cloclo

hey kape, voorlopig geen herstelproblemen meer, werkt ook stuk vlugger ... wat was er precies mis??Misschien zijn er dingen waar ik in de toekomst kan rekening mee houden?Hoe kom ik aan deze problemen? Nog een paar kleine problemen denk ik : - bij het afsluiten doet hij telkens vier updates en bij het opstarten heeft hij problemen bij configureren en verwijderd hij opnieuw de updates... - telenet in voor het ontvangen van mails is ok maar problemen bij verzenden... Die combo, hijack enzo mag dat op pc blijven staan?? Zijn er nog beveiligingen die kunt aanraden? Super bedankt hoor. groetjes.

AUB ... ComboFix 11-05-01.04 - aarontristan 02/05/2011 15:20:51.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.4078.2656 [GMT 2:00] Gestart vanuit: c:\users\aarontristan\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\aarontristan\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\programdata\Partner\Partner.exe" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\AVG c:\program files (x86)\AVG\AVG10\Chrome\safesearch.crx c:\program files (x86)\AVG\AVG10\Firefox4\chrome.manifest c:\program files (x86)\AVG\AVG10\Firefox4\Chrome\searchshield.jar c:\program files (x86)\AVG\AVG10\Firefox4\Components\avgssff4.dll c:\program files (x86)\AVG\AVG10\Firefox4\Components\ISearchShield4.xpt c:\program files (x86)\AVG\AVG10\Firefox4\install.rdf c:\programdata\Partner c:\programdata\Partner\debug.log c:\programdata\Partner\Partner.exe c:\programdata\Partner\Partner64.dll C:\rsit c:\rsit\info.txt c:\rsit\log.txt . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_Partner Service . . (((((((((((((((((((( Bestanden Gemaakt van 2011-04-02 to 2011-05-02 )))))))))))))))))))))))))))))) . . 2011-05-02 13:24 . 2011-05-02 13:24 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-05-02 08:07 . 2011-04-18 17:13 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-05-02 08:07 . 2011-04-18 17:18 287064 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-05-02 08:07 . 2011-04-18 17:13 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-05-02 08:07 . 2011-04-18 17:16 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-05-02 08:07 . 2011-04-18 17:17 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-05-02 08:07 . 2011-04-18 17:13 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-05-02 08:06 . 2011-04-18 17:25 40112 ----a-w- c:\windows\avastSS.scr 2011-05-02 08:06 . 2011-04-18 17:25 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-05-01 19:24 . 2011-05-01 19:26 -------- d-----w- c:\programdata\VirtualizedApplications 2011-05-01 17:13 . 2011-05-01 17:13 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client 2011-04-28 19:48 . 2011-04-28 19:48 -------- d-----w- c:\users\Public\CyberLink 2011-04-28 15:40 . 2011-04-18 17:25 253888 ----a-w- c:\windows\system32\aswBoot.exe 2011-04-27 21:28 . 2011-02-18 06:33 31232 ----a-w- c:\windows\system32\prevhost.exe 2011-04-27 21:28 . 2011-02-18 05:33 31232 ----a-w- c:\windows\SysWow64\prevhost.exe 2011-04-26 19:53 . 2011-05-02 08:06 -------- d-----w- c:\programdata\AVAST Software 2011-04-26 19:53 . 2011-04-28 15:40 -------- d-----w- c:\program files\AVAST Software 2011-04-26 09:18 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-04-26 09:18 . 2011-04-26 09:18 -------- d-----w- c:\programdata\Malwarebytes 2011-04-26 09:18 . 2011-04-26 09:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-04-26 09:18 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-04-25 18:30 . 2011-04-25 18:30 -------- d-----w- c:\program files\CCleaner 2011-04-25 16:03 . 2011-04-29 08:02 -------- d-----w- c:\program files (x86)\Trend Micro 2011-04-24 17:49 . 2011-04-24 17:49 30208 ----a-w- c:\windows\system32\dnscacheugc.exe 2011-04-24 17:49 . 2011-04-24 17:49 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe 2011-04-24 17:49 . 2011-04-24 17:49 182272 ----a-w- c:\windows\system32\dnsrslvr.dll 2011-04-24 17:45 . 2011-04-24 17:45 46080 ----a-w- c:\windows\system32\atmlib.dll 2011-04-24 17:45 . 2011-04-24 17:45 367104 ----a-w- c:\windows\system32\atmfd.dll 2011-04-24 17:45 . 2011-04-24 17:45 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2011-04-24 17:45 . 2011-04-24 17:45 294912 ----a-w- c:\windows\SysWow64\atmfd.dll 2011-04-24 17:43 . 2011-04-24 17:43 976896 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-24 17:43 . 2011-04-24 17:43 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll 2011-04-24 17:43 . 2011-04-24 17:43 267776 ----a-w- c:\windows\system32\FXSCOVER.exe 2011-04-24 17:43 . 2011-04-24 17:43 90624 ----a-w- c:\windows\system32\drivers\bowser.sys 2011-04-24 17:43 . 2011-04-24 17:43 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-24 17:43 . 2011-04-24 17:43 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-24 17:43 . 2011-04-24 17:43 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-24 17:41 . 2011-04-24 17:41 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-04-24 17:41 . 2011-04-24 17:41 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2011-04-24 17:41 . 2011-04-24 17:41 902656 ----a-w- c:\windows\system32\d2d1.dll 2011-04-24 17:41 . 2011-04-24 17:41 739840 ----a-w- c:\windows\SysWow64\d2d1.dll 2011-04-24 17:41 . 2011-04-24 17:41 1540608 ----a-w- c:\windows\system32\DWrite.dll 2011-04-24 17:41 . 2011-04-24 17:41 1135104 ----a-w- c:\windows\system32\FntCache.dll 2011-04-24 17:41 . 2011-04-24 17:41 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll 2011-04-24 17:39 . 2011-04-24 17:39 197120 ----a-w- c:\windows\system32\d3d10_1.dll 2011-04-24 17:38 . 2011-04-24 17:38 80384 ----a-w- c:\windows\SysWow64\davclnt.dll 2011-04-24 17:37 . 2011-04-24 17:37 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll 2011-04-24 17:37 . 2011-04-24 17:37 720896 ----a-w- c:\windows\system32\odbc32.dll 2011-04-24 17:37 . 2011-04-24 17:37 573440 ----a-w- c:\windows\SysWow64\odbc32.dll 2011-04-24 17:37 . 2011-04-24 17:37 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll 2011-04-24 17:37 . 2011-04-24 17:37 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll 2011-04-24 17:37 . 2011-04-24 17:37 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll 2011-04-24 17:37 . 2011-04-24 17:37 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll 2011-04-24 17:37 . 