anoniem Geplaatst: 14 september 2011 Delen Geplaatst: 14 september 2011 Volgens mij is het een rommeltje. Kan er iemand naar kijken? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:01:21, on 14-9-2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16839) Boot mode: Normal Running processes: C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2527944 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.5\iobitToolbarIE.dll R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.5\iobitToolbarIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110818200720.dll O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.5\iobitToolbarIE.dll O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/Letters%20from%20Nowhere%202/Images/stg_drm.ocx O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files%20(x86)/Vacation%20Quest%20-%20The%20Hawaiian%20Islands/Images/armhelper.ocx O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files (x86)\iWin Games\iWinTrusted.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 14571 bytes Quote Link naar reactie
0 anoniem Geplaatst: 14 september 2011 Auteur Delen Geplaatst: 14 september 2011 Een rommeltje? En dan ook nog dat rogue programma Advanced System Care van het Chinese Iobit. In ieder geval zit in dat tool onder andere "geleende" programmatuur van twee westerse antivirusmakers. Dus spyware zit er nu ook in. Gekoppeld aan het gegeven dat je als antivirussoftware daarnaast Avira Antivir Free en ook nog McAfee gebruikt, houdt dat in dat het beveiligingsniveau in jouw Windows behoorlijk omlaag is geschroefd! Maar nu eerst een en ander rechttrekken: dus Iobit moet eruit. En welke antivirussoftware wil jij nu behouden? Quote Link naar reactie
0 anoniem Geplaatst: 15 september 2011 Auteur Delen Geplaatst: 15 september 2011 Ik heb McAfee via XS4all, en Avira op advies van XS. Ik had blijkbaar een virus o.i.d. Geen enkel programma kon trouwens iets vinden. Is IObit echt zo erg? Quote Link naar reactie
0 anoniem Geplaatst: 15 september 2011 Auteur Delen Geplaatst: 15 september 2011 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:19:34, on 15-9-2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16839) Boot mode: Normal Running processes: C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2527944 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110914145546.dll O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/Letters%20from%20Nowhere%202/Images/stg_drm.ocx O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files%20(x86)/Vacation%20Quest%20-%20The%20Hawaiian%20Islands/Images/armhelper.ocx O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files (x86)\iWin Games\iWinTrusted.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 13130 bytes Quote Link naar reactie
0 anoniem Geplaatst: 15 september 2011 Auteur Delen Geplaatst: 15 september 2011 Om je een voorbeeld te geven: de malwarescanner van Iobit in Advanced System Care is van Malware MBAM gestolen! Doe jij het volgende: [b:57fed4eef4]Welk programma[/b:57fed4eef4]: ComboFix [b:57fed4eef4]Waarvoor/waarom[/b:57fed4eef4]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:57fed4eef4]Moeilijkheidsgraad[/b:57fed4eef4]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:57fed4eef4]Downloadlokatie[/b:57fed4eef4]: Dit programma absoluut naar het bureaublad downloaden! [b:57fed4eef4]Download ComboFix via één van deze locaties[/b:57fed4eef4]: [list:57fed4eef4][*:57fed4eef4][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:57fed4eef4]Bleepingcomputer[/b:57fed4eef4][/url] [*:57fed4eef4][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:57fed4eef4]ForoSpyware[/b:57fed4eef4][/url] [*:57fed4eef4][url=http://subs.geekstogo.com/ComboFix.exe][b:57fed4eef4]Geekstogo[/b:57fed4eef4][/url][/list:u:57fed4eef4] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:57fed4eef4]Hier[/b:57fed4eef4][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:57fed4eef4]Hier[/b:57fed4eef4][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:57fed4eef4]hier[/b:57fed4eef4][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:57fed4eef4]Voor alle duidelijkheid nogmaals[/b:57fed4eef4]: ComboFix dient vanaf het bureaublad gestart te worden. [b:57fed4eef4]Opmerkingen[/b:57fed4eef4]: [list:57fed4eef4][*:57fed4eef4] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:57fed4eef4]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:57fed4eef4]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:57fed4eef4] [b:57fed4eef4]ComboFix is opgestart[/b:57fed4eef4]: [list:57fed4eef4][*:57fed4eef4]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:57fed4eef4]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:57fed4eef4]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:57fed4eef4]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:57fed4eef4]Post de inhoud van dit logbestand in je volgende bericht. [*:57fed4eef4]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:57fed4eef4] [b:57fed4eef4]Belangrijke opmerking[/b:57fed4eef4]: [list:57fed4eef4][*:57fed4eef4][b:57fed4eef4][color=Red:57fed4eef4]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:57fed4eef4][/b:57fed4eef4] [*:57fed4eef4][b:57fed4eef4][color=blue:57fed4eef4]Illegal operation attempted on a registery key that has been marked for deletion.[/color:57fed4eef4][/b:57fed4eef4] [*:57fed4eef4][b:57fed4eef4][color=Red:57fed4eef4]Start dan de computer opnieuw op.[/color:57fed4eef4][/b:57fed4eef4][/list:u:57fed4eef4] Quote Link naar reactie
