Mijn dochter is na twee weekjes nog eens op hare pc geweest en ze kan alweer niet op ie8 geraken of chrome of firefox :angry:
Just hetzelfde als toen http://www.minatica.be/threads/70403-ie-8-start-op-maar-dan-zeer-langzaam.....?highlight=
Vraag me af hoedat het komt , plus ik heb gezien dat er soms googleupdater.exe mee opstart , kan het kwaad ?

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Databaseversie: 4380

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

24/09/2010 18:40:48
mbam-log-2010-09-24 (18-40-48).txt

Scantype: Snelle scan
Objecten gescand: 138799
Verstreken tijd: 10 minuut/minuten, 20 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)




Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:15:02, on 24/09/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Logi_MwX.Exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\WINDOWS\system32\msiexec.exe
C:\hijackthislogje\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\s wg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\DNysten\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 7897 bytes

Niets verdachts te zien hoor!! Kun je nog eens ComboFix runnen met de instructies uit de andere topic? Post deze log dan hier voor mij.

Blijft nog altijd hetzelfde .
Maar soms zie ik bij taakbeheer google update.exe opduiken, vraag me af als dat normaal is ,want bij de andere 3 pc's thuis zie ik er niks van opstaan?

ComboFix 10-09-26.04 - DNysten 27/09/2010 19:51:41.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.1023.635 [GMT 2:00]
Gestart vanuit: c:\documents and settings\DNysten\Bureaublad\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((( Bestanden Gemaakt van 2010-08-27 to 2010-09-27 ))))))))))))))))))))))))))))))
.

2010-09-24 17:14 . 2010-09-24 17:14 388096 ----a-r- c:\documents and settings\DNysten\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-09-24 16:28 . 2010-09-24 17:16 -------- d--h--r- c:\documents and settings\DNysten\Onlangs geopend

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-09-24 16:03 . 2009-10-18 10:19 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-08-23 17:33 . 2007-06-01 13:09 -------- d-----w- c:\program files\CCleaner
2010-08-23 17:29 . 2010-08-23 17:29 -------- d-----w- c:\program files\Common Files\Java
2010-08-23 17:28 . 2010-06-11 15:01 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-23 17:28 . 2005-07-01 10:35 -------- d-----w- c:\program files\Java
2010-08-23 17:20 . 2001-09-07 12:00 688122 ----a-w- c:\windows\system32\perfh013.dat
2010-08-23 17:20 . 2001-09-07 12:00 175152 ----a-w- c:\windows\system32\perfc013.dat
2010-08-17 13:17 . 2001-09-07 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-14 13:30 . 2010-08-14 13:30 503808 ----a-w- c:\documents and settings\DNysten\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf0 4-681e5447-n\msvcp71.dll
2010-08-14 13:30 . 2010-08-14 13:30 61440 ----a-w- c:\documents and settings\DNysten\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\448889 2a-571b5fcb-n\decora-sse.dll
2010-08-14 13:30 . 2010-08-14 13:30 499712 ----a-w- c:\documents and settings\DNysten\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf0 4-681e5447-n\jmc.dll
2010-08-14 13:30 . 2010-08-14 13:30 348160 ----a-w- c:\documents and settings\DNysten\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf0 4-681e5447-n\msvcr71.dll
2010-08-14 13:30 . 2010-08-14 13:30 12800 ----a-w- c:\documents and settings\DNysten\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\448889 2a-571b5fcb-n\decora-d3d.dll
2010-08-02 12:55 . 2010-08-02 12:55 0 ----a-w- c:\windows\nsreg.dat
2010-08-02 11:08 . 2004-10-03 18:51 86327 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2010-07-22 15:46 . 2001-09-07 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 06:19 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-12 21:13 . 2010-07-12 21:13 63488 ----a-w- c:\documents and settings\DNysten\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\ SD10006.dll
2010-07-12 21:13 . 2009-10-18 10:20 117760 ----a-w- c:\documents and settings\DNysten\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\ UIREPAIR.DLL
2010-06-30 12:33 . 2001-09-07 12:00 149504 ----a-w- c:\windows\system32\schannel.dll
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}]
2010-01-18 23:31 2074048 ----a-w- c:\program files\Bandoo\Plugins\IE\ieplugin.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-08-02 2403568]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2009-01-23 39408]
"Google Update"="c:\documents and settings\DNysten\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-08-02 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
"nwiz"="nwiz.exe" [2008-05-03 1630208]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Logitech Utility"="Logi_MwX.Exe" [2002-11-08 19968]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 55824]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2007-11-15 08:10 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Bandoo\BndHook.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk
backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2006-10-22 23:48 40048 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 13:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
2005-07-01 09:54 185480 ----a-w- c:\program files\MessengerPlus! 3\MsgPlus.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-05-27 08:50 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-01-23 18:09 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zBrowser Launcher]
2002-11-23 01:15 631362 -c--a-w- c:\program files\Logitech\iTouch\iTouch.exe