2011-04-24 17:37 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll 2011-04-24 17:37 . 2011-04-24 17:37 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll 2011-04-24 17:37 . 2011-04-24 17:37 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2011-04-24 17:33 . 2011-04-24 17:33 294912 ----a-w- c:\windows\system32\browserchoice.exe 2011-04-24 17:26 . 2011-04-24 17:26 -------- d-----w- c:\program files (x86)\IObit 2011-04-24 16:31 . 2011-04-24 16:31 -------- d--h--w- c:\programdata\Common Files 2011-04-24 16:25 . 2011-05-02 06:54 -------- d-----w- c:\programdata\MFAData 2011-04-24 07:25 . 2011-04-28 20:12 -------- d-----w- c:\users\aarontristan 2011-04-24 07:25 . 2011-04-24 07:25 -------- d-----w- c:\program files\PlayReady 2011-04-24 07:25 . 2011-04-24 07:25 -------- d-----w- c:\program files (x86)\Common Files\Protexis 2011-04-24 07:25 . 2011-04-24 07:25 -------- d-----w- c:\programdata\Corel 2011-04-24 07:24 . 2011-04-24 07:24 -------- d-----w- c:\program files (x86)\Common Files\Corel 2011-04-24 07:23 . 2011-04-24 07:23 -------- d-----w- c:\program files (x86)\Corel 2011-04-24 07:23 . 2011-04-24 07:23 -------- d-----w- c:\program files\Google 2011-04-24 07:23 . 2011-04-24 17:05 -------- d-----w- c:\program files (x86)\Google 2011-04-24 07:21 . 2011-04-24 07:21 -------- d-----w- C:\Recovery 2011-04-24 07:21 . 2011-04-24 07:21 -------- d-sh--we C:\Documents and Settings 2011-04-23 21:03 . 2011-04-23 21:03 -------- d-sh--we c:\programdata\Templates 2011-04-23 21:03 . 2011-04-23 21:03 -------- d-sh--we c:\programdata\Start Menu 2011-04-23 20:56 . 2011-04-23 20:56 -------- d-sh--we c:\programdata\Favorites 2011-04-23 20:56 . 2011-04-23 20:56 -------- d-sh--we c:\programdata\Documents 2011-04-23 20:56 . 2011-04-23 20:56 -------- d-sh--we c:\programdata\Desktop . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-24 15:45 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-05-02_07.56.27 ))))))))))))))))))))))))))))))))))))))))) . - 2011-05-02 07:45 . 2011-05-02 07:45 13378 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat + 2011-05-02 13:24 . 2011-05-02 13:24 13378 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat - 2009-07-14 04:54 . 2011-05-02 06:30 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2011-05-02 13:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2011-05-02 13:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-05-02 06:30 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-05-02 06:30 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-05-02 13:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-07-07 16:19 . 2011-05-02 13:12 32654 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-05-02 13:12 65910 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:30 . 2011-05-02 07:44 86016 c:\windows\system32\DriverStore\infpub.dat + 2009-07-14 05:30 . 2011-05-02 13:06 86016 c:\windows\system32\DriverStore\infpub.dat + 2011-04-24 15:13 . 2011-05-02 13:12 8158 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2630638536-2556421976-747844443-1001_UserData.bin - 2011-05-02 07:45 . 2011-05-02 07:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-05-02 13:25 . 2011-05-02 13:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-05-02 07:45 . 2011-05-02 07:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-05-02 13:25 . 2011-05-02 13:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 05:30 . 2011-05-02 07:44 143360 c:\windows\system32\DriverStore\infstrng.dat + 2009-07-14 05:30 . 2011-05-02 13:06 143360 c:\windows\system32\DriverStore\infstrng.dat + 2009-07-14 05:30 . 2011-05-02 13:06 143360 c:\windows\system32\DriverStore\infstor.dat - 2009-07-14 05:30 . 2011-05-02 07:44 143360 c:\windows\system32\DriverStore\infstor.dat - 2009-07-14 05:01 . 2011-05-02 07:45 232796 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2011-05-02 13:24 232796 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2011-04-24 10:28 . 2011-05-02 07:45 3208440 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2630638536-2556421976-747844443-1001-8192.dat + 2011-04-24 10:28 . 2011-05-02 13:24 3208440 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2630638536-2556421976-747844443-1001-8192.dat - 2011-04-24 20:36 . 2011-05-02 07:45 5915760 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2630638536-2556421976-747844443-1001-4096.dat + 2011-04-24 20:36 . 2011-05-02 13:24 5915760 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2630638536-2556421976-747844443-1001-4096.dat + 2009-07-14 02:34 . 2011-05-02 13:23 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat - 2009-07-14 02:34 . 2011-05-02 07:31 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "Advanced SystemCare 4"="c:\program files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe" [bU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-04-18 3460784] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24 136176] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24 136176] R3 IAMTVE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTVE.sys [x] R3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTXPE.sys [x] R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [x] R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768] . . Inhoud van de 'Gedeelde Taken' map . 2011-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24 07:23] . 2011-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24 07:23] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-04-18 17:25 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "combofix"="c:\combofix\CF19444.cfxxe" [X] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-09 11613288] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html . - - - - ORPHANS VERWIJDERD - - - - . BHO-{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - c:\programdata\Partner\Partner64.dll . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe . ************************************************************************** . Voltooingstijd: 2011-05-02 15:31:05 - machine werd herstart ComboFix-quarantined-files.txt 2011-05-02 13:31 ComboFix2.txt 2011-05-02 07:57 ComboFix3.txt 2011-04-26 19:41 . Pre-Run: 1.921.622.937.600 bytes beschikbaar Post-Run: 1.921.031.081.984 bytes beschikbaar . - - End Of File - - 6485162893465A2AF29FD36B3008B1E4 bedankt

