Spillie001

hey wtf? toen ik dat het doorgestuurd had dan begon mijn pc heel raar te doen, als ik op google wou dan stond er: kan internet .. enz met een url balkje van waar internet staat, niet openen. en hij vroeg dan om het te verwijderen?? en dit was bij alles wat ik deed. ik heb hem gerestart en nu is alles weer oke. (anders zou ik nu dit hier niet maken) maar ik heb nu geen internet icoontje en wermgr opent zich zelf weer heel de tijd... het is van windows zelf dusj ik durf het niet verwijderen... :s maar het opent vanzelf en dan gaat het soms weer weg.. ofzo ik kan het niet goed uitleggen. als je het nodig vind kan ik een filmpje ervan maken. dan zie je het ook. als het makkelijker is om het optelossen dan moet je het zeggen. alvast bedankt

hallo ik heb het logje, maar ik denkt dat ik CFScript er niet heb ingedaan. ik zal nu de eerste log geven. ondertussen start de andere op met CFScript ComboFix 12-06-09.02 - Gebruiker 10/06/2012 10:28:03.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4010.2247 [GMT 2:00] Gestart vanuit: d:\pc help\ComboFix.exe AV: AVG Anti-Virus 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: AVG Anti-Virus 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\CFLog c:\cflog\CrashLog_20120528.txt c:\cflog\CrashLog_20120604.txt c:\users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\{030B45A6-CBA5-4775-A5F4-926BF2D54BC4}.xps . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-10 to 2012-06-10 )))))))))))))))))))))))))))))) . . 2012-06-10 08:36 . 2012-06-10 08:36 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-06-10 08:36 . 2012-06-10 08:36 -------- d-----w- c:\users\Roll-Trans\AppData\Local\temp 2012-06-10 08:36 . 2012-06-10 08:36 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-09 15:05 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1896FCF9-DF5D-41C4-8020-3A7D305A4990}\mpengine.dll 2012-06-09 15:05 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-04 12:44 . 2012-06-04 12:44 -------- d-----w- c:\windows\SysWow64\siscardplugins 2012-06-02 08:19 . 2012-06-02 08:19 -------- d-----w- c:\program files (x86)\Common Files\SWF Studio 2012-05-25 20:31 . 2012-05-25 20:31 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\dvdcss 2012-05-16 13:39 . 2012-05-16 13:39 115200 ----a-w- c:\windows\system32\beidpkcs11.dll 2012-05-16 13:38 . 2012-05-16 13:38 270848 ----a-w- c:\windows\system32\beid35cardlayer.dll 2012-05-16 13:38 . 2012-05-16 13:38 273408 ----a-w- c:\windows\system32\beid35DlgsWin32.dll 2012-05-16 13:38 . 2012-05-16 13:38 147456 ----a-w- c:\windows\system32\beid35common.dll 2012-05-16 13:33 . 2012-05-16 13:33 360448 ----a-w- c:\windows\SysWow64\beid35applayer.dll 2012-05-16 13:32 . 2012-05-16 13:32 102400 ----a-w- c:\windows\SysWow64\Belgium Identity Card PKCS11.dll 2012-05-16 13:32 . 2012-05-16 13:32 102400 ----a-w- c:\windows\SysWow64\beidpkcs11.dll 2012-05-16 13:32 . 2012-05-16 13:32 200704 ----a-w- c:\windows\SysWow64\beid35cardlayer.dll 2012-05-16 13:32 . 2012-05-16 13:32 266240 ----a-w- c:\windows\SysWow64\beid35DlgsWin32.dll 2012-05-16 13:32 . 2012-05-16 13:32 200704 ----a-w- c:\windows\SysWow64\beidlib.dll 2012-05-16 13:31 . 2012-05-16 13:31 126976 ----a-w- c:\windows\SysWow64\beid35common.dll 2012-05-16 13:31 . 2012-05-16 13:31 512000 ----a-w- c:\windows\system32\beid_ff_pkcs11.dll 2012-05-16 13:29 . 2012-05-16 13:29 352256 ----a-w- c:\windows\SysWow64\beid_ff_pkcs11.dll 2012-05-12 11:55 . 2012-05-12 11:55 -------- d-----w- c:\users\Roll-Trans\AppData\Local\AVG Secure Search . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-04 22:21 . 2012-05-04 22:21 0 ----a-w- c:\windows\SysWow64\sho27D2.tmp 2012-04-28 18:15 . 2012-04-28 18:15 388096 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-04-26 12:48 . 2012-04-26 12:48 71680 ----a-w- c:\windows\system32\frapsv64.dll 2012-04-26 12:48 . 2012-04-26 12:48 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll 2012-04-20 22:49 . 2012-04-20 22:49 0 ----a-w- c:\windows\SysWow64\sho1CCB.tmp 2012-04-17 18:31 . 2011-09-09 19:58 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-04-04 13:56 . 2012-04-28 21:13 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-30 21:13 . 2012-03-30 21:13 723294 ----a-w- c:\windows\unins000.exe 2012-03-28 20:19 . 2012-03-28 20:19 0 ----a-w- c:\windows\SysWow64\sho82D4.tmp 2012-03-27 19:27 . 2012-03-27 19:27 0 ----a-w- c:\windows\SysWow64\sho80DF.tmp 2012-03-20 18:44 . 2011-04-27 13:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 18:44 . 2011-04-18 11:18 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-03-16 19:07 . 2012-03-16 19:07 0 ----a-w- c:\windows\SysWow64\sho2FCD.tmp . . ((((((((((((((((((((((((((((( SnapShot@2012-05-15_16.14.10 ))))))))))))))))))))))))))))))))))))))))) . - 2011-12-07 15:51 . 2011-12-07 15:51 11776 c:\windows\SysWOW64\siscardplugins\siscardplugin1_BE_EID_35__ACS ACR38U__.dll + 2012-05-16 13:33 . 2012-05-16 13:33 11776 c:\windows\SysWOW64\siscardplugins\siscardplugin1_BE_EID_35__ACS ACR38U__.dll - 2012-05-14 20:45 . 2012-05-14 20:45 13366 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat + 2012-06-09 20:23 . 2012-06-09 20:23 13366 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat - 2009-07-14 04:54 . 2012-05-15 15:36 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-06-10 08:13 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-06-10 08:13 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-05-15 15:36 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-06-10 08:13 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-05-15 15:36 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-11-21 03:09 . 2012-06-10 08:15 64998 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-06-10 08:15 42122 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-08-24 15:48 . 2012-06-10 08:15 18832 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-235152614-3330405856-1564481352-1001_UserData.bin - 2009-07-14 05:30 . 2012-04-17 18:46 86016 c:\windows\system32\DriverStore\infpub.dat + 2009-07-14 05:30 . 2012-06-04 12:44 86016 c:\windows\system32\DriverStore\infpub.dat + 2011-08-24 11:13 . 2012-06-04 11:52 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-08-24 11:13 . 2012-05-13 05:18 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-08-24 11:13 . 2012-06-04 11:52 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-08-24 11:13 . 2012-05-13 05:18 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-06-04 11:52 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-05-13 05:18 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:46 . 2012-06-04 12:45 94576 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2012-06-02 08:04 . 2012-06-03 07:43 34144 c:\windows\Installer\{90140000-0057-0000-0000-0000000FF1CE}\oisicon.exe + 2012-06-02 08:04 . 2012-06-03 07:43 42848 c:\windows\Installer\{90140000-0057-0000-0000-0000000FF1CE}\msouc.exe + 2012-06-02 08:04 . 2012-06-03 07:43 19296 c:\windows\Installer\{90140000-0057-0000-0000-0000000FF1CE}\cagicon.exe + 2011-02-04 12:40 . 2011-02-04 12:40 49488 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\VBAJET32.DLL + 2010-10-20 11:45 . 2010-10-20 11:45 29528 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\THOCRAPI.DLL + 2010-12-20 23:29 . 2010-12-20 23:29 82848 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\PEOPLEDATAHANDLER.DLL + 2010-10-20 14:04 . 2010-10-20 14:04 15776 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\OMUOPTINPS.DLL + 2010-10-20 14:05 . 2010-10-20 14:05 20880 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\MUOPTIN.DLL + 2011-03-11 16:47 . 2011-03-11 16:47 15248 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\MSOCFUIU.DLL + 2011-03-11 16:46 . 2011-03-11 16:46 18832 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\MSOCFU.DLL + 2010-12-20 23:29 . 