Ga naar inhoud

Virus win32:Rootkit-gen


Aanbevolen berichten

De uitslag van de DDS log:

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 7.0.6001.18639 BrowserJavaVersion: 10.67.2

Run by Hannes at 15:39:10 on 2014-11-26

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3038.1677 [GMT 1:00]

.

AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\RtkAudioService.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\CTsvcCDA.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

C:\Program Files\Sony\Network Utility\NSUService.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Sony\VAIO Power Management\SPMService.exe

C:\Windows\system32\DllHost.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\ComboFix\PEV.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\notepad.exe

C:\Windows\Explorer.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\Hannes\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Hannes\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Hannes\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.bing.com

mURLSearchHooks: {37483b40-c254-4a72-bda4-22ee90182c1e} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Reader Help bij koppelingen: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Windows Live Aanmelden - Help: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [NSUFloatingUI] "c:\program files\sony\network utility\LANUtil.exe"

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [CTSyncU.exe] "c:\program files\creative\sync manager unicode\CTSyncU.exe"

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [iSBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [MarketingTools] c:\program files\sony\marketing tools\MarketingTools.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [AvastUI.exe] "c:\program files\alwil software\avast5\AvastUI.exe" /nogui

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

StartupFolder: c:\users\hannes\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\hannes\appdata\roaming\dropbox\bin\Dropbox.exe

StartupFolder: c:\users\hannes\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: SoftwareSASGeneration = dword:1

IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{0D455155-ADB2-4336-B3C2-74ABCCA2BBEC} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{6F58BDF9-FBF6-43DD-9C16-C7E475C3C1B3} : DHCPNameServer = 134.58.126.3 134.58.127.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Notify: igfxcui - igfxdev.dll

Notify: VESWinlogon - VESWinlogon.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\

FF - prefs.js: network.proxy.type - 0

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSeymour.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll

FF - component: c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCoreGecko19.dll

FF - component: c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCoreGecko5.dll

FF - component: c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCoreGecko6.dll

FF - component: c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCoreGecko7.dll

FF - component: c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCoreGecko8.dll

FF - component: c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCoreGecko9.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: Avast Online Security: wrc@avast.com - c:\program files\alwil software\avast5\webrep\FF

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: NCH EN Community Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - %profile%\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-11-24 49944]

R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-11-24 206248]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2011-3-22 787800]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2008-10-30 423784]

R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-8-6 24184]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2008-10-30 70384]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-1-30 50344]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-11-25 1871160]

R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-11-25 968504]

R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2008-10-30 299008]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]

R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [2008-7-9 104992]

R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2008-7-9 411488]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-11-25 23256]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-11-25 114904]

R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-11-25 51928]

R3 NETw5v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-4-28 3658752]

R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2008-7-9 9344]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 MSRSService;MSRS Recording System;"c:\program files\nch software\msrs\msrs.exe" -service --> c:\program files\nch software\msrs\msrs.exe [?]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-10-23 54632]

S3 fsssvc;De service Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-10-30 30192]

S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2008-10-30 103712]

S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2008-10-30 353568]

S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2008-10-30 62752]

S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2008-10-30 337184]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2008-10-30 83232]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== File Associations ===============

.

ShellExec: VCExporterLaunch.exe: open="c:\program files\sony\vaio vp utilities\VCELaunch.exe" "%1"

.

=============== Created Last 30 ================

.

2014-11-26 14:23:13 -------- d-----w- c:\users\hannes\appdata\local\temp

2014-11-26 14:14:14 -------- d-sh--w- C:\$RECYCLE.BIN

2014-11-26 13:45:56 -------- d-----w- C:\ComboFix

2014-11-26 11:14:52 98816 ----a-w- c:\windows\sed.exe

2014-11-26 11:14:52 256000 ----a-w- c:\windows\PEV.exe

2014-11-26 11:14:52 208896 ----a-w- c:\windows\MBR.exe

2014-11-25 20:36:11 -------- d-----w- C:\AdwCleaner

2014-11-25 19:52:00 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-11-25 19:50:52 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2014-11-25 19:50:52 51928 ----a-w- c:\windows\system32\drivers\mwac.sys

2014-11-25 19:50:52 23256 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-11-25 19:50:52 -------- d-----w- c:\programdata\Malwarebytes

2014-11-25 19:50:52 -------- d-----w- c:\program files\Malwarebytes Anti-Malware

2014-11-25 10:23:30 8941456 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4c82a702-b823-4064-8e64-5cb49cf7d4f4}\mpengine.dll

2014-11-22 22:12:00 43152 ----a-w- c:\windows\avastSS.scr

.

