Pc heel traag bij opstart en internetverbinding

[lex11]

Hallo,

mijn pc is heel langzaam bij opstart en internetverbinding.
moet er wel bij vermelden dat ik windows 7 heb geinstalleerd, die niet meer gebruikt en terug windows xp gebruik; beide systemen staan er dus op.

hier mijn logje
alvast dank
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:15:49, on 26/10/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal


Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\AVAST Software\Avast\AvastSvc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\WINDOWS\System32\svchost.exe
D:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\AVAST Software\Avast\avastUI.exe
D:\program files\canon\myprinter\bjmyprt.exe
D:\program files\ati technologies\ati control panel\atiptaxx.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
D:\program files\messenger\msmsgs.exe
D:\WINDOWS\System32\msiexec.exe
D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=115...0022664165b7a4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer aangeboden door Telenet Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = http://pac.telenet.be:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\s wg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [avast] "D:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] d:\program files\common files\adobe\arm\1.0\adobearm.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] d:\program files\canon\solutionmenu\cnslmain.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] d:\program files\canon\myprinter\bjmyprt.exe /logon
O4 - HKLM\..\Run: [ATIPTA] d:\program files\ati technologies\ati control panel\atiptaxx.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [MSMSGS] "d:\program files\messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Wisdom-soft ScreenHunter 6.0 Free] 0
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
O20 - AppInit_DLLs: d:\docume~1\alluse~1\applic~1\browse~1\23765~1.24\ {16cdf~1\browse~1.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\System32\browseui.dll
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - Unknown owner - D:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Manager - Unknown owner - D:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


--
End of file - 7062 bytes

[EvelineGirl]

Hoi,

1.
Download MalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.
Dubbelklik op mbam-setup.exe om het programma te installeren.
Zorg dat er na de installatie een vinkje is geplaatst bij:

• Update MalwareBytes' Anti-Malware
• Start MalwareBytes' Anti-Malware
• Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.

Klik daarna op "Voltooien".
Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.
Bij problemen!!! (Lees de onderstaande instructies)

• 
  
  1. Malwarebytes' Anti-Malware Chameleon
  2. Problemen bij het installeren van Malwarebytes' Anti-Malware
  3. Problemen bij het updaten van Malwarebytes' Anti-Malware
  4. Problemen bij het starten van Malwarebytes' Anti-Malware

• Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
• Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
• Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
• Druk vervolgens op "Scannen" om de scan te starten.
• Het scannen kan een tijdje duren, dus wees geduldig.
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


2.
Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
Download AdwCleaner by Xplode naar het bureaublad.

• Sluit alle openstaande vensters.
• Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
• Voor XP: Gewoon dubbelklikken op AdwCleaner.
• Klik vervolgens op Verwijderen.
• Klik bij AdwCleaner – Informatie op OK
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de aktie de snelkoppelingen verdwijnen, is normaal.
Nadat de PC opnieuw is opgestart, opent een logfile.
Post aansluitend de inhoud van dit log in je volgende bericht.

3.
Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:
DDS - Bleeping Computer download.
DDS - Bleeping Computer download.
DDS - Infospyware.

Schakel je beveiligings software uit voordat je DDS uitvoert!
(hier of hier) kan je lezen hoe je dat doet.

• Klik met de rechtermuisknop op DDS en kies de optie "Configureren"
  
• Windows Vista en 7 gebruikers zullen een melding van het gebruikersaccountbeheer krijgen, sta hier toe dat DDS wordt uitgevoerd.
• Vink in het onderstaande scherm DDS.txt en Attacht.txt aan en klik op "Start Scan"
  
• Nu zal automatisch het volgende scherm verschijnen.
  
• Als de scan gereed is krijgt u het volgende scherm te zien.
  
• Klik hier op "OK" nu zal automatisch het DDS logje geopend worden in kladblok.
• Het DDS logje is samen met het attach logje opgeslagen op het bureaublad. (Plaats het attach logje alleen indien hierom wordt gevraagd!)
• Post het DDS in het volgende bericht.

[lex11]

Ziehier het gevraagde

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Databaseversie: v2012.10.26.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Eigenaar :: HILDE [administrator]

26/10/2012 13:36:51
mbam-log-2012-10-26 (13-36-51).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 238416
Verstreken tijd: 10 minuut/minuten, 5 seconde

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)

# AdwCleaner v2.005 - Verslag gemaakt op 26/10/2012 om 13:53:49
# Geactualiseerd op 14/10/2012 door Xplode
# Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
# Gebruiker : Eigenaar - HILDE
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : D:\Documents and Settings\Eigenaar\Mijn documenten\Downloads\adwcleaner.exe
# Optie [Zoeken]


***** [Diensten] *****

Aanwezig : Browser Manager

***** [Files / Mappen] *****

Map Aanwezig : D:\Documents and Settings\ALEX\Local Settings\Application Data\Conduit
Map Aanwezig : D:\Documents and Settings\All Users\Application Data\Babylon
Map Aanwezig : D:\Documents and Settings\All Users\Application Data\Browser Manager
Map Aanwezig : D:\Documents and Settings\Eigenaar\Application Data\Babylon
Map Aanwezig : D:\Documents and Settings\Eigenaar\Local Settings\Application Data\Conduit
Map Aanwezig : D:\Documents and Settings\Eigenaar\Menu Start\Programma's\Browser Manager

***** [Register] *****

Data Aanwezig : HKLM\..\Windows [AppInit_DLLs] = d:\docume~1\alluse~1\applic~1\browse~1\23765~1.24\ {16cdf~1\browse~1.dll
Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Conduit
Sleutel Aanwezig : HKCU\Software\Conduit
Sleutel Aanwezig : HKCU\Software\DataMngr
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \bProtectSettings
Sleutel Aanwezig : HKCU\Software\SmartBar
Sleutel Aanwezig : HKCU\Software\Softonic
Sleutel Aanwezig : HKLM\Software\Babylon
Sleutel Aanwezig : HKLM\Software\DataMngr
Sleutel Aanwezig : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmp klohkojmllohdhomoefph
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Waarde Aanwezig : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]

***** [Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=115293&tt=101012_24_4112_7&babsrc=HP_ss&mnt rId=dc2cdfd500000000000022664165b7a4
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://search.babylon.com/?affID=115293&tt=101012_24_4112_7&babsrc=HP_ss&mnt rId=dc2cdfd500000000000022664165b7a4

-\\ Google Chrome v [Onmogelijk de versie te verkrijgen]

File : D:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Aanwezig [l.11] : homepage = "hxxp://search.babylon.com/?affID=115293&tt=101012_24_4112_7&babsrc=HP_ss&mnt rId=dc2cdfd500000000000022664165b7a4",
Aanwezig [l.1487] : homepage = "hxxp://search.babylon.com/?affID=115293&tt=101012_24_4112_7&babsrc=HP_ss&mnt rId=dc2cdfd500000000000022664165b7a4",

File : D:\Documents and Settings\ALEX\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[R1].txt - [3185 octets] - [26/10/2012 13:53:49]

