hijackthislog 2

misteragga · 14 mei 2013

bij deze computer is het zelfde probleem.

[ATTACH]25868[/ATTACH]

kape · 14 mei 2013

Dit logje ziet er probleemloos uit. Indien het bij beide PC's om traagheid gaat, is dat dan bij surfen of ook bij gewoon gebruik ? Malware lijkt hier alvast uitgesloten te zijn.

misteragga · 14 mei 2013

bij de eerste computer met surfen op internet en de tweede computer het opstarten van de pc en het surfen op internet

kape · 14 mei 2013

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Hier kan je lezen hoe je Combofix moet gebruiken.

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: klik hier of hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registry key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

misteragga · 14 mei 2013

combofixlog.ComboFix 13-05-14.01 - Rajni 15-05-2013 0:18.4.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3839.1989 [GMT 2:00]

Gestart vanuit: c:\users\Rajni\Desktop\ComboFix.exe

AV: McAfee Antivirus en antispyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee Antivirus en antispyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\Rajni\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk

c:\users\Rajni\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-04-14 to 2013-05-14 ))))))))))))))))))))))))))))))

.

2013-05-14 22:29 . 2013-05-14 22:29 -------- d-----w- c:\users\Public\AppData\Local\temp

2013-05-14 22:29 . 2013-05-14 22:29 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-05-14 02:25 . 2013-05-14 02:25 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2013-05-14 01:50 . 2013-05-14 01:50 -------- d-----w- c:\windows\KMSServerService

2013-05-14 01:17 . 2013-05-14 01:17 -------- d-----w- c:\program files\Common Files\DESIGNER

2013-05-14 01:16 . 2013-05-14 01:16 -------- d-----w- c:\program files (x86)\Microsoft SQL Server

2013-05-14 01:16 . 2013-05-14 01:16 -------- d-----w- c:\program files\Microsoft.NET

2013-05-14 01:15 . 2013-05-14 01:15 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft

2013-05-14 01:12 . 2013-05-14 01:16 -------- d-----w- c:\program files\Microsoft SQL Server

2013-05-14 01:06 . 2013-05-14 01:06 -------- d-----w- c:\program files\Microsoft Analysis Services

2013-05-14 01:06 . 2013-05-14 01:06 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services

2013-05-14 01:05 . 2013-05-14 01:05 -------- d-----r- C:\MSOCache

2013-05-14 00:34 . 2013-05-14 00:41 -------- d-----w- c:\users\Rajni\AppData\Local\Microsoft Toolkit

2013-05-14 00:17 . 2013-05-14 00:17 -------- d-----w- c:\users\Rajni\AppData\Local\Microsoft Help

2013-05-14 00:17 . 2013-05-14 01:12 -------- d-----w- c:\program files\Microsoft Office

2013-05-14 00:17 . 2013-05-14 02:31 -------- d-----w- c:\programdata\Microsoft Help

2013-05-01 22:50 . 2013-05-01 22:51 -------- d-----w- c:\users\Rajni\AppData\Local\CutePDF Writer

2013-05-01 22:49 . 2013-05-01 22:49 -------- d-----w- c:\program files (x86)\GPLGS

2013-05-01 22:48 . 2012-10-04 17:49 87152 ----a-w- c:\windows\system32\cpwmon64.dll

2013-05-01 22:48 . 2013-05-01 22:48 -------- d-----w- c:\program files (x86)\Acro Software

2013-04-27 23:36 . 2013-04-04 03:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-04-25 17:35 . 2013-04-27 23:37 -------- d-----w- c:\program files (x86)\VideoLAN

2013-04-24 12:30 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-23 00:27 . 2013-04-23 00:27 971680 ----a-w- c:\windows\system32\deployJava1.dll

2013-04-23 00:27 . 2013-04-23 00:27 311200 ----a-w- c:\windows\system32\javaws.exe

2013-04-23 00:27 . 2013-04-23 00:27 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-04-23 00:27 . 2013-04-23 00:27 188832 ----a-w- c:\windows\system32\javaw.exe

2013-04-23 00:27 . 2013-04-23 00:27 188320 ----a-w- c:\windows\system32\java.exe

2013-04-23 00:27 . 2013-04-23 00:27 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll

2013-04-23 00:27 . 2013-04-23 00:27 -------- d-----w- c:\program files\Java

2013-04-23 00:23 . 2013-04-21 12:15 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys

2013-04-23 00:23 . 2013-04-23 00:23 -------- d-----w- c:\program files\Soluto

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-14 17:56 . 2012-07-17 13:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-04-09 21:28 . 2013-01-16 00:08 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-04-09 21:28 . 2013-01-16 00:08 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-04-09 20:58 . 2013-01-16 00:35 72702784 ----a-w- c:\windows\system32\MRT.exe

2013-03-19 06:04 . 2013-04-09 20:50 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-19 05:46 . 2013-04-09 20:50 43520 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-19 05:04 . 2013-04-09 20:50 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04 . 2013-04-09 20:50 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47 . 2013-04-09 20:50 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll

2013-03-19 03:06 . 2013-04-09 20:50 112640 ----a-w- c:\windows\system32\smss.exe

2013-03-13 20:26 . 2013-03-13 20:26 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2013-03-13 20:26 . 2013-03-13 20:26 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll

2013-03-13 20:26 . 2013-03-13 20:26 61952 ----a-w- c:\windows\SysWow64\tdc.ocx

2013-03-13 20:26 . 2013-03-13 20:26 523264 ----a-w- c:\windows\SysWow64\vbscript.dll

2013-03-13 20:26 . 2013-03-13 20:26 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2013-03-13 20:26 . 2013-03-13 20:26 38400 ----a-w- c:\windows\SysWow64\imgutil.dll

2013-03-13 20:26 . 2013-03-13 20:26 361984 ----a-w- c:\windows\SysWow64\html.iec

2013-03-13 20:26 . 2013-03-13 20:26 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll

2013-03-13 20:26 . 2013-03-13 20:26 226304 ----a-w- c:\windows\system32\elshyph.dll

2013-03-13 20:26 . 2013-03-13 20:26 185344 ----a-w- c:\windows\SysWow64\elshyph.dll

2013-03-13 20:26 . 2013-03-13 20:26 158720 ----a-w- c:\windows\SysWow64\msls31.dll

2013-03-13 20:26 . 2013-03-13 20:26 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2013-03-13 20:26 . 2013-03-13 20:26 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2013-03-13 20:26 . 2013-03-13 20:26 138752 ----a-w- c:\windows\SysWow64\wextract.exe

2013-03-13 20:26 . 2013-03-13 20:26 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2013-03-13 20:26 . 2013-03-13 20:26 12800 ----a-w- c:\windows\SysWow64\mshta.exe

2013-03-13 20:26 . 2013-03-13 20:26 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2013-03-13 20:26 . 2013-03-13 20:26 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

2013-03-13 20:26 . 2013-03-13 20:26 97280 ----a-w- c:\windows\system32\mshtmled.dll

2013-03-13 20:26 . 2013-03-13 20:26 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-03-13 20:26 . 2013-03-13 20:26 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll

2013-03-13 20:26 . 2013-03-13 20:26 81408 ----a-w- c:\windows\system32\icardie.dll

2013-03-13 20:26 . 2013-03-13 20:26 77312 ----a-w- c:\windows\system32\tdc.ocx

2013-03-13 20:26 . 2013-03-13 20:26 762368 ----a-w- c:\windows\system32\ieapfltr.dll

2013-03-13 20:26 . 2013-03-13 20:26 62976 ----a-w- c:\windows\system32\pngfilt.dll

2013-03-13 20:26 . 2013-03-13 20:26 599552 ----a-w- c:\windows\system32\vbscript.dll

2013-03-13 20:26 . 2013-03-13 20:26 52224 ----a-w- c:\windows\system32\msfeedsbs.dll

2013-03-13 20:26 . 2013-03-13 20:26 51200 ----a-w- c:\windows\system32\imgutil.dll

2013-03-13 20:26 . 2013-03-13 20:26 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-03-13 20:26 . 2013-03-13 20:26 452096 ----a-w- c:\windows\system32\dxtmsft.dll

2013-03-13 20:26 . 2013-03-13 20:26 441856 ----a-w- c:\windows\system32\html.iec

2013-03-13 20:26 . 2013-03-13 20:26 281600 ----a-w- c:\windows\system32\dxtrans.dll

2013-03-13 20:26 . 2013-03-13 20:26 27648 ----a-w- c:\windows\system32\licmgr10.dll