2010-12-20 23:29 58232 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\EXP_XPS.DLL + 2010-12-20 23:48 . 2010-12-20 23:48 44992 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACERCLR.DLL + 2010-02-28 02:44 . 2010-02-28 02:44 75672 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\WFAUTH.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 95576 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VIEWMODL.DLL + 2010-02-25 09:07 . 2010-02-25 09:07 49488 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VBAJET32.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 96624 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VAOSOLX.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 78208 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\TLIMPT.EXE + 2010-02-28 03:10 . 2010-02-28 03:10 50584 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\SUMINFO.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 60304 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\PROPMGR.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 78728 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\PROJIMPT.EXE + 2010-03-22 18:36 . 2010-03-22 18:36 82848 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\PEOPLEDATAHANDLER.DLL + 2010-03-22 18:36 . 2010-03-22 18:36 45984 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\OSETUPPS.DLL + 2010-02-28 03:10 . 2010-02-28 03:10 78224 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ORGWIZ.EXE + 2010-03-22 18:36 . 2010-03-22 18:36 15776 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\OMUOPTINPS.DLL + 2010-02-28 00:13 . 2010-02-28 00:13 20880 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MUOPTIN.DLL + 2010-03-01 03:17 . 2010-03-01 03:17 14736 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MSOCFUIU.DLL + 2010-01-10 17:48 . 2010-01-10 17:48 18832 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MSOCFU.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 15248 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\IMWIZ.DLL + 2010-03-22 18:36 . 2010-03-22 18:36 58232 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\EXP_XPS.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 38280 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\EDITORS.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 83912 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\DBSHARE.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 41864 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\CODEEDIT.DLL + 2010-03-22 18:51 . 2010-03-22 18:51 44480 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACERCLR.DLL + 2010-03-22 18:51 . 2010-03-22 18:51 14776 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEODTXT.DLL + 2010-03-22 18:51 . 2010-03-22 18:51 14776 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEODEXL.DLL + 2010-03-22 18:51 . 2010-03-22 18:51 14776 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEODDBS.DLL + 2010-03-23 08:54 . 2010-03-23 08:54 37776 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEERR.DLL + 2012-06-02 08:03 . 2012-06-02 08:03 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.VisOcx\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.VisOcx.dll + 2012-06-02 08:03 . 2012-06-02 08:03 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Visio\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Visio.dll + 2012-06-02 08:03 . 2012-06-02 08:03 11672 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Visio.SaveAsWeb\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Visio.SaveAsWeb.dll + 2012-06-02 08:03 . 2012-06-02 08:03 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.VisOcx\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.VisOcx.dll + 2012-06-02 08:03 . 2012-06-02 08:03 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Visio\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Visio.dll + 2012-06-02 08:03 . 2012-06-02 08:03 11672 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Visio.SaveAsWeb\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Visio.SaveAsWeb.dll + 2012-06-02 08:03 . 2012-06-02 08:03 79736 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.VisOcx\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.VisOcx.dll + 2012-06-02 08:03 . 2012-06-02 08:03 19328 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Visio.SaveAsWeb\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Visio.SaveAsWeb.dll - 2012-04-06 10:41 . 2012-04-08 12:39 9560 c:\windows\system32\NetworkList\Icons\{21D992DD-C347-43C7-85CD-10799AE7E537}_48.bin + 2012-04-06 10:41 . 2012-06-09 18:12 9560 c:\windows\system32\NetworkList\Icons\{21D992DD-C347-43C7-85CD-10799AE7E537}_48.bin + 2012-04-06 10:41 . 2012-06-09 18:12 4280 c:\windows\system32\NetworkList\Icons\{21D992DD-C347-43C7-85CD-10799AE7E537}_32.bin - 2012-04-06 10:41 . 2012-04-08 12:39 4280 c:\windows\system32\NetworkList\Icons\{21D992DD-C347-43C7-85CD-10799AE7E537}_32.bin - 2012-04-06 10:41 . 2012-04-08 12:39 2456 c:\windows\system32\NetworkList\Icons\{21D992DD-C347-43C7-85CD-10799AE7E537}_24.bin + 2012-04-06 10:41 . 2012-06-09 18:12 2456 c:\windows\system32\NetworkList\Icons\{21D992DD-C347-43C7-85CD-10799AE7E537}_24.bin - 2012-05-15 15:34 . 2012-05-15 15:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-06-10 08:11 . 2012-06-10 08:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-05-15 15:34 . 2012-05-15 15:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-06-10 08:11 . 2012-06-10 08:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-08-28 13:49 . 2012-06-10 08:13 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat - 2011-08-28 13:49 . 2012-05-12 19:01 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2011-08-29 04:42 . 2012-06-04 15:53 280014 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin + 2011-08-24 13:37 . 2012-06-09 14:52 500776 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2010-11-21 16:48 . 2012-06-09 17:32 811462 c:\windows\system32\perfh013.dat - 2010-11-21 16:48 . 2012-05-13 11:50 811462 c:\windows\system32\perfh013.dat + 2009-07-14 02:36 . 2012-06-09 17:32 720268 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2012-05-13 11:50 720268 c:\windows\system32\perfh009.dat - 2010-11-21 16:48 . 2012-05-13 11:50 178278 c:\windows\system32\perfc013.dat + 2010-11-21 16:48 . 2012-06-09 17:32 178278 c:\windows\system32\perfc013.dat + 2009-07-14 02:36 . 2012-06-09 17:32 146932 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2012-05-13 11:50 146932 c:\windows\system32\perfc009.dat + 2009-07-14 04:45 . 2012-06-02 09:52 434016 c:\windows\system32\FNTCACHE.DAT - 2009-07-14 05:30 . 2012-04-17 18:46 143360 c:\windows\system32\DriverStore\infstrng.dat + 2009-07-14 05:30 . 2012-06-04 12:44 143360 c:\windows\system32\DriverStore\infstrng.dat + 2009-07-14 05:01 . 2012-06-09 20:23 400012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2012-05-14 20:45 400012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-04-28 18:29 . 2011-04-28 18:29 675328 c:\windows\Installer\9a1d4.msp + 2012-06-02 08:04 . 2012-06-03 07:43 571232 c:\windows\Installer\{90140000-0057-0000-0000-0000000FF1CE}\misc.exe + 2010-10-20 11:45 . 2010-10-20 11:45 134024 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\TWCUTCHR.DLL + 2010-12-21 00:02 . 2010-12-21 00:02 521616 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\SELFCERT.EXE + 2010-12-21 00:09 . 2010-12-21 00:09 259960 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\OISGRAPH.DLL + 2010-12-21 00:09 . 2010-12-21 00:09 886640 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\OISAPP.DLL + 2010-12-21 00:09 . 2010-12-21 00:09 274280 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\OIS.EXE + 2011-03-02 06:20 . 2011-03-02 06:20 169864 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\OARPMANY.EXE + 2010-10-20 14:05 . 