########## EOF - D:\AdwCleaner[R1].txt - [3245 octets] ##########

DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Eigenaar at 13:56:20 on 2012-10-26
Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.511.189 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
D:\Program Files\AVAST Software\Avast\AvastSvc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\AVAST Software\Avast\avastUI.exe
D:\program files\canon\myprinter\bjmyprt.exe
D:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
D:\program files\ati technologies\ati control panel\atiptaxx.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
D:\program files\messenger\msmsgs.exe
D:\Program Files\Google\Chrome\Application\chrome.exe
D:\Program Files\Google\Chrome\Application\chrome.exe
D:\Program Files\Google\Chrome\Application\chrome.exe
D:\WINDOWS\notepad.exe
D:\Program Files\Microsoft Office\Office12\WINWORD.EXE
D:\Documents and Settings\Eigenaar\Mijn documenten\Downloads\adwcleaner.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\WINDOWS\system32\NOTEPAD.EXE
D:\WINDOWS\system32\wbem\wmiprvse.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
D:\WINDOWS\System32\svchost.exe -k LocalService
D:\WINDOWS\System32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=115293&tt=101012_24_4112_7&babsrc=HP_ss&mnt rId=dc2cdfd500000000000022664165b7a4
uWindow Title = Microsoft Internet Explorer aangeboden door Telenet Internet
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - d:\program files\avast software\avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - d:\program files\google\googletoolbarnotifier\5.7.7529.1424\s wg.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - d:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - d:\program files\avast software\avast\aswWebRepIE.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [CTFMON.EXE] d:\windows\system32\ctfmon.exe
uRun: [swg] "d:\program files\google\googletoolbarnotifier\GoogleToolbarNo tifier.exe"
uRun: [MSMSGS] "d:\program files\messenger\msmsgs.exe" /background
uRun: [Wisdom-soft ScreenHunter 6.0 Free] 0
mRun: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
mRun: [avast] "d:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Adobe ARM] d:\program files\common files\adobe\arm\1.0\adobearm.exe
mRun: [CanonSolutionMenu] d:\program files\canon\solutionmenu\cnslmain.exe /logon
mRun: [CanonMyPrinter] d:\program files\canon\myprinter\bjmyprt.exe /logon
mRun: [ATIPTA] d:\program files\ati technologies\ati control panel\atiptaxx.exe
mRunOnce: [Malwarebytes Anti-Malware] d:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [CTFMON.EXE] d:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xporteren naar Microsoft Excel - d:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1349894763625
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{B6B32A64-9506-480A-9381-2FCE9E52AC62} : DHCPNameServer = 192.168.0.1
.
============= SERVICES / DRIVERS ===============
.
R0 viasraid;viasraid;d:\windows\system32\drivers\vias raid.sys [2012-10-7 77312]
R1 aswSnx;aswSnx;d:\windows\system32\drivers\aswSnx.s ys [2012-10-10 729752]
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [2012-10-10 355632]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswF sBlk.sys [2012-10-10 21256]
R2 avast! Antivirus;avast! Antivirus;d:\program files\avast software\avast\AvastSvc.exe [2012-10-10 44808]
R2 Browser Manager;Browser Manager;d:\documents and settings\all users\application data\browser manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-10-14 2203160]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;d:\program files\iobit\advanced systemcare 5\ascservice.exe --> d:\program files\iobit\advanced systemcare 5\ASCService.exe [?]
S2 gupdate;Google Update-service (gupdate);d:\program files\google\update\GoogleUpdate.exe [2012-10-10 136176]
S3 gupdatem;Google Update-service (gupdatem);d:\program files\google\update\GoogleUpdate.exe [2012-10-10 136176]
S3 WinRM;Windows Remote Management (WS-Management);d:\windows\system32\svchost.exe -k WINRM [2003-4-8 14336]
.
=============== Created Last 30 ================
.
2012-10-26 11:30:10 22856 ----a-w- d:\windows\system32\drivers\mbam.sys
2012-10-26 11:30:08 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2012-10-26 09:15:31 388096 ----a-r- d:\documents and settings\eigenaar\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-10-26 09:15:30 -------- d-----w- d:\program files\Trend Micro
2012-10-26 09:13:21 -------- d--h--r- d:\documents and settings\eigenaar\Onlangs geopend
2012-10-26 08:11:30 -------- d-----w- d:\documents and settings\eigenaar\application data\Malwarebytes
2012-10-26 08:11:08 -------- d-----w- d:\documents and settings\all users\application data\Malwarebytes
2012-10-24 06:17:31 -------- d-----w- d:\program files\CCleaner
2012-10-24 05:55:07 -------- d-----w- d:\documents and settings\eigenaar\AppData
2012-10-23 18:01:01 -------- d-----w- d:\windows\system32\wbem\repository\FS
2012-10-23 18:01:01 -------- d-----w- d:\windows\system32\wbem\Repository
2012-10-19 05:12:27 -------- d-----w- d:\documents and settings\eigenaar\PrivacIE
2012-10-17 14:40:12 -------- d-----w- d:\windows\system32\winrm
2012-10-17 14:40:12 -------- d-----w- d:\windows\system32\GroupPolicy
2012-10-17 14:40:01 -------- dc-h--w- d:\windows\$968930Uinstall_KB968930$
2012-10-17 14:39:33 14048 ------w- d:\windows\system32\spmsg2.dll
2012-10-15 12:24:34 214256 ----a-w- d:\windows\system32\muweb.dll
2012-10-15 12:24:33 18160 ----a-w- d:\windows\system32\mucltui.dll.mui
2012-10-15 12:24:32 275696 ----a-w- d:\windows\system32\mucltui.dll
2012-10-15 08:38:15 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\Temp
2012-10-15 08:38:15 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\Adobe
2012-10-14 18:28:08 33104 ----a-w- d:\windows\system32\spool\prtprocs\w32x86\msonpppr .dll
2012-10-14 18:28:08 31640 ----a-w- d:\windows\system32\msonpmon.dll
2012-10-14 18:22:48 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\Microsoft Help
2012-10-14 12:10:07 -------- d-----w- d:\windows\system32\Extensions
2012-10-14 12:10:04 -------- d-----w- d:\windows\system32\searchplugins
2012-10-14 12:09:46 -------- d-----w- d:\documents and settings\all users\application data\Browser Manager
2012-10-14 12:09:20 -------- d-----w- d:\documents and settings\all users\application data\Babylon
2012-10-14 12:09:19 -------- d-----w- d:\documents and settings\eigenaar\application data\Babylon
2012-10-13 17:04:09 -------- d-----w- d:\windows\system32\XPSViewer
2012-10-13 17:03:34 89088 ----a-w- d:\windows\system32\spool\prtprocs\w32x86\filterpi pelineprintproc.dll
2012-10-13 17:03:14 89088 -c----w- d:\windows\system32\dllcache\filterpipelineprintpr oc.dll
2012-10-13 17:03:14 597504 -c----w- d:\windows\system32\dllcache\printfilterpipelinesv c.exe
2012-10-13 17:03:14 597504 ------w- d:\windows\system32\spool\prtprocs\w32x86\printfil terpipelinesvc.exe
2012-10-13 17:03:14 575488 -c----w- d:\windows\system32\dllcache\xpsshhdr.dll
2012-10-13 17:03:14 575488 ------w- d:\windows\system32\xpsshhdr.dll
2012-10-13 17:03:14 117760 ------w- d:\windows\system32\prntvpt.dll
2012-10-13 17:03:13 1676288 -c----w- d:\windows\system32\dllcache\xpssvcs.dll