0 anoniem Geplaatst: 16 september 2011 Auteur Delen Geplaatst: 16 september 2011 ComboFix 11-09-15.05 - Tweetzz 16-09-2011 13:08:41.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.3950.2368 [GMT 2:00] Gestart vanuit: C:\Users\Tweetzz\Downloads\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Program Files (x86)\iWin Games\iWINgameshookie.dll C:\ProgramData\Herofy C:\ProgramData\Herofy\save.aps C:\Users\Tweetzz\AppData\Local\ApplicationHistory C:\Users\Tweetzz\AppData\Local\ApplicationHistory\Autorun.exe.4f151a3a.ini C:\Windows\SysWow64\comct332.ocx C:\Windows\SysWow64\mfc100deu.dll ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_Boonty Games (((((((((((((((((((( Bestanden Gemaakt van 2011-08-16 to 2011-09-16 )))))))))))))))))))))))))))))) 2011-09-16 11:14:05 . 2011-09-16 11:14:05 -------- d-----w- C:\Users\Default\AppData\Local\temp 2011-09-16 11:03:31 . 2011-09-16 11:03:31 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Avira 2011-09-16 10:55:45 . 2011-08-12 04:10:01 8862544 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{482D70B7-8B8A-4BD5-BB6B-50F5F5D07278}\mpengine.dll 2011-09-15 10:33:42 . 2011-09-15 10:34:03 -------- d-----w- C:\Program Files (x86)\Secret Mission - Het Vergeten Eiland 2011-09-14 10:50:20 . 2011-09-14 10:50:20 388096 ----a-r- C:\Users\Tweetzz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-09-14 10:50:18 . 2011-09-14 10:50:18 -------- d-----w- C:\Program Files (x86)\Trend Micro 2011-09-14 10:35:50 . 2011-09-14 10:35:50 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Malwarebytes 2011-09-14 10:35:34 . 2011-09-14 10:35:34 -------- d-----w- C:\ProgramData\Malwarebytes 2011-09-14 10:35:28 . 2011-08-31 15:00:50 25416 ----a-w- C:\Windows\system32\drivers\mbam.sys 2011-09-14 10:35:23 . 2011-09-14 10:35:37 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-09-14 10:32:37 . 2011-09-14 13:15:01 88288 ----a-w- C:\Windows\system32\drivers\avgntflt.sys 2011-09-14 10:32:37 . 2011-09-14 13:15:01 123784 ----a-w- C:\Windows\system32\drivers\avipbb.sys 2011-09-14 10:32:35 . 2011-09-14 10:32:35 -------- d-----w- C:\ProgramData\Avira 2011-09-14 10:32:35 . 2011-09-14 10:32:35 -------- d-----w- C:\Program Files (x86)\Avira 2011-09-13 08:59:10 . 2011-09-14 10:22:13 -------- d-----w- C:\Program Files (x86)\Cursed Memories - The Secret of Agony Creek Collector's Edition 2011-09-12 12:46:41 . 2011-09-12 12:46:41 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Clockwork Pixels 2011-09-11 15:29:47 . 2011-09-11 15:30:12 -------- d-----w- C:\Program Files (x86)\Hidden Mysteries - The Forbidden City 2011-09-09 12:03:35 . 2011-09-09 12:03:37 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Masque 2011-09-08 17:27:34 . 2011-09-08 17:29:53 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\PeaceCraft3 2011-09-08 17:26:36 . 2011-09-09 15:10:46 -------- d-----w- C:\Program Files (x86)\My Kingdom for the Princess III 2011-09-08 17:24:51 . 2011-09-08 17:25:08 -------- d-----w- C:\Program Files (x86)\Magic Farm 2 2011-09-07 14:22:03 . 2011-09-07 14:22:03 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\KeepersOfDryandra 2011-09-07 10:54:33 . 2011-08-19 14:33:16 27992 ----a-w- C:\Windows\system32\SmartDefragBootTime.exe 2011-09-07 10:54:33 . 2010-11-26 16:02:18 17720 ----a-w- C:\Windows\system32\drivers\SmartDefragDriver.sys 2011-09-01 11:47:34 . 2011-09-01 11:47:34 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\casualArts 2011-09-01 11:47:34 . 2011-09-01 11:47:34 -------- d-----w- C:\ProgramData\casualArts 2011-08-30 16:34:03 . 2011-08-30 16:34:03 -------- d-----w- C:\ProgramData\Desktop Gaming 2011-08-29 12:54:42 . 2011-08-29 12:56:50 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Phantasmat_zylom_ce 2011-08-29 10:39:51 . 2011-08-29 10:39:51 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Fenomen Games 2011-08-29 10:24:00 . 2011-08-29 10:24:00 -------- d-----w- C:\Zylom Games 2011-08-25 11:20:38 . 2011-08-25 11:20:38 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Casual Box 2011-08-24 17:22:40 . 2011-08-24 17:22:40 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\BrandX Games 2011-08-24 09:04:07 . 2011-08-24 09:04:07 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Pirate Stories Kit Ellis 2011-08-24 06:03:30 . 2011-07-09 05:14:10 2048 ----a-w- C:\Windows\system32\tzres.dll 2011-08-24 06:03:29 . 2011-07-09 04:30:52 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2011-08-22 16:20:08 . 2011-08-24 14:59:21 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Merscom 2011-08-22 16:20:08 . 2011-08-24 14:59:21 -------- d-----w- C:\ProgramData\Merscom 2011-08-21 16:46:26 . 2011-08-21 16:46:26 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Alawar Stargaze 2011-08-21 15:44:37 . 2011-08-21 15:44:37 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Twilight Games 2011-08-19 11:00:41 . 2011-08-19 11:00:41 -------- d-----w- C:\Users\Tweetzz\AppData\Local\Vast Studios 2011-08-17 15:42:48 . 2011-08-17 15:42:49 2560 ----a-w- C:\Windows\_MSRSTRT.EXE . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) 2011-08-19 13:59:28 . 2010-12-26 12:32:23 158832 ----a-w- C:\Windows\system32\mfevtps.exe 2011-08-15 08:00:06 . 2010-12-26 12:32:46 9984 ----a-w- C:\Windows\system32\drivers\mfeclnk.sys 2011-08-15 08:00:06 . 2010-12-26 12:32:42 75672 ----a-w- C:\Windows\system32\drivers\mfenlfk.sys 2011-08-15 08:00:06 . 2010-12-26 12:32:42 283744 ----a-w- C:\Windows\system32\drivers\mfewfpk.sys 2011-08-15 08:00:06 . 2010-12-26 12:32:41 65128 ----a-w- C:\Windows\system32\drivers\cfwids.sys 2011-08-15 08:00:06 . 2010-12-26 12:32:41 481504 ----a-w- C:\Windows\system32\drivers\mfefirek.sys 2011-08-15 08:00:06 . 2010-12-26 12:32:41 228752 ----a-w- C:\Windows\system32\drivers\mfeavfk.sys 2011-08-15 08:00:06 . 2010-12-26 12:32:41 100904 ----a-w- C:\Windows\system32\drivers\mferkdet.sys 2011-08-15 08:00:06 . 2010-08-24 19:57:38 642824 ----a-w- C:\Windows\system32\drivers\mfehidk.sys 2011-08-15 08:00:06 . 2010-08-24 19:57:38 158584 ----a-w- C:\Windows\system32\drivers\mfeapfk.sys 2011-07-22 05:35:08 . 2011-08-11 10:04:20 1638912 ----a-w- C:\Windows\system32\mshtml.tlb 2011-07-22 04:56:17 . 2011-08-11 10:04:20 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-07-16 05:26:54 . 2011-08-11 09:27:12 362496 ----a-w- C:\Windows\system32\wow64win.dll 2011-07-16 05:26:53 . 2011-08-11 09:27:13 243200 ----a-w- C:\Windows\system32\wow64.dll 2011-07-16 05:26:53 . 2011-08-11 09:27:12 13312 ----a-w- C:\Windows\system32\wow64cpu.dll 2011-07-16 05:26:18 . 2011-08-11 09:27:13 214528 ----a-w- C:\Windows\system32\winsrv.dll 2011-07-16 05:24:09 . 2011-08-11 09:27:12 16384 ----a-w- C:\Windows\system32\ntvdm64.dll 2011-07-16 05:21:32 . 2011-08-11 09:27:13 422400 ----a-w- C:\Windows\system32\KernelBase.dll 2011-07-16 05:17:46 . 2011-08-11 09:27:13 338432 ----a-w- C:\Windows\system32\conhost.exe 2011-07-16 05:04:54 . 2011-08-11 09:27:12 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:12 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 6144 ---ha-w- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 5120 ---ha-w- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 4608 ---ha-w- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 4608 ---ha-w- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2011-07-16 04:36:09 . 2011-08-11 09:27:12 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2011-07-16 04:32:14 . 2011-08-11 09:27:13 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2011-07-16 04:31:50 . 2011-08-11 09:27:13 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2011-07-16 04:30:29 . 2011-08-11 09:27:12 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2011-07-16 04:30:27 . 2011-08-11 09:27:12 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 5120 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll 2011-07-16 02:26:12 . 2011-08-11 09:27:10 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2011-07-16 02:26:11 . 2011-08-11 09:27:08 2048 ----a-w- C:\Windows\SysWow64\user.exe 2011-07-16 02:21:47 . 2011-08-11 09:27:11 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2011-07-16 02:21:47 . 2011-08-11 09:27:11 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2011-07-16 02:21:47 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2011-07-16 02:21:47 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2011-07-09 02:44:55 . 2011-08-11 09:28:03 287744 ----a-w- C:\Windows\system32\drivers\mrxsmb10.sys 2011-06-29 16:07:50 . 2011-06-29 16:07:50 64512 ----a-w- C:\Windows\SysWow64\devobj.dll 2011-06-29 16:07:50 . 2011-06-29 16:07:50 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll 2011-06-29 16:07:50 . 2011-06-29 16:07:50 404992 ----a-w- C:\Windows\system32\umpnpmgr.dll 2011-06-29 16:07:50 . 2011-06-29 16:07:50 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe 2011-06-29 16:07:50 . 2011-06-29 16:07:50 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe 2011-06-29 16:07:40 . 2011-06-29 16:07:40 779264 ----a-w- C:\Windows\system32\mssvp.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 75264 ----a-w- C:\Windows\system32\msscntrs.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 593408 ----a-w- C:\Windows\system32\SearchIndexer.exe 2011-06-29 16:07:40 . 2011-06-29 16:07:40 491520 ----a-w- C:\Windows\system32\mssph.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 428032 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe 2011-06-29 16:07:40 . 2011-06-29 16:07:40 337408 ----a-w- C:\Windows\SysWow64\mssph.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 288256 ----a-w- C:\Windows\system32\mssphtb.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 249856 ----a-w- C:\Windows\system32\SearchProtocolHost.exe 2011-06-29 16:07:40 . 2011-06-29 16:07:40 2326016 ----a-w- C:\Windows\system32\tquery.dll ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2011-07-13 07:59:20 1666144] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 12:16:28 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576] R2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:43 136176] R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 03:45:56 169312] R3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:43 136176] R3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys [x] R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys [x] R3 McAWFwk;McAfee Activation Service;c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2010-08-30 13:42:00 220528] R3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys [x] R3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 19:47:18 108400] R3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 05:07:12 423280] R3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 19:47:16 67952] R3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 20:13:46 304496] R3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 10:44:10 851824] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 13:55:00 537456] R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 13:56:02 384880] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 13:57:16 101232] R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2011-04-20 08:50:52 1021840] R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [x] R4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936] R4 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2010-08-05 12:59:17 332272] S0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys [x] S0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [x] S0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\Drivers\SmartDefragDriver.sys [x] S1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [x] S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [x] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 05:53:48 136360] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 03:16:06 13336] S2 iWinTrusted;iWinTrusted;C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2011-04-08 15:17:40 176848] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936] S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936] S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936] S2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-08-19 13:50:56 208272] S2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\system32\mfevtps.exe [x] S2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 12:27:22 632792] S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 01:01:56 367456] S2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys [x] S2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys [x] S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-08-12 14:15:34 257936] S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 08:59:10 104960] S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 20:02:57 2320920] S2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 16:00:52 575856] S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 15:00:04 836608] S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys [x] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x] S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys [x] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [x] S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys [x] S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys [x] S3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys [x] S3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [x] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys [x] --- Andere Services/Drivers In Geheugen --- *Deregistered* - mfeavfk01 Inhoud van de 'Gedeelde Taken' map 2011-09-16 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:44 . 2010-08-05 12:58:43] 2011-09-15 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:44 . 2010-08-05 12:58:43] --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}] 2010-08-05 12:59:17 750064 ----a-w- C:\ProgramData\Partner\Partner64.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "combofix"="C:\ComboFix\CF14085.3XE" [2009-07-14 01:39:01 344576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 Supplementary scan did not complete! Quote Link naar reactie
0 anoniem Geplaatst: 16 september 2011 Auteur Delen Geplaatst: 16 september 2011 Je schreef eerder: "Ik heb McAfee via XS4all, en Avira op advies van XS. Ik had blijkbaar een virus o.i.d". Wie is die XS? Welk forum was dat? En je hebt nog steeds Avira en McAfee in jouw Windows! Dus wat ga je daar nu aan doen? Quote Link naar reactie