2013-03-13 20:26 . 2013-03-13 20:26 270848 ----a-w- c:\windows\system32\iedkcs32.dll

2013-03-13 20:26 . 2013-03-13 20:26 247296 ----a-w- c:\windows\system32\webcheck.dll

2013-03-13 20:26 . 2013-03-13 20:26 235008 ----a-w- c:\windows\system32\url.dll

2013-03-13 20:26 . 2013-03-13 20:26 216064 ----a-w- c:\windows\system32\msls31.dll

2013-03-13 20:26 . 2013-03-13 20:26 197120 ----a-w- c:\windows\system32\msrating.dll

2013-03-13 20:26 . 2013-03-13 20:26 173568 ----a-w- c:\windows\system32\ieUnatt.exe

2013-03-13 20:26 . 2013-03-13 20:26 167424 ----a-w- c:\windows\system32\iexpress.exe

2013-03-13 20:26 . 2013-03-13 20:26 1509376 ----a-w- c:\windows\system32\inetcpl.cpl

2013-03-13 20:26 . 2013-03-13 20:26 149504 ----a-w- c:\windows\system32\occache.dll

2013-03-13 20:26 . 2013-03-13 20:26 144896 ----a-w- c:\windows\system32\wextract.exe

2013-03-13 20:26 . 2013-03-13 20:26 1400416 ----a-w- c:\windows\system32\ieapfltr.dat

2013-03-13 20:26 . 2013-03-13 20:26 13824 ----a-w- c:\windows\system32\mshta.exe

2013-03-13 20:26 . 2013-03-13 20:26 136192 ----a-w- c:\windows\system32\iepeers.dll

2013-03-13 20:26 . 2013-03-13 20:26 135680 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-03-13 20:26 . 2013-03-13 20:26 12800 ----a-w- c:\windows\system32\msfeedssync.exe

2013-03-13 20:26 . 2013-03-13 20:26 102912 ----a-w- c:\windows\system32\inseng.dll

2013-03-13 20:19 . 2013-01-17 16:56 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-03-13 20:19 . 2013-01-17 16:56 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-03-01 03:36 . 2013-04-09 20:51 3153408 ----a-w- c:\windows\system32\win32k.sys

2013-02-21 10:30 . 2013-04-09 20:56 1766912 ----a-w- c:\windows\SysWow64\wininet.dll

2013-02-21 10:29 . 2013-04-09 20:56 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll

2013-02-21 10:29 . 2013-04-09 20:57 61440 ----a-w- c:\windows\SysWow64\iesetup.dll

2013-02-21 10:29 . 2013-04-09 20:57 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll

2013-02-21 10:15 . 2013-04-09 20:57 51712 ----a-w- c:\windows\system32\ie4uinit.exe

2013-02-21 10:15 . 2013-04-09 20:56 2240512 ----a-w- c:\windows\system32\wininet.dll

2013-02-21 10:14 . 2013-04-09 20:56 1365504 ----a-w- c:\windows\system32\urlmon.dll

2013-02-21 10:14 . 2013-04-09 20:56 19230208 ----a-w- c:\windows\system32\mshtml.dll

2013-02-21 10:14 . 2013-04-09 20:56 603136 ----a-w- c:\windows\system32\msfeeds.dll

2013-02-21 10:14 . 2013-04-09 20:56 3958784 ----a-w- c:\windows\system32\jscript9.dll

2013-02-21 10:14 . 2013-04-09 20:56 53248 ----a-w- c:\windows\system32\jsproxy.dll

2013-02-21 10:14 . 2013-04-09 20:56 855552 ----a-w- c:\windows\system32\jscript.dll

2013-02-21 10:14 . 2013-04-09 20:57 526336 ----a-w- c:\windows\system32\ieui.dll

2013-02-21 10:14 . 2013-04-09 20:57 67072 ----a-w- c:\windows\system32\iesetup.dll

2013-02-21 10:14 . 2013-04-09 20:56 136704 ----a-w- c:\windows\system32\iesysprep.dll

2013-02-21 10:14 . 2013-04-09 20:56 2647040 ----a-w- c:\windows\system32\iertutil.dll

2013-02-21 10:14 . 2013-04-09 20:57 39936 ----a-w- c:\windows\system32\iernonce.dll

