PC start heel traag op

[doufke]

- O4 - HKUS\S-1-5-21-3789531734-4B02388702-446800509-1004\..\Run: [] (User 'Rudi')

Ditstond niet bij de items van de scan?

- Is het niet het beste dat ik Glary Utilities eraf gooi?

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Databaseversie: v2013.06.24.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Brigitte :: BRIGITTE-PC [administrator]

24/06/2013 20:21:59

MBAM-log-2013-06-24 (20-34-56).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 342417

Verstreken tijd: 10 minuut/minuten, 22 seconde(n)

Geheugenprocessen gedetecteerd: 1

C:\ProgramData\GBox\GBox.exe (Trojan.Dropper) -> 4136 -> Geen actie ondernomen.

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RewardsArcade (PUP.RewardsArcade) -> Geen actie ondernomen.

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 19

C:\Program Files (x86)\RewardsArcade (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498 (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\defaults (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\defaults\preferences (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498 (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\defaults (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\defaults\preferences (PUP.RewardsArcade) -> Geen actie ondernomen.

Bestanden gedetecteerd: 37

C:\ProgramData\GBox\GBox.exe (Trojan.Dropper) -> Geen actie ondernomen.

C:\ProgramData\wxDfast\bhoclass.dll (PUP.DownloadnSave) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\fb.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\appAPIinternalWrapper.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\jquery.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\json.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\RewardsArcade.exe (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\Uninstall.exe (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\UserConfirmation.exe (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\uninstall.ico (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome.manifest (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\crossrider.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\crossriderapi.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\dialog.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\messaging.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\options.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\socialapi.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\utilityapi.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\workers_chain.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\faye-browser-min.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\jquery-1.4.2.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\facebox.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\defaults\preferences\prefs.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\uninstall.ico (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome.manifest (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\crossrider.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\crossriderapi.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\dialog.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\messaging.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\options.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\socialapi.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\utilityapi.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\workers_chain.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\faye-browser-min.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\jquery-1.4.2.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox\facebox.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\defaults\preferences\prefs.js (PUP.RewardsArcade) -> Geen actie ondernomen.

(einde)

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Databaseversie: v2013.06.24.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Brigitte :: BRIGITTE-PC [administrator]

24/06/2013 20:21:59

MBAM-log-2013-06-24 (20-34-56).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 342417

Verstreken tijd: 10 minuut/minuten, 22 seconde(n)

Geheugenprocessen gedetecteerd: 1

C:\ProgramData\GBox\GBox.exe (Trojan.Dropper) -> 4136 -> Geen actie ondernomen.

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RewardsArcade (PUP.RewardsArcade) -> Geen actie ondernomen.

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 19

C:\Program Files (x86)\RewardsArcade (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498 (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\defaults (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\defaults\preferences (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498 (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\defaults (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\defaults\preferences (PUP.RewardsArcade) -> Geen actie ondernomen.

Bestanden gedetecteerd: 37

C:\ProgramData\GBox\GBox.exe (Trojan.Dropper) -> Geen actie ondernomen.

C:\ProgramData\wxDfast\bhoclass.dll (PUP.DownloadnSave) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\fb.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\appAPIinternalWrapper.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\jquery.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\json.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\RewardsArcade.exe (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\Uninstall.exe (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Program Files (x86)\RewardsArcade\UserConfirmation.exe (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\uninstall.ico (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome.manifest (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\crossrider.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\crossriderapi.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\dialog.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\messaging.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\options.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\socialapi.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\utilityapi.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\workers_chain.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\faye-browser-min.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\jquery-1.4.2.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\facebox.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\AppData\Local\RewardsArcade\498\Firefox\defaults\preferences\prefs.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\uninstall.ico (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome.manifest (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\crossrider.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\crossriderapi.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\dialog.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\messaging.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\options.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\socialapi.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\utilityapi.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\workers_chain.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\faye-browser-min.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\jquery-1.4.2.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox\facebox.js (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\Brigitte\Local Settings\Application Data\RewardsArcade\498\Firefox\defaults\preferences\prefs.js (PUP.RewardsArcade) -> Geen actie ondernomen.

(einde)

- - - Updated - - -

Ik heb 2x hetzelfde logje gepost.

Hier het logje van Hijack

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:56:59, on 22/06/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16476)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.glarysoft.com/?src=iesearch

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mail.google.com/mail/u/0/?tab=wm#inbox

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.glarysoft.com/?src=iehome

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.glarysoft.com/?src=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.glarysoft.com/?src=iesearch

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.glarysoft.com/?src=iehome

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://isearch.glarysoft.com/?q=%s&src=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://isearch.glarysoft.com/?q=%s&src=iesearch

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: RewardsArcade - {597A9974-8CB0-4f41-B61F-ED065738A397} - C:\Program Files (x86)\RewardsArcade\RewardsArcade.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll

O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [installIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-3789531734-402388702-446800509-1004\..\Run: [] (User 'Rudi')

O4 - S-1-5-21-3789531734-402388702-446800509-1004 Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (User 'Rudi')

O4 - S-1-5-21-3789531734-402388702-446800509-1004 User Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (User 'Rudi')

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: http://download.windowsupdate.com

O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - http://ccff02.minfin.fgov.be/diagnosis/static/app-layout/js/capicom.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: InstallBrain Updater Service (InstallBrainService) - Unknown owner - C:\ProgramData\InstallBrainService\ibsvc.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater15.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13718 bytes

[kweezie wabbit]

- Is het niet het beste dat ik Glary Utilities eraf gooi?

Je hoeft glary utilities niet persé te verwijderen maar ik zou het toch niet instellen als opstartpagina van internet explorer of als standaard zoekmachine.

Ik vrees dat er iets is misgelopen

Het haijckthis logje is hetzelfde als dat van 22 juni en met malwarebytes heb je ook niets laten verwijderen.

Kan je de instructies van bericht nr 9 nog eens goed lezen en ze opnieuw uitvoeren en dan de beide logjes (malwarebytes en hijackthis) plaatsen?

[doufke]

Ik heb nog niet herbegonnen maar stuur je een log van vandaag

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:23:06, on 25/06/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16476)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mail.google.com/mail/u/0/?tab=wm#inbox

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [installIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: http://download.windowsupdate.com

O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - http://ccff02.minfin.fgov.be/diagnosis/static/app-layout/js/capicom.cab

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10261 bytes

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Databaseversie: v2013.06.25.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Brigitte :: BRIGITTE-PC [administrator]

25/06/2013 20:12:10

mbam-log-2013-06-25 (20-12-10).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 343003

Verstreken tijd: 7 minuut/minuten, 27 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

[kweezie wabbit]

Dit ziet er al goed uit.

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
  
  • Running processes
    
  • Recently Created
    
  • Startup Information
    
  • Firefox Look
    
  • Chrome Look
    
  • Auto Clean
    

  [*] Klik nu op de knop "Run script".

  [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  [*] Post nu de inhoud van het geopende logje in het volgende bericht.

[doufke]

Dacht het al dat het er beter uitzag, OK. rest volgt.

[doufke]

OK, weet niet of het goed gedaan is, heb er mee gesukkeld

Zoek.exe Version 4.0.0.2 Updated 26-June-2013

Tool run by Brigitte on wo 26/06/2013 at 20:35:30,72.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\svchost.exe -k apphost

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\CISVC.EXE

C:\Program Files (x86)\System Control Manager\MSIService.exe

C:\Windows\system32\mqsvc.exe

C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Windows\system32\svchost.exe -k regsvc

C:\Windows\System32\tcpsvcs.exe

C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

C:\Windows\system32\svchost.exe -k iissvcs

C:\Windows\system32\DllHost.exe

C:\Windows\System32\alg.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskmgr.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Windows\explorer.exe

C:\Windows\system32\taskeng.exe

C:\Users\Brigitte\Desktop\zoek\zoek.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\wmiprvse.exe

==== Creating Sample_20132606_2040.zip ======================

Process iexplore.exe killed

Copied file C:\Users\Brigitte\zoek.exe to sample\zoek.exe

sample\zoek.exe renamed to 4BF0DF09119E0D2E00F1CBF3F1FE6CDF

C:\Users\Public\Desktop\sample_20132606_2040.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3789531734-402388702-446800509-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CAF407F7-B828-47D2-ADF2-ED8F43A10331} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Brigitte\AppData\Local\Temp ====

2013-06-21 12:24:27 CE755676AE6D27A1EFEEFB0F3C70A929 358600 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\APNStub.exe

2013-06-13 15:36:04 70276F070926C947B5EBF5E67A45AF8D 903592 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

====== C:\Windows\SysWOW64 =====

2013-06-21 12:23:32 CC409C0797FF56A9DD7D2B20A4E22891 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-06-12 20:17:04 FC415B303B1ECF80B5F130A1F7203D02 492544 ----a-w- C:\Windows\SysWOW64\win32spl.dll

2013-06-12 20:16:02 45FBAFFA68CBC29AC2563985CEE72B9C 24576 ----a-w- C:\Windows\SysWOW64\cryptdlg.dll

2013-06-12 20:06:05 5B2E4E90C04FB9AE9F2C5E99FF59B283 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll

2013-06-12 20:03:43 3897DFF247D9ED0006190349DE264E14 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll

2013-06-12 20:03:42 8A8B277067C22F4BF6AA9A31692FC4D3 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll

2013-06-12 20:03:38 92245C959E5BC378809D2CC5E9F6E9C7 1160192 ----a-w- C:\Windows\SysWOW64\crypt32.dll

2013-06-12 20:03:20 CC917AC4D3F8756FF13174980B474791 43008 ----a-w- C:\Windows\SysWOW64\certenc.dll

2013-06-12 20:03:20 0D52559AEF4AA5EAC82F530617032283 903168 ----a-w- C:\Windows\SysWOW64\certutil.exe

2013-06-12 19:59:31 6DE66FE7C526637E74CD066461C7C871 1505280 ----a-w- C:\Windows\SysWOW64\d3d11.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-06-16 14:29:01 587A30BD989FD640C7B458C790720F68 411688 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT

2013-06-12 20:17:00 67CF11E00D026A5C0C88EA5F84D501E5 751104 ----a-w- C:\Windows\Sysnative\win32spl.dll

2013-06-12 20:15:43 C06FAAF13E37CE482F612AFF2D2331F3 30720 ----a-w- C:\Windows\Sysnative\cryptdlg.dll

2013-06-12 20:06:04 3D7BB6DD7A87B3E36E44CA94444247A8 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll

2013-06-12 20:01:33 D8129C49798CBBFB2E4351D4B7B8EF9C 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll

2013-06-12 20:01:32 2C4C22EA1735F21F355EB1A39832F7DF 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll

2013-06-12 20:01:31 A96D5ECA5742603E0E345C4F6B801F5E 1464320 ----a-w- C:\Windows\Sysnative\crypt32.dll

2013-06-12 20:01:18 4586B77B18FA9A8518AF76CA8FD247D9 1192448 ----a-w- C:\Windows\Sysnative\certutil.exe

2013-06-12 20:01:18 189B0BAE1B0EDD51CEF1CD3F4CDEE02E 52224 ----a-w- C:\Windows\Sysnative\certenc.dll

2013-06-12 19:59:28 4C92EB7535CAA1681A77D928FBF9771F 1887232 ----a-w- C:\Windows\Sysnative\d3d11.dll

====== C:\Windows\Sysnative\drivers =====

2013-06-24 18:19:07 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2013-06-12 20:17:23 9849EA3843A2ADBDD1497E97A85D8CAE 1910632 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-05-31 20:09:43 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf

2013-05-31 19:55:32 3FDE033DFB0D07F8B7D5C9A3044AA121 26112 ----a-w- C:\Windows\Sysnative\drivers\pccsmcfdx64.sys

====== C:\Windows\Tasks ======

2013-06-26 18:34:47 66D5841F34ED17C8558C0242932BD676 2956 ----a-w- C:\Windows\Sysnative\Tasks\{92D79EB0-D144-4536-903E-AB4E21FA0359}

2013-06-26 18:34:39 66D5841F34ED17C8558C0242932BD676 2956 ----a-w- C:\Windows\Sysnative\Tasks\{23F19121-BC4F-48D7-BE73-9C0ECE37A88D}

2013-06-26 18:17:50 1820D23E0C742BB10A226E87CE2360A7 3152 ----a-w- C:\Windows\Sysnative\Tasks\{E4127CF0-9D37-472D-9AC0-F2C5A3BF27D4}

2013-06-26 17:55:29 5BFD5FB4B22960B460BC1877F50E7521 3132 ----a-w- C:\Windows\Sysnative\Tasks\{6A241E3A-ED07-4A5F-91FC-9817203ECDA3}