==================== Find3M ====================

.

2014-11-22 22:12:53 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys

2014-11-22 22:12:02 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2014-11-22 22:12:01 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2014-11-22 22:12:01 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2014-11-22 22:12:01 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys

2014-11-12 13:00:42 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-11-12 13:00:42 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-11-04 13:30:58 229000 ------w- c:\windows\system32\MpSigStub.exe

2014-09-02 18:14:36 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2011-06-02 14:35:45 38147376 ----a-w- c:\program files\QuickTimeInstaller.exe

.

============= FINISH: 15:40:12,53 ===============

- - - Updated - - -

De uitslag van de DDS log:

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 7.0.6001.18639 BrowserJavaVersion: 10.67.2

Run by Hannes at 15:39:10 on 2014-11-26

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3038.1677 [GMT 1:00]

.

AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\RtkAudioService.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\CTsvcCDA.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

C:\Program Files\Sony\Network Utility\NSUService.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Sony\VAIO Power Management\SPMService.exe

C:\Windows\system32\DllHost.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\ComboFix\PEV.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\notepad.exe

C:\Windows\Explorer.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\Hannes\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Hannes\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Hannes\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.bing.com

mURLSearchHooks: {37483b40-c254-4a72-bda4-22ee90182c1e} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Reader Help bij koppelingen: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Windows Live Aanmelden - Help: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [NSUFloatingUI] "c:\program files\sony\network utility\LANUtil.exe"

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [CTSyncU.exe] "c:\program files\creative\sync manager unicode\CTSyncU.exe"

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [iSBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [MarketingTools] c:\program files\sony\marketing tools\MarketingTools.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [AvastUI.exe] "c:\program files\alwil software\avast5\AvastUI.exe" /nogui

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

StartupFolder: c:\users\hannes\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\hannes\appdata\roaming\dropbox\bin\Dropbox.exe

StartupFolder: c:\users\hannes\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: SoftwareSASGeneration = dword:1

IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{0D455155-ADB2-4336-B3C2-74ABCCA2BBEC} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{6F58BDF9-FBF6-43DD-9C16-C7E475C3C1B3} : DHCPNameServer = 134.58.126.3 134.58.127.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Notify: igfxcui - igfxdev.dll

Notify: VESWinlogon - VESWinlogon.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\

FF - prefs.js: network.proxy.type - 0

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSeymour.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll

FF - component: c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCoreGecko19.dll

FF - component: c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCoreGecko5.dll

FF - component: c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCoreGecko6.dll

FF - component: c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCoreGecko7.dll

FF - component: c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCoreGecko8.dll

FF - component: c:\users\hannes\appdata\roaming\mozilla\firefox\profiles\ty7cbw5x.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCoreGecko9.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: Avast Online Security: wrc@avast.com - c:\program files\alwil software\avast5\webrep\FF

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: NCH EN Community Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - %profile%\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-11-24 49944]

R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-11-24 206248]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2011-3-22 787800]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2008-10-30 423784]

R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-8-6 24184]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2008-10-30 70384]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-1-30 50344]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-11-25 1871160]

R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-11-25 968504]

R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2008-10-30 299008]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]

R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [2008-7-9 104992]

R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2008-7-9 411488]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-11-25 23256]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-11-25 114904]

R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-11-25 51928]

R3 NETw5v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-4-28 3658752]

R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2008-7-9 9344]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 MSRSService;MSRS Recording System;"c:\program files\nch software\msrs\msrs.exe" -service --> c:\program files\nch software\msrs\msrs.exe [?]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-10-23 54632]

S3 fsssvc;De service Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-10-30 30192]

S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2008-10-30 103712]

S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2008-10-30 353568]

S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2008-10-30 62752]

S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2008-10-30 337184]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2008-10-30 83232]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== File Associations ===============

.

ShellExec: VCExporterLaunch.exe: open="c:\program files\sony\vaio vp utilities\VCELaunch.exe" "%1"

.

=============== Created Last 30 ================

.