2013-02-21 10:14 . 2013-04-09 20:56 15404544 ----a-w- c:\windows\system32\ieframe.dll

2013-02-19 12:01 . 2013-04-09 20:57 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb

2013-02-19 11:42 . 2013-04-09 20:57 2706432 ----a-w- c:\windows\system32\mshtml.tlb

2013-02-19 11:10 . 2013-04-09 20:57 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2013-02-19 10:51 . 2013-04-09 20:57 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]

@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"

[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]

2013-02-22 16:05 1722976 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]

@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"

[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]

2013-02-22 16:05 1722976 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]

@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"

[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]

2013-02-22 16:05 1722976 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"ccleaner"="c:\program files\CCleaner\CCleaner64.exe" [2013-04-23 6070040]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2119488]

WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"UacDisableNotify"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 KMSServerService;KMS Server Service;c:\windows\KMSServerService\KMS Server Service.exe DefaultPort DefaultKMSPID KillProcessOnPort [x]

R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2012-06-27 36328]

R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-05-28 197264]

R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2010-05-14 271712]

R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]

R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys [2012-11-02 97208]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 178824]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]

R3 SolutoRemoteService;Soluto Remote Service;c:\program files\Soluto\SolutoRemoteService.exe [2013-04-21 1245248]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2012-06-27 157672]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 16872]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 177640]

R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2012-06-27 146920]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]

R3 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-16 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-12-26 339776]

S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2013-04-21 54728]

S1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\RAJNI\DESKTOP\EMSISOFT\RUN\a2ddax64.sys [2013-05-06 26176]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-02-02 202752]

S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-03-05 221296]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-12-04 103472]

S2 McMPFSvc;McAfee Personal Firewall;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-03-05 221296]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-03-05 221296]

S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-03-05 221296]

S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [2012-10-06 1007288]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-12-26 218320]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-12-26 182312]

S2 SolutoLauncherService;Soluto Launcher Service;c:\program files\Soluto\SolutoLauncherService.exe [2013-04-21 182848]

S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2013-04-21 721472]

S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048]

S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-12-26 69672]

S3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]

S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]

S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-12-26 515528]

S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys [2012-11-02 328976]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - mfeavfk01

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-12 22:47 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-04-12 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-16 21:28]

.

2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-08 19:41]

.

2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-08 19:41]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]

@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"

[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]

2013-02-22 15:59 2325624 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]

@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"

[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]

2013-02-22 15:59 2325624 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]

@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"

[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]

2013-02-22 15:59 2325624 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Soluto"="c:\program files\soluto\soluto.exe" [2013-04-21 1285184]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

FontCache

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://google.nl/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office15\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office15\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-721232407-3770601494-4236025715-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-721232407-3770601494-4236025715-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-05-15 00:47:17

ComboFix-quarantined-files.txt 2013-05-14 22:47

ComboFix2.txt 2013-05-12 01:35

.

Pre-Run: 274.122.752.000 bytes beschikbaar

Post-Run: 274.127.060.992 bytes beschikbaar

.

- - End Of File - - 1FF955AC82BC5D6BA7D653D22F469883

kape · 15 mei 2013

Buiten de twee verwijderde bestandjes, valt hier niets negaties over te zeggen.

misteragga · 15 mei 2013

oke wat kan ik nu doen dan?

kape · 16 mei 2013

Download AdwCleaner by Xplode naar je bureaublad.

Sluit alle openstaande vensters.

Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
Voor XP: Gewoon dubbelklikken op AdwCleaner.
Klik vervolgens op Verwijderen.
Klik bij AdwCleaner – Informatie op OK
Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht.

misteragga · 16 mei 2013

adware log.

[ATTACH]25909[/ATTACH]

AdwCleaner[S1].txt

kape · 17 mei 2013

Ook hier hetzelfde verhaal ... geen negatieve aanduidingen.

Download zoek.exe naar het bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
startupall; 
filesrcm;

Klik op de knop "Options" en vink nu de onderstaande opties aan.
- Installed Programs
- Firefox Look
- Chrome Look
- Firefox Defaults
- Reset Chrome
- IE Defaults
- Auto Clean
[*] Klik daarna op de knop "Run script".

[*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

[*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

[*] Post nu de inhoud van het geopende logje in het volgende bericht.

Inloggen

hijackthislog 2

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Geplaatste afbeeldingen

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie