rsca1973

Het vervelende zandlopertje is in ieder geval al verdwenen. Dus hiervoor al een dikke merci! Misschien is het toch nog nodig om de pc verder op te kuisen? Hier het logje van zoek.exe: Zoek.exe Version 4.0.0.2 Updated 03-June-2013 Tool run by Andy on di 04/06/2013 at 22:04:09,73. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-626991123-2630253986-2610911255-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-626991123-2630253986-2610911255-1002\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\browser manager deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\browser manager deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\89sbzimw.default ---- Lines 4fa25cced381d@4fa25cced381f.info removed from prefs.js ---- ---- Lines 4fa25cced381d@4fa25cced381f.info modified from prefs.js ---- ---- Lines 4fa25cced381d@4fa25cced381f.info removed from user.js ---- ---- Lines y2layers removed from prefs.js ---- user_pref("extentions.y2layers.defaultEnableAppsList", "Buzzdock,Buzzdock,"); user_pref("extentions.y2layers.installId", "838eea07-e9c6-4b6d-97e3-128d11f1dc7d"); ---- Lines y2layers modified from prefs.js ---- ---- Lines y2layers removed from user.js ---- user_pref("extentions.y2layers.installId", "838eea07-e9c6-4b6d-97e3-128d11f1dc7d"); user_pref("extentions.y2layers.defaultEnableAppsList", "Buzzdock,Buzzdock,"); ---- Lines yontoo removed from prefs.js ---- ---- Lines yontoo modified from prefs.js ---- user_pref("extensions.enabledAddons", "plugin%40yontoo.com:1.20.02,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0"); user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1369565785099,\"rdfTime\":1369565785098}}},{\"name\":\"app-profile\",\"addons\":{\"plugin@yontoo.com\":{\"descriptor\":\"C:\\\\Users\\\\Andy\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\89sbzimw.default\\\\extensions\\\\plugin@yontoo.com.xpi\",\"mtime\":1361549246339}}}]"); ---- Lines yontoo removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20130406_2207_.backup prefs_20130406_2207_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "BrowserMngr Start Page"=- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "BrowserMngrDefaultScope"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Batch Command(s) Run By Tool====================== C:\Windows\system32\Tasks\Browser Manager deleted successfully ==== Deleting Files \ Folders ====================== "C:\windows\SysNative\Tasks\Browser Manager" not found "C:\ProgramData\.zreglib" deleted "C:\user.js" deleted "C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\89sbzimw.default\extensions\plugin@yontoo.com.xpi" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\user.js" deleted "C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\89sbzimw.default\bprotector_extensions.sqlite" deleted "C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\89sbzimw.default\extensions\plugin@yontoo.com.xpi" deleted "C:\Users\Andy\AppData\Roaming\Ygiwz\ywtyy.tmp" deleted "C:\Users\Andy\AppData\Roaming\Ygiwz\ywtyy.tua" deleted "C:\Users\Andy\AppData\Roaming\Daroes\xuyzy.win" deleted "C:\Users\Andy\AppData\Roaming\Yqeb" deleted "C:\Users\Andy\AppData\Roaming\Ygiwz" deleted "C:\Users\Andy\AppData\Roaming\Daroes" deleted "C:\Users\Andy\AppData\Roaming\Ihzaas" deleted "C:\ProgramData\ADDICT-THING" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\TB" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted "C:\Program Files (x86)\Optimizer Pro" deleted "C:\Program Files (x86)\Yontoo" deleted "C:\Users\Andy\AppData\Roaming\Babylon" deleted "C:\ProgramData\Browser Manager" deleted "C:\ProgramData\ADDICT-THING" deleted "C:\ProgramData\Partner" deleted "C:\ProgramData\InstallMate" deleted "C:\ProgramData\Tarma Installer" deleted "C:\ProgramData\Premium" deleted "C:\ProgramData\Babylon" deleted "C:\Users\Andy\AppData\LocalLow\BabylonToolbar" deleted "C:\Windows\SysWow64\searchplugins" deleted "C:\Windows\SysWow64\Extensions" deleted ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} ==== Firefox Plugins ====================== Profilepath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\89sbzimw.default 7ABE33792F2787D599B6963E71B9E8CD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll - Shockwave Flash 87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies F475DAA3CF6D19DA49BE7BAC0A966DB3 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\Protector by IB\source.crx[] ehgkcpnkpkkmkjbbmnekccjiodanppin - C:\ProgramData\ADDICT-THING\ehgkcpnkpkkmkjbbmnekccjiodanppin.crx[] niapdbllcanepiiimjjndipklodoedlc - C:\Users\Andy\AppData\Local\Temp\YontooLayers.crx[] pgafcinpmmpklohkojmllohd****efph - C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="%s - Google Search" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="Babylon Search" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="Babylon Search" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="Upgrade to Google Chrome" "Default_Search_URL"="Upgrade to Google Chrome" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Bing" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Bing" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {E1BBC1D2-14D8-4377-A28D-31AD4BC57F4F} Google Url="{searchTerms} - Google Search" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ehgkcpnkpkkmkjbbmnekccjiodanppin deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohd****efph deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z41WELJO will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Andy\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z41WELJO" not found ==== EOF on di 04/06/2013 at 22:09:41,29 ======================

Ik heb Windows 7 en waar de pijl van de muis staat, knippert de zandloper constant. Dit werkt serieus op de zenuwen. Ik heb de laatste tijd ook al ondervonden dat de pc precies trager werkt. Dus ik denk aan een virus of malware. Heb hem nochtans al gescand met AVG, CC Cleander en Malwarebytes, maar heb tot hiertoe geen succes. Hieronder al een logje van HijackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:51:10, on 4/06/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16576) Boot mode: Normal Running processes: C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 3520 series.lnk = ? O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\progra~3\browse~1\261123~1.78\{16cdf~1\browse~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - SOURCENEXT - C:\Windows\SysWOW64\bgsvcgen.exe O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11068 bytes

De vaste pc is aangesloten dmv een kabel. De draadloze verbinding werkt omdat deze wordt gebruikt door een tablet. Het rare is dat de kabel wel werkt als ik hem inplug in een laptop. Dus aan de kabel of router kan het niet liggen. Zou het kunnen dat de netwerkkaart stuk is?

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:19:03, on 1-4-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Users\User\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9332 bytes De melding is er nog steeds. Heb toch nog een vraagje. Ik heb ook een ander topic geopend ivm geen verbinding met het internet. Dat is eigenlijk begonnen van het ogenblik dat ik de programma's heb laten lopen. Ook moet ik de "Intel Rapid Storage Technologie" elke keer handmatig openen zodat er een groen vinkje staat. Ik heb dus op deze pc geen internet wanneer ik de kabel inplug. Wanneer ik de kabel inplug in een andere pc (bv. laptop), dan heb ik wel internet. Dus aan de kabel of router kan het niet liggen. Zou het aan de instellingen kunnen liggen of zou het eerder (toevallig) te maken hebben met de netwerkkaart die de geest gegeven heeft?

