seane

Beste, Alles verliep vlot voor enkele dagen, maar nu zit ik terug met hetzelfde probleem... Enig idee hoe dit zou kunnen komen?

Voor zover geen problemen meer gehad, bedankt voor alle hulp!

ComboFix 13-04-04.01 - Sean 05/04/2013 17:40:41.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3966.2477 [GMT 2:00] Gestart vanuit: c:\users\Sean\Desktop\ComboFix.exe AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\users\Sean\AppData\Roaming\msregsvv.dll c:\windows\msvcr71.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2013-03-05 to 2013-04-05 )))))))))))))))))))))))))))))) . . 2013-04-05 11:42 . 2013-04-05 11:42 -------- d-----w- c:\users\Sean\AppData\Roaming\SUPERAntiSpyware.com 2013-04-05 11:42 . 2013-04-05 11:42 -------- d-----w- c:\program files\SUPERAntiSpyware 2013-04-05 11:42 . 2013-04-05 11:42 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2013-04-05 11:26 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BA321725-55B6-41FC-BC56-4548554C0CAB}\mpengine.dll 2013-03-29 21:23 . 2013-03-29 21:56 -------- d-----w- c:\program files (x86)\BioShock Infinite 2013-03-21 14:53 . 2013-03-21 14:54 -------- d-----w- c:\users\Sean\AppData\Roaming\Canon 2013-03-21 14:36 . 2013-03-21 14:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-03-21 14:30 . 2013-03-21 14:30 -------- d-----w- c:\users\Sean\AppData\Local\Scansoft 2013-03-21 14:24 . 2013-03-21 14:24 -------- d-----w- c:\program files (x86)\MSXML 4.0 2013-03-21 14:24 . 2013-03-21 14:24 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2 2013-03-21 14:24 . 2013-03-21 14:24 310688 ----a-w- c:\windows\system32\javaws.exe 2013-03-21 14:24 . 2013-03-21 14:24 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2013-03-21 14:24 . 2013-03-21 14:24 188832 ----a-w- c:\windows\system32\javaw.exe 2013-03-21 14:24 . 2013-03-21 14:24 188320 ----a-w- c:\windows\system32\java.exe 2013-03-21 14:24 . 2013-03-21 14:24 -------- d-----w- c:\program files\Java 2013-03-21 14:16 . 2013-03-21 14:16 -------- d-----w- c:\programdata\InstallShield 2013-03-21 14:15 . 2013-03-21 14:15 -------- d-----w- c:\users\Sean\AppData\Roaming\ScanSoft 2013-03-21 14:15 . 2013-03-21 14:15 -------- d-----w- c:\programdata\ScanSoft 2013-03-21 14:15 . 2013-03-21 14:15 -------- d-----w- c:\program files (x86)\Common Files\ScanSoft Shared 2013-03-21 14:15 . 2013-03-21 14:15 -------- d-----w- c:\program files (x86)\ScanSoft 2013-03-21 14:14 . 2013-03-21 14:14 -------- d-----w- c:\program files (x86)\ArcSoft 2013-03-21 14:14 . 1995-07-31 12:44 212480 ----a-w- c:\windows\PCDLIB32.DLL 2013-03-21 14:13 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2013-03-21 14:13 . 2001-09-05 03:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll 2013-03-21 14:13 . 2001-09-05 03:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2013-03-21 14:13 . 2001-09-05 03:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2013-03-21 14:12 . 2006-09-12 20:00 80896 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP83.DLL 2013-03-21 14:12 . 2006-09-12 20:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD83.DLL 2013-03-21 14:12 . 2013-03-21 14:12 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information 2013-03-21 14:12 . 2006-09-12 20:00 234496 ----a-w- c:\windows\system32\CNMLM83.DLL 2013-03-21 14:12 . 2006-06-29 05:30 17408 ----a-w- c:\windows\system32\cnco160.dll 2013-03-21 14:12 . 2006-07-20 07:14 1336320 ----a-w- c:\windows\system32\CNCC160.DLL 2013-03-21 14:12 . 2006-07-20 07:14 49664 ----a-w- c:\windows\system32\CNCI160.DLL 2013-03-21 14:12 . 2006-05-26 07:23 90624 ----a-w- c:\windows\system32\CNCL160.DLL 2013-03-21 14:11 . 2013-03-21 14:11 -------- d--h--w- c:\program files\CanonBJ 2013-03-21 14:10 . 2013-03-21 14:17 -------- d-----w- c:\program files (x86)\Canon 2013-03-20 20:01 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-03-14 21:07 . 2013-03-14 21:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2013-03-14 16:32 . 2013-03-14 16:32 -------- d-----w- c:\users\Sean\AppData\Local\Gaijin Games 2013-03-14 13:20 . 2013-03-14 13:20 -------- d-----w- c:\users\Sean\AppData\Local\Focus Home Interactive 2013-03-13 08:20 . 2013-03-13 08:20 -------- d-----w- c:\program files\Common Files\Propellerhead Software 2013-03-13 08:15 . 2013-03-13 08:15 -------- d-----w- c:\program files (x86)\Ableton 2013-03-13 06:01 . 2013-03-13 06:01 -------- d-----w- c:\programdata\VS Revo Group 2013-03-13 06:01 . 2009-12-30 09:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys 2013-03-13 06:01 . 2013-03-13 06:01 -------- d-----w- c:\program files\VS Revo Group 2013-03-11 16:07 . 2013-03-13 06:56 -------- d-----w- c:\program files\Microsoft Silverlight 2013-03-11 16:07 . 2013-03-13 06:56 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2013-03-09 15:32 . 