HiJackThis krijgt geen internetverbinding

[carambole]

Als ik analyse this klik meld hij ,geen internetverbinding.Mse en firewall-probleem mss of slechte download van HiJackThis.Ik druk op exe en dan vraagt hij al scan.

Ik heb een defect bestand zitten dat zich niet laat verwijderen.Bij verwijderen komt het tevoorschijn soms(mss de uninstall). De laptop wordt blauw en valt zelfs uit.

AVS Update manager 1.0 is de kwelgeest denk ik .

AntiMalwareBytes geeft geen fouten.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:37:03, on 1/01/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Everaard\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet

O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvsvc32.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 4914 bytes

1 januari 2013 aangepast door carambole
Gelukkig Nieuwjaar

[kape]

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

[carambole]

MSE uitschakelen,Ik kan enkel realtime uitvinken.Hier het log:

ComboFix 13-01-01.02 - Everaard 01/01/2013 20:51:36.1.2 - x86

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.2046.1169 [GMT 1:00]

Gestart vanuit: c:\users\Everaard\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\roboot.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-12-01 to 2013-01-01 ))))))))))))))))))))))))))))))

.

.

2013-01-01 19:56 . 2013-01-01 19:56 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-01-01 19:47 . 2013-01-01 19:47 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D3084C48-BEB0-4B41-801E-6C9013AA38F7}\MpKsl51f108a5.sys

2013-01-01 10:01 . 2012-11-08 09:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D3084C48-BEB0-4B41-801E-6C9013AA38F7}\mpengine.dll

2012-12-31 19:31 . 2012-12-31 19:31 -------- d-----w- c:\programdata\TuneUp Software

2012-12-31 19:31 . 2012-12-31 19:31 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2012-12-31 19:31 . 2012-12-31 19:31 -------- d--h--w- c:\programdata\Common Files

2012-12-31 19:31 . 2012-12-31 19:31 -------- d-----w- c:\program files\Youtube Downloader HD

2012-12-30 21:39 . 2012-12-31 19:23 -------- d-----w- c:\program files\Common Files\AVSMedia

2012-12-30 21:38 . 2012-12-30 21:44 -------- d-----w- c:\programdata\AVS4YOU

2012-12-30 21:38 . 2012-03-23 18:59 1700352 ----a-w- c:\windows\system32\GdiPlus.dll

2012-12-30 21:38 . 2012-03-23 18:59 24576 ----a-w- c:\windows\system32\msxml3a.dll

2012-12-30 21:09 . 2012-12-30 21:09 -------- d-----w- c:\programdata\Malwarebytes

2012-12-30 21:09 . 2012-12-30 21:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-12-30 21:09 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-30 21:02 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-12-30 21:02 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys

2012-12-30 21:02 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll

2012-12-30 21:02 . 2012-08-24 16:57 220160 ----a-w- c:\windows\system32\ncrypt.dll

2012-12-30 21:02 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll

2012-12-30 21:02 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll

2012-12-30 21:00 . 2012-12-30 21:00 -------- d-----w- c:\program files\Microsoft Silverlight

2012-12-30 21:00 . 2012-11-08 09:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-12-30 16:10 . 2012-12-31 23:54 -------- d-----w- C:\output media

2012-12-29 21:32 . 2007-09-04 16:56 164352 ----a-w- c:\windows\system32\unrar.dll

2012-12-29 21:32 . 2008-07-04 06:34 860160 ----a-w- c:\windows\system32\lameACM.acm

2012-12-29 21:32 . 2007-09-21 00:52 118784 ----a-w- c:\windows\system32\ac3acm.acm

2012-12-29 21:32 . 2008-01-10 12:16 159839 ----a-w- c:\windows\system32\xvidvfw.dll

2012-12-29 21:32 . 2008-01-10 12:15 755027 ----a-w- c:\windows\system32\xvidcore.dll

2012-12-29 21:32 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll

2012-12-29 21:32 . 2008-05-30 23:22 683520 ----a-w- c:\windows\system32\divx.dll

2012-12-29 21:32 . 2008-05-22 22:22 3596288 ----a-w- c:\windows\system32\qt-dx331.dll

2012-12-29 21:32 . 2008-05-22 22:19 81920 ----a-w- c:\windows\system32\dpl100.dll

2012-12-29 21:32 . 2008-06-12 18:36 7680 ----a-w- c:\windows\system32\ff_vfw.dll

2012-12-29 21:32 . 2004-01-11 22:00 348160 ----a-w- c:\windows\system32\msvcr71.dll