0 anoniem Geplaatst: 19 september 2011 Auteur Delen Geplaatst: 19 september 2011 XS is mijn provider XS4all; hun advies was om naast McAfee Avira te installen. Quote Link naar reactie
0 anoniem Geplaatst: 19 september 2011 Auteur Delen Geplaatst: 19 september 2011 Welnu, dan moet je weten dat twee antivirusprogramma's meer kwaad dan goed doen! Dit wegens onderlinge conflicten! Daardoor loopt het beveiligingsniveau ook behoorlijk terug..... Dat was dus een "bullshit" advies van iemand bij je provider die er ook niks vanaf weet! Ga naar "Configuratieschrm\[b:46d1c53566]Programma's en onderdelen[/b:46d1c53566]" en verwijder Avira Antivir! Na een herstart van jouw PC doe je dan het volgende: [b:46d1c53566][url=http://www.eset.com/onlinescan/]Doe de ESET online scan (Klik).[/url][/b:46d1c53566] [list:46d1c53566] [*:46d1c53566]Klik op de knop [b:46d1c53566]ESET Online Scanner[/b:46d1c53566] [*:46d1c53566]Zet een vinkje bij [b:46d1c53566]YES, I accept the Terms of Use[/b:46d1c53566] [*:46d1c53566]Klik op [b:46d1c53566]Start[/b:46d1c53566] [*:46d1c53566]Sta het ActiveX control toe om te installeren. [*:46d1c53566]Zet een vinkje bij de volgende opties: [list:46d1c53566][*:46d1c53566][b:46d1c53566]Remove found threats[/b:46d1c53566] [*:46d1c53566][b:46d1c53566]Scan archives[/b:46d1c53566][/list:u:46d1c53566] [*:46d1c53566]Klik vervolgens op [b:46d1c53566][color=#0000FF:46d1c53566]"Advanced Settings"[/color:46d1c53566][/b:46d1c53566] [list:46d1c53566][*:46d1c53566][b:46d1c53566]Scan for potentially unwanted applications[/b:46d1c53566] [*:46d1c53566][b:46d1c53566]Scan for potentially unsafe applications[/b:46d1c53566] [*:46d1c53566][b:46d1c53566]Enable Anti-Stealth technology [/b:46d1c53566][/list:u:46d1c53566] [*:46d1c53566]Klik op [b:46d1c53566]Start[/b:46d1c53566] [*:46d1c53566]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:46d1c53566]is de scan klaar, klik dan op [b:46d1c53566][color=#0000FF:46d1c53566]> List of found threats[/color:46d1c53566][/b:46d1c53566] [*:46d1c53566]Klik vervolgens op [color=#0000FF:46d1c53566][b:46d1c53566]> Export to text file....[/b:46d1c53566][/color:46d1c53566] [*:46d1c53566]Als opslaglokatie Bureaublad en geef het kladblokbestand een duidelijke titel. [*:46d1c53566]Daarna mag jij het venster sluiten omdat de scan klaar is. [*:46d1c53566]Open vervolgens het log dat op je bureaublad staat. [*:46d1c53566]En kopieer en plak dan de inhoud van dit log in je volgende bericht.[/list:u:46d1c53566] N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller! Quote Link naar reactie
0 anoniem Geplaatst: 21 september 2011 Auteur Delen Geplaatst: 21 september 2011 C:\Program Files (x86)\RealArcade\Installer\bin\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined C:\Users\Tweetzz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0008b8 Win32/OpenCandy application deleted - quarantined C:\Users\Tweetzz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0009c6 Win32/OpenCandy application deleted - quarantined C:\Users\Tweetzz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0009d0 Win32/OpenCandy application deleted - quarantined C:\Users\Tweetzz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0009d9 Win32/OpenCandy application deleted - quarantined C:\Users\Tweetzz\Downloads\GameHouse-Installer_am-foreigndreams_gamehouse_.exe Win32/OpenCandy application deleted - quarantined C:\Users\Tweetzz\Downloads\GameHouse-Installer_am-mysterynovel_gamehouse_.exe Win32/OpenCandy application deleted - quarantined C:\Users\Tweetzz\Downloads\GameHouse-Installer_amg-lostinreefs_gamehouse_.exe Win32/OpenCandy application deleted - quarantined C:\Users\Tweetzz\Downloads\WinMaximizer2011.exe a variant of Win32/SlowPCfighter application deleted - quarantined Quote Link naar reactie
0 anoniem Geplaatst: 21 september 2011 Auteur Delen Geplaatst: 21 september 2011 Doe de ComboFix scan nogmaals. Het kan na opstarten van ComboFix gebeuren dat er een melding komt: - of ComboFix wil geupdated worden; - of ComboFix wil opnieuw gedownload worden. Krijg je dus zo'n melding, dan dit ook uitvoeren. Post wederom de inhoud van het log. Quote Link naar reactie
0 anoniem Geplaatst: 21 september 2011 Auteur Delen Geplaatst: 21 september 2011 ComboFix 11-09-21.03 - Tweetzz 21-09-2011 19:37:34.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.3950.1863 [GMT 2:00] Gestart vanuit: C:\Users\Tweetzz\Downloads\ComboFix.exe AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) ---- Voorgaande Run ------- C:\Program Files (x86)\iWin Games\iWINgameshookie.dll C:\ProgramData\Herofy\save.aps C:\Users\Tweetzz\AppData\Local\ApplicationHistory\Autorun.exe.4f151a3a.ini C:\Windows\SysWow64\comct332.ocx C:\Windows\SysWow64\mfc100deu.dll ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_Boonty Games (((((((((((((((((((( Bestanden Gemaakt van 2011-08-21 to 2011-09-21 )))))))))))))))))))))))))))))) 2011-09-21 17:43:45 . 2011-09-21 17:43:45 -------- d-----w- C:\Users\Default\AppData\Local\temp 2011-09-21 15:48:24 . 