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:*:Disabled:Blizzard Downloader
"6112:TCP"= 6112:TCP:*:Disabled:Blizzard Downloader

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13/07/2010 0:33 165456]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [12/10/2009 21:24 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12/10/2009 21:24 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswF sBlk.sys [13/07/2010 0:33 17744]
S3 2802W;SMC2802W 2.4GHz 54 Mbps Wireless PCI Driver;c:\windows\system32\drivers\2802W.sys [8/03/2004 16:23 390112]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12/10/2009 21:24 12872]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 w3304an5;WN3X0X Wireless Adapter;c:\progra~1\SMC\SMC280~1.4GH\INSTAL~1\WINX P\w3304an5.SYS [7/10/2002 4:14 15104]
S4 Vax347b;Vax347b;c:\windows\system32\drivers\Vax347 b.sys [4/04/2007 19:49 159616]
S4 Vax347s;Vax347s;c:\windows\system32\drivers\Vax347 s.sys [4/04/2007 19:49 5248]
.
Inhoud van de 'Gedeelde Taken' map

2010-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299502267-1580436667-839522115-1003Core.job
- c:\documents and settings\DNysten\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-02 12:59]

2010-09-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299502267-1580436667-839522115-1003UA.job
- c:\documents and settings\DNysten\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-02 12:59]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
FF - ProfilePath - c:\documents and settings\DNysten\Application Data\Mozilla\Firefox\Profiles\w4ru0xdx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\DNysten\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dl l
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-27 19:56
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

************************************************** ************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil 10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil1 0i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F 2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F 2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F 2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(684)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(3276)
c:\progra~1\WINDOW~3\wmpband.dll
c:\program files\Microsoft Office\Office10\msohev.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Voltooingstijd: 2010-09-27 19:59:58
ComboFix-quarantined-files.txt 2010-09-27 17:59
ComboFix2.txt 2010-09-27 17:31
ComboFix3.txt 2010-08-08 14:27

Pre-Run: 39.959.191.552 bytes beschikbaar
Post-Run: 39.947.137.024 bytes beschikbaar

Current=3 Default=3 Failed=1 LastKnownGood=2 Sets=,1,2,3
- - End Of File - - C5438FBC182E2F8B73B5AD7114901331

Probeer eens de google toolbar te verwijderen en kijk of je deze melding dan nog krijgt.

Of verwijder via windows verkenner volgend bestand: O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\DNysten\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" <-- bestand.

Hallo rosty , ik heb het verwijderd helaas pindakaas geen soelaas.
Ik heb voor de zekerheid het netwerkkaartje eens uitgenomen en terug in gestoken , maar het werkt niet , het zal wel niet door malware zijn , dat mijn dochter geen internet heeft , zal eens testen of het netwerkkaartje nog werkt via pingen enz......
Deze mag gesloten worden , en bedankt voor de moeite , tot de volgende ......

Graag gedaan hoor!