2012-12-29 21:20 . 2012-06-27 19:26 773968 ----a-w- c:\windows\system32\msvcr100.dll

2012-12-29 18:35 . 2012-12-29 18:39 -------- d-----w- c:\program files\Google

2012-12-29 18:19 . 2012-12-29 18:21 -------- d-----w- c:\programdata\PC Suite

2012-12-29 18:18 . 2012-12-29 18:18 -------- d-----w- c:\program files\Common Files\PCSuite

2012-12-29 18:18 . 2012-12-29 18:18 -------- d-----w- c:\program files\Common Files\Nokia

2012-12-29 18:18 . 2012-12-29 18:18 -------- d-----w- c:\program files\DIFX

2012-12-29 18:18 . 2012-06-11 10:33 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys

2012-12-29 18:18 . 2012-12-29 18:18 -------- dc----w- c:\windows\system32\DRVSTORE

2012-12-29 18:17 . 2012-12-29 18:17 -------- d-----w- c:\program files\PC Connectivity Solution

2012-12-29 18:17 . 2012-01-09 16:28 75264 ----a-w- c:\windows\system32\nmwcdcls.dll

2012-12-29 18:17 . 2012-12-29 18:18 -------- d-----w- c:\program files\Nokia

2012-12-29 18:17 . 2012-12-29 18:17 -------- d-----w- c:\programdata\Installations

2012-12-29 18:10 . 2012-12-29 18:10 -------- d-----w- c:\program files\MSECache

2012-12-29 17:54 . 2012-12-29 17:54 -------- d-----w- c:\windows\nview

2012-12-29 16:40 . 2012-12-29 16:41 -------- d-----w- c:\programdata\WinZip

2012-12-29 16:30 . 2012-12-29 16:30 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-29 16:30 . 2012-12-29 16:30 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-29 16:30 . 2012-12-29 16:30 -------- d-----w- c:\windows\system32\Macromed

2012-12-28 22:15 . 2012-12-28 22:15 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2012-12-28 20:54 . 2012-12-28 20:54 -------- d-----w- c:\program files\Microsoft Synchronization Services

2012-12-28 20:53 . 2012-12-28 20:53 -------- d-----w- c:\windows\PCHEALTH

2012-12-28 20:53 . 2012-12-28 20:53 -------- d-----w- c:\program files\Microsoft Sync Framework

2012-12-28 20:53 . 2012-12-28 20:53 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2012-12-28 20:52 . 2012-12-28 20:52 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2012-12-28 20:50 . 2012-12-28 20:50 -------- d-----w- c:\program files\Microsoft Analysis Services

2012-12-28 20:49 . 2012-12-28 22:39 -------- d-----w- c:\programdata\Microsoft Help

2012-12-28 20:49 . 2012-12-28 20:49 -------- d-----r- C:\MSOCache

2012-12-28 20:29 . 2012-12-28 20:29 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{002ECB47-4C19-4B03-B380-AD4B0AAFF3C7}\gapaengine.dll

2012-12-28 20:27 . 2012-12-28 20:27 -------- d-----w- c:\program files\Microsoft Security Client

2012-12-28 20:25 . 2012-12-28 20:53 -------- d-----w- c:\program files\Microsoft.NET

2012-12-28 20:24 . 2012-12-31 23:15 -------- d-sh--w- c:\windows\Installer

2012-12-28 20:20 . 2012-12-28 20:20 -------- d-----w- c:\windows\system32\Wat

2012-12-28 20:20 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll

2012-12-28 20:20 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll

2012-12-28 20:15 . 2012-12-28 20:15 -------- d-----w- c:\windows\system32\wbem\en-US

2012-12-28 20:13 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll

2012-12-28 20:13 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-28 20:13 . 2010-09-30 06:47 70656 ----a-w- c:\windows\system32\fontsub.dll

2012-12-28 19:55 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-12-28 19:55 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-12-28 19:55 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll

2012-12-28 19:54 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2012-12-28 19:54 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2012-12-28 19:54 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe

2012-12-28 19:54 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll

2012-12-28 19:54 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll

2012-12-28 19:54 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2012-12-28 19:54 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll

2012-12-28 19:53 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-12-28 19:53 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll

2012-12-28 19:53 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll

2012-12-28 19:51 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe

2012-12-28 19:46 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-12-28 19:45 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll

2012-12-28 19:45 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll

2012-12-28 19:45 . 2012-08-02 16:57 490496 ----a-w- c:\windows\system32\d3d10level9.dll

2012-12-28 19:45 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll

2012-12-28 19:45 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys

2012-12-28 19:45 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll

2012-12-28 19:45 . 2011-01-17 05:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll

2012-12-28 19:44 . 2012-11-19 00:04 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{48052540-7467-4B48-8B19-10ED4E9967F8}\mpengine.dll

2012-12-28 19:44 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-12-28 19:44 . 2011-02-23 04:47 69632 ----a-w- c:\windows\system32\drivers\bowser.sys

2012-12-28 19:43 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\system32\mfc42u.dll

2012-12-28 19:43 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\system32\mfc42.dll

2012-12-28 19:38 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe

2012-12-28 19:38 . 2011-04-22 19:14 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2012-12-28 19:37 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll

2012-12-28 19:37 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2012-12-28 19:37 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll

2012-12-28 19:37 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-12-28 19:33 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-12-28 19:33 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll

2012-12-28 19:33 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-12-28 19:33 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-12-28 19:33 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll

2012-12-28 19:33 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-12-28 19:33 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-12-28 19:18 . 2012-12-28 19:32 -------- d-----w- c:\windows\Panther

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-16 07:39 . 2012-12-28 19:47 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-21 13594624]

"nwiz"="nwiz.exe" [2008-11-21 1657376]

"NVHotkey"="nvHotkey.dll" [2008-11-21 90112]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-21 86016]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S1 MpKsl51f108a5;MpKsl51f108a5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D3084C48-BEB0-4B41-801E-6C9013AA38F7}\MpKsl51f108a5.sys [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 netw5v32;Stuurprogramma voor Intel® Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [x]

S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]

S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]

S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - MPKSL51F108A5

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

GPSvcGroup REG_MULTI_SZ GPSvc

.

Inhoud van de 'Gedeelde Taken' map

.

2013-01-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-29 18:35]

.

2013-01-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-29 18:35]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 195.130.130.4 195.130.130.132 195.130.130.4

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-01-01 20:58:34

ComboFix-quarantined-files.txt 2013-01-01 19:58

.

Pre-Run: 35.866.763.264 bytes beschikbaar

Post-Run: 35.914.149.888 bytes beschikbaar

.

- - End Of File - - DAF52032BC264E620C530DB2ED4E635B

[kape]

Als AVS de "kwelgeest" is, dan halen we die toch gewoon weg ;-)

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\program files\Common Files\AVSMedia

c:\programdata\AVS4YOU

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in de rode snelkoppeling van ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

[carambole]

ComboFix 13-01-02.01 - Everaard 02/01/2013 10:15:40.3.2 - x86

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.2046.1051 [GMT 1:00]

Gestart vanuit: c:\users\Everaard\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-12-02 to 2013-01-02 ))))))))))))))))))))))))))))))

.

.

2013-01-02 09:19 . 2013-01-02 09:19 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-01-02 09:05 . 2012-11-08 09:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{493E1A56-1316-4B70-957D-2AAED330C032}\mpengine.dll

2012-12-31 19:31 . 2012-12-31 19:31 -------- d-----w- c:\programdata\TuneUp Software

2012-12-31 19:31 . 2012-12-31 19:31 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2012-12-31 19:31 . 2012-12-31 19:31 -------- d--h--w- c:\programdata\Common Files

2012-12-31 19:31 . 2012-12-31 19:31 -------- d-----w- c:\program files\Youtube Downloader HD

2012-12-30 21:38 . 2012-03-23 18:59 1700352 ----a-w- c:\windows\system32\GdiPlus.dll

2012-12-30 21:38 . 2012-03-23 18:59 24576 ----a-w- c:\windows\system32\msxml3a.dll

2012-12-30 21:09 . 2012-12-30 21:09 -------- d-----w- c:\programdata\Malwarebytes

2012-12-30 21:09 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-30 21:02 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-12-30 21:02 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys

2012-12-30 21:02 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll

2012-12-30 21:02 . 2012-08-24 16:57 220160 ----a-w- c:\windows\system32\ncrypt.dll

2012-12-30 21:02 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll

2012-12-30 21:02 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll

2012-12-30 21:00 . 2012-12-30 21:00 -------- d-----w- c:\program files\Microsoft Silverlight