2013-06-21 11:42:56 4AA7D77B4713B5B7D46EB8F8F9AD52CC 3298 ----a-w- C:\Windows\Sysnative\Tasks\{22D1138F-706D-47B8-9813-A82D631299E2}

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\Program Files (x86) =====

2013-06-21 15:36:16 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-05-31 19:55:17 -------- d-----w- C:\Program Files (x86)\PC Connectivity Solution

======= C: =====

====== C:\Users\Brigitte\AppData\Roaming ======

2013-06-26 18:06:07 -------- d-----w- C:\users\Brigitte\AppData\Local\ElevatedDiagnostics

2013-06-24 17:30:26 -------- d-----w- C:\users\Default\AppData\Local\Google

2013-06-24 17:30:26 -------- d-----w- C:\users\Default User\AppData\Local\Google

2013-06-17 19:16:46 45146D05AD926D8D0F6EF131E47165D9 109384 ----a-w- C:\users\Brigitte\AppData\Local\GDIPFONTCACHEV1.DAT

2013-06-12 20:02:10 -------- d-----w- C:\users\Default\AppData\Roaming\TuneUp Software

2013-06-12 20:02:10 -------- d-----w- C:\users\Default User\AppData\Roaming\TuneUp Software

2013-06-12 19:53:12 -------- d-----w- C:\users\Rudi\AppData\Local\Apple

2013-06-12 18:43:50 E531F11943D9F62C7E87CDD333BE7903 109384 ----a-w- C:\users\TEMP.Brigitte-PC\AppData\Local\GDIPFONTCACHEV1.DAT

2013-06-12 18:43:49 -------- d-----w- C:\users\TEMP.Brigitte-PC\AppData\Roaming\Intel Corporation

2013-06-12 18:43:39 -------- d-----w- C:\users\TEMP.Brigitte-PC\AppData\Local\AVG Secure Search

2013-06-12 18:43:32 -------- d-----w- C:\users\TEMP.Brigitte-PC\AppData\Local\Avg2013

2013-06-12 18:43:19 -------- d-----w- C:\users\TEMP.Brigitte-PC\AppData\Roaming\Apple Computer

2013-06-12 18:43:19 -------- d-----w- C:\users\TEMP.Brigitte-PC\AppData\Local\Apple Computer

2013-06-12 18:34:28 -------- d-----w- C:\users\TEMP.Brigitte-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-06-12 18:34:24 -------- d-----r- C:\users\TEMP.Brigitte-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp

2013-06-12 18:34:24 -------- d-----r- C:\users\TEMP.Brigitte-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2013-06-12 18:33:36 -------- d-----w- C:\users\TEMP.Brigitte-PC\AppData\Local\Microsoft

2013-06-12 18:33:27 -------- d-----w- C:\users\TEMP.Brigitte-PC\AppData\Roaming\Microsoft

2013-06-01 09:20:40 -------- d-----w- C:\users\Rudi\AppData\Roaming\Intel Corporation

2013-05-31 20:11:23 -------- d-----w- C:\users\Brigitte\AppData\Roaming\Nokia Suite

2013-05-31 20:05:54 -------- d-----w- C:\users\Brigitte\AppData\Local\NokiaAccount

====== C:\Users\Brigitte ======

2013-06-21 11:41:08 -------- d-----w- C:\ProgramData\Soluto

2013-06-14 13:38:53 CBFAE434C6CAA7D110C7FC307F892A94 2060320 ----a-w- C:\Users\Brigitte\Downloads\DriverMender.exe

2013-06-12 20:02:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2013-06-12 18:34:25 -------- d-----r- C:\Users\TEMP.Brigitte-PC\Saved Games