Zoek.exe Version 4.0.0.2 Updated 18-03-2013 Tool run by User on ma 01-04-2013 at 15:48:25,87. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode No Internet Access Detected ==== FireFox Fix ====================== ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-03-27 16:33:24 CEBB5A5A9638E71791AD3D84729938B2 121 ----a-w- C:\Windows\DeleteOnReboot.bat 2013-03-22 16:42:23 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2013-03-22 16:42:23 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2013-03-22 16:42:23 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2013-03-22 16:42:23 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2013-03-22 16:42:23 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe 2013-03-20 17:51:14 F007C4273BA24B52A56387E899311DB7 212480 ----a-w- C:\Windows\pcdlib32.dll 2013-03-20 17:51:14 1B2C7EFB196140F81412A308E7F507FA 21 ----a-w- C:\Windows\PS_setup.ini 2013-03-20 17:34:12 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\homeDVD-Film4.INI 2013-03-20 17:29:57 99979A5454803900490180216A64CDD2 89 ----a-w- C:\Windows\magix.ini 2013-03-20 17:29:54 B2B6D555C8092A3AB7148032FC58AC27 1078 ----a-w- C:\Windows\mgxoschk.ini ====== C:\Users\User\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== 2013-03-20 17:33:33 BA674E08FD014AA1289BF2AEEA4962A6 44544 ----a-w- C:\Windows\SysWOW64\msxml4a.dll 2013-03-20 17:32:25 FBDDDDA5D014E013255B1E2EB40F94B7 1581056 ----a-w- C:\Windows\SysWOW64\mplvw7.dll 2013-03-20 17:32:25 D7D21877A4AF9EFB296AD150D6B6FF66 1552384 ----a-w- C:\Windows\SysWOW64\mplvm6.dll 2013-03-20 17:32:25 D41CD97D3A7B3DAF632C9335710162A0 32768 ----a-w- C:\Windows\SysWOW64\DLLISO32.dll 2013-03-20 17:32:25 D137E90AE3ABAB5469BD0426C94B7A45 94208 ----a-w- C:\Windows\SysWOW64\lmpgvd.ax 2013-03-20 17:32:25 D0711FAB7B9ACC12DF5DBD5518AA8C0A 1650688 ----a-w- C:\Windows\SysWOW64\mplva6.dll 2013-03-20 17:32:25 BE5E9E3646D1EC21B9CD75895FE90B36 65536 ----a-w- C:\Windows\SysWOW64\DLLPTL32.dll 2013-03-20 17:32:25 BA44198C3C8C80D512A05A2E4D671F1A 77824 ----a-w- C:\Windows\SysWOW64\mplaw7.dll 2013-03-20 17:32:25 B542E1BBB193304986A2782E96919D3C 14182 ----a-w- C:\Windows\SysWOW64\DLLAV32.lib 2013-03-20 17:32:25 B4455EF6F773C790ECBAAD93F719C1FE 53248 ----a-w- C:\Windows\SysWOW64\DLLPRJ32.dll 2013-03-20 17:32:25 B2BCA1AAACFD7C7656F58ECF5C6569AC 57344 ----a-w- C:\Windows\SysWOW64\DLLTPO32.dll 2013-03-20 17:32:25 AB024EFED92D5A91DDCC9577FD5A3A9C 24576 ----a-w- C:\Windows\SysWOW64\TTIC32.dll 2013-03-20 17:32:25 8EF0C1253D47A158D3023F1292A5E293 40960 ----a-w- C:\Windows\SysWOW64\DLLRD32.dll 2013-03-20 17:32:25 82D1CAC671A80EB542B4428F072D7548 24576 ----a-w- C:\Windows\SysWOW64\DLLIX.dll 2013-03-20 17:32:25 7374D62E1194577F66A2D3E5933E8B0C 1122304 ----a-w- C:\Windows\SysWOW64\mplvpx.dll 2013-03-20 17:32:25 6BA06C518BC53E6EB1DA8A29C80AD008 106496 ----a-w- C:\Windows\SysWOW64\lmpgspl.ax 2013-03-20 17:32:25 69C3A42D62622DC14200D2F0531B7171 32768 ----a-w- C:\Windows\SysWOW64\DLLMSC32.dll 2013-03-20 17:32:25 5DBC00D36E9AEF825995251EC2E2A3C9 65536 ----a-w- C:\Windows\SysWOW64\mplam6.dll 2013-03-20 17:32:25 494F4E4DBC41C271716D317C3AE169F4 77824 ----a-w- C:\Windows\SysWOW64\mplaa6.dll 2013-03-20 17:32:25 454E2638189BEDC053AA39E702074CDF 46592 ----a-w- C:\Windows\SysWOW64\lmpgad.ax 2013-03-20 17:32:25 1DA32728F808D41F380193B6B21B14C2 24576 ----a-w- C:\Windows\SysWOW64\TTI32.dll 2013-03-20 17:32:25 1903B46D93ED6E1ED5A41954FA21870F 45056 ----a-w- C:\Windows\SysWOW64\DLLIMG32.dll 2013-03-20 17:32:25 143E8397FADA79F10389711B08A5BA43 19968 ----a-w- C:\Windows\SysWOW64\cpuinf32.dll 2013-03-20 17:32:25 0FED43839C4F350699E6480309BDB47D 65536 ----a-w- C:\Windows\SysWOW64\mplapx.dll 2013-03-20 17:32:24 9B108B6A630027763CD9EB28AB06992B 32768 ----a-w- C:\Windows\SysWOW64\DLLDIR32.dll 2013-03-20 17:32:24 435EBFA51632D4ACC7368F751597A86C 61440 ----a-w- C:\Windows\SysWOW64\DLLCDF32.dll 2013-03-20 17:32:24 3CF5D6F462D385BF3A26BA60A0459F67 114688 ----a-w- C:\Windows\SysWOW64\DLLCDA32.dll 2013-03-20 17:30:58 BC015FF7C2A900C1A3CD8DFD9FE968E6 1089536 ----a-w- C:\Windows\SysWOW64\ROBOEX32.DLL 2013-03-20 17:30:58 0ED2ACBFE9976D0719538F62C61A3746 85504 ----a-w- C:\Windows\SysWOW64\HtmlWH.dll 2013-03-20 17:30:58 08040E0BBF8CE1E9CFA7DC99AFFEBB7F 49152 ----a-w- C:\Windows\SysWOW64\INETWH32.dll 2013-03-20 17:29:54 99730BBEBCDF0DD4BA65309AB5D79178 184320 ----a-w- C:\Windows\SysWOW64\mgxoschk.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-03-18 14:54:16 77163DFDA8C591CFB8DEE670C4D23428 131072 ----a-w- C:\Windows\Sysnative\Ikeext.etl ====== C:\Windows\Sysnative\drivers ===== 2013-03-04 11:19:52 B16B626996C74B564005BA855C5DEE90 57856 ----a-w- C:\Windows\Sysnative\drivers\fssfltr.sys ====== C:\Windows\Tasks ====== 2013-03-22 17:03:11 A0CF9D8F7DD3EE74FE4F93CB9E00B4C7 270 ---ha-w- C:\Windows\Tasks\User_Feed_Synchronization-{6F772914-F766-4FB0-9F91-4CFC24EEC0DB}.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-03-13 13:55:50 -------- d-----w- C:\Program Files\Microsoft Silverlight ======= C:\Program Files (x86) ===== 2013-03-20 17:51:14 -------- d-----w- C:\Program Files (x86)\ArcSoft 2013-03-20 12:53:52 -------- d-----w- C:\Program Files (x86)\coverXP 2013-03-15 15:47:58 -------- d-----w- C:\Program Files (x86)\exPressit S.E. 2.1 2013-03-15 14:56:51 -------- d-----w- C:\Program Files (x86)\NCH Software 2013-03-13 13:55:50 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight 2013-03-11 15:20:29 -------- d-----w- C:\Program Files (x86)\Microsoft Picture It! 7 2013-03-11 15:16:57 -------- d-----w- C:\Program Files (x86)\Microsoft Works 2013-03-11 15:15:28 -------- d-----w- C:\Program Files (x86)\Microsoft Works Suite 2003 2013-03-11 15:12:38 -------- d-----w- C:\Program Files (x86)\Microsoft AutoRoute 2013-03-07 13:32:54 -------- d-----w- C:\Program Files (x86)\MapsGalaxy_39 2013-03-07 11:42:44 -------- d-----w- C:\Program Files (x86)\MyPC Backup 2013-03-07 11:16:16 -------- d-----w- C:\Program Files (x86)\ALLYouTubeDownloader 2013-03-07 11:16:13 -------- d-----w- C:\Program Files (x86)\ALLMediaServer 2013-03-06 16:29:55 -------- d-----w- C:\Program Files (x86)\OnlineVault 2013-03-06 12:08:50 -------- d-----w- C:\Program Files (x86)\VideoLAN 2013-03-06 11:31:29 -------- d-----w- C:\Program Files (x86)\ALLConverter PRO 2013-03-06 11:31:20 -------- d-----w- C:\Program Files (x86)\ALLPlayer 2013-03-04 11:18:24 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive ======= C: ===== 2013-03-27 16:33:15 AFF0331828E1E4CE9902955324470C98 18228 ----a-w- C:\AdwCleaner[s1].txt 2013-03-11 12:16:02 5EE61AF78EF3CF7DE7812C8EDCE0A9D8 48 ----a-w- C:\RB.rdat 2013-03-11 12:16:02 58EECD332B68BB36DF1E8B1384A5CCFE 48 ----a-w- C:\License_Time.rdat ====== C:\Users\User\AppData\Roaming ====== 2013-03-22 16:51:02 -------- d-----w- C:\users\Public\AppData\Local\temp 2013-03-22 16:51:02 -------- d-----w- C:\users\Default\AppData\Local\temp 2013-03-22 16:51:02 -------- d-----w- C:\users\Default User\AppData\Local\temp 2013-03-22 16:33:51 -------- d-----w- C:\users\User\AppData\Local\Avg2013 2013-03-20 17:58:59 -------- d-----w- C:\users\User\AppData\Roaming\ArcSoft 2013-03-17 16:50:21 0C0C468D7F3D99D99922D7734CD93209 171840 ----a-w- C:\users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2013-03-15 14:56:47 -------- d-----w- C:\users\User\AppData\Roaming\NCH Software 2013-03-07 13:37:15 -------- d-----w- C:\users\User\AppData\Roaming\dvdcss 2013-03-07 13:30:29 -------- d-----w- C:\users\User\AppData\Locallow\VideoDownloadConverter_4z 2013-03-07 11:40:50 EB573F586D37812130A579BF85764DB0 20480000 ----a-w- C:\users\User\AppData\Locallow\store-pp.jbs 2013-03-07 11:16:13 -------- d-----w- C:\users\User\AppData\Local\ALLMediaServer 2013-03-06 12:10:46 -------- d-----w- C:\users\User\AppData\Roaming\vlc 2013-03-06 11:31:58 -------- d-----w- C:\users\User\AppData\Roaming\CRMixiDJTB 2013-03-06 11:31:30 -------- d-----w- C:\users\User\AppData\Local\ALLConverter 2013-03-06 11:31:20 -------- d-----w- C:\users\User\AppData\Local\ALLPlayer 2013-03-04 12:43:47 -------- d-----w- C:\users\User\AppData\Local\VisualBeeClient 2013-03-02 20:57:13 -------- d-----w- C:\users\User\AppData\Local\ManyCam ====== C:\Users\User ====== 2013-03-15 16:18:03 -------- d-----w- C:\Users\Public\AppData 2013-03-15 14:57:27 -------- d-----w- C:\ProgramData\NCH Software 2013-03-11 12:16:01 -------- d-----w- C:\ProgramData\FileCure 2013-03-06 12:56:41 -------- d-----w- C:\ProgramData\Uniblue 2013-03-04 11:18:24 -------- d-----r- C:\Users\User\SkyDrive 2013-03-04 11:18:20 -------- d-----w- C:\ProgramData\Microsoft SkyDrive ====== C: exe-files == === C: other files == 2013-03-27 16:33:24 CEBB5A5A9638E71791AD3D84729938B2 121 ----a-w- C:\Windows\DeleteOnReboot.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "ALLUpdate"="C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe sleep" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "LifeCam"="C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" "vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe" "LanguageShortcut"="C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" "LGODDFU"="C:\Program Files (x86)\lg_fwupdate\lgfw.exe blrun" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "ALLUpdate"="C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe sleep" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BDRegion] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BDRegion" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Cyberlink\\Shared Files\\brs.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CLMLServer" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpqSRMon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="hpqSRMon" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqSRMon.exe " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InstantBurn] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="InstantBurn" "hkey"="HKLM" "command"="C:\\PROGRA~2\\CYBERL~1\\INSTAN~1\\Win2K\\IBurn.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ooVoo.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ooVoo.exe" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\ooVoo\\oovoo.exe /minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RemoteControl" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD\\PDVDServ.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YouCam Service] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="YouCam Service" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\YouCam\\YouCamService.exe\" /s" ==== Startup Folders ====================== 2013-03-11 12:34:04 1274 ----a-w- C:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13-03-2013 15:49] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-06-2012 09:12] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-06-2012 09:12] C:\Windows\tasks\User_Feed_Synchronization-{6F772914-F766-4FB0-9F91-4CFC24EEC0DB}.job --ah----- C:\Windows\system32\msfeedssync.exe [02-07-2012 22:22] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions boipimhfjpakfgckhbljjengakjhkcbp - C:\Users\User\AppData\Roaming\CRMixiDJTB\mixiDJ.crx[05-02-2013 14:03] kpepfkjapeclaafmhoelccknpfedainn - C:\Program Files (x86)\mixidj\mixidj\1.8.4.1\mixidj.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02-10-2012 13:14] MixiDJ Toolbar - User - Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp Skype Click to Call - User - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" ==== Reset Google Chrome ====================== C:\users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\User\Desktop\ALLPlayer V5.0.lnk - C:\Program Files (x86)\ALLPlayer\ALLPlayer.exe C:\Users\User\Desktop\ALLPlayer.lnk - C:\Program Files (x86)\ALLPlayer\ALLPlayer.exe C:\Users\User\Desktop\AVS Image Converter.lnk - C:\Program Files (x86)\AVS4YOU\AVSImageConverter\AVSImageConverter.exe C:\Users\User\Desktop\AVS4YOU Software Navigator.lnk - C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\AVS4YOUSoftwareNavigator.exe C:\Users\User\Desktop\exPressit Help (Dutch).lnk - C:\Program Files (x86)\exPressit S.E. 2.1\help\index_nl_NL.html C:\Users\User\Desktop\exPressit S.E. 2.1.lnk - C:\Program Files (x86)\exPressit S.E. 2.1\exPressit S.E. 2.1.exe C:\Users\User\Desktop\PhotoStudio 5.5.lnk - C:\Program Files (x86)\ArcSoft\PhotoStudio 5.5\PhotoStudio.exe C:\Users\User\Desktop\zoek.exe - Snelkoppeling.lnk - H:\zoek.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\ALL Media Server.lnk - C:\Program Files (x86)\ALLMediaServer\ALLMediaServer.exe C:\Users\Public\Desktop\ALL YouTube Downloader.lnk - C:\Program Files (x86)\ALLYouTubeDownloader\ALLYouTubeDownloader.exe C:\Users\Public\Desktop\ALLConverter PRO.lnk - C:\Program Files (x86)\ALLConverter PRO\ALLConverterPro.exe C:\Users\Public\Desktop\MAGIX Film op CD & DVD 4.0.lnk - C:\MAGIX\Film_op_CD_DVD_4\homeDVD-Film4.exe C:\Users\Public\Desktop\MAGIX Media Manager 2004 silver.lnk - C:\MAGIX\Media_Manager_2004\MediaManager.exe C:\Users\Public\Desktop\ManyCam.lnk - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk - C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk - C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk - C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU\De-installeren.lnk - C:\Program Files (x86)\AVS4YOU\Uninstall.exe C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Hi-Def Suite\LabelPrint\LabelPrint Online Help.lnk - C:\Program Files (x86)\CyberLink\LabelPrint\Language\Enu\LabelPrint.chm C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Hi-Def Suite\LabelPrint\LabelPrint.lnk - C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Hi-Def Suite\LabelPrint\OnLine Registration.lnk - C:\Program Files (x86)\CyberLink\LabelPrint\OLRSubmission\OLRSubmission.exe /LANG:ENU C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Hi-Def Suite\LabelPrint\Readme.lnk - C:\Program Files (x86)\CyberLink\LabelPrint\Language\Enu\Readme.htm C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Hi-Def Suite\LabelPrint\Uninstall LabelPrint.lnk - C:\Windows\System32\rundll32.exe C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Hi-Def Suite\PowerDVD\CyberLink PowerDVD.lnk - C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Hi-Def Suite\PowerDVD\Online registration.lnk - C:\Program Files (x86)\CyberLink\PowerDVD\OLRSubmission\OLRSubmission.exe /LANG:Enu C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Hi-Def Suite\PowerDVD\PowerDVD Help file.lnk - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Enu\PowerDVD.CHM C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Hi-Def Suite\PowerDVD\Read Me.lnk - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Enu\Readme.htm C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Hi-Def Suite\PowerDVD\Uninstall PowerDVD.lnk - C:\Windows\system32\RunDll32.exe C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Graphics Related Programs\Graphics File Converter.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind Pixillion C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Graphics Related Programs\PhotoPad Editor.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind PhotoPad C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Graphics Related Programs\Video File Converter.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind Prism C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Accounting Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind ExpressAccounts C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Classic FTP Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind ClassicFTP C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Doxillion Document Converter.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Doxillion C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Burn CD, DVD or Blu-Ray.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Dictate Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Express C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Rip CD Ripper.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Rip C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Zip File Compression.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind ExpressZip C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Graphics File Converter.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Pixillion C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Invoicing Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind ExpressInvoice C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\MixPad MultiTrack Mixer.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind MixPad C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Prism Video File Format Converter.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Prism C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\RecordPad Sound Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind RecordPad C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\SoundTap Streaming Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind SoundTap C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Switch Sound File Converter.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Switch C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Video Capture Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Debut C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\VideoPad Video Editor.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind VideoPad C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\WavePad Sound Editor.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind WavePad C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk - C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disketch Disc Label Software.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft AutoRoute 2002.lnk - C:\Windows\Installer\{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}\_81CFF245D823_4DBB_AB6F_B2DE5ADB4464.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Picture It Photo 7.0.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works-venster Taak starten.lnk - C:\Program Files (x86)\Microsoft Works\msworks.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO\ALLConverter PRO.lnk - C:\Program Files (x86)\ALLConverter PRO\ALLConverterPro.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLMediaServer\ALL Media Server.lnk - C:\Program Files (x86)\ALLMediaServer\ALLMediaServer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer\ALL YouTube Downloader.lnk - C:\Program Files (x86)\ALLYouTubeDownloader\ALLYouTubeDownloader.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer\ALLPlayer Skin Creator.lnk - C:\Program Files (x86)\ALLPlayer\ALLSkinCreator.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer\ALLPlayer V5.0.lnk - C:\Program Files (x86)\ALLPlayer\ALLPlayer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer\ALLPlayer V5.X op het Web.lnk - C:\Program Files (x86)\ALLPlayer\allplayerEng.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer\ALLPlayer.lnk - C:\Program Files (x86)\ALLPlayer\ALLPlayer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 5.5\ReadMe.lnk - C:\Program Files (x86)\ArcSoft\PhotoStudio 5.5\readme.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\CD Audio Burn Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\CD Audio Rip Extractor.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Rip C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Crescendo Music Notation.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Crescendo C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Dictation Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Express C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\DJ Mixing Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Zulu C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Multitrack Mixer.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind MixPad C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Record to CD or Mp3 Wizard.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Golden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Sound File Converter.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Switch C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Sound File Editor.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind WavePad C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Sound File Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind RecordPad C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Streaming Audio Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind SoundTap C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Streaming Audio Server.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind BroadWave C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Text-to-Speech Reader.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Verbose C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Voice Changing Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Voxal C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Activering.lnk - C:\Program Files (x86)\AVS4YOU\Registration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\AVS Update Manager.lnk - C:\Program Files (x86)\AVS4YOU\AVSUpdateManager\AVSUpdateManager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\AVS4YOU Software Navigator.lnk - C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\AVS4YOUSoftwareNavigator.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Help.lnk - C:\Program Files (x86)\AVS4YOU\AVS4YOUHelp.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Herstellen.lnk - C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\Repairing.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Licentieovereenkomst.lnk - C:\Program Files (x86)\AVS4YOU\License Agreement.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Image\AVS Image Converter.lnk - C:\Program Files (x86)\AVS4YOU\AVSImageConverter\AVSImageConverter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\coverXP\coverXP help.lnk - C:\Program Files (x86)\coverXP\coverXP.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\coverXP\coverXP removal.lnk - C:\Program Files (x86)\coverXP\cxp-uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\coverXP\coverXP.lnk - C:\Program Files (x86)\coverXP\coverxp.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphics Related Programs\Graphics File Converter.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind Pixillion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphics Related Programs\PhotoPad Editor.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind PhotoPad C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphics Related Programs\Video File Converter.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind Prism C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Rapid Storage Technology.lnk - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Film op CD & DVD 4.0\Bestellen.lnk - C:\MAGIX\Film_op_CD_DVD_4\order.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Film op CD & DVD 4.0\Licentievoorwaarden.lnk - C:\MAGIX\Film_op_CD_DVD_4\license.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Film op CD & DVD 4.0\MAGIX burn profiler.lnk - C:\MAGIX\Film_op_CD_DVD_4\CDBurnProfiler.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Film op CD & DVD 4.0\MAGIX Film op CD & DVD 4.0 de-installeren.lnk - C:\MAGIX\Film_op_CD_DVD_4\unwise.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Film op CD & DVD 4.0\MAGIX Film op CD & DVD 4.0 Handleiding.lnk - C:\MAGIX\Film_op_CD_DVD_4\manual.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Film op CD & DVD 4.0\MAGIX Film op CD & DVD 4.0 Help.lnk - C:\MAGIX\Film_op_CD_DVD_4\homeDVD-Film4.hlp C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Film op CD & DVD 4.0\MAGIX Film op CD & DVD 4.0.lnk - C:\MAGIX\Film_op_CD_DVD_4\homeDVD-Film4.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Film op CD & DVD 4.0\MAGIX Online Print Service.lnk - C:\MAGIX\Film_op_CD_DVD_4\MAGIX Print Service\cewestart.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Film op CD & DVD 4.0\MAGIX Online Services.lnk - C:\Program Files (x86)\Common Files\MAGIX Shared\Online Services Info\index_0413.htm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Film op CD & DVD 4.0\Online registratie.lnk - C:\MAGIX\Film_op_CD_DVD_4\explore.exe http://www.magix.com/user/register/product_registration/login_screen.php3?VARPROGRAM=Filme_auf_CD_DVD_4&VARCHARGE=4.0.4.0&VARREGISTER=onlineregister&VARLAND=NL C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Film op CD & DVD 4.0\Registratie.lnk - C:\MAGIX\Film_op_CD_DVD_4\register.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Film op CD & DVD 4.0\Support.lnk - C:\MAGIX\Film_op_CD_DVD_4\support.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Media Manager 2004 silver\Bestellen.lnk - C:\MAGIX\Media_Manager_2004\order.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Media Manager 2004 silver\Licentievoorwaarden.lnk - C:\MAGIX\Media_Manager_2004\license.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Media Manager 2004 silver\MAGIX burn profiler.lnk - C:\MAGIX\Media_Manager_2004\CDBurnProfiler.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Media Manager 2004 silver\MAGIX Media Manager 2004 silver de-installeren.lnk - C:\MAGIX\Media_Manager_2004\unwise.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Media Manager 2004 silver\MAGIX Media Manager 2004 silver Help.lnk - C:\MAGIX\Media_Manager_2004\MediaManager.hlp C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Media Manager 2004 silver\MAGIX Media Manager 2004 silver.lnk - C:\MAGIX\Media_Manager_2004\MediaManager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Media Manager 2004 silver\MAGIX Viewer.lnk - C:\MAGIX\Media_Manager_2004\MAGIXviewer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Media Manager 2004 silver\MP3 Encoder Upgrade.lnk - C:\MAGIX\Media_Manager_2004\mp3encoder_upgrade.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Media Manager 2004 silver\Online registratie.lnk - C:\MAGIX\Media_Manager_2004\explore.exe http://www.magix.com/user/register/product_registration/login_screen.php3?VARPROGRAM=MediaManager_2004_silver&VARCHARGE=2.0.7.0&VARREGISTER=onlineregister&VARLAND=NL C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Media Manager 2004 silver\Registratie.lnk - C:\MAGIX\Media_Manager_2004\register.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Media Manager 2004 silver\Support.lnk - C:\MAGIX\Media_Manager_2004\support.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\ManyCam.lnk - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\Uninstall ManyCam.lnk - C:\Program Files (x86)\ManyCam\uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\User Guide.lnk - C:\Program Files (x86)\ManyCam\Help\UserGuide.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Introductie.lnk - C:\Program Files (x86)\Microsoft Works\wkpdfsnf.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Agenda.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\wkscal.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Database.lnk - C:\Windows\Installer\{A29D0501-02A2-48DD-BC1B-09B27406FE9B}\_7B6CD8B0F227_49A6_8B86_24D68584BC4A.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Portfolio.lnk - C:\Program Files (x86)\Microsoft Works\wkssb.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Spreadsheet.lnk - C:\Program Files (x86)\Microsoft Works\wksss.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Tekstverwerker.lnk - C:\Program Files (x86)\Microsoft Works\wkswp.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works-venster Taak starten.lnk - C:\Program Files (x86)\Microsoft Works\msworks.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Windows Adresboek.lnk - C:\Program Files (x86)\Windows Mail\wab.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Accounting Software.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind ExpressAccounts C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Classic FTP Software.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind ClassicFTP C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Doxillion Document Converter.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind Doxillion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Burn CD, DVD or Blu-Ray.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind ExpressBurn C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Dictate Recorder.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind Express C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Rip CD Ripper.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind Rip C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Zip File Compression.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind ExpressZip C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Graphics File Converter.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind Pixillion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Invoicing Software.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind ExpressInvoice C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\MixPad MultiTrack Mixer.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind MixPad C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Prism Video File Format Converter.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind Prism C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\RecordPad Sound Recorder.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind RecordPad C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\SoundTap Streaming Recorder.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind SoundTap C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Switch Sound File Converter.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind Switch C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Video Capture Software.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind Debut C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\VideoPad Video Editor.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind VideoPad C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\WavePad Sound Editor.lnk - C:\Program Files (x86)\NCH Software\Disketch\disketch.exe -extfind WavePad C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Family Safety.lnk - C:\Windows\Installer\{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}\fssicon.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk - C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe ==== shortcuts in Quick Launch ====================== C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ALL Media Server.lnk - C:\Program Files (x86)\ALLMediaServer\ALLMediaServer.exe C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ALLConverter PRO.lnk - C:\Program Files (x86)\ALLConverter PRO\ALLConverterPro.exe C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe ==== shortcuts After Repair ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Film op CD & DVD 4.0\Online registratie.lnk - C:\MAGIX\Film_op_CD_DVD_4\explore.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Media Manager 2004 silver\Online registratie.lnk - C:\MAGIX\Media_Manager_2004\explore.exe ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39bar.dll O2 - BHO: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.4.1\bh\mixidj.dll (file missing) O2 - BHO: ALLYouTubeDownloader - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\User\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