2012-12-30 21:00 . 2012-11-08 09:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-12-30 16:10 . 2012-12-31 23:54 -------- d-----w- C:\output media

2012-12-29 21:32 . 2007-09-04 16:56 164352 ----a-w- c:\windows\system32\unrar.dll

2012-12-29 21:32 . 2008-07-04 06:34 860160 ----a-w- c:\windows\system32\lameACM.acm

2012-12-29 21:32 . 2007-09-21 00:52 118784 ----a-w- c:\windows\system32\ac3acm.acm

2012-12-29 21:32 . 2008-01-10 12:16 159839 ----a-w- c:\windows\system32\xvidvfw.dll

2012-12-29 21:32 . 2008-01-10 12:15 755027 ----a-w- c:\windows\system32\xvidcore.dll

2012-12-29 21:32 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll

2012-12-29 21:32 . 2008-05-30 23:22 683520 ----a-w- c:\windows\system32\divx.dll

2012-12-29 21:32 . 2008-05-22 22:22 3596288 ----a-w- c:\windows\system32\qt-dx331.dll

2012-12-29 21:32 . 2008-05-22 22:19 81920 ----a-w- c:\windows\system32\dpl100.dll

2012-12-29 21:32 . 2008-06-12 18:36 7680 ----a-w- c:\windows\system32\ff_vfw.dll

2012-12-29 21:32 . 2004-01-11 22:00 348160 ----a-w- c:\windows\system32\msvcr71.dll

2012-12-29 21:20 . 2012-06-27 19:26 773968 ----a-w- c:\windows\system32\msvcr100.dll

2012-12-29 18:35 . 2012-12-29 18:39 -------- d-----w- c:\program files\Google

2012-12-29 18:19 . 2012-12-29 18:21 -------- d-----w- c:\programdata\PC Suite

2012-12-29 18:18 . 2012-12-29 18:18 -------- d-----w- c:\program files\Common Files\PCSuite

2012-12-29 18:18 . 2012-12-29 18:18 -------- d-----w- c:\program files\Common Files\Nokia

2012-12-29 18:18 . 2012-12-29 18:18 -------- d-----w- c:\program files\DIFX

2012-12-29 18:18 . 2012-06-11 10:33 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys

2012-12-29 18:18 . 2012-12-29 18:18 -------- dc----w- c:\windows\system32\DRVSTORE

2012-12-29 18:17 . 2012-12-29 18:17 -------- d-----w- c:\program files\PC Connectivity Solution

2012-12-29 18:17 . 2012-01-09 16:28 75264 ----a-w- c:\windows\system32\nmwcdcls.dll

2012-12-29 18:17 . 2012-12-29 18:18 -------- d-----w- c:\program files\Nokia

2012-12-29 18:17 . 2012-12-29 18:17 -------- d-----w- c:\programdata\Installations

2012-12-29 18:10 . 2012-12-29 18:10 -------- d-----w- c:\program files\MSECache

2012-12-29 17:54 . 2012-12-29 17:54 -------- d-----w- c:\windows\nview

2012-12-29 16:40 . 2012-12-29 16:41 -------- d-----w- c:\programdata\WinZip

2012-12-29 16:30 . 2012-12-29 16:30 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-29 16:30 . 2012-12-29 16:30 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-29 16:30 . 2012-12-29 16:30 -------- d-----w- c:\windows\system32\Macromed

2012-12-28 22:15 . 2012-12-28 22:15 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2012-12-28 20:54 . 2012-12-28 20:54 -------- d-----w- c:\program files\Microsoft Synchronization Services

2012-12-28 20:53 . 2012-12-28 20:53 -------- d-----w- c:\windows\PCHEALTH

2012-12-28 20:53 . 2012-12-28 20:53 -------- d-----w- c:\program files\Microsoft Sync Framework

2012-12-28 20:53 . 2012-12-28 20:53 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2012-12-28 20:52 . 2012-12-28 20:52 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2012-12-28 20:50 . 2012-12-28 20:50 -------- d-----w- c:\program files\Microsoft Analysis Services

2012-12-28 20:49 . 2012-12-28 22:39 -------- d-----w- c:\programdata\Microsoft Help

2012-12-28 20:49 . 2012-12-28 20:49 -------- d-----r- C:\MSOCache

2012-12-28 20:29 . 2012-12-28 20:29 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{002ECB47-4C19-4B03-B380-AD4B0AAFF3C7}\gapaengine.dll