2010-10-20 14:05 702312 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\MSTORDB.EXE + 2010-12-21 01:29 . 2010-12-21 01:29 218976 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\MSPROOF6.DLL + 2010-10-20 12:35 . 2010-10-20 12:35 473952 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\MSOICONS.EXE + 2010-12-21 00:02 . 2010-12-21 00:02 501600 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\MSODCW.DLL + 2011-03-11 16:47 . 2011-03-11 16:47 152952 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\MSOCF.DLL + 2011-01-07 09:38 . 2011-01-07 09:38 121208 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\MSCONV97.DLL + 2010-10-20 14:05 . 2010-10-20 14:05 698216 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\MEDCAT.DLL + 2010-10-20 14:04 . 2010-10-20 14:04 178560 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\IETAG.DLL + 2011-02-04 12:40 . 2011-02-04 12:40 452936 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\EXPSRV.DLL + 2010-12-27 20:42 . 2010-12-27 20:42 105336 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\EXP_PDF.DLL + 2010-12-20 23:26 . 2010-12-20 23:26 519584 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\DWTRIG20.EXE + 2010-12-21 00:01 . 2010-12-21 00:01 210296 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\CLVIEW.EXE + 2010-12-27 23:50 . 2010-12-27 23:50 397144 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\CDLMSO.DLL + 2010-12-27 23:49 . 2010-12-27 23:49 362904 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACEXBE.DLL + 2010-12-27 23:51 . 2010-12-27 23:51 247200 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACEWSS.DLL + 2010-12-27 23:49 . 2010-12-27 23:49 220560 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACETXT.DLL + 2010-12-27 23:49 . 2010-12-27 23:49 527776 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACEREP.DLL + 2010-12-20 23:48 . 2010-12-20 23:48 329624 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACER3X.DLL + 2010-12-27 23:49 . 2010-12-27 23:49 383904 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACEOLEDB.DLL + 2010-12-20 23:48 . 2010-12-20 23:48 278448 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACEODBC.DLL + 2010-12-27 23:49 . 2010-12-27 23:49 644504 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACEEXCL.DLL + 2010-12-27 23:49 . 2010-12-27 23:49 334752 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACEEXCH.DLL + 2010-12-27 23:49 . 2010-12-27 23:49 686504 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACEES.DLL + 2010-12-27 23:49 . 2010-12-27 23:49 548792 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACEDAO.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 454520 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\XFUNC.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 381816 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\WORKFLOW.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 477024 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\WFSPPRX.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 423776 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\WFMSPRX.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 697224 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VISWEB.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 448872 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VISUTILS.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 537952 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VISSUPP.DLL + 2010-03-13 12:51 . 2010-03-13 12:51 560992 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VISGRF.DLL + 2010-03-01 02:55 . 2010-03-01 02:55 139104 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VISDLGU.DLL + 2010-03-01 02:59 . 2010-03-01 02:59 223600 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VISCOLOR.DLL + 2010-02-28 03:10 . 2010-02-28 03:10 120192 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VERBWIND.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 954240 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\TIMESOLN.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 101256 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\STYLEMGR.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 194984 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\SQLSHARE.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 207736 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\SOLUTILS.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 207200 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\SHAPNUM.DLL + 2010-02-28 00:13 . 2010-02-28 00:13 521616 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\SELFCERT.EXE + 2010-02-28 03:09 . 2010-02-28 03:09 141192 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\SAVWBXAML.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 179592 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\SAVWBVML.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 186760 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\SAVWBRAS.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 115616 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\SAVWBHF.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 423784 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\SAVASWEB.DLL + 2010-02-28 03:10 . 2010-02-28 03:10 170376 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\REPORT.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 733576 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\PROPRPT.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 116576 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\PROJMODL.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 549232 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\PE.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 344480 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\PDSBASE.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 322456 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ORMELEMS.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 458632 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ORGCHWIZ.DLL + 2010-02-28 00:21 . 2010-02-28 00:21 259960 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\OISGRAPH.DLL + 2010-02-28 00:21 . 2010-02-28 00:21 886640 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\OISAPP.DLL + 2010-02-28 00:21 . 2010-02-28 00:21 274280 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\OIS.EXE + 2010-03-10 22:44 . 2010-03-10 22:44 510904 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ODEPLOY.EXE + 2010-01-09 19:23 . 2010-01-09 19:23 169352 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\OARPMANY.EXE + 2010-02-28 00:15 . 2010-02-28 00:15 702312 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MSTORDB.EXE + 2010-03-29 19:47 . 2010-03-29 19:47 218464 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MSPROOF6.DLL + 2010-03-01 02:55 . 2010-03-01 02:55 209272 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MSOUTLS.DLL + 2010-03-16 00:58 . 2010-03-16 00:58 360824 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MSOUC.EXE + 2010-03-16 00:58 . 2010-03-16 00:58 718208 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MSOSYNC.EXE + 2010-03-06 03:29 . 2010-03-06 03:29 501088 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MSODCW.DLL + 2010-03-01 03:17 . 2010-03-01 03:17 152952 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MSOCF.DLL + 2009-09-04 07:02 . 2009-09-04 07:02 591680 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MSLID.DLL + 2010-01-09 19:50 . 2010-01-09 19:50 119160 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MSCONV97.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 461672 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MODELENG.DLL + 2010-02-28 00:15 . 2010-02-28 00:15 698216 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MEDCAT.