Hopelijk genoten van het weekend! Met nieuwe moed begonnenxD avast eraf AVG weer geinstalleerd en dan opnieuw met remover maar ik denk dat het nu wél gelukt is...straks avast terug op:thumpdown: combo fix, en hopelijk worden we nu wat wijzer, merciekes ComboFix 11-05-01.02 - aarontristan 02/05/2011 9:52.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.4078.2824 [GMT 2:00] Gestart vanuit: c:\users\aarontristan\Downloads\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-04-02 to 2011-05-02 )))))))))))))))))))))))))))))) . . 2011-05-02 07:56 . 2011-05-02 07:56 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-05-02 07:51 . 2011-05-02 07:51 -------- d-----w- C:\32788R22FWJFW 2011-05-01 19:24 . 2011-05-01 19:26 -------- d-----w- c:\programdata\VirtualizedApplications 2011-05-01 17:13 . 2011-05-01 17:13 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client 2011-04-28 19:48 . 2011-04-28 19:48 -------- d-----w- c:\users\Public\CyberLink 2011-04-28 15:40 . 2011-04-18 17:25 253888 ----a-w- c:\windows\system32\aswBoot.exe 2011-04-27 21:28 . 2011-02-18 06:33 31232 ----a-w- c:\windows\system32\prevhost.exe 2011-04-27 21:28 . 2011-02-18 05:33 31232 ----a-w- c:\windows\SysWow64\prevhost.exe 2011-04-26 19:53 . 2011-05-02 06:50 -------- d-----w- c:\programdata\AVAST Software 2011-04-26 19:53 . 2011-04-28 15:40 -------- d-----w- c:\program files\AVAST Software 2011-04-26 09:18 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-04-26 09:18 . 2011-04-26 09:18 -------- d-----w- c:\programdata\Malwarebytes 2011-04-26 09:18 . 2011-04-26 09:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-04-26 09:18 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-04-25 18:47 . 2011-04-25 18:48 -------- d-----w- C:\rsit 2011-04-25 18:30 . 2011-04-25 18:30 -------- d-----w- c:\program files\CCleaner 2011-04-25 16:03 . 2011-04-29 08:02 -------- d-----w- c:\program files (x86)\Trend Micro 2011-04-24 17:49 . 2011-04-24 17:49 30208 ----a-w- c:\windows\system32\dnscacheugc.exe 2011-04-24 17:49 . 2011-04-24 17:49 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe 2011-04-24 17:49 . 2011-04-24 17:49 182272 ----a-w- c:\windows\system32\dnsrslvr.dll 2011-04-24 17:45 . 2011-04-24 17:45 46080 ----a-w- c:\windows\system32\atmlib.dll 2011-04-24 17:45 . 2011-04-24 17:45 367104 ----a-w- c:\windows\system32\atmfd.dll 2011-04-24 17:45 . 2011-04-24 17:45 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2011-04-24 17:45 . 2011-04-24 17:45 294912 ----a-w- c:\windows\SysWow64\atmfd.dll 2011-04-24 17:43 . 2011-04-24 17:43 976896 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-24 17:43 . 2011-04-24 17:43 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll 2011-04-24 17:43 . 2011-04-24 17:43 267776 ----a-w- c:\windows\system32\FXSCOVER.exe 2011-04-24 17:43 . 2011-04-24 17:43 90624 ----a-w- c:\windows\system32\drivers\bowser.sys 2011-04-24 17:43 . 2011-04-24 17:43 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-24 17:43 . 2011-04-24 17:43 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-24 17:43 . 2011-04-24 17:43 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-24 17:41 . 2011-04-24 17:41 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-04-24 17:41 . 2011-04-24 17:41 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2011-04-24 17:41 . 2011-04-24 17:41 902656 ----a-w- c:\windows\system32\d2d1.dll 2011-04-24 17:41 . 2011-04-24 17:41 739840 ----a-w- c:\windows\SysWow64\d2d1.dll 2011-04-24 17:41 . 2011-04-24 17:41 1540608 ----a-w- c:\windows\system32\DWrite.dll 2011-04-24 17:41 . 2011-04-24 17:41 1135104 ----a-w- c:\windows\system32\FntCache.dll 2011-04-24 17:41 . 2011-04-24 17:41 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll 2011-04-24 17:39 . 2011-04-24 17:39 197120 ----a-w- c:\windows\system32\d3d10_1.dll 2011-04-24 17:38 . 2011-04-24 17:38 80384 ----a-w- c:\windows\SysWow64\davclnt.dll 2011-04-24 17:37 . 2011-04-24 17:37 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll 2011-04-24 17:37 . 