De PC start in ieder geval vlugger op, dat is duidelijk merkbaar. Maar de melding bij het opstarten krijg ik nog steeds.

Hier het logje: # AdwCleaner v2.115 - Verslag gemaakt op 27/03/2013 om 17:33:15 # Geactualiseerd op 17/03/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : User - USER-PC # Opstarten Modus : Normale modus # Gelanceerd vanaf : H:\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** Gestopt & Verwijdert : VideoDownloadConverter_4zService ***** [Files / Mappen] ***** File Verwijdert : C:\END Map Verwijdert : C:\Program Files (x86)\AVG Secure Search Map Verwijdert : C:\Program Files (x86)\search results toolbar Map Verwijdert : C:\Program Files (x86)\Searchqu Toolbar Map Verwijdert : C:\Program Files (x86)\VideoDownloadConverter_4z Map Verwijdert : C:\Program Files (x86)\Yontoo Map Verwijdert : C:\ProgramData\APN Map Verwijdert : C:\ProgramData\Ask Map Verwijdert : C:\ProgramData\AVG Secure Search Map Verwijdert : C:\ProgramData\Babylon Map Verwijdert : C:\ProgramData\blekko toolbars Map Verwijdert : C:\ProgramData\boost_interprocess Map Verwijdert : C:\ProgramData\Partner Map Verwijdert : C:\ProgramData\Tarma Installer Map Verwijdert : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb Verwijdert bij het opstarten : C:\Program Files (x86)\Common Files\AVG Secure Search ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\APN PIP Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Crossrider Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PricePeep Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijdert : HKCU\Software\AVG Secure Search Sleutel Verwijdert : HKCU\Software\BrowserMngr Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\ilivid Sleutel Verwijdert : HKCU\Software\IM Sleutel Verwijdert : HKCU\Software\ImInstaller Sleutel Verwijdert : HKCU\Software\InstallCore Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKCU\Software\PIP Sleutel Verwijdert : HKCU\Software\Savings Vault Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKCU\Software\857d68fe53ee448 Sleutel Verwijdert : HKLM\Software\AVG Secure Search Sleutel Verwijdert : HKLM\Software\AVG Security Toolbar Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\Software\BrowserMngr Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT3284024 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin Sleutel Verwijdert : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\DataMngr Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Sleutel Verwijdert : HKLM\Software\PIP Sleutel Verwijdert : HKLM\Software\SearchquMediabarTb Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16470 Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyC0CyCtByC0DyD0D0E0BtAtD0AtBzzzytN0D0Tzu0CtByEzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=415855436 --> hxxp://www.google.com -\\ Google Chrome v25.0.1364.172 ************************* AdwCleaner[s1].txt - [18131 octets] - [27/03/2013 17:33:15] ########## EOF - C:\AdwCleaner[s1].txt - [18192 octets] ##########

Heb nu toch enige veruitgang geboekt. Bij actieve netwerken staat nu "onbekend netwerk" met daaronder "openbaar netwerk". Maar krijg nog steeds geen internet.