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 352680 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\LOGVIEW.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 712608 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\LOGELEMS.DLL + 2010-02-28 03:10 . 2010-02-28 03:10 362352 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\LGND.DLL + 2010-02-28 03:10 . 2010-02-28 03:10 234368 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\IXUTIL.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 167304 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\IMWDD.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 145792 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\IMUTIL.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 503696 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\IMCOMMON.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 349032 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\HVAC.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 952680 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\GANTT.DLL + 2010-02-04 02:41 . 2010-02-04 02:41 120160 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\FLTLDR.EXE + 2010-02-28 03:09 . 2010-02-28 03:09 231336 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\EXTRACT.DLL + 2010-02-25 09:07 . 2010-02-25 09:07 452936 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\EXPSRV.DLL + 2010-03-23 09:03 . 2010-03-23 09:03 104824 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\EXP_PDF.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 111008 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ELEMUTIL.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 199048 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ELEMENTS.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 188264 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\EDITOR.EXE + 2010-02-28 00:09 . 2010-02-28 00:09 519584 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\DWTRIG20.EXE + 2010-02-28 01:01 . 2010-02-28 01:01 144736 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\DWGCNV.DLL + 2010-03-01 02:59 . 2010-03-01 02:59 926584 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\DRILLDWN.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 919912 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\DBWIZ.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 660856 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\DBENGR.DLL + 2010-02-28 03:10 . 2010-02-28 03:10 354672 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\DATAGATH.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 501112 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\CMAX20.DLL + 2010-02-28 00:19 . 2010-02-28 00:19 211320 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\CLVIEW.EXE + 2010-03-01 03:18 . 2010-03-01 03:18 397656 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\CDLMSO.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 584064 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\BSTORM.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 136600 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\BRTVIEW.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 483208 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\AECUTILS.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 905080 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\AEC.DLL + 2010-03-23 08:55 . 2010-03-23 08:55 362904 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEXBE.DLL + 2010-03-01 03:19 . 2010-03-01 03:19 247200 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEWSS.DLL + 2010-03-23 08:54 . 2010-03-23 08:54 220560 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACETXT.DLL + 2010-03-23 08:55 . 2010-03-23 08:55 527776 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEREP.DLL + 2010-03-22 18:51 . 2010-03-22 18:51 329624 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACER3X.DLL + 2010-03-23 08:55 . 2010-03-23 08:55 383904 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEOLEDB.DLL + 2010-03-22 18:51 . 2010-03-22 18:51 278448 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEODBC.DLL + 2010-03-23 08:55 . 2010-03-23 08:55 643992 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEEXCL.DLL + 2010-03-23 08:54 . 2010-03-23 08:54 334752 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEEXCH.DLL + 2010-03-23 08:55 . 2010-03-23 08:55 686504 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEES.DLL + 2010-03-23 08:55 . 2010-03-23 08:55 548792 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEDAO.DLL + 2012-06-02 08:03 . 2012-06-02 08:03 948088 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Visio\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Visio.dll - 2011-08-24 15:42 . 2012-05-12 14:25 7450248 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-235152614-3330405856-1564481352-1002-8192.dat + 2011-08-24 15:42 . 2012-05-22 20:29 7450248 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-235152614-3330405856-1564481352-1002-8192.dat + 2012-06-02 08:01 . 2012-06-02 08:01 9054208 c:\windows\Installer\7d8d6c.msi + 2012-06-02 08:01 . 2012-06-02 08:01 2087424 c:\windows\Installer\7d8b0c.msi + 2012-06-02 08:04 . 2012-06-03 07:43 1162592 c:\windows\Installer\{90140000-0057-0000-0000-0000000FF1CE}\visicon.exe + 2010-10-20 11:45 . 2010-10-20 11:45 1199008 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\WKCONV.EXE + 2010-12-27 23:51 . 2010-12-27 23:51 2832792 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\STSLIST.DLL + 2010-10-28 15:33 . 2010-10-28 15:33 1100152 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\SETUP.EXE + 2010-12-21 00:08 . 2010-12-21 00:08 5790056 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\OSETUP.DLL + 2010-10-20 11:39 . 2010-10-20 11:39 3483000 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\OIMG.DLL + 2011-03-02 07:43 . 2011-03-02 07:43 7278976 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\OFFOWC.DLL + 2011-02-11 22:13 . 2011-02-11 22:13 1748328 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\GFX.DLL + 2010-10-20 11:44 . 2010-10-20 11:44 1207656 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\FM20.DLL + 2010-10-22 17:55 . 2010-10-22 17:55 3049376 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACEWDAT.DLL + 2011-03-11 16:46 . 2011-03-11 16:46 2194312 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.6029\ACECORE.DLL + 2010-02-17 19:56 . 2010-02-17 19:56 1199008 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\WKCONV.EXE + 2010-03-13 12:51 . 2010-03-13 12:51 1482592 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VISIO.EXE + 2010-03-24 18:28 . 2010-03-24 18:28 1162592 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VISICON.EXE + 2010-02-25 09:07 . 2010-02-25 09:07 2672456 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VBE7.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 1654640 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\UML.DLL + 2010-03-01 03:07 . 2010-03-01 03:07 2831768 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\STSLIST.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 1579368 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\SG.DLL + 2010-03-10 22:44 . 2010-03-10 22:44 1100664 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\SETUP.EXE + 2010-03-10 22:44 . 2010-03-10 22:44 5789544 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\OSETUP.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 1191304 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ORGCHART.DLL + 2010-01-09 19:24 . 2010-01-09 19:24 3483000 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\OIMG.DLL + 2010-02-28 00:19 . 2010-02-28 00:19 7277440 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\OFFOWC.DLL + 2010-03-01 03:08 . 