2011-09-21 15:48:40 -------- d-----w- C:\Program Files (x86)\Be Rich 2011-09-21 15:47:06 . 2011-09-21 15:47:20 -------- d-----w- C:\Program Files (x86)\Shop-n-Spree - SuperMarkt 2011-09-21 15:45:36 . 2011-09-21 15:45:48 -------- d-----w- C:\Program Files (x86)\Chloe's Droomresort 2011-09-21 05:44:06 . 2011-09-21 05:44:06 -------- d-----w- C:\Program Files (x86)\ESET 2011-09-21 05:28:50 . 2011-09-21 05:28:50 -------- d-----w- C:\Program Files (x86)\Lavalys 2011-09-20 17:28:49 . 2011-09-20 17:47:20 -------- d-----w- C:\ProgramData\FarmFrenzy_Vikings 2011-09-20 13:28:55 . 2011-08-12 04:10:01 8862544 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DC31453D-B4CE-4846-AA20-8F6D11028867}\mpengine.dll 2011-09-18 14:23:51 . 2011-09-18 14:23:54 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Mayan Puzzle 2011-09-16 16:11:57 . 2011-09-16 16:11:57 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\BULKYPIX 2011-09-16 13:51:07 . 2011-09-16 13:51:07 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\SMIGames 2011-09-14 10:50:20 . 2011-09-14 10:50:20 388096 ----a-r- C:\Users\Tweetzz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-09-14 10:50:18 . 2011-09-14 10:50:18 -------- d-----w- C:\Program Files (x86)\Trend Micro 2011-09-14 10:35:50 . 2011-09-14 10:35:50 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Malwarebytes 2011-09-14 10:35:34 . 2011-09-14 10:35:34 -------- d-----w- C:\ProgramData\Malwarebytes 2011-09-14 10:35:28 . 2011-08-31 15:00:50 25416 ----a-w- C:\Windows\system32\drivers\mbam.sys 2011-09-14 10:35:23 . 2011-09-14 10:35:37 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-09-13 08:59:10 . 2011-09-14 10:22:13 -------- d-----w- C:\Program Files (x86)\Cursed Memories - The Secret of Agony Creek Collector's Edition 2011-09-12 12:46:41 . 2011-09-12 12:46:41 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Clockwork Pixels 2011-09-08 17:27:34 . 2011-09-16 16:19:14 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\PeaceCraft3 2011-09-08 17:26:36 . 2011-09-09 15:10:46 -------- d-----w- C:\Program Files (x86)\My Kingdom for the Princess III 2011-09-08 17:24:51 . 2011-09-08 17:25:08 -------- d-----w- C:\Program Files (x86)\Magic Farm 2 2011-09-07 14:22:03 . 2011-09-07 14:22:03 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\KeepersOfDryandra 2011-09-07 10:54:33 . 2011-08-19 14:33:16 27992 ----a-w- C:\Windows\system32\SmartDefragBootTime.exe 2011-09-07 10:54:33 . 2010-11-26 16:02:18 17720 ----a-w- C:\Windows\system32\drivers\SmartDefragDriver.sys 2011-09-01 11:47:34 . 2011-09-01 11:47:34 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\casualArts 2011-09-01 11:47:34 . 2011-09-01 11:47:34 -------- d-----w- C:\ProgramData\casualArts 2011-08-30 16:34:03 . 2011-08-30 16:34:03 -------- d-----w- C:\ProgramData\Desktop Gaming 2011-08-29 12:54:42 . 2011-08-29 12:56:50 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Phantasmat_zylom_ce 2011-08-29 10:39:51 . 2011-08-29 10:39:51 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Fenomen Games 2011-08-29 10:24:00 . 2011-09-21 11:28:22 -------- d-----w- C:\Zylom Games 2011-08-25 11:20:38 . 2011-08-25 11:20:38 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Casual Box 2011-08-24 17:22:40 . 2011-08-24 17:22:40 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\BrandX Games 2011-08-24 09:04:07 . 2011-08-24 09:04:07 -------- d-----w- C:\Users\Tweetzz\AppData\Roaming\Pirate Stories Kit Ellis 2011-08-24 06:03:30 . 2011-07-09 05:14:10 2048 ----a-w- C:\Windows\system32\tzres.dll 2011-08-24 06:03:29 . 2011-07-09 04:30:52 2048 ----a-w- C:\Windows\SysWow64\tzres.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) 2011-08-19 13:59:28 . 2010-12-26 12:32:23 158832 ----a-w- C:\Windows\system32\mfevtps.exe 2011-08-17 15:42:49 . 2011-08-17 15:42:48 2560 ----a-w- C:\Windows\_MSRSTRT.EXE 2011-08-15 08:00:06 . 2010-12-26 12:32:46 9984 ----a-w- C:\Windows\system32\drivers\mfeclnk.sys 2011-08-15 08:00:06 . 2010-12-26 12:32:42 75672 ----a-w- C:\Windows\system32\drivers\mfenlfk.sys 2011-08-15 08:00:06 . 2010-12-26 12:32:42 283744 ----a-w- C:\Windows\system32\drivers\mfewfpk.sys 2011-08-15 08:00:06 . 2010-12-26 12:32:41 65128 ----a-w- C:\Windows\system32\drivers\cfwids.sys 2011-08-15 08:00:06 . 2010-12-26 12:32:41 481504 ----a-w- C:\Windows\system32\drivers\mfefirek.sys 2011-08-15 08:00:06 . 2010-12-26 12:32:41 228752 ----a-w- C:\Windows\system32\drivers\mfeavfk.sys 2011-08-15 08:00:06 . 2010-12-26 12:32:41 100904 ----a-w- C:\Windows\system32\drivers\mferkdet.sys 2011-08-15 08:00:06 . 2010-08-24 19:57:38 642824 ----a-w- C:\Windows\system32\drivers\mfehidk.sys 2011-08-15 08:00:06 . 2010-08-24 19:57:38 158584 ----a-w- C:\Windows\system32\drivers\mfeapfk.sys 2011-07-22 05:35:08 . 2011-08-11 10:04:20 1638912 ----a-w- C:\Windows\system32\mshtml.tlb 2011-07-22 04:56:17 . 2011-08-11 10:04:20 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-07-16 05:26:54 . 2011-08-11 09:27:12 362496 ----a-w- C:\Windows\system32\wow64win.dll 2011-07-16 05:26:53 . 2011-08-11 09:27:13 243200 ----a-w- C:\Windows\system32\wow64.dll 2011-07-16 05:26:53 . 2011-08-11 09:27:12 13312 ----a-w- C:\Windows\system32\wow64cpu.dll 2011-07-16 05:26:18 . 2011-08-11 09:27:13 214528 ----a-w- C:\Windows\system32\winsrv.dll 2011-07-16 05:24:09 . 2011-08-11 09:27:12 16384 ----a-w- C:\Windows\system32\ntvdm64.dll 2011-07-16 05:21:32 . 2011-08-11 09:27:13 422400 ----a-w- C:\Windows\system32\KernelBase.dll 2011-07-16 05:17:46 . 2011-08-11 09:27:13 338432 ----a-w- C:\Windows\system32\conhost.exe 2011-07-16 05:04:54 . 2011-08-11 09:27:12 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:12 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 6144 ---ha-w- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 5120 ---ha-w- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 4608 ---ha-w- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 4608 ---ha-w- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2011-07-16 05:04:54 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2011-07-16 04:36:09 . 2011-08-11 09:27:12 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2011-07-16 04:32:14 . 2011-08-11 09:27:13 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2011-07-16 04:31:50 . 2011-08-11 09:27:13 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2011-07-16 04:30:29 . 2011-08-11 09:27:12 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2011-07-16 04:30:27 . 2011-08-11 09:27:12 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:12 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 5120 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll 2011-07-16 04:19:58 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll 2011-07-16 02:26:12 . 2011-08-11 09:27:10 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2011-07-16 02:26:11 . 2011-08-11 09:27:08 2048 ----a-w- C:\Windows\SysWow64\user.exe 2011-07-16 02:21:47 . 2011-08-11 09:27:11 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2011-07-16 02:21:47 . 2011-08-11 09:27:11 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2011-07-16 02:21:47 . 2011-08-11 09:27:11 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2011-07-16 02:21:47 . 2011-08-11 09:27:11 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2011-07-09 02:44:55 . 2011-08-11 09:28:03 287744 ----a-w- C:\Windows\system32\drivers\mrxsmb10.sys 2011-06-29 16:07:50 . 2011-06-29 16:07:50 64512 ----a-w- C:\Windows\SysWow64\devobj.dll 2011-06-29 16:07:50 . 2011-06-29 16:07:50 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll 2011-06-29 16:07:50 . 2011-06-29 16:07:50 404992 ----a-w- C:\Windows\system32\umpnpmgr.dll 2011-06-29 16:07:50 . 2011-06-29 16:07:50 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe 2011-06-29 16:07:50 . 2011-06-29 16:07:50 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe 2011-06-29 16:07:40 . 2011-06-29 16:07:40 779264 ----a-w- C:\Windows\system32\mssvp.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 75264 ----a-w- C:\Windows\system32\msscntrs.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 593408 ----a-w- C:\Windows\system32\SearchIndexer.exe 2011-06-29 16:07:40 . 2011-06-29 16:07:40 491520 ----a-w- C:\Windows\system32\mssph.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 428032 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe 2011-06-29 16:07:40 . 2011-06-29 16:07:40 337408 ----a-w- C:\Windows\SysWow64\mssph.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 288256 ----a-w- C:\Windows\system32\mssphtb.dll 2011-06-29 16:07:40 . 2011-06-29 16:07:40 249856 ----a-w- C:\Windows\system32\SearchProtocolHost.exe ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-05 12:59:15 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2011-07-13 07:59:20 1666144] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 12:16:28 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576] R2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:43 136176] R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 03:45:56 169312] R3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Users\Tweetzz\AppData\Local\Temp\EverestDriver.sys [x] R3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:43 136176] R3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys [x] R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys [x] R3 McAWFwk;McAfee Activation Service;c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2010-08-30 13:42:00 220528] R3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys [x] R3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 19:47:18 108400] R3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 05:07:12 423280] R3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 19:47:16 67952] R3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 20:13:46 304496] R3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 10:44:10 851824] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 13:55:00 537456] R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 