2012-10-13 17:03:13 1676288 ------w- d:\windows\system32\xpssvcs.dll
2012-10-13 07:10:20 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\NeoSmart_Technologies
2012-10-13 07:00:48 -------- d-----w- d:\program files\NeoSmart Technologies
2012-10-13 06:04:39 -------- d-sh--w- d:\documents and settings\eigenaar\IETldCache
2012-10-13 05:27:18 521728 -c----w- d:\windows\system32\dllcache\jsdbgui.dll
2012-10-13 05:24:53 6144 -c----w- d:\windows\system32\dllcache\iecompat.dll
2012-10-13 05:24:07 -------- d-----w- d:\windows\ie8updates
2012-10-13 05:23:24 12800 -c----w- d:\windows\system32\dllcache\xpshims.dll
2012-10-13 05:23:21 630272 -c----w- d:\windows\system32\dllcache\msfeeds.dll
2012-10-13 05:23:21 55296 -c----w- d:\windows\system32\dllcache\msfeedsbs.dll
2012-10-13 05:23:20 2000384 -c----w- d:\windows\system32\dllcache\iertutil.dll
2012-10-13 05:23:19 247808 -c----w- d:\windows\system32\dllcache\ieproxy.dll
2012-10-13 05:23:17 11111424 -c----w- d:\windows\system32\dllcache\ieframe.dll
2012-10-13 05:23:16 743424 -c----w- d:\windows\system32\dllcache\iedvtool.dll
2012-10-13 05:20:49 -------- dc-h--w- d:\windows\ie8
2012-10-12 17:23:05 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\Conduit
2012-10-12 17:22:38 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\CRE
2012-10-12 17:14:09 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\Wisdom-soft
2012-10-12 17:13:51 -------- d-----w- d:\program files\Wisdom-soft ScreenHunter 6.0 Free
2012-10-12 16:58:23 78336 -c----w- d:\windows\system32\dllcache\browser.dll
2012-10-12 16:58:23 78336 ----a-w- d:\windows\system32\SET464.tmp
2012-10-12 16:58:23 337920 -c----w- d:\windows\system32\dllcache\netapi32.dll
2012-10-12 16:58:23 337920 ----a-w- d:\windows\system32\SET463.tmp
2012-10-12 16:57:49 139784 -c----w- d:\windows\system32\dllcache\rdpwd.sys
2012-10-12 16:57:15 604672 -c----w- d:\windows\system32\dllcache\crypt32.dll
2012-10-12 16:57:15 604672 ----a-w- d:\windows\system32\SET45B.tmp
2012-10-12 16:54:06 347136 -c----w- d:\windows\system32\dllcache\localspl.dll
2012-10-12 16:52:53 1172480 -c----w- d:\windows\system32\dllcache\msxml3.dll
2012-10-12 16:52:53 1172480 ----a-w- d:\windows\system32\SET409.tmp
2012-10-12 16:52:21 152576 ------w- d:\windows\system32\SET405.tmp
2012-10-12 16:51:44 8509952 ------w- d:\windows\system32\SET401.tmp
2012-10-12 16:49:53 1866240 -c----w- d:\windows\system32\dllcache\win32k.sys
2012-10-12 16:49:15 177664 -c----w- d:\windows\system32\dllcache\wintrust.dll
2012-10-12 16:49:15 148480 -c----w- d:\windows\system32\dllcache\imagehlp.dll
2012-10-12 16:48:46 3072 -c----w- d:\windows\system32\dllcache\iacenc.dll
2012-10-12 16:48:46 3072 ------w- d:\windows\system32\iacenc.dll
2012-10-12 16:48:17 293888 ------w- d:\windows\system32\SET3DC.tmp
2012-10-12 16:47:47 23040 -c----w- d:\windows\system32\dllcache\mciseq.dll
2012-10-12 16:47:47 179200 -c----w- d:\windows\system32\dllcache\winmm.dll
2012-10-12 16:47:47 179200 ----a-w- d:\windows\system32\SET3D5.tmp
2012-10-12 16:46:48 354816 -c----w- d:\windows\system32\dllcache\winhttp.dll
2012-10-12 16:46:48 354816 ----a-w- d:\windows\system32\SET3CD.tmp
2012-10-12 16:46:16 386560 -c----w- d:\windows\system32\dllcache\qdvd.dll
2012-10-12 16:45:34 60928 -c----w- d:\windows\system32\dllcache\packager.exe
2012-10-12 16:42:27 1288192 ------w- d:\windows\system32\SET3A1.tmp
2012-10-12 16:39:16 456320 -c----w- d:\windows\system32\dllcache\mrxsmb.sys
2012-10-12 16:38:43 10496 -c----w- d:\windows\system32\dllcache\ndistapi.sys
2012-10-12 16:37:59 33280 -c----w- d:\windows\system32\dllcache\csrsrv.dll
2012-10-12 16:37:59 293888 -c----w- d:\windows\system32\dllcache\winsrv.dll
2012-10-12 16:37:10 758784 -c--a-w- d:\windows\system32\dllcache\vgx.dll
2012-10-12 16:36:44 551936 -c----w- d:\windows\system32\dllcache\oleaut32.dll
2012-10-12 16:36:17 105472 -c----w- d:\windows\system32\dllcache\mup.sys
2012-10-12 16:35:49 471552 -c----w- d:\windows\system32\dllcache\aclayers.dll
2012-10-12 16:35:18 45568 -c----w- d:\windows\system32\dllcache\dnsrslvr.dll
2012-10-12 16:35:18 45568 ----a-w- d:\windows\system32\SET342.tmp
2012-10-12 16:35:18 361600 -c----w- d:\windows\system32\dllcache\tcpip.sys
2012-10-12 16:35:18 247296 -c----w- d:\windows\system32\dllcache\mswsock.dll
2012-10-12 16:35:18 247296 ----a-w- d:\windows\system32\SET341.tmp
2012-10-12 16:35:18 149504 -c----w- d:\windows\system32\dllcache\dnsapi.dll
2012-10-12 16:35:18 149504 ----a-w- d:\windows\system32\SET343.tmp
2012-10-12 16:35:18 138496 -c----w- d:\windows\system32\dllcache\afd.sys
2012-10-12 16:34:51 726528 -c--a-w- d:\windows\system32\dllcache\jscript.dll
2012-10-12 16:34:51 512000 ----a-w- d:\windows\system32\SET339.tmp
2012-10-12 16:34:50 420864 -c--a-w- d:\windows\system32\dllcache\vbscript.dll
2012-10-12 16:34:20 290432 -c----w- d:\windows\system32\dllcache\atmfd.dll
2012-10-12 16:33:23 357888 -c----w- d:\windows\system32\dllcache\srv.sys
2012-10-12 16:32:30 677888 -c----w- d:\windows\system32\dllcache\lhmstsc.exe
2012-10-12 16:32:29 2067456 -c----w- d:\windows\system32\dllcache\lhmstscx.dll
2012-10-12 16:32:02 270848 -c----w- d:\windows\system32\dllcache\sbe.dll
2012-10-12 16:32:02 186880 -c----w- d:\windows\system32\dllcache\encdec.dll
2012-10-12 16:31:32 135680 -c----w- d:\windows\system32\dllcache\shsvcs.dll
2012-10-12 16:31:32 135680 ----a-w- d:\windows\system32\SET2FB.tmp
2012-10-12 16:29:55 8509952 -c----w- d:\windows\system32\dllcache\shell32.dll
2012-10-12 16:29:55 441344 -c----w- d:\windows\system32\dllcache\shimgvw.dll
2012-10-12 16:29:30 301568 ------w- d:\windows\system32\SET2D9.tmp
2012-10-12 16:29:02 536576 -c----w- d:\windows\system32\dllcache\msado15.dll
2012-10-12 16:29:02 249856 -c----w- d:\windows\system32\dllcache\odbc32.dll
2012-10-12 16:29:02 249856 ----a-w- d:\windows\system32\SET2B8.tmp
2012-10-12 16:29:02 200704 -c----w- d:\windows\system32\dllcache\msadox.dll
2012-10-12 16:29:02 180224 -c----w- d:\windows\system32\dllcache\msadomd.dll
2012-10-12 16:29:02 143360 -c----w- d:\windows\system32\dllcache\msadco.dll
2012-10-12 16:29:02 102400 -c----w- d:\windows\system32\dllcache\msjro.dll
2012-10-12 16:28:38 40960 -c----w- d:\windows\system32\dllcache\ndproxy.sys
2012-10-12 16:28:16 86016 -c----w- d:\windows\system32\dllcache\isign32.dll
2012-10-12 16:27:52 45568 -c----w- d:\windows\system32\dllcache\wab.exe
2012-10-12 16:27:29 590848 -c----w- d:\windows\system32\dllcache\rpcrt4.dll
2012-10-12 16:27:29 590848 ----a-w- d:\windows\system32\SET2A5.tmp
2012-10-12 16:26:40 978944 -c----w- d:\windows\system32\dllcache\mfc42.dll
2012-10-12 16:26:40 953856 -c----w- d:\windows\system32\dllcache\mfc40u.dll
2012-10-12 16:25:42 617472 -c----w- d:\windows\system32\dllcache\comctl32.dll
2012-10-12 16:25:04 1288192 -c----w- d:\windows\system32\dllcache\ole32.dll
2012-10-12 16:23:53 58880 -c----w- d:\windows\system32\dllcache\spoolsv.exe
2012-10-12 16:23:53 58880 ----a-w- d:\windows\system32\SET273.tmp
2012-10-12 16:23:25 406016 -c----w- d:\windows\system32\dllcache\usp10.dll
2012-10-12 16:23:25 406016 ----a-w- d:\windows\system32\SET26B.tmp
2012-10-12 16:22:59 3558912 -c----w- d:\windows\system32\dllcache\moviemk.exe
2012-10-12 16:21:47 744448 -c----w- d:\windows\system32\dllcache\helpsvc.exe