2013-06-12 18:34:25 -------- d-----r- C:\Users\TEMP.Brigitte-PC\Links

2013-06-12 18:34:24 -------- d-----r- C:\Users\TEMP.Brigitte-PC\Videos

2013-06-12 18:34:24 -------- d-----r- C:\Users\TEMP.Brigitte-PC\Searches

2013-06-12 18:34:24 -------- d-----r- C:\Users\TEMP.Brigitte-PC\Pictures

2013-06-12 18:34:24 -------- d-----r- C:\Users\TEMP.Brigitte-PC\Music

2013-06-12 18:34:24 -------- d-----r- C:\Users\TEMP.Brigitte-PC\Downloads

2013-06-12 18:34:24 -------- d-----r- C:\Users\TEMP.Brigitte-PC\Documents

2013-06-12 18:34:11 -------- d-----r- C:\Users\TEMP.Brigitte-PC\Contacts

2013-06-12 18:33:36 -------- d-----r- C:\Users\TEMP.Brigitte-PC\Favorites

2013-06-12 18:33:26 -------- d-----r- C:\Users\TEMP.Brigitte-PC\Desktop

2013-06-12 18:33:14 -------- d-----w- C:\Users\TEMP.Brigitte-PC\AppData

2013-06-10 19:02:52 -------- d-----w- C:\Users\Default\AppData

2013-05-31 19:59:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia

====== C: exe-files ==

2013-06-26 18:07:07 3E3D8F4DAAC3CF3C442A2C3FD7191B8B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3789531734-402388702-446800509-1000\$INTQ8VY.exe

2013-06-26 18:02:35 2D6911A8318F0A4D16CD902F849636B1 1268181 ----a-w- C:\$Recycle.Bin\S-1-5-21-3789531734-402388702-446800509-1000\$RNTQ8VY.exe

2013-06-21 21:30:48 D53D5A464755B876306507FA0580737B 399440 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_E22AE377E2374FD1.exe

2013-06-21 21:30:44 10B01048B1DA075CD1EE27E30B4CF342 308816 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_16A328A5A291F177.exe

2013-06-21 21:30:40 9227CD96860A2B54E7CF4C91B255C420 1070672 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_80ACC8E3971CD605.exe

2013-06-21 21:29:39 FF288AD39AFA4B198C744E47A2994DCB 530912 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4209.2358\GoogleToolbarInstaller_updater_signed.exe

2013-06-21 12:24:27 CE755676AE6D27A1EFEEFB0F3C70A929 358600 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\APNStub.exe

2013-06-21 11:41:13 B8633D85CB1590AF7F2C4F14533869D1 1241136 ----a-w- C:\ProgramData\Soluto\Installer\SolutoInstaller.exe

2013-06-21 11:29:22 80633916458CC8041D0F483B7633E9F6 1582944 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\27.0.1453.116\27.0.1453.116_27.0.1453.110_chrome_updater.exe

2013-06-20 12:15:18 36AC3321AA9431B981DE85246A7AC833 5959728 ----a-w- C:\Program Files (x86)\AVG\AVG2013\avgcrema.exe

=== C: other files ==

2013-06-26 18:40:13 BCA924E91B65ED261E43722E899FD030 1268920 ----a-w- C:\Users\Public\Desktop\sample_20132606_2040.zip

2013-06-26 18:17:27 D9BB53E6FB4BD569AD0A037290FEFF08 2906 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\f2fb4932-d097-47d3-865f-9128c05fcb41.zip

2013-06-26 18:17:19 41466C16213212A67A9762FD3C3192E1 2913 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\f4f386a2-d097-47d3-865f-9128c05fcb41.zip

2013-06-26 18:17:09 4BB64BADD470A66F4210A4F7F3A19357 2905 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\c1b38d5c-d097-47d3-865f-9128c05fcb41.zip

2013-06-26 18:16:47 897442F267AE684A7AD03AF6C50DCB4D 2917 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\9cfce100-d097-47d3-865f-9128c05fcb41.zip

2013-06-26 18:14:41 FA7F33A0B70453522F81B3951293F1B0 2921 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\b2ae2f25-d099-47d3-865f-9128c05fcb41.zip

2013-06-26 18:01:12 43F1FDF95AE3BAFEE59B74006967CA70 2908 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\49e61846-d098-47d3-865f-9128c05fcb41.zip

2013-06-26 17:59:07 C6A2C691F09AC367D6FDCBE8E4FE34AF 2914 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\071e66fc-d098-47d3-865f-9128c05fcb41.zip

2013-06-26 17:57:02 EAF70BC453812D0A386CBAAEFC8520E1 2890 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\d25b3e56-d098-47d3-865f-9128c05fcb41.zip

2013-06-26 17:54:56 A112D0A4C1EA59C03CC92FB145D03609 2916 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\9c0c9e3d-d09b-47d3-865f-9128c05fcb41.zip