2010-03-01 03:08 1746280 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\GFX.DLL + 2010-02-20 15:20 . 2010-02-20 15:20 1207144 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\FM20.DLL + 2010-02-28 03:09 . 2010-02-28 03:09 1013608 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\FACILITY.DLL + 2010-02-28 01:13 . 2010-02-28 01:13 5864808 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\DWGDP.DLL + 2010-03-23 08:55 . 2010-03-23 08:55 3049376 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACEWDAT.DLL + 2010-03-23 08:55 . 2010-03-23 08:55 2193800 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\ACECORE.DLL + 2011-08-24 16:11 . 2012-06-09 20:23 21307708 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-235152614-3330405856-1564481352-1001-8192.dat + 2011-08-25 20:26 . 2012-06-06 19:44 63683020 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-235152614-3330405856-1564481352-1001-4096.dat + 2011-08-26 16:10 . 2012-06-09 15:15 11476116 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-235152614-3330405856-1564481352-1001-12288.dat + 2011-10-16 12:47 . 2011-10-16 12:47 17601536 c:\windows\Installer\9a1cc.msp + 2012-06-04 12:43 . 2012-06-04 12:43 18454528 c:\windows\Installer\86b3c6.msi + 2010-03-13 12:51 . 2010-03-13 12:51 13575528 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VISLIB.DLL + 2010-03-01 02:55 . 2010-03-01 02:55 10038656 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\VISBRGR.DLL + 2010-03-13 13:08 . 2010-03-13 13:08 20516712 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\OART.DLL + 2010-03-22 18:36 . 2010-03-22 18:36 72521600 c:\windows\Installer\$PatchCache$\Managed\00004109750000000000000000F01FEC\14.0.4763\MSORES.DLL + 2011-04-28 18:31 . 2011-04-28 18:31 103830528 c:\windows\Installer\9a291.msp . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-04-29 18:10 2067328 ----a-w- c:\program files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll" [2012-04-29 2067328] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-04-11 742264] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "MobileBroadband"="c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe" [2010-12-31 398848] "LogMeIn Hamachi Ui"="d:\documents\Sander\Hacks\hamachi-2-ui.exe" [2012-02-28 1987976] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-04-29 1116544] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] R2 CECFLPKT;CECFLPKT;c:\program files (x86)\ChiconyCam\CECPLFKT.exe [2010-09-09 84592] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-26 136176] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336] R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-07-15 1188616] R3 BTMCOM;Bluetooth Serial Port;c:\windows\System32\Drivers\btmcom.sys [x] R3 BTMHID;BTMHID;c:\windows\system32\drivers\btmhid.sys [x] R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-26 136176] R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x] R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [x] R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 X6va005;X6va005;c:\users\GEBRUI~1\AppData\Local\Temp\005A44F.tmp [x] R3 X6va006;X6va006;c:\users\GEBRUI~1\AppData\Local\Temp\0069EA1.tmp [x] R3 X6va007;X6va007;c:\users\GEBRUI~1\AppData\Local\Temp\007EE83.tmp [x] R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776] S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-07-16 679176] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\documents\Sander\Hacks\hamachi-2.exe [2012-02-28 2343816] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336] S2 PowerBiosServer;PowerBiosServer;c:\program files (x86)\Hotkey\PowerBiosServer.exe [2010-11-18 32768] S2 ScrybeUpdater;Scrybe-updateprogramma;c:\program files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-05-27 1300264] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768] S2 VmbService;Vodafone Mobile Broadband-service;c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2010-12-31 9216] S2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [2012-04-29 932736] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x] S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-07-26 4150536] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-05-02 1028096] S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x] S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2012-06-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-26 15:10] . 2012-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-26 15:10] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: Download all by FlashGet3 - c:\users\Gebruiker\AppData\Roaming\FlashGetBHO\GetAllUrl.htm IE: Download by FlashGet3 - c:\users\Gebruiker\AppData\Roaming\FlashGetBHO\GetUrl.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: ????3?? - c:\users\Gebruiker\AppData\Roaming\FlashGetBHO\GetUrl.htm IE: ????3?????? - c:\users\Gebruiker\AppData\Roaming\FlashGetBHO\GetAllUrl.htm IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm TCP: Interfaces\{E7485B09-FD06-4E7F-97AD-D11FB237855F}: NameServer = 81.169.60.107 81.169.60.107 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) Toolbar-!{2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file) Toolbar-!{94709E6D-4459-4223-9730-18F5763CA1E6} - (no file) Wow6432Node-HKLM-Run-beid - c:\program files (x86)\Belgium Identity Card\beid35gui.exe WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005] "ImagePath"="\??\c:\users\GEBRUI~1\AppData\Local\Temp\005A44F.tmp" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va006] "ImagePath"="\??\c:\users\GEBRUI~1\AppData\Local\Temp\0069EA1.tmp" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va007] "ImagePath"="\??\c:\users\GEBRUI~1\AppData\Local\Temp\007EE83.tmp" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4, 91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27 "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1, 38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4 "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96, 76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07, 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce, 9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d "{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0, b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47, 2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:9c,42,ad,5b,33,26,cd,01 . [HKEY_USERS\S-1-5-21-235152614-3330405856-1564481352-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_f3*N}] @="c:\\Users\\Gebruiker\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm" "contexts"=dword:00000022 . [HKEY_USERS\S-1-5-21-235152614-3330405856-1564481352-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_f3*N}hQèþ”¥c] @="c:\\Users\\Gebruiker\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm" "contexts"=dword:000000f3 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-06-10 10:41:33 ComboFix-quarantined-files.txt 2012-06-10 08:41 ComboFix2.txt 2012-05-15 16:17 . Pre-Run: 175.207.116.800 bytes beschikbaar Post-Run: 175.412.559.872 bytes beschikbaar . - - End Of File - - 7ABDA45C2E5303F83BD9D3262E75383F

het lukt niet, denk ik-- hij wil de bestands locatie van ComboFix openen, het staat er nergens ... ik heb wel al het CFScript ---------- Post toegevoegd om 17:05 ---------- Vorige post was om 17:01 ---------- oke, ik heb me vergist het is gelukt, maar ik moet combofix al1 nog updaten. w8 secondje