2012-10-12 16:21:22 65536 -c----w- d:\windows\system32\dllcache\asycfilt.dll
2012-10-12 16:20:36 692736 -c----w- d:\windows\system32\dllcache\inetcomm.dll
2012-10-12 16:20:18 293376 ------w- d:\windows\system32\browserchoice.exe
2012-10-12 16:19:52 226880 -c----w- d:\windows\system32\dllcache\tcpip6.sys
2012-10-12 16:19:52 100864 -c----w- d:\windows\system32\dllcache\6to4svc.dll
2012-10-12 16:19:35 87040 -c----w- d:\windows\system32\dllcache\cabview.dll
2012-10-12 16:18:59 345600 -c----w- d:\windows\system32\dllcache\mspaint.exe
2012-10-12 16:18:36 8704 -c----w- d:\windows\system32\dllcache\tsbyuv.dll
2012-10-12 16:18:36 85504 -c----w- d:\windows\system32\dllcache\avifil32.dll
2012-10-12 16:18:36 48128 -c----w- d:\windows\system32\dllcache\iyuv_32.dll
2012-10-12 16:18:36 11264 -c----w- d:\windows\system32\dllcache\msrle32.dll
2012-10-12 16:18:14 17920 -c----w- d:\windows\system32\dllcache\msyuv.dll
2012-10-12 16:18:13 1296384 -c----w- d:\windows\system32\dllcache\quartz.dll
2012-10-12 16:17:56 474624 -c----w- d:\windows\system32\dllcache\shlwapi.dll
2012-10-12 16:17:56 474624 ----a-w- d:\windows\system32\SET207.tmp
2012-10-12 16:17:37 81920 -c----w- d:\windows\system32\dllcache\fontsub.dll
2012-10-12 16:17:37 119808 -c----w- d:\windows\system32\dllcache\t2embed.dll
2012-10-12 16:16:44 270848 -c----w- d:\windows\system32\dllcache\oakley.dll
2012-10-12 16:16:44 270848 ----a-w- d:\windows\system32\SET1E5.tmp
2012-10-12 16:16:27 79872 -c----w- d:\windows\system32\dllcache\raschap.dll
2012-10-12 16:16:27 79872 ----a-w- d:\windows\system32\SET1DF.tmp
2012-10-12 16:16:27 150016 -c----w- d:\windows\system32\dllcache\rastls.dll
2012-10-12 16:16:27 150016 ----a-w- d:\windows\system32\SET1DE.tmp
2012-10-12 16:14:59 58880 -c----w- d:\windows\system32\dllcache\msasn1.dll
2012-10-12 16:14:59 58880 ----a-w- d:\windows\system32\SET1B6.tmp
2012-10-12 16:14:16 153088 -c----w- d:\windows\system32\dllcache\triedit.dll
2012-10-12 16:14:02 132096 -c----w- d:\windows\system32\dllcache\wkssvc.dll
2012-10-12 16:13:47 205312 -c----w- d:\windows\system32\dllcache\mswebdvd.dll
2012-10-12 16:13:31 79872 -c----w- d:\windows\system32\dllcache\telnet.exe
2012-10-12 16:13:13 58880 -c----w- d:\windows\system32\dllcache\atl.dll
2012-10-12 16:13:13 58880 ----a-w- d:\windows\system32\SET19C.tmp
2012-10-12 16:10:40 331776 -c----w- d:\windows\system32\dllcache\msadce.dll
2012-10-12 16:10:09 272640 -c----w- d:\windows\system32\dllcache\bthport.sys
2012-10-12 16:09:50 203136 -c----w- d:\windows\system32\dllcache\rmcast.sys
2012-10-12 16:09:39 -------- d-----w- d:\windows\system32\PreInstall
2012-10-12 16:09:31 -------- d--h--w- d:\windows\$hf_mig$
2012-10-12 15:56:50 24088 ----a-w- d:\windows\system32\wucltui.dll.mui
2012-10-12 15:56:50 -------- d-----w- d:\windows\system32\SoftwareDistribution
2012-10-12 15:56:49 18456 ----a-w- d:\windows\system32\wuaueng.dll.mui
2012-10-12 15:56:48 15896 ----a-w- d:\windows\system32\wuaucpl.cpl.mui
2012-10-12 15:56:47 15896 ----a-w- d:\windows\system32\wuapi.dll.mui
2012-10-12 15:55:45 22400 ----a-w- d:\windows\system32\RegistryDefragBootTime.exe
2012-10-12 15:48:04 -------- d-----w- d:\documents and settings\all users\application data\IObit
2012-10-12 15:47:48 -------- d-----w- d:\documents and settings\eigenaar\application data\IObit
2012-10-12 15:47:31 -------- d-----w- d:\program files\IObit
2012-10-10 19:21:14 729752 ----a-w- d:\windows\system32\drivers\aswSnx.sys
2012-10-10 19:20:21 41224 ----a-w- d:\windows\avastSS.scr
2012-10-10 19:19:55 -------- d-----w- d:\program files\AVAST Software
2012-10-10 19:19:55 -------- d-----w- d:\documents and settings\all users\application data\AVAST Software
2012-10-10 19:05:59 7168 ------w- d:\windows\system32\bitsprx4.dll
2012-10-10 19:03:55 8192 -c----w- d:\windows\system32\dllcache\asferror.dll
2012-10-10 19:02:21 -------- d-----w- d:\windows\network diagnostic
2012-10-10 19:02:20 144384 ------w- d:\windows\system32\drivers\hdaudbus.sys
2012-10-10 19:02:19 10240 ------w- d:\windows\system32\drivers\sffp_mmc.sys
2012-10-10 18:40:05 -------- d-----w- d:\windows\system32\wbem\AutoRecover
2012-10-10 18:31:03 -------- d-----w- d:\windows\ServicePackFiles
2012-10-10 18:27:51 26144 ----a-w- d:\windows\system32\spupdsvc.exe
2012-10-10 18:25:51 -------- d-----w- d:\windows\EHome
2012-10-10 17:47:12 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\Identities
2012-10-10 17:34:24 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\Google
2012-10-08 10:22:49 -------- d-sh--w- D:\$RECYCLE.BIN
2012-10-07 15:51:53 159744 ----a-r- d:\windows\system32\drivers\Fasttx2k.sys
2012-10-07 15:51:53 118784 ----a-r- d:\windows\system32\ptipbmf.dll
2012-10-07 14:17:07 -------- d-sh--w- d:\documents and settings\eigenaar\UserData
2012-10-07 13:57:16 -------- d--h--w- d:\documents and settings\all users\application data\CanonIJSolutionMenu
2012-10-07 13:57:13 -------- d--h--w- d:\documents and settings\all users\application data\CanonIJMyPrinter
2012-10-07 13:56:58 -------- d-----w- d:\documents and settings\all users\application data\CanonIJPLM
2012-10-07 13:55:39 303104 ----a-w- d:\windows\system32\CNC550L.dll
2012-10-07 13:55:39 110592 ----a-w- d:\windows\system32\CNC550I.dll
2012-10-07 13:55:38 15872 ----a-w- d:\windows\system32\CNHMCA.dll
2012-10-07 13:55:38 15104 ----a-w- d:\windows\system32\drivers\usbscan.sys
2012-10-07 13:55:38 1310720 ----a-w- d:\windows\system32\CNC550C.dll
2012-10-07 13:55:38 106496 ----a-w- d:\windows\system32\CNC550U.dll
2012-10-07 13:55:01 -------- d-----w- d:\program files\common files\CANON
2012-10-07 13:52:36 70656 ----a-w- d:\windows\system32\spool\prtprocs\w32x86\CNMPP9Z. DLL
2012-10-07 13:52:36 27648 ----a-w- d:\windows\system32\spool\prtprocs\w32x86\CNMPD9Z. DLL
2012-10-07 13:52:35 272384 ----a-w- d:\windows\system32\CNMLM9Z.DLL
2012-10-07 13:52:28 90112 ----a-w- d:\windows\system32\CNC550O.dll
2012-10-07 13:52:25 178176 ----a-w- d:\windows\system32\CNMIU9Z.DLL
2012-10-07 13:51:38 -------- d-----w- d:\program files\Canon
2012-10-07 13:18:42 25856 ----a-w- d:\windows\system32\drivers\usbprint.sys
2012-10-07 13:18:32 32128 ----a-w- d:\windows\system32\drivers\usbccgp.sys
.
==================== Find3M ====================
.
2012-10-07 11:36:45 44 ----a-w- d:\windows\system32\msssc.dll
2012-08-30 20:33:49 670208 ----a-w- d:\windows\system32\SET424.tmp
2012-08-30 20:33:49 628736 ----a-w- d:\windows\system32\SET425.tmp
2012-08-30 20:33:49 37888 ----a-w- d:\windows\system32\SET426.tmp
2012-08-30 20:33:49 1510400 ----a-w- d:\windows\system32\SET428.tmp
2012-08-30 20:33:48 3109888 ----a-w- d:\windows\system32\SET42B.tmp
2012-08-30 20:33:47 1025024 ----a-w- d:\windows\system32\SET42D.tmp
2012-08-28 15:17:28 916992 ----a-w- d:\windows\system32\wininet.dll
2012-08-28 15:17:20 43520 ------w- d:\windows\system32\licmgr10.dll
2012-08-28 15:17:19 1469440 ------w- d:\windows\system32\inetcpl.cpl
2012-08-28 12:07:32 385024 ------w- d:\windows\system32\html.iec
2012-08-24 13:53:52 177664 ----a-w- d:\windows\system32\wintrust.dll
2012-08-24 13:53:52 177664 ------w- d:\windows\system32\SET448.tmp
2012-08-23 06:27:36 2197248 ----a-w- d:\windows\system32\ntoskrnl.exe
2012-08-23 06:27:36 2073984 ----a-w- d:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 13:57:10,37 ===========

