------- d-----w- C:\NVIDIA

2013-03-24 20:00:11 . 2013-03-24 20:00:11 -------- d-----w- C:\Program Files (x86)\Common Files\Java

2013-03-24 20:00:06 . 2013-03-24 19:59:48 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-03-24 20:00:06 . 2013-03-24 19:59:48 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-03-24 19:59:54 . 2013-03-24 19:59:48 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-03-24 19:59:47 . 2013-03-24 19:59:47 -------- d-----w- C:\Program Files (x86)\Java

2013-03-24 19:30:36 . 2013-03-24 19:45:35 -------- d-----w- C:\Program Files (x86)\Medal of Honor Warfighter

2013-03-24 18:20:30 . 2013-03-24 18:23:33 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Origin

2013-03-24 18:19:48 . 2013-03-24 19:26:56 -------- d-----w- C:\ProgramData\Origin

2013-03-24 18:19:22 . 2013-03-24 18:29:58 -------- d-----w- C:\Program Files (x86)\Origin

2013-03-24 18:14:48 . 2013-03-24 18:14:48 283200 ----a-w- C:\Windows\system32\drivers\dtsoftbus01.sys

2013-03-24 18:14:46 . 2013-03-24 18:17:36 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\DAEMON Tools Lite

2013-03-24 18:14:44 . 2013-03-24 18:14:48 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite

2013-03-24 18:13:15 . 2013-03-24 18:17:41 -------- d-----w- C:\ProgramData\DAEMON Tools Lite

2013-03-24 18:09:57 . 2013-03-24 18:09:57 -------- d-----w- C:\ProgramData\DAEMON Tools Ultra

2013-03-24 17:58:53 . 2013-03-24 17:58:53 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\ImgBurn

2013-03-24 17:54:24 . 2013-03-24 17:54:24 -------- d-----w- C:\Program Files (x86)\ImgBurn

2013-03-05 20:11:35 . 2013-03-05 20:11:35 -------- d-----w- C:\Program Files (x86)\MSXML 4.0

2013-03-03 14:13:21 . 2013-03-03 14:13:21 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Serif

2013-03-03 13:54:17 . 2013-03-03 13:54:17 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive

2013-03-03 13:54:16 . 2013-03-03 14:14:28 -------- d-----r- C:\Users\Eigenaar\SkyDrive

2013-03-03 13:54:01 . 2013-03-03 13:54:01 -------- d-----w- C:\ProgramData\Microsoft SkyDrive

2013-03-03 13:35:22 . 2013-03-03 13:35:22 -------- d-----w- C:\Users\Eigenaar\AppData\Local\WinZip Courier

2013-03-03 13:35:04 . 2013-03-27 18:04:23 -------- d-----w- C:\Users\Eigenaar\AppData\Local\assembly

2013-03-03 12:14:06 . 2013-03-24 18:41:13 -------- d-----w- C:\Users\Eigenaar\AppData\Local\WinZip

2013-03-03 12:11:44 . 2013-03-03 12:14:03 -------- d-----w- C:\ProgramData\WinZip

2013-03-03 12:11:43 . 2013-03-03 12:12:05 -------- d-----w- C:\Program Files\WinZip

2013-03-02 21:36:27 . 2013-03-03 13:44:43 -------- d-----w- C:\Program Files (x86)\Easy Computing

2013-02-27 20:57:59 . 2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-03-15 15:20:35 . 2013-01-21 15:12:01 72013344 ----a-w- C:\Windows\system32\MRT.exe

2013-03-14 18:10:27 . 2013-01-22 07:12:56 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-03-14 18:10:27 . 2013-01-22 07:12:56 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-02-12 05:45:24 . 2013-03-14 18:04:00 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-02-12 05:45:22 . 2013-03-14 18:04:00 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-02-12 05:45:22 . 2013-03-14 18:04:00 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-02-12 05:45:22 . 2013-03-14 18:04:00 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-02-12 04:48:31 . 2013-03-14 18:04:01 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-02-12 04:48:26 . 2013-03-14 18:04:01 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-02-10 19:37:48 . 2013-02-10 19:37:48 99384 ----a-w- C:\Users\Eigenaar\AppData\Roaming\inst.exe

2013-02-10 19:37:48 . 2013-02-10 19:37:48 82816 ----a-w- C:\Windows\system32\drivers\pcouffin.sys