2011-04-24 17:37 720896 ----a-w- c:\windows\system32\odbc32.dll 2011-04-24 17:37 . 2011-04-24 17:37 573440 ----a-w- c:\windows\SysWow64\odbc32.dll 2011-04-24 17:37 . 2011-04-24 17:37 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll 2011-04-24 17:37 . 2011-04-24 17:37 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll 2011-04-24 17:37 . 2011-04-24 17:37 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll 2011-04-24 17:37 . 2011-04-24 17:37 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll 2011-04-24 17:37 . 2011-04-24 17:37 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll 2011-04-24 17:37 . 2011-04-24 17:37 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll 2011-04-24 17:37 . 2011-04-24 17:37 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2011-04-24 17:33 . 2011-04-24 17:33 294912 ----a-w- c:\windows\system32\browserchoice.exe 2011-04-24 17:26 . 2011-04-24 17:26 -------- d-----w- c:\program files (x86)\IObit 2011-04-24 16:31 . 2011-04-24 16:31 -------- d--h--w- c:\programdata\Common Files 2011-04-24 16:29 . 2011-04-24 17:27 -------- d-----w- c:\program files (x86)\AVG 2011-04-24 16:25 . 2011-05-02 06:54 -------- d-----w- c:\programdata\MFAData 2011-04-24 07:25 . 2011-04-28 20:12 -------- d-----w- c:\users\aarontristan 2011-04-24 07:25 . 2011-04-24 07:25 -------- d-----w- c:\program files\PlayReady 2011-04-24 07:25 . 2011-04-24 07:25 -------- d-----w- c:\program files (x86)\Common Files\Protexis 2011-04-24 07:25 . 2011-04-24 07:25 -------- d-----w- c:\programdata\Corel 2011-04-24 07:24 . 2011-04-24 07:24 -------- d-----w- c:\program files (x86)\Common Files\Corel 2011-04-24 07:23 . 2011-04-24 07:23 -------- d-----w- c:\program files (x86)\Corel 2011-04-24 07:23 . 2011-04-29 08:01 -------- d-----w- c:\programdata\Partner 2011-04-24 07:23 . 2011-04-24 07:23 -------- d-----w- c:\program files\Google 2011-04-24 07:23 . 2011-04-24 17:05 -------- d-----w- c:\program files (x86)\Google 2011-04-24 07:21 . 2011-04-24 07:21 -------- d-----w- C:\Recovery 2011-04-24 07:21 . 2011-04-24 07:21 -------- d-sh--we C:\Documents and Settings 2011-04-23 21:03 . 2011-04-23 21:03 -------- d-sh--we c:\programdata\Templates 2011-04-23 21:03 . 2011-04-23 21:03 -------- d-sh--we c:\programdata\Start Menu 2011-04-23 20:56 . 2011-04-23 20:56 -------- d-sh--we c:\programdata\Favorites 2011-04-23 20:56 . 2011-04-23 20:56 -------- d-sh--we c:\programdata\Documents 2011-04-23 20:56 . 2011-04-23 20:56 -------- d-sh--we c:\programdata\Desktop . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-24 15:45 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "Advanced SystemCare 4"="c:\program files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe" [bU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24 136176] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24 136176] R3 IAMTVE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTVE.sys [x] R3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTXPE.sys [x] R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [x] R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2011-04-24 332272] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768] . . Inhoud van de 'Gedeelde Taken' map . 2011-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24 07:23] . 2011-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24 07:23] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}] 2011-04-24 07:23 750064 ----a-w- c:\programdata\Partner\Partner64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JAVA"="c:\windows\java.vbs" [2010-11-17 83] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-09 11613288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-05-02 09:57:53 ComboFix-quarantined-files.txt 2011-05-02 07:57 ComboFix2.txt 2011-04-26 19:41 . Pre-Run: 1.922.109.222.912 bytes beschikbaar Post-Run: 1.921.752.887.296 bytes beschikbaar . - - End Of File - - 3A72351CA6EF511B98476289759E52F0