[EvelineGirl]

Hoi,

1.
Sluit alle openstaande vensters en start Adwcleaner opnieuw.
Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
Voor XP: Gewoon dubbelklikken op AdwCleaner.
Klik vervolgens op Verwijderen.
Klik bij AdwCleaner – Informatie op OK
Klik bij AdwCleaner – Herstarten Noodzakelijk op OK.
Na de herstart post je het logje wat je hebt gekregen.

2.
Post een nieuw DDS log ter controle.

[lex11]

# AdwCleaner v2.005 - Verslag gemaakt op 26/10/2012 om 14:37:22
# Geactualiseerd op 14/10/2012 door Xplode
# Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
# Gebruiker : Eigenaar - HILDE
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : D:\Documents and Settings\Eigenaar\Mijn documenten\Downloads\adwcleaner.exe
# Optie [Verwijderen]




***** [Diensten] *****




***** [Files / Mappen] *****


Verwijdert bij het opstarten : D:\Documents and Settings\All Users\Application Data\Browser Manager


***** [Register] *****


Data Verwijdert : HKLM\..\Windows [AppInit_DLLs] = d:\docume~1\alluse~1\applic~1\browse~1\23765~1.24\ {16cdf~1\browse~1.dll
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \bProtectSettings


***** [Browsers] *****


-\\ Internet Explorer v8.0.6001.18702


[OK] Het register bevat geen enkele ongeoorloofde invoer.


-\\ Google Chrome v [Onmogelijk de versie te verkrijgen]


File : D:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences


[OK] De file bevat geen enkele ongeoorloofde invoer.


File : D:\Documents and Settings\ALEX\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences


[OK] De file bevat geen enkele ongeoorloofde invoer.