2013-03-09 15:32 -------- d-----w- c:\users\Sean\AppData\Roaming\IObit 2013-03-09 15:32 . 2013-03-09 15:32 -------- d-----w- c:\programdata\IObit . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-21 14:35 . 2012-06-24 10:23 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-03-21 14:35 . 2012-06-24 10:23 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-03-21 14:24 . 2012-06-24 10:26 963488 ----a-w- c:\windows\system32\deployJava1.dll 2013-03-21 14:24 . 2012-06-24 10:26 1085344 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-03-15 05:53 . 2013-03-04 12:29 20542752 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2013-03-15 05:53 . 2013-03-04 12:29 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2013-03-15 05:53 . 2012-10-10 19:23 13088000 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2013-03-15 05:53 . 2012-10-10 19:22 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll 2013-03-15 05:53 . 2012-06-24 10:56 2864144 ----a-w- c:\windows\system32\nvapi64.dll 2013-03-15 04:16 . 2012-06-24 10:57 3477280 ----a-w- c:\windows\system32\nvsvc64.dll 2013-03-15 04:16 . 2012-06-24 10:57 6398240 ----a-w- c:\windows\system32\nvcpl.dll 2013-03-15 04:16 . 2012-06-24 10:57 877856 ----a-w- c:\windows\system32\nvvsvc.exe 2013-03-15 04:16 . 2012-06-24 10:57 63776 ----a-w- c:\windows\system32\nvshext.dll 2013-03-15 04:16 . 2012-06-24 10:57 2555680 ----a-w- c:\windows\system32\nvsvcr.dll 2013-03-15 04:16 . 2012-06-24 10:57 237856 ----a-w- c:\windows\system32\nvmctray.dll 2013-03-13 21:05 . 2012-06-24 20:13 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-13 21:05 . 2012-06-24 20:13 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-03-13 06:53 . 2012-06-24 07:51 72013344 ----a-w- c:\windows\system32\MRT.exe 2013-03-11 23:10 . 2012-06-26 10:21 282744 ------w- c:\windows\system32\MpSigStub.exe 2013-02-12 05:45 . 2013-03-13 06:49 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45 . 2013-03-13 06:49 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45 . 2013-03-13 06:49 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45 . 2013-03-13 06:49 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48 . 2013-03-13 06:49 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-13 06:49 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-02-10 03:25 . 2013-03-04 12:29 1807136 ----a-w- c:\windows\system32\nvdispco6420294.dll 2013-02-10 03:25 . 2013-03-04 12:29 1510176 ----a-w- c:\windows\system32\nvdispgenco6420162.dll 2013-01-13 21:17 . 2013-02-27 13:07 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 21:17 . 2013-02-27 13:07 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 21:16 . 2013-02-27 13:07 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 21:12 . 2013-02-27 13:07 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 21:11 . 2013-02-27 13:07 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 21:11 . 2013-02-27 13:07 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 21:11 . 2013-02-27 13:07 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 21:11 . 2013-02-27 13:07 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 21:11 . 2013-02-27 13:07 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:35 . 2013-02-27 13:07 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 20:35 . 2013-02-27 13:07 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 20:35 . 2013-02-27 13:07 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 20:32 . 2013-02-27 13:07 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 20:31 . 2013-02-27 13:07 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 20:31 . 2013-02-27 13:07 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 20:31 . 2013-02-27 13:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 20:31 . 2013-02-27 13:07 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 20:31 . 2013-02-27 13:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:31 . 2013-02-27 13:07 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll 2013-01-13 20:22 . 2013-02-27 13:07 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll 2013-01-13 20:20 . 2013-02-27 13:07 293376 ----a-w- c:\windows\SysWow64\dxgi.dll 2013-01-13 20:09 . 2013-02-27 13:07 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll 2013-01-13 20:08 . 2013-02-27 13:07 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll 2013-01-13 20:08 . 2013-02-27 13:07 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll 2013-01-13 19:59 . 2013-02-27 13:07 1643520 ----a-w- c:\windows\system32\DWrite.dll 2013-01-13 19:58 . 2013-02-27 13:07 1175552 ----a-w- c:\windows\system32\FntCache.dll 2013-01-13 19:54 . 2013-02-27 13:07 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2013-01-13 19:53 . 2013-02-27 13:07 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll 2013-01-13 19:53 . 2013-02-27 13:07 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll 2013-01-13 19:51 . 