Logje Combofix: ComboFix 13-03-21.02 - User 22-03-2013 17:42:58.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6135.4923 [GMT 1:00] Gestart vanuit: H:\ComboFix.exe gebruikte Opdracht switches :: c:\users\User\Desktop\CFScript.txt SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "C:\cc_20130213_181646.reg" "C:\cc_20130213_181706.reg" "C:\cc_20130213_181719.reg" "C:\cc_20130213_181732.reg" "C:\cc_20130227_223147.reg" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\cc_20130213_181646.reg C:\cc_20130213_181706.reg C:\cc_20130213_181719.reg C:\cc_20130213_181732.reg C:\cc_20130227_223147.reg c:\program files (x86)\Conduit c:\program files (x86)\Conduit\Community Alerts\Alert.dll c:\program files (x86)\mixidj c:\program files (x86)\mixidj\mixidj\1.8.4.1\bh\mixidj.dll c:\program files (x86)\mixidj\mixidj\1.8.4.1\escortShld.dll c:\program files (x86)\mixidj\mixidj\1.8.4.1\mixidj.crx c:\program files (x86)\mixidj\mixidj\1.8.4.1\mixidjApp.dll c:\program files (x86)\mixidj\mixidj\1.8.4.1\mixidjEng.dll c:\program files (x86)\mixidj\mixidj\1.8.4.1\mixidjsrv.exe c:\program files (x86)\mixidj\mixidj\1.8.4.1\mixidjTlbr.dll c:\program files (x86)\mixidj\mixidj\1.8.4.1\uninstall.exe c:\program files (x86)\PricePeep c:\program files (x86)\PricePeep\installer.ico c:\program files (x86)\PricePeep\uninstall.exe c:\program files (x86)\PricePeep\unutil.exe c:\users\User\AppData\Local\Conduit . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_MapsGalaxy_39Service . . (((((((((((((((((((( Bestanden Gemaakt van 2013-02-22 to 2013-03-22 )))))))))))))))))))))))))))))) . . 2013-03-22 16:46 . 2013-03-22 16:46 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-03-22 16:33 . 2013-03-22 16:33 -------- d-----w- c:\users\User\AppData\Local\Avg2013 2013-03-20 17:58 . 2013-03-20 17:58 -------- d-----w- c:\users\User\AppData\Roaming\ArcSoft 2013-03-20 17:51 . 2013-03-20 17:51 -------- d-----w- c:\program files (x86)\ArcSoft 2013-03-20 17:51 . 1999-05-26 08:46 212480 ----a-w- c:\windows\pcdlib32.dll 2013-03-20 17:33 . 2003-04-18 14:29 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll 2013-03-20 17:33 . 2013-03-20 17:33 -------- d-----w- c:\windows\SysWow64\MAGIX 2013-03-20 17:30 . 2013-03-20 17:33 -------- d-----w- C:\MAGIX 2013-03-20 17:30 . 2002-09-20 22:33 1089536 ----a-w- c:\windows\SysWow64\ROBOEX32.DLL 2013-03-20 17:30 . 1999-01-28 12:44 49152 ----a-w- c:\windows\SysWow64\INETWH32.dll 2013-03-20 17:30 . 1998-10-15 15:28 85504 ----a-w- c:\windows\SysWow64\HtmlWH.dll 2013-03-20 17:29 . 2004-12-10 08:47 184320 ----a-w- c:\windows\SysWow64\mgxoschk.dll 2013-03-20 12:53 . 2013-03-20 12:54 -------- d-----w- c:\program files (x86)\coverXP 2013-03-15 15:47 . 2013-03-15 15:48 -------- d-----w- c:\program files (x86)\exPressit S.E. 2.1 2013-03-15 14:57 . 2013-03-15 14:57 -------- d-----w- c:\programdata\NCH Software 2013-03-15 14:56 . 2013-03-15 15:13 -------- d-----w- c:\program files (x86)\NCH Software 2013-03-15 14:56 . 2013-03-15 14:57 -------- d-----w- c:\users\User\AppData\Roaming\NCH Software 2013-03-13 13:55 . 2013-03-13 13:55 -------- d-----w- c:\program files\Microsoft Silverlight 2013-03-13 13:55 . 2013-03-13 13:55 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2013-03-13 13:49 . 2013-03-13 13:49 16486616 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2013-03-11 15:20 . 2013-03-11 15:21 -------- d-----w- c:\program files (x86)\Microsoft Picture It! 7 2013-03-11 15:16 . 2013-03-11 15:19 -------- d-----w- c:\program files (x86)\Microsoft Works 2013-03-11 15:15 . 2013-03-11 15:15 -------- d-----w- c:\program files (x86)\Microsoft Works Suite 2003 2013-03-11 15:12 . 2013-03-11 15:13 -------- d-----w- c:\program files (x86)\Microsoft AutoRoute 2013-03-11 12:16 . 2013-03-11 12:16 -------- d-----w- c:\programdata\FileCure 2013-03-07 13:37 . 2013-03-07 13:37 -------- d-----w- c:\users\User\AppData\Roaming\dvdcss 2013-03-07 13:32 . 2013-03-07 13:32 -------- d-----w- c:\program files (x86)\MapsGalaxy_39 2013-03-07 11:42 . 2013-03-07 16:20 -------- d-----w- c:\program files (x86)\MyPC Backup 2013-03-07 11:16 . 2013-03-07 11:16 -------- d-----w- c:\program files (x86)\ALLYouTubeDownloader 2013-03-04 14:27 . 2013-03-04 14:27 -------- d-----w- C:\Intel 2013-03-04 13:35 . 2013-03-04 13:35 -------- d-----w- c:\program files (x86)\VideoDownloadConverter_4z 2013-03-04 12:43 . 2013-03-04 12:43 -------- d-----w- c:\users\User\AppData\Local\VisualBeeClient 2013-03-04 11:20 . 2013-03-04 11:20 -------- d-----w- c:\windows\nl 2013-03-04 11:19 . 2012-09-12 14:20 57856 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2013-03-04 11:18 . 2013-03-04 11:18 -------- d-----w- c:\program files (x86)\Microsoft SkyDrive 2013-03-04 11:18 . 2013-03-04 11:18 -------- d-----r- c:\users\User\SkyDrive 2013-03-04 11:18 . 2013-03-04 11:16 5659096 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\c112c0b41ce18c905\skydrivesetup.exe 2013-03-04 11:18 . 2013-03-04 11:18 -------- d-----w- c:\programdata\Microsoft SkyDrive 2013-03-04 11:16 . 2013-03-04 11:16 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bfa092e51ce18c904\DSETUP.dll 2013-03-04 11:16 . 2013-03-04 11:16 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bfa092e51ce18c904\DXSETUP.exe 2013-03-04 11:16 . 2013-03-04 11:16 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bfa092e51ce18c904\dsetup32.dll 2013-03-04 11:16 . 2013-03-04 11:16 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bdc47fae1ce18c903\DSETUP.dll 2013-03-04 11:16 . 2013-03-04 11:16 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bdc47fae1ce18c903\DXSETUP.exe 2013-03-04 11:16 . 2013-03-04 11:16 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bdc47fae1ce18c903\dsetup32.dll 2013-03-04 11:16 . 2013-03-04 11:16 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bb6820a11ce18c901\DSETUP.dll 2013-03-04 11:16 . 2013-03-04 11:16 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bb6820a11ce18c901\DXSETUP.exe 2013-03-04 11:16 . 2013-03-04 11:16 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bb6820a11ce18c901\dsetup32.dll 2013-03-02 20:57 . 2013-03-02 20:57 -------- d-----w- c:\users\User\AppData\Local\ManyCam 2013-02-28 14:51 . 2013-02-28 14:51 -------- d-----w- c:\users\User\AppData\Roaming\AVG Secure Search . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-15 16:30 . 2012-07-02 20:43 22368 ----a-w- c:\windows\system32\drivers\AFD.SYS 2013-03-15 16:30 . 2009-07-14 00:10 22368 ----a-w- c:\windows\system32\drivers\WS2IFSL.SYS 2013-03-13 13:57 . 2010-07-07 15:49 72013344 ----a-w- c:\windows\system32\MRT.exe 2013-03-13 13:49 . 2012-07-12 19:48 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-13 13:49 . 2012-07-12 19:48 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-02-27 22:44 . 2007-04-27 09:43 120200 ----a-w- c:\windows\SysWow64\DLLDEV32i.dll 2013-02-18 15:45 . 2012-12-15 17:24 39768 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2013-02-12 05:45 . 2013-03-13 13:39 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45 . 2013-03-13 13:39 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45 . 2013-03-13 13:39 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45 . 2013-03-13 13:39 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48 . 2013-03-13 13:39 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-13 13:39 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-01-05 05:53 . 2013-02-13 10:14 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-05 05:00 . 2013-02-13 10:14 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00 . 2013-02-13 10:14 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-01-04 05:46 . 2013-02-13 10:14 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-01-04 04:51 . 2013-02-13 10:14 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-01-04 04:43 . 2013-02-13 10:14 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-01-04 03:26 . 2013-02-13 10:14 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-01-04 02:47 . 2013-02-13 10:14 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-01-04 02:47 . 2013-02-13 10:14 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-01-04 02:47 . 2013-02-13 10:14 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-01-04 02:47 . 2013-02-13 10:14 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-01-03 06:00 . 2013-02-13 10:14 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-01-03 06:00 . 2013-02-13 10:14 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-12-31 15:27 . 2012-12-31 15:25 16384 ----a-w- c:\windows\SysWow64\lgfwunis.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1e91a655-bb4b-4693-a05e-2edebc4c9d89}] 2013-03-07 13:32 707728 ----a-w- c:\progra~2\MAPSGA~2\bar\1.bin\39bar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2}] 2013-03-07 13:32 62864 ----a-w- c:\program files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-03-04 11:18 220632 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-03-04 11:18 220632 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-03-04 11:18 220632 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-18 911160] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664] "ALLUpdate"="c:\program files (x86)\ALLPlayer\ALLUpdate.exe" [2013-01-23 2995712] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696] "LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-02-18 1151152] "LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 62760] "LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-12-31 27760] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] . c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2013-1-8 246368] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer6"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck turegopt . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536] R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x] R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x] R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2010-12-30 94208] R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [2010-12-30 28672] R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [2010-12-30 196096] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-12-13 36720] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488] R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944] R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 uxddrv;Dynamically loaded UxdDrv;F:\uxddrv64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-02 1255736] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-18 39768] S1 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\DRIVERS\CLBStor.sys [2007-06-04 24824] S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/07/28 15:16];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [2010-01-19 23:10 146928] S2 CLBUDF;CLBUDF;c:\windows\system32\DRIVERS\CLBUDF.sys [2007-06-04 369912] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000] S2 VideoDownloadConverter_4zService;VideoDownloadConverterService;c:\progra~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2013-03-04 42504] S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-18 968880] S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-12-30 85504] S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-01-11 34304] S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-02-22 28160] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-03-12 22:29 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-03-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 13:49] . 2013-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28 07:12] . 2013-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28 07:12] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-03-04 11:18 244696 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-03-04 11:18 244696 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-03-04 11:18 244696 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-14 10918504] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uLocal Page = c:\windows\SYSTEM32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll . - - - - ORPHANS VERWIJDERD - - - - . BHO-{4D6A9BBF-402C-4301-B1EF-28D04F71D761} - c:\program files (x86)\mixidj\mixidj\1.8.4.1\bh\mixidj.dll AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-mixidj - c:\program files (x86)\mixidj\mixidj\1.8.4.1\uninstall.exe AddRemove-PricePeep - c:\program files (x86)\PricePeep\uninstall.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD\000.fcl" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%] @Class="Shell" . [HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%\OpenWithList] @Class="Shell" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\CyberLink\Shared files\RichVideo.exe . ************************************************************************** . Voltooingstijd: 2013-03-22 17:51:00 - machine werd herstart ComboFix-quarantined-files.txt 2013-03-22 16:51 ComboFix2.txt 2013-03-15 16:18 . Pre-Run: 845.637.124.096 bytes beschikbaar Post-Run: 845.415.821.312 bytes beschikbaar . - - End Of File - - 05F53D6F215E56F5A797054F43032608 Logje HijackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:20:36, on 22-3-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Users\User\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39bar.dll O2 - BHO: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.4.1\bh\mixidj.dll (file missing) O2 - BHO: ALLYouTubeDownloader - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10435 bytes Dit even melden, maar de melding bij het opstarten van de pc is nog steeds aanwezig.

Kabel zit ingeplugd, maar geen internet. Is trouwens de bedoeling dat het via kabelaansluiting is.

De vaste pc heeft altijd internet gehad via de vaste kabel. Maar er is ook wifi in huis voor de tablet. Ik denk wel dat de vaste pc ook een ontvanger heeft voor draadloze netwerken maar ben het niet zeker. Zijn vaste pc is een Medion Erazer X7710 D

Dit is dus de tweede lopende discussie die ik start. Mijn schoonvader zit opnieuw met een groot probleem. Zijn vaste pc krijgt geen verbinding meer met het internet. Als ik bij configuratiescherm naar "Netwerkcentrum" ga, dan blijft hij gewoon zoeken bij "De actieve netwerken weergeven" en staat er een kruis bovenaan tussen de pc en het internet-icoontje. Heb ook al geprobeerd om "verbinding met een netwerk" aan te klikken omdat daar normaal de draadloze netwerken zouden moeten verschijnen (en hij ook een draadloos netwerk heeft - gebruikt dit voor de tablet) maar krijg niets te zien. Heb al eens geprobeerd om de kabel te vervangen maar ook zonder resultaat. Heb dan erna geprobeerd om een nieuwe verbinding te maken en heb dan zijn gegevens van Belgacom ingegeven, maar daar ook zonder resultaat. In ieder geval ligt het niet aan Belgacom, want op zijn tablet heeft hij wel internet. Zijn vaste pc draait op windows 7. Ik heb wel al een test gedaan om te zien of de netwerkkaart nog werkt. Heb een "ping 127.0.0.1" gedaan en alles is daar normaal. Kan iemand mij helpen?