2013-02-10 19:37:48 . 2013-02-10 19:37:48 82816 ----a-w- C:\Users\Eigenaar\AppData\Roaming\pcouffin.sys

2013-02-10 03:25:27 . 2013-01-22 07:31:44 15275744 ----a-w- C:\Windows\system32\nvwgf2umx.dll

2013-02-10 03:25:27 . 2013-01-22 07:31:44 12862400 ----a-w- C:\Windows\SysWow64\nvwgf2um.dll

2013-02-10 03:25:27 . 2013-01-22 07:31:43 2854344 ----a-w- C:\Windows\system32\nvapi64.dll

2013-02-10 03:25:27 . 2013-01-22 07:31:43 2528840 ----a-w- C:\Windows\SysWow64\nvapi.dll

2013-02-10 01:04:31 . 2011-01-16 05:30:12 6393120 ----a-w- C:\Windows\system32\nvcpl.dll

2013-02-10 01:04:31 . 2011-01-16 05:29:42 3472672 ----a-w- C:\Windows\system32\nvsvc64.dll

2013-02-10 01:04:29 . 2011-01-16 05:30:24 237856 ----a-w- C:\Windows\system32\nvmctray.dll

2013-02-10 01:04:29 . 2011-01-16 05:30:22 877856 ----a-w- C:\Windows\system32\nvvsvc.exe

2013-02-10 01:04:29 . 2011-01-16 05:30:22 63776 ----a-w- C:\Windows\system32\nvshext.dll

2013-02-10 01:04:29 . 2011-01-16 05:30:22 2555680 ----a-w- C:\Windows\system32\nvsvcr.dll

2013-01-30 10:53:22 . 2013-01-25 20:10:03 273840 ------w- C:\Windows\system32\MpSigStub.exe

2013-01-21 15:04:19 . 2013-01-21 15:04:19 86528 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-01-21 15:04:19 . 2013-01-21 15:04:19 76800 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe

2013-01-21 15:04:19 . 2013-01-21 15:04:19 74752 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-01-21 15:04:19 . 2013-01-21 15:04:19 74752 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-01-21 15:04:19 . 2013-01-21 15:04:19 63488 ----a-w- C:\Windows\SysWow64\tdc.ocx

2013-01-21 15:04:19 . 2013-01-21 15:04:19 48640 ----a-w- C:\Windows\SysWow64\mshtmler.dll

2013-01-21 15:04:19 . 2013-01-21 15:04:19 367104 ----a-w- C:\Windows\SysWow64\html.iec

2013-01-21 15:04:19 . 2013-01-21 15:04:19 23552 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2013-01-21 15:04:19 . 2013-01-21 15:04:19 161792 ----a-w- C:\Windows\SysWow64\msls31.dll

2013-01-21 15:04:19 . 2013-01-21 15:04:19 152064 ----a-w- C:\Windows\SysWow64\wextract.exe

2013-01-21 15:04:19 . 2013-01-21 15:04:19 150528 ----a-w- C:\Windows\SysWow64\iexpress.exe

2013-01-21 15:04:19 . 2013-01-21 15:04:19 110592 ----a-w- C:\Windows\SysWow64\IEAdvpack.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 91648 ----a-w- C:\Windows\system32\SetIEInstalledDate.exe

2013-01-21 15:04:18 . 2013-01-21 15:04:18 89088 ----a-w- C:\Windows\system32\RegisterIEPKEYs.exe

2013-01-21 15:04:18 . 2013-01-21 15:04:18 89088 ----a-w- C:\Windows\system32\ie4uinit.exe

2013-01-21 15:04:18 . 2013-01-21 15:04:18 85504 ----a-w- C:\Windows\system32\iesetup.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 82432 ----a-w- C:\Windows\system32\icardie.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 76800 ----a-w- C:\Windows\system32\tdc.ocx

2013-01-21 15:04:18 . 2013-01-21 15:04:18 65024 ----a-w- C:\Windows\system32\pngfilt.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 55296 ----a-w- C:\Windows\system32\msfeedsbs.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 534528 ----a-w- C:\Windows\system32\ieapfltr.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 49664 ----a-w- C:\Windows\system32\imgutil.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 48640 ----a-w- C:\Windows\system32\mshtmler.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 452608 ----a-w- C:\Windows\system32\dxtmsft.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 448512 ----a-w- C:\Windows\system32\html.iec