2014-11-26 14:23:13 -------- d-----w- c:\users\hannes\appdata\local\temp

2014-11-26 14:14:14 -------- d-sh--w- C:\$RECYCLE.BIN

2014-11-26 13:45:56 -------- d-----w- C:\ComboFix

2014-11-26 11:14:52 98816 ----a-w- c:\windows\sed.exe

2014-11-26 11:14:52 256000 ----a-w- c:\windows\PEV.exe

2014-11-26 11:14:52 208896 ----a-w- c:\windows\MBR.exe

2014-11-25 20:36:11 -------- d-----w- C:\AdwCleaner

2014-11-25 19:52:00 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-11-25 19:50:52 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2014-11-25 19:50:52 51928 ----a-w- c:\windows\system32\drivers\mwac.sys

2014-11-25 19:50:52 23256 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-11-25 19:50:52 -------- d-----w- c:\programdata\Malwarebytes

2014-11-25 19:50:52 -------- d-----w- c:\program files\Malwarebytes Anti-Malware

2014-11-25 10:23:30 8941456 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4c82a702-b823-4064-8e64-5cb49cf7d4f4}\mpengine.dll

2014-11-22 22:12:00 43152 ----a-w- c:\windows\avastSS.scr

.

==================== Find3M ====================

.

2014-11-22 22:12:53 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys

2014-11-22 22:12:02 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2014-11-22 22:12:01 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2014-11-22 22:12:01 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2014-11-22 22:12:01 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys

2014-11-12 13:00:42 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-11-12 13:00:42 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-11-04 13:30:58 229000 ------w- c:\windows\system32\MpSigStub.exe

2014-09-02 18:14:36 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2011-06-02 14:35:45 38147376 ----a-w- c:\program files\QuickTimeInstaller.exe

.

============= FINISH: 15:40:12,53 ===============

- - - Updated - - -

Beste,

Sorry de uitslag van DDS heb ik een tweede keer gepost. Mijn excuses voor het ongemak.

Link naar reactie
Delen op andere sites

  • Reacties 21
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

Ga naar start > uitvoeren en kopieer en plak volgende command in het veld:

ComboFix /Uninstall

Zorg ervoor dat er dus een spatie is tussen Combofix en /

Daarna klik je op Enter.

SMUninstall_combofix.png

Klik op de afbeelding om te vergroten....

Dit zal Combofix verwijderen+gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw,

verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen

en reset je Systeemherstel opnieuw.


Download of Update Ccleaner

Start CCleaner op.

  • Run Ccleaner en klik in de linkse kolom op Opties
  • Selecteer het tabblad Geavanceerd
  • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
  • Selecteer het tabblad Instellingen
  • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
  • Klik in de linkse kolom op Cleaner.
  • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
  • Klik vervolgens in de linkse kolom op Register
  • Klik op Scan naar problemen.
  • Op de vraag of je een backup wil maken van het register, klik je "Ja".
  • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

.

Herinitializeer je Firefox volgens deze instructies.

.

Post een verse DDS log.

Link naar reactie
Delen op andere sites

Dat is juist. Dit betekend dat ze een nieuwe versie online gezet hebben en de slim-versie is daardoor enige tijd niet online.

Download CCleaner. (Als je het nog niet hebt)

Vergeet niet om de twee vinkjes uit te vinken.

Link naar reactie
Delen op andere sites

Geachte,

Eerst wil ik u toch wel eens bedanken voor uw hulp. Ondertussen heb ik CCleaner laten draaien. Hierna deed ik de volgende stap: het herinitialiseren van firefox. Dit lukt echter niet. Ik vind de pagina Probleemoplossingsinformatie maar de knop Firefox herinitialiseren staat niet op de pagina. Ik heb er enkele print-screens van gemaakt maar weet niet echt goed hoe ik ze in dit bestand moet toevoegen.

De versie van Firefox is denk ik zeer verouderd. Ik heb deze een aantal jaar geleden eens gedownload omdat ik een nieuwe browser zocht. Mijn keuze viel uiteindelijk op google chrome. Dus mijn Firefox heb ik in geen jaren meer gebruikt. Bij het openen van firefox komt het bericht dat ik niet verbonden ben met het internet. Terwijl ik dit bericht en mijn mails vlot kan checken met Google Chrome.