*************************


AdwCleaner[R1].txt - [3314 octets] - [26/10/2012 13:53:49]
AdwCleaner[R2].txt - [3374 octets] - [26/10/2012 13:54:06]
AdwCleaner[R3].txt - [3438 octets] - [26/10/2012 14:27:46]
AdwCleaner[S2].txt - [3509 octets] - [26/10/2012 14:29:58]
AdwCleaner[S3].txt - [1582 octets] - [26/10/2012 14:37:22]


########## EOF - D:\AdwCleaner[S3].txt - [1642 octets] ##########

[EvelineGirl]

Nu nog een nieuw DDS logje aub.

[lex11]

DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Eigenaar at 15:23:53 on 2012-10-26
Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.511.127 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
D:\Program Files\AVAST Software\Avast\AvastSvc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\AVAST Software\Avast\avastUI.exe
D:\program files\canon\myprinter\bjmyprt.exe
D:\program files\ati technologies\ati control panel\atiptaxx.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
D:\program files\messenger\msmsgs.exe
D:\WINDOWS\System32\alg.exe
D:\Program Files\Google\Chrome\Application\chrome.exe
D:\Program Files\Google\Chrome\Application\chrome.exe
D:\Program Files\Google\Chrome\Application\chrome.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
D:\WINDOWS\System32\svchost.exe -k LocalService
D:\WINDOWS\System32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uWindow Title = Microsoft Internet Explorer aangeboden door Telenet Internet
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - d:\program files\avast software\avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - d:\program files\google\googletoolbarnotifier\5.7.7529.1424\s wg.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - d:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - d:\program files\avast software\avast\aswWebRepIE.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [CTFMON.EXE] d:\windows\system32\ctfmon.exe
uRun: [swg] "d:\program files\google\googletoolbarnotifier\GoogleToolbarNo tifier.exe"
uRun: [MSMSGS] "d:\program files\messenger\msmsgs.exe" /background
uRun: [Wisdom-soft ScreenHunter 6.0 Free] 0
mRun: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
mRun: [avast] "d:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Adobe ARM] d:\program files\common files\adobe\arm\1.0\adobearm.exe
mRun: [CanonSolutionMenu] d:\program files\canon\solutionmenu\cnslmain.exe /logon
mRun: [CanonMyPrinter] d:\program files\canon\myprinter\bjmyprt.exe /logon
mRun: [ATIPTA] d:\program files\ati technologies\ati control panel\atiptaxx.exe
dRun: [CTFMON.EXE] d:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xporteren naar Microsoft Excel - d:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1349894763625
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{B6B32A64-9506-480A-9381-2FCE9E52AC62} : DHCPNameServer = 192.168.0.1
.
============= SERVICES / DRIVERS ===============
.
R0 viasraid;viasraid;d:\windows\system32\drivers\vias raid.sys [2012-10-7 77312]
R1 aswSnx;aswSnx;d:\windows\system32\drivers\aswSnx.s ys [2012-10-10 729752]
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [2012-10-10 355632]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswF sBlk.sys [2012-10-10 21256]
R2 avast! Antivirus;avast! Antivirus;d:\program files\avast software\avast\AvastSvc.exe [2012-10-10 44808]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;d:\program files\iobit\advanced systemcare 5\ascservice.exe --> d:\program files\iobit\advanced systemcare 5\ASCService.exe [?]
S2 gupdate;Google Update-service (gupdate);d:\program files\google\update\GoogleUpdate.exe [2012-10-10 136176]
S3 gupdatem;Google Update-service (gupdatem);d:\program files\google\update\GoogleUpdate.exe [2012-10-10 136176]
S3 WinRM;Windows Remote Management (WS-Management);d:\windows\system32\svchost.exe -k WINRM [2003-4-8 14336]
.
=============== Created Last 30 ================
.
2012-10-26 13:23:35 -------- d--h--w- d:\windows\PIF
2012-10-26 11:30:10 22856 ----a-w- d:\windows\system32\drivers\mbam.sys
2012-10-26 11:30:08 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2012-10-26 09:15:31 388096 ----a-r- d:\documents and settings\eigenaar\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-10-26 09:15:30 -------- d-----w- d:\program files\Trend Micro
2012-10-26 09:13:21 -------- d--h--r- d:\documents and settings\eigenaar\Onlangs geopend
2012-10-26 08:11:30 -------- d-----w- d:\documents and settings\eigenaar\application data\Malwarebytes
2012-10-26 08:11:08 -------- d-----w- d:\documents and settings\all users\application data\Malwarebytes
2012-10-24 06:17:31 -------- d-----w- d:\program files\CCleaner
2012-10-24 05:55:07 -------- d-----w- d:\documents and settings\eigenaar\AppData
2012-10-23 18:01:01 -------- d-----w- d:\windows\system32\wbem\repository\FS
2012-10-23 18:01:01 -------- d-----w- d:\windows\system32\wbem\Repository
2012-10-19 05:12:27 -------- d-----w- d:\documents and settings\eigenaar\PrivacIE
2012-10-17 14:40:12 -------- d-----w- d:\windows\system32\winrm
2012-10-17 14:40:12 -------- d-----w- d:\windows\system32\GroupPolicy
2012-10-17 14:40:01 -------- dc-h--w- d:\windows\$968930Uinstall_KB968930$
2012-10-17 14:39:33 14048 ------w- d:\windows\system32\spmsg2.dll
2012-10-15 12:24:34 214256 ----a-w- d:\windows\system32\muweb.dll
2012-10-15 12:24:33 18160 ----a-w- d:\windows\system32\mucltui.dll.mui
2012-10-15 12:24:32 275696 ----a-w- d:\windows\system32\mucltui.dll
2012-10-15 08:38:15 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\Temp
2012-10-15 08:38:15 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\Adobe
2012-10-14 18:28:08 33104 ----a-w- d:\windows\system32\spool\prtprocs\w32x86\msonpppr .dll
2012-10-14 18:28:08 31640 ----a-w- d:\windows\system32\msonpmon.dll
2012-10-14 18:22:48 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\Microsoft Help
2012-10-14 12:10:07 -------- d-----w- d:\windows\system32\Extensions
2012-10-14 12:10:04 -------- d-----w- d:\windows\system32\searchplugins
2012-10-13 17:04:09 -------- d-----w- d:\windows\system32\XPSViewer
2012-10-13 17:03:34 89088 ----a-w- d:\windows\system32\spool\prtprocs\w32x86\filterpi pelineprintproc.dll
2012-10-13 17:03:14 89088 -c----w- d:\windows\system32\dllcache\filterpipelineprintpr oc.dll
2012-10-13 17:03:14 597504 -c----w- d:\windows\system32\dllcache\printfilterpipelinesv c.exe
2012-10-13 17:03:14 597504 ------w- d:\windows\system32\spool\prtprocs\w32x86\printfil terpipelinesvc.exe
2012-10-13 17:03:14 575488 -c----w- d:\windows\system32\dllcache\xpsshhdr.dll
2012-10-13 17:03:14 575488 ------w- d:\windows\system32\xpsshhdr.dll
2012-10-13 17:03:14 117760 ------w- d:\windows\system32\prntvpt.dll
2012-10-13 17:03:13 1676288 -c----w- d:\windows\system32\dllcache\xpssvcs.dll
2012-10-13 17:03:13 1676288 ------w- d:\windows\system32\xpssvcs.dll
2012-10-13 07:10:20 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\NeoSmart_Technologies
2012-10-13 07:00:48 -------- d-----w- d:\program files\NeoSmart Technologies
2012-10-13 06:04:39 -------- d-sh--w- d:\documents and settings\eigenaar\IETldCache
2012-10-13 05:27:18 521728 -c----w- d:\windows\system32\dllcache\jsdbgui.dll
2012-10-13 05:24:53 6144 -c----w- d:\windows\system32\dllcache\iecompat.dll
2012-10-13 05:24:07 -------- d-----w- d:\windows\ie8updates
2012-10-13 05:23:24 12800 -c----w- d:\windows\system32\dllcache\xpshims.dll
2012-10-13 05:23:21 630272 -c----w- d:\windows\system32\dllcache\msfeeds.dll
2012-10-13 05:23:21 55296 -c----w- d:\windows\system32\dllcache\msfeedsbs.dll
2012-10-13 05:23:20 2000384 -c----w- d:\windows\system32\dllcache\iertutil.dll
2012-10-13 05:23:19 247808 -c----w- d:\windows\system32\dllcache\ieproxy.dll
2012-10-13 05:23:17 11111424 -c----w- d:\windows\system32\dllcache\ieframe.dll
2012-10-13 05:23:16 743424 -c----w- d:\windows\system32\dllcache\iedvtool.dll
2012-10-13 05:20:49 -------- dc-h--w- d:\windows\ie8
2012-10-12 17:22:38 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\CRE
2012-10-12 17:14:09 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\Wisdom-soft
2012-10-12 17:13:51 -------- d-----w- d:\program files\Wisdom-soft ScreenHunter 6.0 Free
2012-10-12 16:58:23 78336 -c----w- d:\windows\system32\dllcache\browser.dll
2012-10-12 16:58:23 78336 ----a-w- d:\windows\system32\SET464.tmp
2012-10-12 16:58:23 337920 -c----w- d:\windows\system32\dllcache\netapi32.dll
2012-10-12 16:58:23 337920 ----a-w- d:\windows\system32\SET463.tmp
2012-10-12 16:57:49 139784 -c----w- d:\windows\system32\dllcache\rdpwd.sys
2012-10-12 16:57:15 604672 -c----w- d:\windows\system32\dllcache\crypt32.dll
2012-10-12 16:57:15 604672 ----a-w- d:\windows\system32\SET45B.tmp
2012-10-12 16:54:06 347136 -c----w- d:\windows\system32\dllcache\localspl.dll
2012-10-12 16:52:53 1172480 -c----w- d:\windows\system32\dllcache\msxml3.dll
2012-10-12 16:52:53 1172480 ----a-w- d:\windows\system32\SET409.tmp
2012-10-12 16:52:21 152576 ------w- d:\windows\system32\SET405.tmp
2012-10-12 16:51:44 8509952 ------w- d:\windows\system32\SET401.tmp
2012-10-12 16:49:53 1866240 -c----w- d:\windows\system32\dllcache\win32k.sys
2012-10-12 16:49:15 177664 -c----w- d:\windows\system32\dllcache\wintrust.dll
2012-10-12 16:49:15 148480 -c----w- d:\windows\system32\dllcache\imagehlp.dll
2012-10-12 16:48:46 3072 -c----w- d:\windows\system32\dllcache\iacenc.dll
2012-10-12 16:48:46 3072 ------w- d:\windows\system32\iacenc.dll
2012-10-12 16:48:17 293888 ------w- d:\windows\system32\SET3DC.tmp
2012-10-12 16:47:47 23040 -c----w- d:\windows\system32\dllcache\mciseq.dll
2012-10-12 16:47:47 179200 -c----w- d:\windows\system32\dllcache\winmm.dll
2012-10-12 16:47:47 179200 ----a-w- d:\windows\system32\SET3D5.tmp
2012-10-12 16:46:48 354816 -c----w- d:\windows\system32\dllcache\winhttp.dll
2012-10-12 16:46:48 354816 ----a-w- d:\windows\system32\SET3CD.tmp
2012-10-12 16:46:16 386560 -c----w- d:\windows\system32\dllcache\qdvd.dll
2012-10-12 16:45:34 60928 -c----w- d:\windows\system32\dllcache\packager.exe
2012-10-12 16:42:27 1288192 ------w- d:\windows\system32\SET3A1.tmp
2012-10-12 16:39:16 456320 -c----w- d:\windows\system32\dllcache\mrxsmb.sys
2012-10-12 16:38:43 10496 -c----w- d:\windows\system32\dllcache\ndistapi.sys
2012-10-12 16:37:59 33280 -c----w- d:\windows\system32\dllcache\csrsrv.dll
2012-10-12 16:37:59 293888 -c----w- d:\windows\system32\dllcache\winsrv.dll
2012-10-12 16:37:10 758784 -c--a-w- d:\windows\system32\dllcache\vgx.dll
2012-10-12 16:36:44 551936 -c----w- d:\windows\system32\dllcache\oleaut32.dll
2012-10-12 16:36:17 105472 -c----w- d:\windows\system32\dllcache\mup.sys
2012-10-12 16:35:49 471552 -c----w- d:\windows\system32\dllcache\aclayers.dll