ComboFix 13-03-15.01 - User 15-03-2013 17:11:34.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6135.4372 [GMT 1:00] Gestart vanuit: c:\users\User\Downloads\ComboFix.exe AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\PricePeep\prICepeep.dll c:\program files (x86)\Yontoo\YoNTooieclient.dll c:\users\User\AppData\Local\assembly\tmp c:\users\User\AppData\Local\assembly\tmp\5016E6E6\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\5016E6E6\VBeeEnhance.DLL c:\users\User\AppData\Local\assembly\tmp\5ZY4HSUI\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\5ZY4HSUI\IDBService.DLL c:\users\User\AppData\Local\assembly\tmp\6B1BFJ3C\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\6B1BFJ3C\N_Database.DLL c:\users\User\AppData\Local\assembly\tmp\7YCTLPP6\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\7YCTLPP6\N_Presentation.DLL c:\users\User\AppData\Local\assembly\tmp\A98H8RHP\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\A98H8RHP\VBeeClient.DLL c:\users\User\AppData\Local\assembly\tmp\GYOAZ0XH\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\GYOAZ0XH\VBeeLibrary.DLL c:\users\User\AppData\Local\assembly\tmp\JLX6JTK9\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\JLX6JTK9\N_Engine.DLL c:\users\User\AppData\Local\assembly\tmp\NZ4CMG9K\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\NZ4CMG9K\Domain.DLL c:\users\User\AppData\Local\assembly\tmp\OLBQH4TU\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\OLBQH4TU\VBeeClient.DLL c:\users\User\AppData\Local\assembly\tmp\OXM9X22B\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\OXM9X22B\ISwUpdateService.DLL c:\users\User\AppData\Local\assembly\tmp\PABMY5IE\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\PABMY5IE\VBeeClient.DLL c:\users\User\AppData\Local\assembly\tmp\R3H9CFWL\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\R3H9CFWL\VBeeLibrary.DLL c:\users\User\AppData\Local\assembly\tmp\REQXSGQC\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\REQXSGQC\VBeeAccount.DLL c:\users\User\AppData\Local\assembly\tmp\SKOE3MZ0\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\SKOE3MZ0\VBeeEnhance.DLL c:\users\User\AppData\Local\assembly\tmp\UHTM9HSW\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\UHTM9HSW\VBeeLibrary.DLL c:\users\User\AppData\Local\assembly\tmp\URB7HDAD\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\URB7HDAD\VBeeEnhance.DLL c:\users\User\AppData\Local\assembly\tmp\W1KO4LVY\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\W1KO4LVY\ISwUpdateService.DLL c:\users\User\AppData\Local\assembly\tmp\WMXUBY1R\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\WMXUBY1R\N_Presentation.DLL c:\users\User\AppData\Local\assembly\tmp\XQFKAH9J\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\XQFKAH9J\N_Analyzer.DLL c:\users\User\AppData\Local\assembly\tmp\ZV5NBVIN\__AssemblyInfo__.ini c:\users\User\AppData\Local\assembly\tmp\ZV5NBVIN\N_EngineGlobals.DLL . . (((((((((((((((((((( Bestanden Gemaakt van 2013-02-15 to 2013-03-15 )))))))))))))))))))))))))))))) . . 2013-03-15 16:16 . 2013-03-15 16:16 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-03-15 15:47 . 2013-03-15 15:48 -------- d-----w- c:\program files (x86)\exPressit S.E. 2.1 2013-03-15 15:13 . 2013-03-15 15:14 -------- d-----w- c:\program files (x86)\Ask.com 2013-03-15 14:57 . 2013-03-15 14:57 -------- d-----w- c:\programdata\NCH Software 2013-03-15 14:56 . 2013-03-15 15:13 -------- d-----w- c:\program files (x86)\NCH Software 2013-03-15 14:56 . 2013-03-15 14:57 -------- d-----w- c:\users\User\AppData\Roaming\NCH Software 2013-03-13 13:55 . 2013-03-13 13:55 -------- d-----w- c:\program files\Microsoft Silverlight 2013-03-13 13:55 . 2013-03-13 13:55 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2013-03-13 13:49 . 2013-03-13 13:49 16486616 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2013-03-11 15:20 . 2013-03-11 15:21 -------- d-----w- c:\program files (x86)\Microsoft Picture It! 7 2013-03-11 15:16 . 2013-03-11 15:19 -------- d-----w- c:\program files (x86)\Microsoft Works 2013-03-11 15:15 . 2013-03-11 15:15 -------- d-----w- c:\program files (x86)\Microsoft Works Suite 2003 2013-03-11 15:12 . 2013-03-11 15:13 -------- d-----w- c:\program files (x86)\Microsoft AutoRoute 2013-03-11 12:16 . 2013-03-11 12:16 -------- d-----w- c:\programdata\FileCure 2013-03-11 12:16 . 2013-03-11 12:16 -------- d-----w- c:\program files (x86)\ParetoLogic 2013-03-11 12:16 . 2013-03-11 12:16 -------- d-----w- c:\program files (x86)\Common Files\ParetoLogic 2013-03-08 15:52 . 2013-03-08 15:52 -------- d-----w- c:\program files (x86)\RegClean Pro 2013-03-07 13:37 . 2013-03-07 13:37 -------- d-----w- c:\users\User\AppData\Roaming\dvdcss 2013-03-07 13:32 . 2013-03-07 13:32 -------- d-----w- c:\program files (x86)\MapsGalaxy_39 2013-03-07 11:42 . 2013-03-07 16:20 -------- d-----w- c:\program files (x86)\MyPC Backup 2013-03-07 11:16 . 2013-03-07 11:16 -------- d-----w- c:\program files (x86)\ALLYouTubeDownloader 2013-03-07 11:16 . 2013-03-07 11:16 -------- d-----w- c:\users\User\AppData\Local\ALLMediaServer 2013-03-07 11:16 . 2013-03-07 11:16 -------- d-----w- c:\program files (x86)\ALLMediaServer 2013-03-07 11:12 . 2013-03-15 16:16 -------- d-----w- c:\program files (x86)\PricePeep 2013-03-06 16:29 . 2013-03-06 16:46 -------- d-----w- c:\program files (x86)\OnlineVault 2013-03-06 12:56 . 2013-03-06 12:56 -------- d-----w- c:\programdata\Uniblue 2013-03-06 12:10 . 2013-03-11 14:53 -------- d-----w- c:\users\User\AppData\Roaming\vlc 2013-03-06 12:08 . 2013-03-06 12:08 -------- d-----w- c:\program files (x86)\VideoLAN 2013-03-06 11:31 . 2013-03-06 11:31 -------- d-----w- c:\users\User\AppData\Roaming\CRMixiDJTB 2013-03-06 11:31 . 2013-03-06 11:31 -------- d-----w- c:\program files (x86)\mixidj 2013-03-06 11:31 . 2013-03-07 11:09 -------- d-----w- c:\users\User\AppData\Local\ALLConverter 2013-03-06 11:31 . 2013-03-07 11:09 -------- d-----w- c:\program files (x86)\ALLConverter PRO 2013-03-06 11:31 . 2011-06-02 00:10 644608 ----a-w- c:\windows\SysWow64\xvidcore.dll 2013-03-06 11:31 . 2009-09-27 22:02 797184 ----a-w- c:\windows\SysWow64\ac3filter.ax 2013-03-06 11:31 . 2007-10-07 13:36 258048 ----a-w- c:\windows\SysWow64\libFLAC.dll 2013-03-06 11:31 . 2013-03-07 11:16 -------- d-----w- c:\program files (x86)\ALLPlayer 2013-03-06 11:31 . 2013-03-07 11:16 -------- d-----w- c:\users\User\AppData\Local\ALLPlayer 2013-03-04 14:27 . 2013-03-04 14:27 -------- d-----w- C:\Intel 2013-03-04 13:35 . 2013-03-04 13:35 -------- d-----w- c:\program files (x86)\VideoDownloadConverter_4z 2013-03-04 13:33 . 2013-03-04 13:33 -------- d-----w- c:\program files (x86)\File Extensions 2013-03-04 12:43 . 2013-03-04 12:43 -------- d-----w- c:\users\User\AppData\Local\VisualBeeClient 2013-03-04 11:20 . 2013-03-04 11:20 -------- d-----w- c:\windows\nl 2013-03-04 11:19 . 2012-09-12 14:20 57856 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2013-03-04 11:18 . 2013-03-04 11:18 -------- d-----w- c:\program files (x86)\Microsoft SkyDrive 2013-03-04 11:18 . 2013-03-04 11:18 -------- d-----r- c:\users\User\SkyDrive 2013-03-04 11:18 . 2013-03-04 11:16 5659096 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\c112c0b41ce18c905\skydrivesetup.exe 2013-03-04 11:18 . 2013-03-04 11:18 -------- d-----w- c:\programdata\Microsoft SkyDrive 2013-03-04 11:16 . 2013-03-04 11:16 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bfa092e51ce18c904\DSETUP.dll 2013-03-04 11:16 . 2013-03-04 11:16 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bfa092e51ce18c904\DXSETUP.exe 2013-03-04 11:16 . 2013-03-04 11:16 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bfa092e51ce18c904\dsetup32.dll 2013-03-04 11:16 . 2013-03-04 11:16 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bdc47fae1ce18c903\DSETUP.dll 2013-03-04 11:16 . 2013-03-04 11:16 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bdc47fae1ce18c903\DXSETUP.exe 2013-03-04 11:16 . 2013-03-04 11:16 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bdc47fae1ce18c903\dsetup32.dll 2013-03-04 11:16 . 2013-03-04 11:16 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bb6820a11ce18c901\DSETUP.dll 2013-03-04 11:16 . 2013-03-04 11:16 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bb6820a11ce18c901\DXSETUP.exe 2013-03-04 11:16 . 2013-03-04 11:16 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bb6820a11ce18c901\dsetup32.dll 2013-03-02 20:57 . 2013-03-02 20:57 -------- d-----w- c:\users\User\AppData\Local\ManyCam 2013-02-28 15:11 . 2013-02-28 15:11 -------- d-----w- c:\program files (x86)\Conduit 2013-02-28 15:11 . 2013-03-04 12:40 -------- d-----w- c:\users\User\AppData\Local\Conduit 2013-02-28 14:51 . 2013-02-28 14:51 -------- d-----w- c:\users\User\AppData\Roaming\AVG Secure Search 2013-02-27 21:31 . 2013-02-27 21:31 5974 ----a-w- C:\cc_20130227_223147.reg 2013-02-17 00:07 . 2013-02-17 00:07 -------- d-----w- c:\windows\PCHEALTH 2013-02-13 18:49 . 2013-02-13 18:49 -------- d-----w- c:\users\User\AppData\Roaming\Participatory Culture Foundation 2013-02-13 17:50 . 2013-03-15 16:16 -------- d-----w- c:\users\User\AppData\Local\assembly 2013-02-13 17:28 . 2013-02-13 17:28 -------- d-----w- c:\users\User\AppData\Roaming\Malwarebytes 2013-02-13 17:28 . 2013-02-13 17:28 -------- d-----w- c:\programdata\Malwarebytes 2013-02-13 17:28 . 2013-02-13 17:28 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-02-13 17:28 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-02-13 17:19 . 2013-02-13 17:19 -------- d-----w- c:\program files (x86)\ToniArts 2013-02-13 17:19 . 2013-02-13 17:19 180356 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll 2013-02-13 17:19 . 2004-07-15 23:20 733184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll 2013-02-13 17:19 . 2004-07-15 23:20 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll 2013-02-13 17:19 . 2004-07-15 23:19 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll 2013-02-13 17:19 . 2004-07-15 23:18 172032 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll 2013-02-13 17:19 . 2004-07-15 23:18 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe 2013-02-13 17:19 . 2013-02-13 17:19 303236 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll 2013-02-13 17:17 . 2013-02-13 17:17 498 ----a-w- C:\cc_20130213_181732.reg 2013-02-13 17:17 . 2013-02-13 17:17 160 ----a-w- C:\cc_20130213_181719.reg 2013-02-13 17:17 . 2013-02-13 17:17 2772 ----a-w- C:\cc_20130213_181706.reg 2013-02-13 17:16 . 2013-02-13 17:16 131990 ----a-w- C:\cc_20130213_181646.reg 2013-02-13 17:01 . 2013-02-13 17:01 -------- d-----w- c:\program files\Common Files\DESIGNER 2013-02-13 17:00 . 2013-02-13 17:00 -------- d-----w- c:\program files\Microsoft Synchronization Services 2013-02-13 17:00 . 2013-02-13 17:00 -------- d-----w- c:\program files\Microsoft Sync Framework 2013-02-13 17:00 . 2013-02-13 17:00 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2013-02-13 17:00 . 2013-03-06 16:50 -------- d-----w- c:\users\User\AppData\Local\Savings Vault 2013-02-13 16:58 . 2013-02-13 16:58 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2013-02-13 16:58 . 2013-02-13 16:58 -------- d-----w- c:\program files\Microsoft Analysis Services 2013-02-13 16:58 . 2013-02-13 16:58 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2013-02-13 16:57 . 2013-02-13 17:00 -------- d-----w- c:\program files\Microsoft Office 2013-02-13 16:57 . 2013-02-13 16:57 -------- d-----r- C:\MSOCache 2013-02-13 16:52 . 2013-03-04 12:40 -------- d-----w- c:\users\User\AppData\Local\VisualBeeExe 2013-02-13 16:52 . 2013-02-13 16:52 -------- d-----w- c:\programdata\VisualBee . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-13 13:57 . 2010-07-07 15:49 72013344 ----a-w- c:\windows\system32\MRT.exe 2013-03-13 13:49 . 2012-07-12 19:48 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-13 13:49 . 2012-07-12 19:48 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-02-27 22:44 . 2007-04-27 09:43 120200 ----a-w- c:\windows\SysWow64\DLLDEV32i.dll 2013-02-18 15:45 . 2012-12-15 17:24 39768 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2013-02-12 05:45 . 2013-03-13 13:39 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45 . 2013-03-13 13:39 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45 . 2013-03-13 13:39 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45 . 2013-03-13 13:39 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48 . 2013-03-13 13:39 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-13 13:39 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-01-05 05:53 . 2013-02-13 10:14 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-05 05:00 . 2013-02-13 10:14 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00 . 2013-02-13 10:14 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-01-04 05:46 . 2013-02-13 10:14 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-01-04 04:51 . 2013-02-13 10:14 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-01-04 04:43 . 2013-02-13 10:14 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-01-04 03:26 . 2013-02-13 10:14 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-01-04 02:47 . 2013-02-13 10:14 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-01-04 02:47 . 2013-02-13 10:14 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-01-04 02:47 . 2013-02-13 10:14 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-01-04 02:47 . 2013-02-13 10:14 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-01-03 06:00 . 2013-02-13 10:14 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-01-03 06:00 . 2013-02-13 10:14 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-12-31 15:27 . 2012-12-31 15:25 16384 ----a-w- c:\windows\SysWow64\lgfwunis.exe 2012-12-16 17:11 . 2012-12-21 20:45 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-21 20:45 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-21 20:45 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-21 20:45 34304 ----a-w- c:\windows\SysWow64\atmlib.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2013-01-24 1521800] . [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1e91a655-bb4b-4693-a05e-2edebc4c9d89}] 2013-03-07 13:32 707728 ----a-w- c:\progra~2\MAPSGA~2\bar\1.bin\39bar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}] 2012-11-13 07:23 263136 ----a-w- c:\program files (x86)\mixidj\mixidj\1.8.4.1\bh\mixidj.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2}] 2013-03-07 13:32 62864 ----a-w- c:\program files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2013-01-24 13:18 1521800 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}"= "c:\program files (x86)\mixidj\mixidj\1.8.4.1\mixidjTlbr.dll" [2012-11-13 337376] "{364ea597-e728-4ce4-bb4a-ed846ef47970}"= "c:\program files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll" [2013-03-07 707728] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2013-01-24 1521800] . [HKEY_CLASSES_ROOT\clsid\{ca9b9c89-4662-4adc-9c23-a452becd5d19}] [HKEY_CLASSES_ROOT\mixidj.mixidjdskBnd.1] [HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] [HKEY_CLASSES_ROOT\mixidj.mixidjdskBnd] . [HKEY_CLASSES_ROOT\clsid\{364ea597-e728-4ce4-bb4a-ed846ef47970}] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-03-04 11:18 220632 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-03-04 11:18 220632 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-03-04 11:18 220632 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-18 911160] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664] "ALLUpdate"="c:\program files (x86)\ALLPlayer\ALLUpdate.exe" [2013-01-23 2995712] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696] "LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-02-18 1151152] "LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 62760] "LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-12-31 27760] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "MapsGalaxy Search Scope Monitor"="c:\progra~2\MAPSGA~2\bar\1.bin\39srchmn.exe" [2013-03-07 42536] "MapsGalaxy_39 Browser Plugin Loader"="c:\progra~2\MAPSGA~2\bar\1.bin\39brmon.exe" [2013-03-07 30096] "ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2013-01-24 1646216] . c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2013-1-8 246368] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer6"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck turegopt . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536] R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x] R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x] R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2010-12-30 94208] R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [2010-12-30 28672] R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [2010-12-30 196096] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-12-13 36720] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488] R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944] R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 uxddrv;Dynamically loaded UxdDrv;F:\uxddrv64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-02 1255736] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-18 39768] S1 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\DRIVERS\CLBStor.sys [2007-06-04 24824] S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/07/28 15:16];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [2010-01-19 23:10 146928] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664] S2 CLBUDF;CLBUDF;c:\windows\system32\DRIVERS\CLBUDF.sys [2007-06-04 369912] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336] S2 MapsGalaxy_39Service;MapsGalaxyService;c:\progra~2\MAPSGA~2\bar\1.bin\39barsvc.exe [2013-03-07 42504] S2 VideoDownloadConverter_4zService;VideoDownloadConverterService;c:\progra~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2013-03-04 42504] S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-18 968880] S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-12-30 85504] S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-01-11 34304] S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-02-22 28160] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-03-12 22:29 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-03-15 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 13:49] . 2013-03-11 c:\windows\Tasks\FileCure Default.job - c:\program files (x86)\ParetoLogic\FileCure\FileCure.exe [2012-11-26 20:44] . 2013-03-15 c:\windows\Tasks\FileCure Startup.job - c:\program files (x86)\ParetoLogic\FileCure\FileCure.exe [2012-11-26 20:44] . 2013-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28 07:12] . 2013-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28 07:12] . 2013-03-14 c:\windows\Tasks\ParetoLogic Registration3.job - c:\windows\system32\rundll32.exe [2009-07-13 01:14] . 2013-03-15 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job - c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2012-06-27 21:07] . 2013-03-11 c:\windows\Tasks\ParetoLogic Update Version3.job - c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2012-06-27 21:07] . 2013-03-11 c:\windows\Tasks\RegClean Pro_DEFAULT.job - c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2013-03-08 11:01] . 2013-03-09 c:\windows\Tasks\RegClean Pro_UPDATES.job - c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2013-03-08 11:01] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-03-04 11:18 244696 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-03-04 11:18 244696 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-03-04 11:18 244696 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-14 10918504] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uLocal Page = c:\windows\SYSTEM32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll . - - - - ORPHANS VERWIJDERD - - - - . BHO-{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - c:\program files (x86)\PricePeep\pricepeep.dll Wow6432Node-HKLM-Run-<NO NAME> - (no file) SafeBoot-BsScanner AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD\000.fcl" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-03-15 17:18:01 ComboFix-quarantined-files.txt 2013-03-15 16:18 . Pre-Run: 840.219.574.272 bytes beschikbaar Post-Run: 840.429.879.296 bytes beschikbaar . - - End Of File - - A7F6A90CD6F6615675461EF3F01C256B