ik ben altijd braaf en doe wat ze mij vragen.. maar als ik bij start - zoeken : avg intikt dan verschijnt er nog vanallles van avg?? in de software lijst staat geen avg meer.

kan combo niet running omdat AVG?? nog ingeschakeld staat .... pc doet nu constant 4 updates bij uitschakelen en bij opstarten zegt hij bezig met configureren en dan problemen bij configureren windows en wijzigingen ongedaan maken... Mijn echtgenoot:thumpdown: heeft kaartlezer om foto's te bekijken via usb aangekoppeld en daarna volledig blij scherm foutmelding en gans boelke uit denk dat de liefde niet wederzijds is:hmmmm: snap er niks van, wat loopt eigenlijk allemaal fout? Raakt dit ooit opgelost? Groetjes van stilletjesaan crazy pc women:adore:

Goede morgen kape, alvast bedankt voor alle moeite Vandaag netjes opgestart en avast is er ook nog Het logje :Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:02:37, on 29/04/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Trend Micro\hijackthis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Advanced SystemCare 4] "C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8399 bytes

Goede avond, Terug avast erop maar krijg die avg er niet helemaal af... hierbij het logje, hopelijk wat wijzer vandaag? groetjes Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:26:16, on 28/04/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Program Files (x86)\Trend Micro\hijackthis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (file missing) O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Advanced SystemCare 4] "C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - Unknown owner - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9559 bytes

help?? net terug van werken na veel updates is ie terug opgestart avast is weg en der staat weer vanalles van avg op????

daarnet pc opgestart, opnieuw blauw scherm, en systeemherstel, misschien al iemand iets gevonden?;-) Enig idee waar het fout loopt?