13:56:02 384880] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 13:57:16 101232] R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [x] R4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936] R4 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2010-08-05 12:59:17 332272] S0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys [x] S0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [x] S0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\Drivers\SmartDefragDriver.sys [x] S1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [x] S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 03:16:06 13336] S2 iWinTrusted;iWinTrusted;C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2011-04-08 15:17:40 176848] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936] S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936] S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 16:28:20 249936] S2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-08-19 13:50:56 208272] S2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\system32\mfevtps.exe [x] S2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 12:27:22 632792] S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 01:01:56 367456] S2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys [x] S2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys [x] S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-08-12 14:15:34 257936] S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 08:59:10 104960] S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 20:02:57 2320920] S2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 16:00:52 575856] S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 15:00:04 836608] S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys [x] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x] S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys [x] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [x] S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys [x] S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys [x] S3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys [x] S3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys [x] S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2011-04-20 08:50:52 1021840] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [x] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys [x] --- Andere Services/Drivers In Geheugen --- *Deregistered* - mfeavfk01 Inhoud van de 'Gedeelde Taken' map 2011-09-21 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:44 . 2010-08-05 12:58:43] 2011-09-21 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-05 12:58:44 . 2010-08-05 12:58:43] --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}] 2010-08-05 12:59:17 750064 ----a-w- C:\ProgramData\Partner\Partner64.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 ------- Bijkomende Scan ------- uLocal Page = C:\Windows\system32\blank.htm uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2527944 uInternet Settings,ProxyOverride = <local> IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.178.1 ------- Bestandsassociaties ------- JSEFile=NOTEPAD.EXE %1 - - - - ORPHANS VERWIJDERD - - - - HKLM-Run-combofix - C:\ComboFix\CF14085.3XE Quote Link naar reactie
0 anoniem Geplaatst: 21 september 2011 Auteur Delen Geplaatst: 21 september 2011 Hoi Tweetzz, hoe draait jouw Windows inmiddels. En een speciale vraag: hoe lang zit jij nog vast aan McAfee? Quote Link naar reactie
0 anoniem Geplaatst: 26 september 2011 Auteur Delen Geplaatst: 26 september 2011 geen problemen meer, kwam echt door een bombardement van mails uit de Arabische Emiraten. McAfee? Hoezo? Heb ik gratis via Xs4all. PS: Abraham, ontzettend bedankt tot nu toe!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Quote Link naar reactie
0 anoniem Geplaatst: 26 september 2011 Auteur Delen Geplaatst: 26 september 2011 Er moet nig wat geregeld worden: sluit alle openstaande webvensters - behalve dit venster, dat je sluit voor het moment, dat je op de knop [b:d62968bd63]Fix checked[/b:d62968bd63] klikt! Start nu HijackThis middels rechtsklik met Administratorrechten (lukt dat niet ga dan naar de installatielokatie van HijackThis en start "hijackthis.exe" vervolgens met administratorrechten.)en klik op de knop [b:d62968bd63]Do a Scan only, R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2527944[/b:d62968bd63] [list:d62968bd63][*:d62968bd63] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen [*:d62968bd63] Sluit nu de webbrowser en vervolgens klik je daarna op de knop [b:d62968bd63]Fix checked[/b:d62968bd63] [*:d62968bd63] Klik hierna HijackThis op uit.[/list:u:d62968bd63] Wat McAfee betreft, dat hele pakket sucks! Bijna één op de twee aanvragen in Hijack This betreft Windows'en slecht beveiligd door McAfee. Quote Link naar reactie
Vraag
anoniem
Link naar reactie
14 antwoorden op deze vraag
Aanbevolen berichten
Om een reactie te plaatsen, moet je eerst inloggen