2013-01-21 15:04:18 . 2013-01-21 15:04:18 403248 ----a-w- C:\Windows\system32\iedkcs32.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 39936 ----a-w- C:\Windows\system32\iernonce.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 3695416 ----a-w- C:\Windows\system32\ieapfltr.dat

2013-01-21 15:04:18 . 2013-01-21 15:04:18 35840 ----a-w- C:\Windows\SysWow64\imgutil.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 30720 ----a-w- C:\Windows\system32\licmgr10.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 282112 ----a-w- C:\Windows\system32\dxtrans.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 267776 ----a-w- C:\Windows\system32\ieaksie.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 249344 ----a-w- C:\Windows\system32\webcheck.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 222208 ----a-w- C:\Windows\system32\msls31.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 197120 ----a-w- C:\Windows\system32\msrating.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 165888 ----a-w- C:\Windows\system32\iexpress.exe

2013-01-21 15:04:18 . 2013-01-21 15:04:18 163840 ----a-w- C:\Windows\system32\ieakui.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 160256 ----a-w- C:\Windows\system32\wextract.exe

2013-01-21 15:04:18 . 2013-01-21 15:04:18 160256 ----a-w- C:\Windows\system32\ieakeng.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 149504 ----a-w- C:\Windows\system32\occache.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 145920 ----a-w- C:\Windows\system32\iepeers.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 135168 ----a-w- C:\Windows\system32\IEAdvpack.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 12288 ----a-w- C:\Windows\system32\mshta.exe

2013-01-21 15:04:18 . 2013-01-21 15:04:18 11776 ----a-w- C:\Windows\SysWow64\mshta.exe

2013-01-21 15:04:18 . 2013-01-21 15:04:18 114176 ----a-w- C:\Windows\system32\admparse.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 111616 ----a-w- C:\Windows\system32\iesysprep.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 10752 ----a-w- C:\Windows\system32\msfeedssync.exe

2013-01-21 15:04:18 . 2013-01-21 15:04:18 103936 ----a-w- C:\Windows\system32\inseng.dll

2013-01-21 15:04:18 . 2013-01-21 15:04:18 101888 ----a-w- C:\Windows\SysWow64\admparse.dll

2013-01-21 10:19:29 . 2013-01-21 10:19:29 95744 ----a-w- C:\Windows\system32\synceng.dll

2013-01-21 10:19:29 . 2013-01-21 10:19:29 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

2013-01-21 10:18:32 . 2013-01-21 10:18:32 715776 ----a-w- C:\Windows\system32\kerberos.dll

2013-01-21 10:18:32 . 2013-01-21 10:18:32 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll

2013-01-21 10:18:06 . 2013-01-21 10:18:06 73216 ----a-w- C:\Windows\system32\netapi32.dll

2013-01-21 10:18:06 . 2013-01-21 10:18:06 59392 ----a-w- C:\Windows\system32\browcli.dll

2013-01-21 10:18:06 . 2013-01-21 10:18:06 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2013-01-21 10:18:06 . 2013-01-21 10:18:06 136704 ----a-w- C:\Windows\system32\browser.dll

2013-01-21 10:16:48 . 2013-01-21 10:16:48 956928 ----a-w- C:\Windows\system32\localspl.dll

2013-01-21 10:16:27 . 2013-01-21 10:16:27 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll

2013-01-21 10:16:27 . 2013-01-21 10:16:27 2048 ----a-w- C:\Windows\system32\msxml3r.dll

2013-01-21 10:15:58 . 2013-01-21 10:15:58 95600 ----a-w- C:\Windows\system32\drivers\ksecdd.sys

2013-01-21 10:15:25 . 2013-01-21 10:15:25 14172672 ----a-w- C:\Windows\system32\shell32.dll

2013-01-21 10:14:56 . 2013-01-21 10:14:56 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

2013-01-21 10:14:56 . 2013-01-21 10:14:56 1133568 ----a-w- C:\Windows\system32\cdosys.dll

2013-01-21 10:14:25 . 2013-01-21 10:14:25 9216 ----a-w- C:\Windows\system32\rdrmemptylst.exe