Het logje van malwarebytes: Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Databaseversie: v2013.03.07.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 User :: USER-PC [administrator] 7-3-2013 17:10:55 mbam-log-2013-03-07 (17-10-55).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 208799 Verstreken tijd: 1 minuut/minuten, 58 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Het logje van Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:16:51, on 7-3-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Advanced File Optimizer\AdvancedFileOptimizer.exe C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39HighIn.exe C:\Users\User\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39bar.dll O2 - BHO: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.4.1\bh\mixidj.dll O2 - BHO: ALLYouTubeDownloader - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O3 - Toolbar: MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.4.1\mixidjTlbr.dll O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\progra~3\browse~2\261095~1.52\{c16c1~1\browse~1.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39barsvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13573 bytes

Sorry, kan niet altijd onmiddellijk doen wat jullie vragen omdat dit niet mijn pc is. Hier dus het logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:12:44, on 5-3-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe C:\Program Files (x86)\lg_fwupdate\fwupdate.exe C:\Users\User\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Funmoods Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: CrossriderApp0023986 - {11111111-1111-1111-1111-110211391186} - C:\Program Files (x86)\Savings Vault\Savings Vault.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: File-Extensions.org Search.lnk = C:\Program Files (x86)\File Extensions\File-Extensions.org-Search.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay, de wereldwijde online handelsplaats (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay, de wereldwijde online handelsplaats (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14341 bytes

Wanneer mijn schoonvader zijn pc opstart met Windows 7, krijgt hij telkens de boodschap: "turegopt program not found - skipping autocheck". Ik moet ook zeggen dat het een tijdje duurt voordat hij opstart. Weet iemand wat ik moet doen?

Op het eerste zicht lijkt het mij toch beter. Ik laat je nog iets weten mocht er zich toch nog een probleem voordoen. In ieder geval wil ik je reeds bedanken voor de snelle service!