heb combo laten draaien hierbij het logbestand MAAR kreeg ook volgende melding die nog open staat nu, weet niet wat ik moet antwoorden IAStorlcon.exe Toepassingsfout DE TOEPASSING HEEFT EEN UITZONDERING GEGENEREERD DIE NIET KAN WORDEN VERWERKT PROCES-ID=Oxbdc(3036)THREAD-ID oxbd8 (3032) KLIK OK OM TOEPASSING TE BEEINDIGEN OF ANNULEREN OM FOUTEN IN DE TOEPASSING OP TE SPOREN?? ComboFix 11-04-26.01 - aarontristan 26/04/2011 21:33:03.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.4078.2850 [GMT 2:00] Gestart vanuit: c:\users\aarontristan\Downloads\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\AARONT~1\AppData\Local\Temp\2970.tmp c:\users\aarontristan\AppData\Local\Temp\2970.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2011-03-26 to 2011-04-26 )))))))))))))))))))))))))))))) . . 2011-04-26 09:18 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-04-26 09:18 . 2011-04-26 09:18 -------- d-----w- c:\programdata\Malwarebytes 2011-04-26 09:18 . 2011-04-26 09:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-04-26 09:18 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-04-25 18:47 . 2011-04-25 18:48 -------- d-----w- C:\rsit 2011-04-25 18:30 . 2011-04-25 18:30 -------- d-----w- c:\program files\CCleaner 2011-04-25 16:03 . 2011-04-26 11:04 -------- d-----w- c:\program files (x86)\Trend Micro 2011-04-24 17:49 . 2011-04-24 17:49 30208 ----a-w- c:\windows\system32\dnscacheugc.exe 2011-04-24 17:49 . 2011-04-24 17:49 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe 2011-04-24 17:49 . 2011-04-24 17:49 182272 ----a-w- c:\windows\system32\dnsrslvr.dll 2011-04-24 17:45 . 2011-04-24 17:45 46080 ----a-w- c:\windows\system32\atmlib.dll 2011-04-24 17:45 . 2011-04-24 17:45 367104 ----a-w- c:\windows\system32\atmfd.dll 2011-04-24 17:45 . 2011-04-24 17:45 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2011-04-24 17:45 . 2011-04-24 17:45 294912 ----a-w- c:\windows\SysWow64\atmfd.dll 2011-04-24 17:43 . 2011-04-24 17:43 976896 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-24 17:43 . 2011-04-24 17:43 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll 2011-04-24 17:43 . 2011-04-24 17:43 267776 ----a-w- c:\windows\system32\FXSCOVER.exe 2011-04-24 17:43 . 2011-04-24 17:43 90624 ----a-w- c:\windows\system32\drivers\bowser.sys 2011-04-24 17:43 . 2011-04-24 17:43 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-24 17:43 . 2011-04-24 17:43 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-24 17:43 . 2011-04-24 17:43 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-24 17:41 . 2011-04-24 17:41 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-04-24 17:41 . 2011-04-24 17:41 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2011-04-24 17:41 . 2011-04-24 17:41 902656 ----a-w- c:\windows\system32\d2d1.dll 2011-04-24 17:41 . 2011-04-24 17:41 739840 ----a-w- c:\windows\SysWow64\d2d1.dll 2011-04-24 17:41 . 2011-04-24 17:41 1540608 ----a-w- c:\windows\system32\DWrite.dll 2011-04-24 17:41 . 2011-04-24 17:41 1135104 ----a-w- c:\windows\system32\FntCache.dll 2011-04-24 17:41 . 2011-04-24 17:41 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll 2011-04-24 17:39 . 2011-04-24 17:39 197120 ----a-w- c:\windows\system32\d3d10_1.dll 2011-04-24 17:38 . 2011-04-24 17:38 80384 ----a-w- c:\windows\SysWow64\davclnt.dll 2011-04-24 17:37 . 2011-04-24 17:37 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll 2011-04-24 17:37 . 2011-04-24 17:37 720896 ----a-w- c:\windows\system32\odbc32.dll 2011-04-24 17:37 . 2011-04-24 17:37 573440 ----a-w- c:\windows\SysWow64\odbc32.dll 2011-04-24 17:37 . 2011-04-24 17:37 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll 2011-04-24 17:37 . 2011-04-24 17:37 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll 2011-04-24 17:37 . 2011-04-24 17:37 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll 2011-04-24 17:37 . 