oke , hier voor de zekerheid nog een logje van hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:08:56, on 19/05/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17098) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Arcade\PCMService.exe C:\Program Files\Acer\eRecovery\Monitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Acer.com Worldwide - Select your local country or region R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: CBTB00001 Class - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\toolbar.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll (file missing) O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Spector Photo Software\Agent.exe" O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/Newuploader/ImageUploader4.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Google Updateservice (gupdate1c9ed0183983d74) (gupdate1c9ed0183983d74) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -- End of file - 9169 bytes het kan zijn dat O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll (file missing) nog niet verwijdert is , maar dat heb ik net gedaan. hier heb je malwarebytes anti malware logje: en dit had ik ook al gedaan en alles verwijdert hier nog eens Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.05.19.02 Windows XP Service Pack 3 x86 FAT32 Internet Explorer 7.0.5730.13 Blity :: ACER-3F7889A49C [administrator] 19/05/2012 21:08:32 mbam-log-2012-05-19 (21-08-32).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 265524 Verstreken tijd: 31 minuut/minuten, 2 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

hallo ik heb ook het probleem dat mijn lapop zo traaaag is ;s ik hab al veel berichten van jullie gelezen dus normaal gezien heb je niet zoveel moeite met mij xd hier heb je Hijackthis een logje : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:11:31, on 19/05/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17098) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Arcade\PCMService.exe C:\Program Files\Acer\eRecovery\Monitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Acer.com Worldwide - Select your local country or region R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: CBTB00001 Class - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\toolbar.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll (file missing) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Skype™ For Internet Explorer - {B13721C7-F507-4982-B2E5-502A71474FED} - C:\Program Files\Skype\toolbars\Skype for Internet Explorer\toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll (file missing) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Spector Photo Software\Agent.exe" O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/Newuploader/ImageUploader4.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Google Updateservice (gupdate1c9ed0183983d74) (gupdate1c9ed0183983d74) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -- End of file - 9881 bytes en ik ben nu ook bezig met ccleaner te installeren

Ow sorry, je hebt gelijk xd iets over het hoofd gezien. Hier heb je het, sorry nogmaals. ComboFix 12-05-09.01 - Gebruiker 15/05/2012 18:10:49.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4010.2054 [GMT 2:00] Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe AV: AVG Anti-Virus 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: AVG Anti-Virus 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . - VERMINDERDE FUNCTIONALITEIT MODUS - . . (((((((((((((((((((((((((((((((((( Andeare Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\CFLog c:\cflog\CrashLog_20120512.txt C:\prefs.js c:\users\Roll-Trans\AppData\Roaming\chrtmp c:\windows\system32\drivers\etc\hosts.ics . ---- Voorgaande Run ------- . C:\CFLog c:\cflog\CrashLog_20120325.txt c:\cflog\CrashLog_20120409.txt c:\cflog\CrashLog_20120412.txt c:\cflog\CrashLog_20120414.txt c:\cflog\CrashLog_20120415.txt c:\cflog\CrashLog_20120416.txt c:\cflog\CrashLog_20120417.txt c:\cflog\CrashLog_20120422.txt c:\cflog\CrashLog_20120503.txt c:\program files (x86)\Complitly c:\program files (x86)\Complitly\chrome\ComplitlyChrome.crx c:\program files (x86)\Complitly\FireFoxExtensionWithFF8Fix.exe c:\program files (x86)\Complitly\FireFoxUninstaller.exe c:\program files (x86)\Complitly\InstTracker.exe c:\program files (x86)\Complitly\support@Complitly.com\chrome.manifest c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\appIcon.png c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.js c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.xul c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\utils.js c:\program files (x86)\Complitly\support@Complitly.com\defaults\preferences\predictad.js c:\program files (x86)\Complitly\support@Complitly.com\install.rdf c:\program files (x86)\Complitly\System.Data.SQLite.dll c:\program files (x86)\Complitly\unins000.dat c:\program files (x86)\Complitly\unins000.exe c:\programdata\a6a4bfb325190c9aebf3ab6db4896329_c c:\users\Roll-Trans\AppData\Local\Microsoft\Windows\Temporary Internet Files\tbinst . . (((((((((((((((((((( Bestanden Gemaakt van 2012-04-15 to 2012-05-15 )))))))))))))))))))))))))))))) . . 2012-05-15 16:13 . 2012-05-15 16:13 -------- d-----w- c:\users\Roll-Trans\AppData\Local\temp 2012-05-15 16:13 . 2012-05-15 16:13 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-12 11:55 . 2012-05-12 11:55 -------- d-----w- c:\users\Roll-Trans\AppData\Local\AVG Secure Search 2012-05-12 10:23 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CEFA59DC-441B-4A89-8DE4-21BE11006F26}\mpengine.dll 2012-05-04 22:21 . 2012-05-04 22:21 0 ----a-w- c:\windows\SysWow64\sho27D2.tmp 2012-05-03 10:36 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-05-01 09:52 . 2012-05-01 09:52 -------- d-----w- c:\users\Gebruiker\AppData\Local\AVG Secure Search 2012-04-29 09:00 . 2012-04-29 16:13 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE 2012-04-28 21:35 . 2012-04-28 21:40 -------- d-----w- C:\.VentrilicaCache 2012-04-28 21:13 . 2012-04-28 21:13 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Malwarebytes 2012-04-28 21:13 . 2012-04-28 21:13 -------- d-----w- c:\programdata\Malwarebytes 2012-04-28 21:13 . 2012-04-28 21:13 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-04-28 21:13 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-28 18:15 . 2012-04-28 18:15 388096 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-04-28 18:15 . 2012-04-28 18:15 -------- d-----w- c:\program files (x86)\Trend Micro 2012-04-28 14:00 . 2012-04-28 18:06 -------- d-----w- c:\program files (x86)\Uniblue 2012-04-23 15:56 . 2012-04-28 20:58 -------- d-----w- c:\program files (x86)\BrowserCompanion 2012-04-23 14:09 . 2012-04-23 16:02 -------- d-----w- c:\users\Roll-Trans\Incomplete 2012-04-23 14:07 . 2012-04-23 16:07 -------- d-----w- c:\users\Roll-Trans\Shared 2012-04-23 14:07 . 2012-04-23 14:19 -------- d-----w- c:\users\Roll-Trans\AppData\Roaming\LimeWire Music 2012-04-23 14:07 . 2012-04-23 14:07 -------- d-----w- c:\programdata\LimeWire Music 2012-04-23 14:07 . 2012-04-23 16:06 -------- d-----w- c:\program files (x86)\LimeWire Music 2012-04-23 14:07 . 2012-04-28 20:58 -------- d-----w- c:\users\Roll-Trans\AppData\Roaming\Complitly 2012-04-20 22:49 . 2012-04-20 22:49 0 ----a-w- c:\windows\SysWow64\sho1CCB.tmp 2012-04-19 16:04 . 2012-04-19 16:04 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\14eda2b71cd1e4601\MeshBetaRemover.exe 2012-04-18 12:05 . 2000-07-21 09:05 12288 ----a-w- c:\windows\SysWow64\Msda734d.rra 2012-04-18 12:04 . 2012-04-18 12:05 -------- d-----w- c:\program files (x86)\CADdy++ - SEE Electrical School 2012-04-18 11:10 . 2012-04-18 11:10 -------- d-----w- c:\program files (x86)\Common Files\Bcgsoft 2012-04-18 11:08 . 2004-07-14 10:54 676864 ----a-w- c:\windows\SysWow64\drivers\hardlock.sys 2012-04-18 11:06 . 2004-03-25 18:00 212992 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ILog.dll 2012-04-18 10:28 . 2012-04-18 10:28 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\f745793e1cd1d4d01\DSETUP.dll 2012-04-18 10:28 . 2012-04-18 10:28 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\f745793e1cd1d4d01\DXSETUP.exe 2012-04-18 10:28 . 2012-04-18 10:28 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\f745793e1cd1d4d01\dsetup32.dll 2012-04-17 18:42 . 