2013-06-26 17:46:01 6E27C0E8614CD44C478360263296DCAC 781232 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\3c32d211-d087-47d3-865f-9128c05fcb41.zip

2013-06-24 18:19:07 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-06-24 18:11:01 F221FCAAACF833E921C4C0E5589BC2D3 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3789531734-402388702-446800509-1000\$IFNSNMY.com

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3789531734-402388702-446800509-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"InstallIQUpdater"="C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe /silent /autorun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"

"MGSysCtrl"="C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe"

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"AppleSyncNotifier"="C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"InstallIQUpdater"="C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe /silent /autorun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"DivXUpdate"="\"C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ApnUpdater"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Ask.com\\Updater\\Updater.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXMediaServer]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DivXMediaServer"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\DivX\\DivX Media Server\\DivXMediaServer.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DivXUpdate"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Facebook Update"

"hkey"="HKCU"

"command"="\"C:\\Users\\Brigitte\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

"hkey"="HKLM"

"item"="iTunesHelper"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

"hkey"="HKLM"

"item"="QuickTime Task"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"HotKeysCmds"="C:\\Windows\\system32\\hkcmd.exe"

"Persistence"="C:\\Windows\\system32\\igfxpers.exe"

"IgfxTray"="C:\\Windows\\system32\\igfxtray.exe"

==== Startup Folders ======================

2011-12-24 16:18:58 1296 ----a-w- C:\users\Rudi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3789531734-402388702-446800509-1000Core.job --a------ C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe [20/01/2013 00:16]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3789531734-402388702-446800509-1000UA.job --a------ C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe [20/01/2013 00:16]

C:\Windows\tasks\GlaryInitialize.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task]

C:\Windows\tasks\ParetoLogic Registration.job --a------ C:\Windows\system32\rundll32FC:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll []

C:\Windows\tasks\RegCure Pro.job --a------ [undetermined Task]

C:\Windows\tasks\RegUse.job --a------ C:\Program Files (x86)\RegUse\RegUse.exe []

C:\Windows\tasks\ROC_JAN2013_TB_rmv.job --a------ [undetermined Task]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\s2fft9wh.default

- Undetermined - %ProfilePath%\extensions\4fef402c8c312@4fef402c8c34c.info

- Undetermined - %ProfilePath%\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591}

ProfilePath: C:\Users\Rudi\AppData\Roaming\Mozilla\Firefox\Profiles\mn1rk9wn.default

- AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\14.0.3.14

- DivX Plus Web Player HTML5 lt;videogt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

- Instrument Test - %ProfilePath%\extensions\testpilot@labs.mozilla.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.2.0.5\avg.crx[]

nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[07/02/2013 07:47]

Google Docs - Brigitte - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Brigitte - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Brigitte - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Brigitte - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Webcam Toy - Brigitte - Default\Extensions\lfbgimoladefibpklnfmkpknadbklade

DivX Plus Web Player HTML5 \u003Cvideo\u003E - Brigitte - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm

Gmail - Brigitte - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Docs - Rudi - Default\Extensions\aohghmighlieiainnegkcijnfilokake

DivX Plus Web Player HTML5 \u003Cvideo\u003E - Rudi - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://mail.google.com/mail/u/0/?tab=wm#inbox"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://mail.google.com/mail/u/0/?tab=wm#inbox"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="Zoek"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Brigitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Classic .NET AppPool.IIS APPPOOL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Rudi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Rudi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\TEMP.Brigitte-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Brigitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\Rudi\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Brigitte\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Brigitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Users\Brigitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn" not found

==== EOF on do 27/06/2013 at 7:12:22,47 ======================

[doufke]

Kweezie Rabbit, wat denk je ervan?

[kweezie wabbit]

Ziet er niet slecht uit.

Download AdwCleaner by Xplode naar het bureaublad.

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Klik vervolgens op Verwijderen.
  
• Klik bij AdwCleaner – Informatie op OK
  
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
  

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.

Nadat de PC opnieuw is opgestart, opent een logfile.

Post aansluitend de inhoud van dit log in je volgende bericht.

[doufke]

De snelkoppelingen worden die automatisch teruggezet?

[kweezie wabbit]

Ja, de snelkoppelingen komen gewoon terug na de uitvoering of na de herstart van de pc.