2013-02-27 13:07 2565120 ----a-w- c:\windows\system32\d3d10warp.dll 2013-01-13 19:49 . 2013-02-27 13:07 363008 ----a-w- c:\windows\system32\dxgi.dll 2013-01-13 19:48 . 2013-02-27 13:07 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll 2013-01-13 19:46 . 2013-02-27 13:07 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll 2013-01-13 19:43 . 2013-02-27 13:07 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll 2013-01-13 19:38 . 2013-02-27 13:07 333312 ----a-w- c:\windows\system32\d3d10_1core.dll 2013-01-13 19:38 . 2013-02-27 13:07 1887232 ----a-w- c:\windows\system32\d3d11.dll 2013-01-13 19:38 . 2013-02-27 13:07 296960 ----a-w- c:\windows\system32\d3d10core.dll 2013-01-13 19:37 . 2013-02-27 13:07 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll 2013-01-13 19:25 . 2013-02-27 13:07 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2013-01-13 19:24 . 2013-02-27 13:07 648192 ----a-w- c:\windows\system32\d3d10level9.dll 2013-01-13 19:24 . 2013-02-27 13:07 221184 ----a-w- c:\windows\system32\UIAnimation.dll 2013-01-13 19:20 . 2013-02-27 13:07 194560 ----a-w- c:\windows\system32\d3d10_1.dll 2013-01-13 19:20 . 2013-02-27 13:07 1238528 ----a-w- c:\windows\system32\d3d10.dll 2013-01-13 19:15 . 2013-02-27 13:07 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll 2013-01-13 19:10 . 2013-02-27 13:07 3928064 ----a-w- c:\windows\system32\d2d1.dll 2013-01-13 19:02 . 2013-02-27 13:07 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll 2013-01-13 18:34 . 2013-02-27 13:07 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2013-01-13 18:32 . 2013-02-27 13:07 465920 ----a-w- c:\windows\system32\WMPhoto.dll 2013-01-13 18:09 . 2013-02-27 13:07 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2013-01-13 17:26 . 2013-02-27 13:07 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2013-01-13 17:05 . 2013-02-27 13:07 1682432 ----a-w- c:\windows\system32\XpsPrint.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="c:\users\Sean\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-08-25 138096] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800] R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-06-27 1326176] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-24 1255736] S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-12-21 57904] S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-12-21 213416] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-12-21 150616] S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-12-21 59440] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-12-21 1333424] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432] S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe [2011-10-24 66560] S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-06-27 681056] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264] S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-07-26 92632] S3 DKRtWrt;DKRtWrt;c:\windows\system32\DRIVERS\DKRtWrt.sys [2011-02-14 44624] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-04-11 708200] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2013-04-05 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-24 21:05] . 2013-04-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2480181544-2466481676-1886634631-1001Core.job - c:\users\Sean\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-25 12:10] . 2013-04-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2480181544-2466481676-1886634631-1001UA.job - c:\users\Sean\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-25 12:10] . 2013-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-13 15:16] . 2013-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-13 15:16] . 2013-04-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 0f7f3d2b-8e5a-4df8-84ea-d1164af93c91.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52] . 2013-04-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task cd3b302d-7741-4e36-bba5-dc63708dc8d3.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-12-21 6326448] "TNOD UP"="c:\program files\ESET\TNod User & Password Finder\TNODUP.exe" [2012-07-05 1028800] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 195.130.131.2 195.130.130.130 FF - ProfilePath - c:\users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\a53q4fng.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ . - - - - ORPHANS VERWIJDERD - - - - . HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe . ************************************************************************** . Voltooingstijd: 2013-04-05 17:52:27 - machine werd herstart ComboFix-quarantined-files.txt 2013-04-05 15:52 . Pre-Run: 319.774.261.248 bytes beschikbaar Post-Run: 319.609.364.480 bytes beschikbaar . - - End Of File - - 6D1B09A849F5CDC4E4B56F61A32E5AEC