2012-04-28 20:59 -------- d-----w- C:\Firefox 2012-04-17 18:32 . 2012-04-17 18:32 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-04-17 18:31 . 2012-04-17 18:31 -------- d-----w- c:\program files (x86)\Java 2012-04-17 18:22 . 2012-04-17 18:22 -------- d-----w- c:\program files (x86)\SIW 2012-04-16 18:49 . 2012-05-12 06:09 -------- d-----w- c:\users\UpdatusUser 2012-04-16 18:45 . 2012-03-01 00:02 1466176 ----a-w- c:\windows\system32\nvgenco64.dll 2012-04-16 18:45 . 2012-03-01 00:02 1737536 ----a-w- c:\windows\system32\nvdispco64.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-17 18:31 . 2011-09-09 19:58 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-03-30 21:13 . 2012-03-30 21:13 723294 ----a-w- c:\windows\unins000.exe 2012-03-28 20:19 . 2012-03-28 20:19 0 ----a-w- c:\windows\SysWow64\sho82D4.tmp 2012-03-27 19:27 . 2012-03-27 19:27 0 ----a-w- c:\windows\SysWow64\sho80DF.tmp 2012-03-20 18:44 . 2011-04-27 13:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 18:44 . 2011-04-18 11:18 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-03-16 19:07 . 2012-03-16 19:07 0 ----a-w- c:\windows\SysWow64\sho2FCD.tmp 2012-02-29 20:59 . 2011-04-07 21:19 63296 ----a-w- c:\windows\system32\nvshext.dll 2012-02-29 20:59 . 2011-04-07 21:19 2515790 ----a-w- c:\windows\system32\nvcoproc.bin 2012-02-17 21:50 . 2012-02-17 21:50 0 ----a-w- c:\windows\SysWow64\shoFDB6.tmp 2012-02-17 06:38 . 2012-03-14 11:21 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-02-17 05:34 . 2012-03-14 11:21 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-02-17 04:58 . 2012-03-14 11:21 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-17 04:57 . 2012-03-14 11:21 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-04-29 18:10 2067328 ----a-w- c:\program files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll" [2012-04-29 2067328] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-04-11 742264] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "MobileBroadband"="c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe" [2010-12-31 398848] "LogMeIn Hamachi Ui"="d:\documents\Sander\Hacks\hamachi-2-ui.exe" [2012-02-28 1987976] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-04-29 1116544] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] R2 CECFLPKT;CECFLPKT;c:\program files (x86)\ChiconyCam\CECPLFKT.exe [2010-09-09 84592] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-26 136176] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336] R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-07-15 1188616] R3 BTMCOM;Bluetooth Serial Port;c:\windows\System32\Drivers\btmcom.sys [x] R3 BTMHID;BTMHID;c:\windows\system32\drivers\btmhid.sys [x] R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-26 136176] R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x] R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [x] R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 X6va005;X6va005;c:\users\GEBRUI~1\AppData\Local\Temp\005A44F.tmp [x] R3 X6va006;X6va006;c:\users\GEBRUI~1\AppData\Local\Temp\0069EA1.tmp [x] R3 X6va007;X6va007;c:\users\GEBRUI~1\AppData\Local\Temp\007EE83.tmp [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776] S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-07-16 679176] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\documents\Sander\Hacks\hamachi-2.exe [2012-02-28 2343816] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352] S2 PowerBiosServer;PowerBiosServer;c:\program files (x86)\Hotkey\PowerBiosServer.exe [2010-11-18 32768] S2 ScrybeUpdater;Scrybe-updateprogramma;c:\program files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-05-27 1300264] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768] S2 VmbService;Vodafone Mobile Broadband-service;c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2010-12-31 9216] S2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [2012-04-29 932736] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x] S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-07-26 4150536] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-05-02 1028096] S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x] S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] S3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x] . . Inhoud van de 'Gedeelde Taken' map . 2012-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-26 15:10] . 2012-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-26 15:10] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: Download all by FlashGet3 - c:\users\Gebruiker\AppData\Roaming\FlashGetBHO\GetAllUrl.htm IE: Download by FlashGet3 - c:\users\Gebruiker\AppData\Roaming\FlashGetBHO\GetUrl.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: ????3?? - c:\users\Gebruiker\AppData\Roaming\FlashGetBHO\GetUrl.htm IE: ????3?????? - c:\users\Gebruiker\AppData\Roaming\FlashGetBHO\GetAllUrl.htm IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm TCP: Interfaces\{E7485B09-FD06-4E7F-97AD-D11FB237855F}: NameServer = 81.169.62.171 81.169.62.171 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) Toolbar-!{2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file) Toolbar-!{94709E6D-4459-4223-9730-18F5763CA1E6} - (no file) Toolbar-10 - (no file) Toolbar-!{2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file) Toolbar-!{94709E6D-4459-4223-9730-18F5763CA1E6} - (no file) WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files (x86)\Complitly\unins000.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005] "ImagePath"="\??\c:\users\GEBRUI~1\AppData\Local\Temp\005A44F.tmp" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va006] "ImagePath"="\??\c:\users\GEBRUI~1\AppData\Local\Temp\0069EA1.tmp" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va007] "ImagePath"="\??\c:\users\GEBRUI~1\AppData\Local\Temp\007EE83.tmp" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4, 91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27 "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1, 38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4 "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96, 76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07, 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce, 9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d "{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0, b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47, 2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:9c,42,ad,5b,33,26,cd,01 . [HKEY_USERS\S-1-5-21-235152614-3330405856-1564481352-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_f3*N}] @="c:\\Users\\Gebruiker\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm" "contexts"=dword:00000022 . [HKEY_USERS\S-1-5-21-235152614-3330405856-1564481352-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_f3*N}hQèþ”¥c] @="c:\\Users\\Gebruiker\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm" "contexts"=dword:000000f3 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-05-15 18:17:23 ComboFix-quarantined-files.txt 2012-05-15 16:17 . Pre-Run: 173.888.593.920 bytes beschikbaar Post-Run: 173.838.565.376 bytes beschikbaar . - - End Of File - - 9C595417ED7103B3E22EA738FF54DF46

ik heb gisteren een bericht gestuurd dat ik dan ging melden of het opgelost was maar dat is nog altijd niet het geval -.- ik heb precies gedaan wat jullie zeiden. ik ben zeker de enigste met dit probleem? En nu? groetjes Sander

Sorry dat het zolang duurde, mijn adaptor was kapot en ik heb een nieuwe moeten bestellen -.-. ik heb gedaan wat er stond in het laatste bericht en volgensmij is het opgelost. ik zal dit markeren als opgelost en als het probleem dan nog voorvalt dan zal ik opnieuw melden. Maar alvast bedankt voor jullie steun!! groetjes Sander S.