2013-01-21 10:14:25 . 2013-01-21 10:14:25 77312 ----a-w- C:\Windows\system32\rdpwsx.dll

2013-01-21 10:14:25 . 2013-01-21 10:14:25 149504 ----a-w- C:\Windows\system32\rdpcorekmts.dll

2013-01-21 10:14:10 . 2013-01-21 10:14:10 210944 ----a-w- C:\Windows\system32\drivers\rdpwd.sys

2013-01-21 10:12:47 . 2013-01-21 10:12:47 75120 ----a-w- C:\Windows\system32\drivers\partmgr.sys

2013-01-21 10:08:45 . 2013-01-21 10:08:45 81408 ----a-w- C:\Windows\system32\imagehlp.dll

2013-01-21 10:08:45 . 2013-01-21 10:08:45 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2013-01-21 10:08:45 . 2013-01-21 10:08:45 5120 ----a-w- C:\Windows\system32\wmi.dll

2013-01-21 10:08:45 . 2013-01-21 10:08:45 23408 ----a-w- C:\Windows\system32\drivers\fs_rec.sys

2013-01-21 10:08:45 . 2013-01-21 10:08:45 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2013-01-21 10:08:27 . 2013-01-21 10:08:27 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2013-01-21 10:08:27 . 2013-01-21 10:08:27 23552 ----a-w- C:\Windows\system32\drivers\tdtcp.sys

2013-01-21 10:08:27 . 2013-01-21 10:08:27 1031680 ----a-w- C:\Windows\system32\rdpcore.dll

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 08:23:30 3672640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 19:43:34 926896]

"ToshibaServiceStation"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-07-11 16:16:10 1298816]

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 17:36:46 30040]

"ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" [2009-09-12 22:09:10 103768]

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 08:04:54 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576]

R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 14:59:04 130008]

R3 NisSrv;Microsoft Netwerkinspectie;c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 10:34:32 379360]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14:10:20 19456]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-11 16:16:06 57216]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 14:42:54 137632]

R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 14:07:35 57856]

R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-21 15:01:00 1255736]

S1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\system32\DRIVERS\ctxusbm.sys [2009-09-08 17:13:16 87600]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-24 18:14:48 283200]

S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 17:24:38 2656280]

S3 pcouffin;VSO Software pcouffin;C:\Windows\system32\Drivers\pcouffin.sys [2013-02-10 19:37:48 82816]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 05:34:52 539240]

S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys [2011-04-22 12:42:24 1143400]

--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - WS2IFSL

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-01-26 15:15:39 1607120 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe

Inhoud van de 'Gedeelde Taken' map

2013-03-26 C:\Windows\Tasks\Adobe Flash Player Updater.job

- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-22 07:12:57 . 2013-03-14 18:10:30]

--------- X64 Entries -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TosSENotify"="C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-12-08 14:43:12 710040]

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe" [2013-01-27 10:34:16 1281512]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

FontCache

------- Bijkomende Scan -------

uLocal Page = C:\Windows\system32\blank.htm

uStart Page = hxxp://www.google.be/

mLocal Page = C:\Windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 195.130.130.133 195.130.131.133

- - - - ORPHANS VERWIJDERD - - - -

HKLM-Run-SynTPEnh - C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

27 maart 2013 aangepast door kape

[kape]

Logje ziet er nu OK uit. Blijkbaar is je mailadres gekaapt en wordt dit momenteel gebruikt voor het verzenden van ongewenste berichten op jouw naam. Weinig tegen te doen, vermits het hier (vermoedelijk) om SPAMmers zal gaan. Het veranderen van al je wachtwoorden is alvast een veilige keuze ... en dan wordt het even afwachten of die praktijken blijven duren ?

[Vincent4451]

Beste kape,

Denk je dan dat ik ooit nog zou kunnen inloggen op m'n account? Daar er nog heel wat belangrijke info in zit, hoop ik hier alleen maar op...Is er geen mogelijkheid om iets te doen via Microsoft zelf?

Alvast bedankt voor de gedane moeite.

[kape]

Je kan eens gaan kijken op het Hotmail-forum. Daar zal je ongetwijfeld (massa's) gelijkaardige gevallen ontdekken en misschien een oplossing voor je probleem. Zo niet, kan je daar zelf registreren en een vraag stellen omtrent jouw specifieke geval.