SUPERAntiSpyware Scan Log SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware! Generated 04/05/2013 at 02:23 PM Application Version : 5.6.1014 Core Rules Database Version : 10223 Trace Rules Database Version: 8035 Scan type : Complete Scan Total Scan Time : 00:37:24 Operating System Information Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601) UAC On - Limited User Memory items scanned : 585 Memory threats detected : 0 Registry items scanned : 78320 Registry threats detected : 0 File items scanned : 72493 File threats detected : 11 Adware.Tracking Cookie ia.media-imdb.com [ C:\USERS\SEAN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BHCKFKAU ] .doubleclick.net [ C:\USERS\SEAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A53Q4FNG.DEFAULT\COOKIES.SQLITE ] accounts.youtube.com [ C:\USERS\SEAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A53Q4FNG.DEFAULT\COOKIES.SQLITE ] accounts.youtube.com [ C:\USERS\SEAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A53Q4FNG.DEFAULT\COOKIES.SQLITE ] accounts.google.com [ C:\USERS\SEAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A53Q4FNG.DEFAULT\COOKIES.SQLITE ] accounts.google.com [ C:\USERS\SEAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A53Q4FNG.DEFAULT\COOKIES.SQLITE ] .xiti.com [ C:\USERS\SEAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A53Q4FNG.DEFAULT\COOKIES.SQLITE ] www.warez-bb.org [ C:\USERS\SEAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A53Q4FNG.DEFAULT\COOKIES.SQLITE ] .warez-bb.org [ C:\USERS\SEAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A53Q4FNG.DEFAULT\COOKIES.SQLITE ] .warez-bb.org [ C:\USERS\SEAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A53Q4FNG.DEFAULT\COOKIES.SQLITE ] .warez-bb.org [ C:\USERS\SEAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A53Q4FNG.DEFAULT\COOKIES.SQLITE ] Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:41:33, on 5/04/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16521) Boot mode: Normal Running processes: C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Sean\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Sean\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2480181544-2466481676-1886634631-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2480181544-2466481676-1886634631-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9964 bytes

Beste, Sinds enkele dagen blijft mijn pc om de zoveel minuten hangen. Is het mogelijk om het HJT en Mbam logje te bekijken? Alvast bedankt! Mvg, Sean Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:44:08, on 4/04/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16521) Boot mode: Normal Running processes: C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Users\Sean\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Sean\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2480181544-2466481676-1886634631-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2480181544-2466481676-1886634631-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10003 bytes Malwarebytes Anti-Malware (PRO) 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.04.04.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16521 Sean :: SEANPC [administrator] Bescherming: Uitgeschakeld 4/04/2013 20:45:21 mbam-log-2013-04-04 (20-45-21).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 234757 Verstreken tijd: 4 minuut/minuten, 46 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

Ja ik ken dit, heb het al eens laten draaien, maar toen geen foutmeldingen of dergelijke tegen gekomen. Mijn pc is wel nog in garantie, dus zou ik de harde schijf gratis moeten kunnen laten vervangen..

Ligt dit dan aan de kwaliteit van de harde schijf of heb ik er te weinig zorg voor gedragen? Mijn computer is nog maar een jaar oud..

Ik zou dus best een nieuwe interne harde schijf laten steken?

ok, heb dit dus gedaan. duurde wel een hele tijd. een back-up kan ik zelfs niet maken, heb er te weinig plaats voor. zal best eens een externe harde schijf kopen. na die schijfcontrole is het nog een paar keer gebeurd dat hij bleef hangen..

Af en toe, wanneer mijn pc blijft vasthangen en ik die moet heropstarten verschijnt er 'disk read error.' Als ik dan op ctrl-alt-delete druk blijft dit maar verschijnen. Pas als ik mijn pc volledig afsluit en dan terug heropstart kan ik op computer normaal opstarten drukken en werkt die terug. Mijn drivers hou ik altijd up to date met het programma driver genius. Mijn windows updates installeer ik ook altijd.

Het is weer zover...

Ok, alvast bedankt voor alle hulp!

Nu is het terug al een tijdje geleden. Maar de vorige keer werkte alles ook terug normaal, tot die plots, zonder enige reden terug moeilijk begon te doen..

Heb je het bestand kunnen bekijken?

CBS.rarCBS.rar

het bestand is iets groter dan 6 mb, ik kan het zelfs niet als bijlage toevoegen?...

Wanneer ik het CBS tekstdocument probeer te openen krijg ik het bericht: toegang geweigerd. Net zoals de vorige keer..

http://speccy.piriform.com/results/mWE7V1T0zGlYFCzLdcVYLR6 Ik heb een cd met mijn versie van windows 7 gevonden.

Nee, die heb ik niet.

Is er iemand die mij kan helpen?

Ik denk op het laatste dat er een melding tevoorschijn kwam dat niet alles kon worden hersteld..

Wanneer ik het tekstdocument in kladblok wil openen, krijg ik het bericht: toegang geweigerd...

Ik krijg een melding dat het programma niet meer reageert, dan moet ik klikken op 'proces beëindigen.' Meestal wanneer dit gebeurt kan ik niet meer op de normale manier heropstarten. Het keuzemenu verschijnt niet bij iedere opstart, alleen wanneer mijn pc blijft hangen en niet op de normale manier heb kunnen afsluiten. Als ik kies voor 'normaal opstarten' dan lijkt het alsof er niets aan de hand is. Het vasthangen kan op elk moment gebeuren. Soms heb ik er een volledige dag geen last van... http://speccy.piriform.com/results/iY1sgiujszFrsI2aK7PfJk0

Heb het zopas terug meegemaakt. Computer blijft hangen, kan niet meer normaal heropstarten. Wanneer ik alles volledig afsluit en terug opstart dan krijg ik het scherm te zien waar ik kan kiezen tussen normaal opstarten of velige modus.

Niets meer van combofix te bespeuren..