2012-10-12 16:35:18 45568 -c----w- d:\windows\system32\dllcache\dnsrslvr.dll
2012-10-12 16:35:18 45568 ----a-w- d:\windows\system32\SET342.tmp
2012-10-12 16:35:18 361600 -c----w- d:\windows\system32\dllcache\tcpip.sys
2012-10-12 16:35:18 247296 -c----w- d:\windows\system32\dllcache\mswsock.dll
2012-10-12 16:35:18 247296 ----a-w- d:\windows\system32\SET341.tmp
2012-10-12 16:35:18 149504 -c----w- d:\windows\system32\dllcache\dnsapi.dll
2012-10-12 16:35:18 149504 ----a-w- d:\windows\system32\SET343.tmp
2012-10-12 16:35:18 138496 -c----w- d:\windows\system32\dllcache\afd.sys
2012-10-12 16:34:51 726528 -c--a-w- d:\windows\system32\dllcache\jscript.dll
2012-10-12 16:34:51 512000 ----a-w- d:\windows\system32\SET339.tmp
2012-10-12 16:34:50 420864 -c--a-w- d:\windows\system32\dllcache\vbscript.dll
2012-10-12 16:34:20 290432 -c----w- d:\windows\system32\dllcache\atmfd.dll
2012-10-12 16:33:23 357888 -c----w- d:\windows\system32\dllcache\srv.sys
2012-10-12 16:32:30 677888 -c----w- d:\windows\system32\dllcache\lhmstsc.exe
2012-10-12 16:32:29 2067456 -c----w- d:\windows\system32\dllcache\lhmstscx.dll
2012-10-12 16:32:02 270848 -c----w- d:\windows\system32\dllcache\sbe.dll
2012-10-12 16:32:02 186880 -c----w- d:\windows\system32\dllcache\encdec.dll
2012-10-12 16:31:32 135680 -c----w- d:\windows\system32\dllcache\shsvcs.dll
2012-10-12 16:31:32 135680 ----a-w- d:\windows\system32\SET2FB.tmp
2012-10-12 16:29:55 8509952 -c----w- d:\windows\system32\dllcache\shell32.dll
2012-10-12 16:29:55 441344 -c----w- d:\windows\system32\dllcache\shimgvw.dll
2012-10-12 16:29:30 301568 ------w- d:\windows\system32\SET2D9.tmp
2012-10-12 16:29:02 536576 -c----w- d:\windows\system32\dllcache\msado15.dll
2012-10-12 16:29:02 249856 -c----w- d:\windows\system32\dllcache\odbc32.dll
2012-10-12 16:29:02 249856 ----a-w- d:\windows\system32\SET2B8.tmp
2012-10-12 16:29:02 200704 -c----w- d:\windows\system32\dllcache\msadox.dll
2012-10-12 16:29:02 180224 -c----w- d:\windows\system32\dllcache\msadomd.dll
2012-10-12 16:29:02 143360 -c----w- d:\windows\system32\dllcache\msadco.dll
2012-10-12 16:29:02 102400 -c----w- d:\windows\system32\dllcache\msjro.dll
2012-10-12 16:28:38 40960 -c----w- d:\windows\system32\dllcache\ndproxy.sys
2012-10-12 16:28:16 86016 -c----w- d:\windows\system32\dllcache\isign32.dll
2012-10-12 16:27:52 45568 -c----w- d:\windows\system32\dllcache\wab.exe
2012-10-12 16:27:29 590848 -c----w- d:\windows\system32\dllcache\rpcrt4.dll
2012-10-12 16:27:29 590848 ----a-w- d:\windows\system32\SET2A5.tmp
2012-10-12 16:26:40 978944 -c----w- d:\windows\system32\dllcache\mfc42.dll
2012-10-12 16:26:40 953856 -c----w- d:\windows\system32\dllcache\mfc40u.dll
2012-10-12 16:25:42 617472 -c----w- d:\windows\system32\dllcache\comctl32.dll
2012-10-12 16:25:04 1288192 -c----w- d:\windows\system32\dllcache\ole32.dll
2012-10-12 16:23:53 58880 -c----w- d:\windows\system32\dllcache\spoolsv.exe
2012-10-12 16:23:53 58880 ----a-w- d:\windows\system32\SET273.tmp
2012-10-12 16:23:25 406016 -c----w- d:\windows\system32\dllcache\usp10.dll
2012-10-12 16:23:25 406016 ----a-w- d:\windows\system32\SET26B.tmp
2012-10-12 16:22:59 3558912 -c----w- d:\windows\system32\dllcache\moviemk.exe
2012-10-12 16:21:47 744448 -c----w- d:\windows\system32\dllcache\helpsvc.exe
2012-10-12 16:21:22 65536 -c----w- d:\windows\system32\dllcache\asycfilt.dll
2012-10-12 16:20:36 692736 -c----w- d:\windows\system32\dllcache\inetcomm.dll
2012-10-12 16:20:18 293376 ------w- d:\windows\system32\browserchoice.exe
2012-10-12 16:19:52 226880 -c----w- d:\windows\system32\dllcache\tcpip6.sys
2012-10-12 16:19:52 100864 -c----w- d:\windows\system32\dllcache\6to4svc.dll
2012-10-12 16:19:35 87040 -c----w- d:\windows\system32\dllcache\cabview.dll
2012-10-12 16:18:59 345600 -c----w- d:\windows\system32\dllcache\mspaint.exe
2012-10-12 16:18:36 8704 -c----w- d:\windows\system32\dllcache\tsbyuv.dll
2012-10-12 16:18:36 85504 -c----w- d:\windows\system32\dllcache\avifil32.dll
2012-10-12 16:18:36 48128 -c----w- d:\windows\system32\dllcache\iyuv_32.dll
2012-10-12 16:18:36 11264 -c----w- d:\windows\system32\dllcache\msrle32.dll
2012-10-12 16:18:14 17920 -c----w- d:\windows\system32\dllcache\msyuv.dll
2012-10-12 16:18:13 1296384 -c----w- d:\windows\system32\dllcache\quartz.dll
2012-10-12 16:17:56 474624 -c----w- d:\windows\system32\dllcache\shlwapi.dll
2012-10-12 16:17:56 474624 ----a-w- d:\windows\system32\SET207.tmp
2012-10-12 16:17:37 81920 -c----w- d:\windows\system32\dllcache\fontsub.dll
2012-10-12 16:17:37 119808 -c----w- d:\windows\system32\dllcache\t2embed.dll
2012-10-12 16:16:44 270848 -c----w- d:\windows\system32\dllcache\oakley.dll
2012-10-12 16:16:44 270848 ----a-w- d:\windows\system32\SET1E5.tmp
2012-10-12 16:16:27 79872 -c----w- d:\windows\system32\dllcache\raschap.dll
2012-10-12 16:16:27 79872 ----a-w- d:\windows\system32\SET1DF.tmp
2012-10-12 16:16:27 150016 -c----w- d:\windows\system32\dllcache\rastls.dll
2012-10-12 16:16:27 150016 ----a-w- d:\windows\system32\SET1DE.tmp
2012-10-12 16:14:59 58880 -c----w- d:\windows\system32\dllcache\msasn1.dll
2012-10-12 16:14:59 58880 ----a-w- d:\windows\system32\SET1B6.tmp
2012-10-12 16:14:16 153088 -c----w- d:\windows\system32\dllcache\triedit.dll
2012-10-12 16:14:02 132096 -c----w- d:\windows\system32\dllcache\wkssvc.dll
2012-10-12 16:13:47 205312 -c----w- d:\windows\system32\dllcache\mswebdvd.dll
2012-10-12 16:13:31 79872 -c----w- d:\windows\system32\dllcache\telnet.exe
2012-10-12 16:13:13 58880 -c----w- d:\windows\system32\dllcache\atl.dll
2012-10-12 16:13:13 58880 ----a-w- d:\windows\system32\SET19C.tmp
2012-10-12 16:10:40 331776 -c----w- d:\windows\system32\dllcache\msadce.dll
2012-10-12 16:10:09 272640 -c----w- d:\windows\system32\dllcache\bthport.sys
2012-10-12 16:09:50 203136 -c----w- d:\windows\system32\dllcache\rmcast.sys
2012-10-12 16:09:39 -------- d-----w- d:\windows\system32\PreInstall
2012-10-12 16:09:31 -------- d--h--w- d:\windows\$hf_mig$
2012-10-12 15:56:50 24088 ----a-w- d:\windows\system32\wucltui.dll.mui
2012-10-12 15:56:50 -------- d-----w- d:\windows\system32\SoftwareDistribution
2012-10-12 15:56:49 18456 ----a-w- d:\windows\system32\wuaueng.dll.mui
2012-10-12 15:56:48 15896 ----a-w- d:\windows\system32\wuaucpl.cpl.mui
2012-10-12 15:56:47 15896 ----a-w- d:\windows\system32\wuapi.dll.mui
2012-10-12 15:55:45 22400 ----a-w- d:\windows\system32\RegistryDefragBootTime.exe
2012-10-12 15:48:04 -------- d-----w- d:\documents and settings\all users\application data\IObit
2012-10-12 15:47:48 -------- d-----w- d:\documents and settings\eigenaar\application data\IObit
2012-10-12 15:47:31 -------- d-----w- d:\program files\IObit
2012-10-10 19:21:14 729752 ----a-w- d:\windows\system32\drivers\aswSnx.sys
2012-10-10 19:20:21 41224 ----a-w- d:\windows\avastSS.scr
2012-10-10 19:19:55 -------- d-----w- d:\program files\AVAST Software
2012-10-10 19:19:55 -------- d-----w- d:\documents and settings\all users\application data\AVAST Software
2012-10-10 19:05:59 7168 ------w- d:\windows\system32\bitsprx4.dll
2012-10-10 19:03:55 8192 -c----w- d:\windows\system32\dllcache\asferror.dll
2012-10-10 19:02:21 -------- d-----w- d:\windows\network diagnostic
2012-10-10 19:02:20 144384 ------w- d:\windows\system32\drivers\hdaudbus.sys
2012-10-10 19:02:19 10240 ------w- d:\windows\system32\drivers\sffp_mmc.sys
2012-10-10 18:40:05 -------- d-----w- d:\windows\system32\wbem\AutoRecover
2012-10-10 18:31:03 -------- d-----w- d:\windows\ServicePackFiles
2012-10-10 18:27:51 26144 ----a-w- d:\windows\system32\spupdsvc.exe
2012-10-10 18:25:51 -------- d-----w- d:\windows\EHome
2012-10-10 17:47:12 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\Identities
2012-10-10 17:34:24 -------- d-----w- d:\documents and settings\eigenaar\local settings\application data\Google
2012-10-08 10:22:49 -------- d-sh--w- D:\$RECYCLE.BIN
2012-10-07 15:51:53 159744 ----a-r- d:\windows\system32\drivers\Fasttx2k.sys
2012-10-07 15:51:53 118784 ----a-r- d:\windows\system32\ptipbmf.dll
2012-10-07 14:17:07 -------- d-sh--w- d:\documents and settings\eigenaar\UserData
2012-10-07 13:57:16 -------- d--h--w- d:\documents and settings\all users\application data\CanonIJSolutionMenu
2012-10-07 13:57:13 -------- d--h--w- d:\documents and settings\all users\application data\CanonIJMyPrinter
2012-10-07 13:56:58 -------- d-----w- d:\documents and settings\all users\application data\CanonIJPLM
2012-10-07 13:55:39 303104 ----a-w- d:\windows\system32\CNC550L.dll
2012-10-07 13:55:39 110592 ----a-w- d:\windows\system32\CNC550I.dll
2012-10-07 13:55:38 15872 ----a-w- d:\windows\system32\CNHMCA.dll
2012-10-07 13:55:38 15104 ----a-w- d:\windows\system32\drivers\usbscan.sys
2012-10-07 13:55:38 1310720 ----a-w- d:\windows\system32\CNC550C.dll
2012-10-07 13:55:38 106496 ----a-w- d:\windows\system32\CNC550U.dll
2012-10-07 13:55:01 -------- d-----w- d:\program files\common files\CANON
2012-10-07 13:52:36 70656 ----a-w- d:\windows\system32\spool\prtprocs\w32x86\CNMPP9Z. DLL
2012-10-07 13:52:36 27648 ----a-w- d:\windows\system32\spool\prtprocs\w32x86\CNMPD9Z. DLL
2012-10-07 13:52:35 272384 ----a-w- d:\windows\system32\CNMLM9Z.DLL
2012-10-07 13:52:28 90112 ----a-w- d:\windows\system32\CNC550O.dll
2012-10-07 13:52:25 178176 ----a-w- d:\windows\system32\CNMIU9Z.DLL
2012-10-07 13:51:38 -------- d-----w- d:\program files\Canon
2012-10-07 13:18:42 25856 ----a-w- d:\windows\system32\drivers\usbprint.sys
2012-10-07 13:18:32 32128 ----a-w- d:\windows\system32\drivers\usbccgp.sys
.
==================== Find3M ====================
.
2012-10-07 11:36:45 44 ----a-w- d:\windows\system32\msssc.dll
2012-08-30 20:33:49 670208 ----a-w- d:\windows\system32\SET424.tmp
2012-08-30 20:33:49 628736 ----a-w- d:\windows\system32\SET425.tmp
2012-08-30 20:33:49 37888 ----a-w- d:\windows\system32\SET426.tmp
2012-08-30 20:33:49 1510400 ----a-w- d:\windows\system32\SET428.tmp
2012-08-30 20:33:48 3109888 ----a-w- d:\windows\system32\SET42B.tmp
2012-08-30 20:33:47 1025024 ----a-w- d:\windows\system32\SET42D.tmp
2012-08-28 15:17:28 916992 ----a-w- d:\windows\system32\wininet.dll
2012-08-28 15:17:20 43520 ------w- d:\windows\system32\licmgr10.dll
2012-08-28 15:17:19 1469440 ------w- d:\windows\system32\inetcpl.cpl
2012-08-28 12:07:32 385024 ------w- d:\windows\system32\html.iec
2012-08-24 13:53:52 177664 ----a-w- d:\windows\system32\wintrust.dll
2012-08-24 13:53:52 177664 ------w- d:\windows\system32\SET448.tmp
2012-08-23 06:27:36 2197248 ----a-w- d:\windows\system32\ntoskrnl.exe
2012-08-23 06:27:36 2073984 ----a-w- d:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 15:24:40,54 ===============