oke sorry, hier heb je het Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:10:13, on 29/04/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe D:\Documents\Sander\Hacks\hamachi-2-ui.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - !{2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file) O3 - Toolbar: (no name) - !{94709E6D-4459-4223-9730-18F5763CA1E6} - (no file) O3 - Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Documents\Sander\Hacks\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-235152614-3330405856-1564481352-1009\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-235152614-3330405856-1564481352-1009\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Gebruiker\AppData\Roaming\FlashGetBHO\GetAllUrl.htm O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Gebruiker\AppData\Roaming\FlashGetBHO\GetUrl.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E7485B09-FD06-4E7F-97AD-D11FB237855F}: NameServer = 81.169.62.171 81.169.62.171 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll, C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe O23 - Service: CECFLPKT - Chicony Electronics Co., Ltd. - C:\Program Files (x86)\ChiconyCam\CECPLFKT.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Documents\Sander\Hacks\hamachi-2.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Scrybe-updateprogramma (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Vodafone Mobile Broadband-service (VmbService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14221 bytes

ik heb 2x gecheckt en toen ik de pc restarte dan ging alles perfect, en niets te merken van wermgr. maar nu weer hetzelfde probleem... hier heb je de log. Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.04.28.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Gebruiker :: GEBRUIKER-PC [administrator] 29/04/2012 11:53:41 mbam-log-2012-04-29 (11-53-41).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 363527 Verstreken tijd: 46 minuut/minuten, 31 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 12 HKCR\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29} (Adware.HotBar.CP) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Typelib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6} (Adware.ShoppingReport2) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Typelib\{D44FD6F0-9746-484E-B5C4-C66688393872} (Adware.ShoppingReport2) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C} (Adware.QuestScan) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RewardsArcade (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4} (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\DC3_FEXEC (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\QUESTSCAN (Adware.QuestScan) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECFA55C2-981D-4F3C-ACF8-867E8B66B27C} (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 2 HKLM\SOFTWARE\Mozilla\Firefox\extensions|ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Data: C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\QuestScan|DllPath (Adware.QuestScan) -> Data: C:\Program Files (x86)\QuestScan\questscan.dll -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 42 C:\Program Files (x86)\RewardsArcade (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\data (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\dclogs (Stolen.Data) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\ClickPotatoLiteSA (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\ClickPotatoLite (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\ClickPotatoLite\bin (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0 (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions\plugins (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498 (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Chrome (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\defaults (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\defaults\preferences (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\locale (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\locale\en-US (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498 (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Chrome (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\defaults (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\defaults\preferences (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\locale (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\locale\en-US (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\sooi832.bin (Trojan.SpyEyes) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 128 C:\$Recycle.Bin\S-1-5-21-235152614-3330405856-1564481352-1002\$R8LW93G.exe (PUP.Adbunbler) -> Succesvol in quarantaine geplaatst en verwijderd. C:\$Recycle.Bin\S-1-5-21-235152614-3330405856-1564481352-1002\$REGE49S.exe (PUP.SmsPay.pns) -> Succesvol in quarantaine geplaatst en verwijderd. C:\$Recycle.Bin\S-1-5-21-235152614-3330405856-1564481352-1002\$RS7NMAG.exe (PUP.Adbunbler) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RewardsArcade\fb.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RewardsArcade\appAPIinternalWrapper.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RewardsArcade\jquery.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RewardsArcade\json.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RewardsArcade\RewardsArcade.exe (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RewardsArcade\Uninstall.exe (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\RewardsArcade\UserConfirmation.exe (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\background.html (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\content.js (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\ekdjfcdinekpfcedakhpngcnaamhiihn.crx (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\fgnippahjheicjenccifemomfgjofdhp.crx (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\settings.ini (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\uninstall.exe (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\data\content.js (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\data\jsondb.js (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\dclogs\2012-04-21-7.dc (Stolen.Data) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\dclogs\2012-04-22-1.dc (Stolen.Data) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\dclogs\2012-04-23-2.dc (Stolen.Data) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\dclogs\2012-04-24-3.dc (Stolen.Data) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\dclogs\2012-04-27-6.dc (Stolen.Data) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSA.dat (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAAbout.mht (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAEULA.mht (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\ClickPotatoLiteSACB.exe (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\copyright.txt (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\uninstall.ico (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Chrome\rewardsarcade.crx (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome.manifest (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\install.rdf (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\background.html (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\browser.xul (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\crossrider.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\crossriderapi.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\dialog.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\manage-apps-style.css (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\manage-apps.html (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\messaging.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\options.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\options.xul (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\push.html (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\search_dialog.xul (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\socialapi.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\update.html (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\utilityapi.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\workers_chain.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\faye-browser-min.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\jquery-1.4.2.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\facebox.css (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\facebox.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\b.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\bl.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\br.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\closelabel.gif (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\loading.gif (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\tl.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\tr.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\defaults\preferences\prefs.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\locale\en-US\translations.dtd (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\button1.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\button2.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\button3.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\button4.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\button5.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\crossrider_statusbar.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\icon16.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\icon24.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\icon48.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\panelarrow-up.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\popup.css (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\popup.html (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\popup_binding.xml (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\skin.css (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\RewardsArcade\498\Firefox\skin\update.css (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\uninstall.ico (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Chrome\rewardsarcade.crx (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome.manifest (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\install.rdf (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\background.html (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\browser.xul (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\crossrider.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\crossriderapi.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\dialog.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\manage-apps-style.css (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\manage-apps.html (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\messaging.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\options.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\options.xul (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\push.html (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\search_dialog.xul (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\socialapi.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\update.html (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\utilityapi.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\workers_chain.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\faye-browser-min.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\jquery-1.4.2.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox\facebox.css (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox\facebox.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\b.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\bl.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\br.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\closelabel.gif (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\loading.gif (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\tl.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\tr.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\defaults\preferences\prefs.js (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\locale\en-US\translations.dtd (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\button1.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\button2.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\button3.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\button4.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\button5.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\crossrider_statusbar.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\icon16.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\icon24.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\icon48.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\panelarrow-up.png (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\popup.css (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\popup.html (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\popup_binding.xml (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\skin.css (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\Local Settings\Application Data\RewardsArcade\498\Firefox\skin\update.css (PUP.RewardsArcade) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)

Oke, alvast bedank om te reageren, hier is het. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:17:38, on 28/04/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\BrowserCompanion\BCHelper.exe C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Facemoods Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll R3 - URLSearchHook: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file) R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file) R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll O2 - BHO: bflix - {0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} - C:\Program Files (x86)\BFlix\BFlix.dll O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Roll-Trans\AppData\Roaming\Complitly\Complitly.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: RewardsArcade - {597A9974-8CB0-4f41-B61F-ED065738A397} - C:\Program Files (x86)\RewardsArcade\RewardsArcade.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: uTorrentBar_NL - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Gebruiker\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: TheBflix - {ECFA55C2-981D-4F3C-ACF8-867E8B66B27C} - C:\ProgramData\TheBflix\bhoclass.dll O3 - Toolbar: (no name) - !{2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file) O3 - Toolbar: (no name) - !{94709E6D-4459-4223-9730-18F5763CA1E6} - (no file) O3 - Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Documents\Sander\Hacks\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-235152614-3330405856-1564481352-1009\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-235152614-3330405856-1564481352-1009\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: Scrybe.lnk = ? O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Gebruiker\AppData\Roaming\FlashGetBHO\GetAllUrl.htm O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Gebruiker\AppData\Roaming\FlashGetBHO\GetUrl.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E7485B09-FD06-4E7F-97AD-D11FB237855F}: NameServer = 81.169.62.171 81.169.62.171 O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll,C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe O23 - Service: CECFLPKT - Chicony Electronics Co., Ltd. - C:\Program Files (x86)\ChiconyCam\CECPLFKT.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Documents\Sander\Hacks\hamachi-2.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Scrybe-updateprogramma (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Vodafone Mobile Broadband-service (VmbService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 17815 bytes

hallo ik heb een groot probleem: ik zit er al lang mee maar nu heb ik het probleem gevonden. wermgr een programma van windows32 opent of komt om de 1min bij mijn processor (taakbeheer -> processor) wat moet ik doen? want als ik iets doe bv. spelletje spelen, typen, surfen... dan opent hij ofja hoe noem je dat, en het minimalizeert spelletjes bv. crossfire en als ik typ dan stopt het plots. ik heb een Q.Force laptop windows 7 32bit groetjes sander