- - - Updated - - -

Hieronder vind u de printscreens.

mvg

post-51004-1417706059,8749_thumb.jpg

post-51004-1417706059,8318_thumb.jpg

Link naar reactie
Delen op andere sites

Beste,

Firefox is verwijderd. Het resultaat van de DDS kan u vinden in onderstaand logje.

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 7.0.6001.18639 BrowserJavaVersion: 10.67.2

Run by Hannes at 14:53:42 on 2014-11-27

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3038.1610 [GMT 1:00]

.

AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\RtkAudioService.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\CTsvcCDA.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

C:\Program Files\Sony\Network Utility\NSUService.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Sony\VAIO Power Management\SPMService.exe

C:\Windows\system32\DllHost.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\Explorer.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\conime.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.bing.com

mURLSearchHooks: {37483b40-c254-4a72-bda4-22ee90182c1e} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Reader Help bij koppelingen: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Windows Live Aanmelden - Help: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [NSUFloatingUI] "c:\program files\sony\network utility\LANUtil.exe"

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [CTSyncU.exe] "c:\program files\creative\sync manager unicode\CTSyncU.exe"

uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [iSBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [MarketingTools] c:\program files\sony\marketing tools\MarketingTools.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [AvastUI.exe] "c:\program files\alwil software\avast5\AvastUI.exe" /nogui

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

StartupFolder: c:\users\hannes\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\hannes\appdata\roaming\dropbox\bin\Dropbox.exe

StartupFolder: c:\users\hannes\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: SoftwareSASGeneration = dword:1

IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{0D455155-ADB2-4336-B3C2-74ABCCA2BBEC} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{6F58BDF9-FBF6-43DD-9C16-C7E475C3C1B3} : DHCPNameServer = 134.58.126.3 134.58.127.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Notify: igfxcui - igfxdev.dll

Notify: VESWinlogon - VESWinlogon.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-11-24 49944]

R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-11-24 206248]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2011-3-22 787800]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2008-10-30 423784]

R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-8-6 24184]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2008-10-30 70384]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-1-30 50344]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-11-25 1871160]

R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-11-25 968504]

R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2008-10-30 299008]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]

R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [2008-7-9 104992]

R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2008-7-9 411488]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-11-25 23256]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-11-25 114904]

R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-11-25 51928]

R3 NETw5v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-4-28 3658752]

R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2008-7-9 9344]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-10-23 54632]

S3 fsssvc;De service Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-10-30 30192]

S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2008-10-30 103712]

S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2008-10-30 353568]

S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2008-10-30 62752]

S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2008-10-30 337184]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2008-10-30 83232]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

SUnknown MSRSService;MSRSService; [x]

.

=============== File Associations ===============

.

ShellExec: VCExporterLaunch.exe: open="c:\program files\sony\vaio vp utilities\VCELaunch.exe" "%1"

.

=============== Created Last 30 ================

.

2014-11-27 12:31:43 -------- d-sh--w- C:\$RECYCLE.BIN

2014-11-27 12:26:33 -------- d-----w- c:\program files\CCleaner

2014-11-26 14:23:13 -------- d-----w- c:\users\hannes\appdata\local\temp

2014-11-25 20:36:11 -------- d-----w- C:\AdwCleaner

2014-11-25 19:52:00 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-11-25 19:50:52 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2014-11-25 19:50:52 51928 ----a-w- c:\windows\system32\drivers\mwac.sys

2014-11-25 19:50:52 23256 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-11-25 19:50:52 -------- d-----w- c:\programdata\Malwarebytes

2014-11-25 19:50:52 -------- d-----w- c:\program files\Malwarebytes Anti-Malware

2014-11-25 10:23:30 8941456 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4c82a702-b823-4064-8e64-5cb49cf7d4f4}\mpengine.dll

2014-11-22 22:12:00 43152 ----a-w- c:\windows\avastSS.scr

.

==================== Find3M ====================

.

2014-11-26 17:01:10 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-11-26 17:01:10 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-11-22 22:12:53 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys

2014-11-22 22:12:02 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2014-11-22 22:12:01 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2014-11-22 22:12:01 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2014-11-22 22:12:01 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys

2014-11-04 13:30:58 229000 ------w- c:\windows\system32\MpSigStub.exe

2014-09-02 18:14:36 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2011-06-02 14:35:45 38147376 ----a-w- c:\program files\QuickTimeInstaller.exe

.

============= FINISH: 14:54:56,04 ===============

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.