Sorry, had gisteravond te weinig tijd waardoor ik het waarschijnlijk niet goed had gedaan. Hier dus het nieuwe logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:29:47, on 17/10/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Windows\PLFSetI.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\kianii\AppData\Local\Facebook\Update\FacebookUpdate.exe C:\Users\kianii\AppData\Local\Linkury\Application\Linkury.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: Messenger Plus! Skins for Facebook - {3543619C-D563-43f7-95EA-4DA7E1CC316A} - C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusFacebook.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [MessengerPlusSkinsForFacebookService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\PlusFBSkinsService.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Facebook Update] "C:\Users\kianii\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Linkury Chrome Smartbar] C:\Users\kianii\AppData\Local\Linkury\Application\Linkury.exe startup O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B889C595925F5BF100329B118D789DA0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\kianii\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.3\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Messenger Plus! Skins for Facebook Service (MsgFBSkinsPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusForFacebookService.exe O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater12.1.3 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.3\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14254 bytes

Logje Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:50:51, on 16/10/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Windows\PLFSetI.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\kianii\AppData\Local\Facebook\Update\FacebookUpdate.exe C:\Users\kianii\AppData\Local\Linkury\Application\Linkury.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: Messenger Plus! Community SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: Messenger Plus! Skins for Facebook - {3543619C-D563-43f7-95EA-4DA7E1CC316A} - C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusFacebook.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IMVU Inc - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: IMVU Inc Toolbar - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll O3 - Toolbar: Messenger Plus! Community Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [MessengerPlusSkinsForFacebookService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\PlusFBSkinsService.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Facebook Update] "C:\Users\kianii\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Linkury Chrome Smartbar] C:\Users\kianii\AppData\Local\Linkury\Application\Linkury.exe startup O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B889C595925F5BF100329B118D789DA0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\kianii\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.3\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\search~1\datamngr\datamngr.dll c:\progra~2\search~1\datamngr\iebho.dll c:\progra~2\bandoo\bndhook.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Messenger Plus! Skins for Facebook Service (MsgFBSkinsPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusForFacebookService.exe O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater12.1.3 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.3\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16159 bytes Logje Malwarebytes: Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Databaseversie: v2012.10.16.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 kianii :: KIANII-PC [administrator] 16/10/2012 17:39:52 mbam-log-2012-10-16 (17-39-52).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 224389 Verstreken tijd: 7 minuut/minuten, 53 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

Wanneer ik sc stop "Bandoo Coordinator" intik, krijg ik [sC] ControlService MISLUKT 1062: De service is niet gestart De rest zal ik nu doen. Sorry was te vlug. Het deleten is Voltooid wordt er gezegd

Mijn nichtje had me gevraagd om eens naar haar laptop te kijken omdat deze ongelooflijk traag is. Ik heb hem laten scannen met malwarebytes (87 bedreigingen) en heb hem tenslotte ook opgekuist met CCleaner. Maar de laptop blijft dus enorm traag. Daarom dat ik jullie hulp nog eens inroep. Hieronder de logfile van Hijackthis: Logfile of Trend Micro HijackThis v2.0.4Scan saved at 20:59:55, on 15/10/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Windows\PLFSetI.exe C:\Users\kianii\AppData\Local\Linkury\Application\Linkury.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\kianii\AppData\Roaming\BrowserCompanion\tbhcn.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\12.1.3\ScriptHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\kianii\Downloads\HijackThis.exe C:\Users\kianii\Downloads\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.plusnetwork.com/?q={searchTerms}&sp=chv R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.plusnetwork.com/?q={searchTerms}&sp=chv R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.plusnetwork.com/?q={searchTerms}&sp=chv R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.plusnetwork.com/?q={searchTerms}&sp=chv R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: Messenger Plus! Community SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: Messenger Plus! Skins for Facebook - {3543619C-D563-43f7-95EA-4DA7E1CC316A} - C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusFacebook.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IMVU Inc - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: IMVU Inc Toolbar - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll O3 - Toolbar: Messenger Plus! Community Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [MessengerPlusSkinsForFacebookService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\PlusFBSkinsService.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Facebook Update] "C:\Users\kianii\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Linkury Chrome Smartbar] C:\Users\kianii\AppData\Local\Linkury\Application\Linkury.exe startup O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B889C595925F5BF100329B118D789DA0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: tbhcn.lnk = C:\Users\kianii\AppData\Roaming\BrowserCompanion\tbhcn.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\kianii\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.3\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\search~1\datamngr\datamngr.dll c:\progra~2\search~1\datamngr\iebho.dll c:\progra~2\bandoo\bndhook.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\Program Files (x86)\Bandoo\Bandoo.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Messenger Plus! Skins for Facebook Service (MsgFBSkinsPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusForFacebookService.exe O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater12.1.3 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.3\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 17320 bytes

Sedert een tijdje had ik al een probleem om in te loggen op facebook. Zowel op IE als op Mozilla lukte het soms niet om je aan te melden. Maar wanneer ik dan afsloot en opnieuw probeerde dan lukte het soms wel. Nu lukt het dus helemaal niet meer. Als ik wil aanmelden dan blijft de browser op "verbinden" staan maar aanloggen lukt dus niet. Ik weet niet of het een virus of malware kan zijn want jullie hebben mijn pc een paar weken geleden al nagekeken en die zou dus opgekuist moeten zijn. Iemand enig idee wat dit probleem zou kunnen zijn? Vooral het vrouwtje begint er serieus over te zagen!

Dat ziet er terug wel goed uit. Moet eerlijk bekennen dat ik de laatste dagen nog niet veel voor mijn pc heb gezeten, maar op het eerste zicht is het wel beter.

ComboFix 12-06-11.03 - Andy 11/06/2012 18:53:53.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4078.2465 [GMT 2:00] Gestart vanuit: c:\users\Andy\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Andy\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Andy\AppData\Roaming\Ivig . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-11 to 2012-06-11 )))))))))))))))))))))))))))))) . . 2012-06-11 16:57 . 2012-06-11 16:57 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-06-11 16:57 . 2012-06-11 16:57 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-09 11:10 . 2012-06-09 11:10 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-09 11:10 . 2012-06-09 11:10 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-04 17:48 . 2012-06-04 17:48 388096 ----a-r- c:\users\Andy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-04 17:48 . 2012-06-04 17:48 -------- d-----w- c:\program files (x86)\Trend Micro 2012-05-15 00:21 . 2012-05-15 00:21 423744 ----a-w- c:\windows\SysWow64\nvStreaming.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-15 10:48 . 2012-03-13 19:56 949056 ----a-w- c:\windows\system32\nvumdshimx.dll 2012-05-15 10:48 . 2012-03-13 19:56 8105280 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-05-15 10:48 . 2012-03-13 19:56 68928 ----a-w- c:\windows\system32\OpenCL.dll 2012-05-15 10:48 . 2012-03-13 19:56 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll 2012-05-15 10:48 . 2012-03-13 19:56 2368832 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-05-15 10:48 . 2011-09-05 22:23 2741568 ----a-w- c:\windows\system32\nvapi64.dll 2012-05-15 10:48 . 2011-09-05 22:23 1738048 ----a-w- c:\windows\system32\nvdispco64.dll 2012-05-15 10:48 . 2011-09-05 22:23 15322432 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-05-15 10:48 . 2011-09-05 22:23 1468224 ----a-w- c:\windows\system32\nvgenco64.dll 2012-05-15 10:48 . 2011-09-05 22:23 10194752 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-05-15 09:29 . 2011-09-05 22:23 889664 ----a-w- c:\windows\system32\nvvsvc.exe 2012-05-15 09:29 . 2011-09-05 22:23 63296 ----a-w- c:\windows\system32\nvshext.dll 2012-05-15 09:29 . 2011-09-05 22:23 2561856 ----a-w- c:\windows\system32\nvsvcr.dll 2012-05-15 09:29 . 2011-09-05 22:23 118080 ----a-w- c:\windows\system32\nvmctray.dll 2012-05-15 09:29 . 2011-08-11 21:24 2621723 ----a-w- c:\windows\system32\nvcoproc.bin 2012-05-15 09:29 . 2011-09-05 22:23 3149632 ----a-w- c:\windows\system32\nvsvc64.dll 2012-05-15 09:28 . 2011-09-05 22:23 6151488 ----a-w- c:\windows\system32\nvcpl.dll 2012-05-04 19:16 . 2012-04-02 15:42 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-04 19:16 . 2011-08-10 19:09 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-04 19:16 . 2012-04-02 16:16 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-04-19 02:50 . 2012-04-19 02:50 28480 ----a-w- c:\windows\system32\drivers\avgidsha.sys 2012-04-18 17:08 . 2012-03-13 19:56 1451840 ----a-w- c:\windows\system32\nvhdagenco6420103.dll 2012-04-18 11:49 . 2012-05-01 16:43 405176 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll 2012-03-31 06:05 . 2012-05-09 18:07 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-31 04:39 . 2012-05-09 18:07 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-03-31 04:39 . 2012-05-09 18:07 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-03-31 03:10 . 2012-05-09 18:07 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-03-30 11:35 . 2012-05-09 18:07 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-22 11:43 . 2012-05-01 16:43 2557952 ----a-w- c:\windows\SysWow64\QtCore4.dll 2012-03-19 03:17 . 2012-03-19 03:17 383808 ----a-w- c:\windows\system32\drivers\avgtdia.sys 2012-03-17 07:58 . 2012-05-09 18:07 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys . . ((((((((((((((((((((((((((((( SnapShot@2012-06-10_14.34.53 ))))))))))))))))))))))))))))))))))))))))) . + 2010-11-21 03:09 . 2012-06-11 15:49 41300 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-06-11 15:49 47230 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-12-03 16:48 . 2012-06-11 15:49 11214 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-626991123-2630253986-2610911255-1002_UserData.bin - 2012-03-17 22:11 . 2012-05-18 21:18 3510 c:\windows\system32\wdi\ERCQueuedResolutions.dat + 2012-03-17 22:11 . 2012-06-11 16:58 3510 c:\windows\system32\wdi\ERCQueuedResolutions.dat - 2012-06-10 14:34 . 2012-06-10 14:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-06-11 16:59 . 2012-06-11 16:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-06-10 14:34 . 2012-06-10 14:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-06-11 16:59 . 2012-06-11 16:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 05:01 . 2012-06-10 14:32 446416 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-06-11 16:58 446416 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-06-11 15:53 . 2012-06-11 15:53 8449024 c:\windows\Installer\5ce00.msi + 2011-12-03 16:45 . 2012-06-11 16:58 14443344 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-626991123-2630253986-2610911255-1002-8192.dat + 2011-12-04 15:48 . 2012-06-11 16:58 16654236 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-626991123-2630253986-2610911255-1002-4096.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-04-30 284440] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 257696] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-04-30 5106744] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-02-18 462632] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-03-11 2656280] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [x] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [x] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [x] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2012-06-11 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 19:16] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-05-09 11821160] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s TCP: DhcpNameServer = 195.130.130.130 195.130.131.130 FF - ProfilePath - c:\users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\ifomlluy.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.incredibar_i.excTlbr - false . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\SysWOW64\bgsvcgen.exe c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2012-06-11 19:02:54 - machine werd herstart ComboFix-quarantined-files.txt 2012-06-11 17:02 ComboFix2.txt 2012-06-10 14:38 . Pre-Run: 1.748.564.287.488 bytes beschikbaar Post-Run: 1.748.287.971.328 bytes beschikbaar . - - End Of File - - 5459F7CC24CCAC8F38CB77199D6A89CD

Zoals jullie reeds hebben aangegeven zou er iets stuk zijn. Naar Medion gebeld en moet de pc via een Kiala-punt opsturen. Normaal zou de herstelperiode zo'n 2 weken in beslag nemen. We wachten dus af. Ik laat jullie iets weten van het ogenblik ik verdere info krijg.