2011-04-24 17:37 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll 2011-04-24 17:37 . 2011-04-24 17:37 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll 2011-04-24 17:37 . 2011-04-24 17:37 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll 2011-04-24 17:37 . 2011-04-24 17:37 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2011-04-24 17:33 . 2011-04-24 17:33 294912 ----a-w- c:\windows\system32\browserchoice.exe 2011-04-24 17:26 . 2011-04-24 17:26 -------- d-----w- c:\program files (x86)\IObit 2011-04-24 16:31 . 2011-04-24 16:31 -------- d--h--w- c:\programdata\Common Files 2011-04-24 16:30 . 2011-04-26 19:26 -------- d-----w- c:\programdata\AVG10 2011-04-24 16:29 . 2011-04-24 17:27 -------- d-----w- c:\program files (x86)\AVG 2011-04-24 16:25 . 2011-04-24 16:32 -------- d-----w- c:\programdata\MFAData 2011-04-24 07:25 . 2011-04-25 10:30 -------- d-----w- c:\users\aarontristan 2011-04-24 07:25 . 2011-04-24 07:25 -------- d-----w- c:\program files\PlayReady 2011-04-24 07:25 . 2011-04-24 07:25 -------- d-----w- c:\program files (x86)\Common Files\Protexis 2011-04-24 07:25 . 2011-04-24 07:25 -------- d-----w- c:\programdata\Corel 2011-04-24 07:24 . 2011-04-24 07:24 -------- d-----w- c:\program files (x86)\Common Files\Corel 2011-04-24 07:23 . 2011-04-24 07:23 -------- d-----w- c:\program files (x86)\Corel 2011-04-24 07:23 . 2011-04-24 07:23 -------- d-----w- c:\programdata\Partner 2011-04-24 07:23 . 2011-04-24 07:23 -------- d-----w- c:\program files\Google 2011-04-24 07:23 . 2011-04-24 17:05 -------- d-----w- c:\program files (x86)\Google 2011-04-24 07:21 . 2011-04-24 07:21 -------- d-----w- C:\Recovery 2011-04-24 07:21 . 2011-04-24 07:21 -------- d-sh--we C:\Documents and Settings 2011-04-23 21:03 . 2011-04-23 21:03 -------- d-sh--we c:\programdata\Templates 2011-04-23 21:03 . 2011-04-23 21:03 -------- d-sh--we c:\programdata\Start Menu 2011-04-23 20:56 . 2011-04-23 20:56 -------- d-sh--we c:\programdata\Favorites 2011-04-23 20:56 . 2011-04-23 20:56 -------- d-sh--we c:\programdata\Documents 2011-04-23 20:56 . 2011-04-23 20:56 -------- d-sh--we c:\programdata\Desktop . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-24 15:45 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}] 2011-04-24 07:23 433648 ----a-w- c:\programdata\Partner\Partner.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24 136176] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24 136176] R3 IAMTVE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTVE.sys [x] R3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTXPE.sys [x] R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [x] R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [x] R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2011-04-24 332272] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [x] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2011-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24 07:23] . 2011-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24 07:23] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}] 2011-04-24 07:23 750064 ----a-w- c:\programdata\Partner\Partner64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JAVA"="c:\windows\java.vbs" [2010-11-17 83] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-09 11613288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België . - - - - ORPHANS VERWIJDERD - - - - . Wow6432Node-HKCU-Run-Advanced SystemCare 4 - c:\program files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe SafeBoot-BsScanner AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe . ************************************************************************** . Voltooingstijd: 2011-04-26 21:41:34 - machine werd herstart ComboFix-quarantined-files.txt 2011-04-26 19:41 . Pre-Run: 1.915.605.504.000 bytes beschikbaar Post-Run: 1.915.181.113.344 bytes beschikbaar . - - End Of File - - CAD5EBBFB2EC78936EBA18F6B38151D7