[EvelineGirl]

Hoi,

Dat moet al een berg schelen denk ik maar we zijn er nog niet helemaal.

1.
Download ComboFix van één van deze locaties:
Link 1
Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.
1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.
* (hier of hier staat een handleiding over hoe je deze kan uitschakelen
2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.
* Noot !!! Als er een error wordt getoond met de melding "Er is geprobeert een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering" of "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.
5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt of c:/combofix/combofix.txt) in je volgende bericht.

[lex11]

ComboFix 12-10-26.03 - Eigenaar 26/10/2012 17:39:24.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.511.128 [GMT 2:00]
Gestart vanuit: D:\Documents and Settings\Eigenaar\Mijn documenten\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}




(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))




D:\Documents and Settings\Eigenaar\WINDOWS
D:\WINDOWS\system32\_000006_.tmp.dll
D:\WINDOWS\system32\_000007_.tmp.dll
D:\WINDOWS\system32\_000008_.tmp.dll
D:\WINDOWS\system32\_000009_.tmp.dll
D:\WINDOWS\system32\_000010_.tmp.dll
D:\WINDOWS\system32\_000011_.tmp.dll
D:\WINDOWS\system32\_000015_.tmp.dll
D:\WINDOWS\system32\_000019_.tmp.dll
D:\WINDOWS\system32\_000020_.tmp.dll
D:\WINDOWS\system32\_000021_.tmp.dll
D:\WINDOWS\system32\_000022_.tmp.dll
D:\WINDOWS\system32\dllcache\wmpvis.dll
D:\WINDOWS\system32\drivers\etc\hosts.ics
D:\WINDOWS\system32\msssc.dll
D:\WINDOWS\system32\SET166.tmp
D:\WINDOWS\system32\SET19C.tmp
D:\WINDOWS\system32\SET1B6.tmp
D:\WINDOWS\system32\SET1C4.tmp
D:\WINDOWS\system32\SET1C5.tmp
D:\WINDOWS\system32\SET1C7.tmp
D:\WINDOWS\system32\SET1DE.tmp
D:\WINDOWS\system32\SET1DF.tmp
D:\WINDOWS\system32\SET1E5.tmp
D:\WINDOWS\system32\SET207.tmp
D:\WINDOWS\system32\SET246.tmp
D:\WINDOWS\system32\SET26B.tmp
D:\WINDOWS\system32\SET273.tmp
D:\WINDOWS\system32\SET2A5.tmp
D:\WINDOWS\system32\SET2B8.tmp
D:\WINDOWS\system32\SET2D9.tmp
D:\WINDOWS\system32\SET2FB.tmp
D:\WINDOWS\system32\SET314.tmp
D:\WINDOWS\system32\SET339.tmp
D:\WINDOWS\system32\SET341.tmp
D:\WINDOWS\system32\SET342.tmp
D:\WINDOWS\system32\SET343.tmp
D:\WINDOWS\system32\SET397.tmp
D:\WINDOWS\system32\SET398.tmp
D:\WINDOWS\system32\SET399.tmp
D:\WINDOWS\system32\SET3A1.tmp
D:\WINDOWS\system32\SET3CD.tmp
D:\WINDOWS\system32\SET3D5.tmp
D:\WINDOWS\system32\SET3DC.tmp
D:\WINDOWS\system32\SET401.tmp
D:\WINDOWS\system32\SET405.tmp
D:\WINDOWS\system32\SET409.tmp
D:\WINDOWS\system32\SET424.tmp
D:\WINDOWS\system32\SET425.tmp
D:\WINDOWS\system32\SET426.tmp
D:\WINDOWS\system32\SET428.tmp
D:\WINDOWS\system32\SET42B.tmp
D:\WINDOWS\system32\SET42D.tmp
D:\WINDOWS\system32\SET448.tmp
D:\WINDOWS\system32\SET45B.tmp
D:\WINDOWS\system32\SET463.tmp
D:\WINDOWS\system32\SET464.tmp


Besmet exemplaar van D:\WINDOWS\system32\userinit.exe werd aangetroffen en gedesinfecteerd
Hersteld exemplaar van - D:\WINDOWS\ServicePackFiles\i386\userinit.exe




(((((((((((((((((((( Bestanden Gemaakt van 2012-09-26 to 2012-10-26 ))))))))))))))))))))))))))))))




2012-10-14 18:21:34 . 2012-10-14 18:21:34 -------- d-----r- D:\MSOCache
.




((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))


2012-08-28 15:17:28 . 2003-04-08 12:00:00 916992 ----a-w- D:\WINDOWS\system32\wininet.dll
2012-08-28 15:17:20 . 2003-04-08 12:00:00 43520 ------w- D:\WINDOWS\system32\licmgr10.dll
2012-08-28 15:17:19 . 2003-04-08 12:00:00 1469440 ------w- D:\WINDOWS\system32\inetcpl.cpl
2012-08-24 13:53:52 . 2003-04-08 12:00:00 177664 ----a-w- D:\WINDOWS\system32\wintrust.dll
2012-08-23 06:27:36 . 2003-04-08 12:00:00 2197248 ----a-w- D:\WINDOWS\system32\ntoskrnl.exe
2012-08-23 06:27:36 . 2002-09-09 13:17:46 2073984 ----a-w- D:\WINDOWS\system32\ntkrnlpa.exe




((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )




*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4


[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\00 avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12:09 121528 ----a-w- D:\Program Files\AVAST Software\Avast\ashShell.dll


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Wisdom-soft ScreenHunter 6.0 Free"="0" [X]
"swg"="D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2012-10-10 19:23:00 39408]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Ptipbmf"="ptipbmf.dll" [2003-06-20 07:06:56 118784]
"avast"="D:\Program Files\AVAST Software\Avast\avastUI.exe" [2012-08-21 09:12:26 4282728]
"Adobe ARM"="d:\program files\common files\adobe\arm\1.0\adobearm.exe" [2012-07-27 20:51:26 919008]
"CanonSolutionMenu"="d:\program files\canon\solutionmenu\cnslmain.exe" [2009-03-18 00:40:00 767312]
"CanonMyPrinter"="d:\program files\canon\myprinter\bjmyprt.exe" [2009-07-27 02:10:00 1983816]
"ATIPTA"="d:\program files\ati technologies\ati control panel\atiptaxx.exe" [2003-06-25 13:30:00 335872]


[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 20:32:54 15360]


[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=


[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*isabled:Windows Remote Management


R0 viasraid;viasraid;D:\WINDOWS\system32\drivers\vias raid.sys [7/10/2012 13:36:31 77312]
R1 aswSnx;aswSnx;D:\WINDOWS\system32\drivers\aswSnx.s ys [10/10/2012 21:21:14 729752]
R1 aswSP;aswSP;D:\WINDOWS\system32\drivers\aswSP.sys [10/10/2012 21:21:17 355632]
R2 aswFsBlk;aswFsBlk;D:\WINDOWS\system32\drivers\aswF sBlk.sys [10/10/2012 21:21:18 21256]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;D:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe --> D:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [?]
S2 gupdate;Google Update-service (gupdate);D:\Program Files\Google\Update\GoogleUpdate.exe [10/10/2012 21:21:22 136176]
S3 gupdatem;Google Update-service (gupdatem);D:\Program Files\Google\Update\GoogleUpdate.exe [10/10/2012 21:21:22 136176]


--- Andere Services/Drivers In Geheugen ---


*NewlyCreated* - WS2IFSL


Inhoud van de 'Gedeelde Taken' map


2012-10-26 D:\WINDOWS\Tasks\avast! Emergency Update.job
- D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-10 19:20:14 . 2012-08-21 09:12:25]


2012-10-26 D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- D:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-10 19:21:22 . 2012-10-10 19:21:21]


2012-10-26 D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- D:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-10 19:21:22 . 2012-10-10 19:21:21]


2012-10-25 D:\WINDOWS\Tasks\User_Feed_Synchronization-{522EE3EE-FD45-42E1-AA2C-ADA2825DEFF1}.job
- D:\WINDOWS\system32\msfeedssync.exe [2009-03-08 02:31:54 . 2009-03-08 02:31:54]




------- Bijkomende Scan -------


uStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporteren naar Microsoft Excel - D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1




************************************************** ************************


catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-26 17:48:30
Windows 5.1.2600 Service Pack 3 NTFS


scannen van verborgen processen ...


scannen van verborgen autostart items ...


scannen van verborgen bestanden ...


Scan succesvol afgerond
verborgen bestanden: 0


************************************************** ************************


--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Curr entVersion\Installer\UserData\LocalSystem\Componen ts\€–}|ÿÿÿÿÀ•}|ù•9~*]
"3140110900063D11C8EF10054038389C"="D?\\WINDOWS\\S ystem32\\FM20ENU.DLL"


--------------------- DLLs Geladen Onder Lopende Processen ---------------------


- - - - - - - > 'explorer.exe'(2728)
D:\WINDOWS\system32\webcheck.dll

[EvelineGirl]

Hoi,

Gestart vanuit: D:\Documents and Settings\Eigenaar\Mijn documenten\Downloads

Volgens de instrusties die ik je gaf stond duidelijk dat je ComboFix op het bureaublad moest zetten.
Verplaats ComboFix naar het bureaublad (je hoeft hem niet opnieuw uit te voeren).

Hoe gaat het nu?