2012-12-28 20:27 . 2012-12-28 20:27 -------- d-----w- c:\program files\Microsoft Security Client

2012-12-28 20:25 . 2012-12-28 20:53 -------- d-----w- c:\program files\Microsoft.NET

2012-12-28 20:24 . 2012-12-31 23:15 -------- d-sh--w- c:\windows\Installer

2012-12-28 20:20 . 2012-12-28 20:20 -------- d-----w- c:\windows\system32\Wat

2012-12-28 20:20 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll

2012-12-28 20:20 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll

2012-12-28 20:15 . 2012-12-28 20:15 -------- d-----w- c:\windows\system32\wbem\en-US

2012-12-28 20:13 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll

2012-12-28 20:13 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-28 20:13 . 2010-09-30 06:47 70656 ----a-w- c:\windows\system32\fontsub.dll

2012-12-28 19:55 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-12-28 19:55 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-12-28 19:55 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll

2012-12-28 19:54 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2012-12-28 19:54 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2012-12-28 19:54 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe

2012-12-28 19:54 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll

2012-12-28 19:54 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll

2012-12-28 19:54 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2012-12-28 19:54 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll

2012-12-28 19:53 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-12-28 19:53 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll

2012-12-28 19:53 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll

2012-12-28 19:51 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe

2012-12-28 19:46 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-12-28 19:45 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll

2012-12-28 19:45 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll

2012-12-28 19:45 . 2012-08-02 16:57 490496 ----a-w- c:\windows\system32\d3d10level9.dll

2012-12-28 19:45 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll

2012-12-28 19:45 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys

2012-12-28 19:45 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll

2012-12-28 19:45 . 2011-01-17 05:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll

2012-12-28 19:44 . 2012-11-19 00:04 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{48052540-7467-4B48-8B19-10ED4E9967F8}\mpengine.dll

2012-12-28 19:44 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-12-28 19:44 . 2011-02-23 04:47 69632 ----a-w- c:\windows\system32\drivers\bowser.sys

2012-12-28 19:43 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\system32\mfc42u.dll

2012-12-28 19:43 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\system32\mfc42.dll

2012-12-28 19:38 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe

2012-12-28 19:38 . 2011-04-22 19:14 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2012-12-28 19:37 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll

2012-12-28 19:37 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2012-12-28 19:37 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll

2012-12-28 19:37 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-12-28 19:33 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-12-28 19:33 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll

2012-12-28 19:33 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-12-28 19:33 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-12-28 19:33 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll

2012-12-28 19:33 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-12-28 19:33 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-12-28 19:18 . 2012-12-28 19:32 -------- d-----w- c:\windows\Panther

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-16 07:39 . 2012-12-28 19:47 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-21 13594624]

"nwiz"="nwiz.exe" [2008-11-21 1657376]

"NVHotkey"="nvHotkey.dll" [2008-11-21 90112]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-21 86016]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 netw5v32;Stuurprogramma voor Intel® Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [x]

S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]

S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]

S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

GPSvcGroup REG_MULTI_SZ GPSvc

.

Inhoud van de 'Gedeelde Taken' map

.

2013-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-29 18:35]

.

2013-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-29 18:35]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 195.130.130.4 195.130.130.132 195.130.130.4

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-01-02 10:20:35

ComboFix-quarantined-files.txt 2013-01-02 09:20

ComboFix2.txt 2013-01-02 09:03

ComboFix3.txt 2013-01-01 19:58

.

Pre-Run: 35.866.927.104 bytes beschikbaar

Post-Run: 35.824.713.728 bytes beschikbaar

.

- - End Of File - - 6869F290BE34135AFF34F98D5661367C

[kape]

En hoe staat het nu met de problemen nà verwijderen van AVS ?

[carambole]

Ik weet niet direct wat er gaande is.Iets met privebeleid van windows en softwarepiraterij.Ik had weer een bleuscreen en heropstart.Ik heb uitleg gedaan bij windows en opgestuurd.

[kape]

En heb je illegale Windows-onderdelen op de PC ? Of helemaal niet ?

[carambole]

Tuneup Utilities krijg ik niet weg, ook niet na een systeemherstel naar 1° dag van gebruik.

Ik zie al die snelkoppelingen staan maar de bestandslocatie niet.

[kape]

Verwijder dan deze twee vetgedrukte mappen eens :

c:\programdata\TuneUp Software

c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}