Hey gedaan zoals gezegd maar hij wil combo niet draaien als avg geinstalleerd is (avg wel tijdelijk uitgeschakeld) Zei ook iets van als je betalingen gedaan hebt via combo...dit en combo... dat ??? ga nu voorlopig avg weer inschakelen....pf

aha gelukt moest dat als administrator uitvoeren! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:04:45, on 26/04/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Trend Micro\hijackthis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Advanced SystemCare 4] "C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9323 bytes

Blijkbaar niks gevonden is da goe nieuws?? Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Databaseversie: 6447 Windows 6.1.7600 Internet Explorer 9.0.8112.16421 26/04/2011 11:21:13 mbam-log-2011-04-26 (11-21-13).txt Scantype: Snelle scan Objecten gescand: 153852 Verstreken tijd: 1 minuut/minuten, 17 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd)

nen hele dikke merci hoor!!

goede morgen Hopelijk kunnen jullie mij verder helpen...

Logfile of random's system information tool 1.08 (written by random/random) Run by aarontristan at 2011-04-25 20:55:21 Microsoft Windows 7 Home Premium System drive C: has 1829 GB (98%) free of 1876 GB Total RAM: 4078 MB (47% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:55:45, on 25/04/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\aarontristan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\60FBSVW8\RSIT.exe C:\Program Files (x86)\trend micro\aarontristan.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Advanced SystemCare 4] "C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9754 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16 62376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssie.dll [2011-03-25 2235232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}] Partner BHO Class - C:\ProgramData\Partner\Partner.dll [2011-04-24 433648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-04-24 279664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2011-04-24 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-12-03 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-04-24 279664] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-03 103720] "NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160] "AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2011-02-17 2190688] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072] "Advanced SystemCare 4"=C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2011-04-25 20:47:44 ----D---- C:\rsit 2011-04-25 19:32:43 ----SHD---- C:\Config.Msi 2011-04-25 18:03:23 ----D---- C:\Program Files (x86)\Trend Micro 2011-04-25 12:27:34 ----D---- C:\Windows\Minidump 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\wininet.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\wextract.exe 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\urlmon.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\url.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\msrating.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\msls31.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\mshtmler.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\msfeedssync.exe 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\licmgr10.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\jscript9.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\jscript.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\inseng.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\ieui.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\iesysprep.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\iesetup.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\iertutil.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\iernonce.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\iepeers.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\ieframe.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\iedkcs32.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\ieapfltr.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\ieakeng.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\ie4uinit.exe 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\icardie.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\dxtrans.dll 2011-04-24 20:04:18 ----A---- C:\Windows\SysWOW64\dxtmsft.dll 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\webcheck.dll 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\vbscript.dll 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\pngfilt.dll 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\occache.dll 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\mshtmled.dll 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\mshtml.dll 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\mshta.exe 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\imgutil.dll 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\iexpress.exe 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\ieUnatt.exe 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\ieakui.dll 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\ieaksie.dll 2011-04-24 20:04:17 ----A---- C:\Windows\SysWOW64\admparse.dll 2011-04-24 19:49:58 ----A---- C:\Windows\SysWOW64\dnscacheugc.exe 2011-04-24 19:49:58 ----A---- C:\Windows\SysWOW64\dnsapi.dll 2011-04-24 19:45:16 ----A---- C:\Windows\SysWOW64\atmlib.dll 2011-04-24 19:45:16 ----A---- C:\Windows\SysWOW64\atmfd.dll 2011-04-24 19:44:47 ----A---- C:\Windows\SysWOW64\wininet.dll_old0 2011-04-24 19:44:47 ----A---- C:\Windows\SysWOW64\urlmon.dll_old0 2011-04-24 19:44:47 ----A---- C:\Windows\SysWOW64\iertutil.dll_old0 2011-04-24 19:43:44 ----A---- C:\Windows\SysWOW64\inetcomm.dll 2011-04-24 19:42:37 ----A---- C:\Windows\SysWOW64\mfc42u.dll 2011-04-24 19:42:37 ----A---- C:\Windows\SysWOW64\mfc42.dll 2011-04-24 19:41:43 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll 2011-04-24 19:41:16 ----A---- C:\Windows\SysWOW64\DWrite.dll 2011-04-24 19:41:16 ----A---- C:\Windows\SysWOW64\d2d1.dll 2011-04-24 19:40:59 ----A---- C:\Windows\SysWOW64\mstscax.dll 2011-04-24 19:40:59 ----A---- C:\Windows\SysWOW64\mstsc.exe 2011-04-24 19:40:44 ----A---- C:\Windows\SysWOW64\sbe.dll 2011-04-24 19:40:44 ----A---- C:\Windows\SysWOW64\CPFilters.dll 2011-04-24 19:40:43 ----A---- C:\Windows\SysWOW64\EncDec.dll 2011-04-24 19:40:23 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe 2011-04-24 19:40:23 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe 2011-04-24 19:40:23 ----A---- C:\Windows\SysWOW64\ntdll.dll 2011-04-24 19:40:05 ----A---- C:\Windows\SysWOW64\XpsPrint.dll 2011-04-24 19:39:50 ----A---- C:\Windows\SysWOW64\d3d10_1.dll 2011-04-24 19:39:33 ----A---- C:\Windows\SysWOW64\XpsRasterService.dll 2011-04-24 19:39:33 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll 2011-04-24 19:39:33 ----A---- C:\Windows\SysWOW64\d3d10warp.dll 2011-04-24 19:39:33 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll 2011-04-24 19:39:01 ----A---- C:\Windows\SysWOW64\wcncsvc.dll 2011-04-24 19:38:45 ----A---- C:\Windows\SysWOW64\winhttp.dll 2011-04-24 19:38:45 ----A---- C:\Windows\SysWOW64\WebClnt.dll 2011-04-24 19:38:45 ----A---- C:\Windows\SysWOW64\upnp.dll 2011-04-24 19:38:45 ----A---- C:\Windows\SysWOW64\slwga.dll 2011-04-24 19:38:45 ----A---- C:\Windows\SysWOW64\msxml6.dll 2011-04-24 19:38:45 ----A---- C:\Windows\SysWOW64\msxml3.dll 2011-04-24 19:38:45 ----A---- C:\Windows\SysWOW64\davclnt.dll 2011-04-24 19:38:44 ----A---- C:\Windows\SysWOW64\wscapi.dll 2011-04-24 19:38:11 ----A---- C:\Windows\SysWOW64\kerberos.dll 2011-04-24 19:37:26 ----A---- C:\Windows\SysWOW64\odbc32.dll 2011-04-24 19:26:48 ----D---- C:\Users\aarontristan\AppData\Roaming\IObit 2011-04-24 19:26:47 ----D---- C:\Program Files (x86)\IObit 2011-04-24 19:25:11 ----D---- C:\Users\aarontristan\AppData\Roaming\AVG 2011-04-24 18:32:19 ----D---- C:\Users\aarontristan\AppData\Roaming\AVG10 2011-04-24 18:31:28 ----HD---- C:\ProgramData\Common Files 2011-04-24 18:31:17 ----D---- C:\Windows\SysWOW64\drivers\AVG 2011-04-24 18:30:25 ----D---- C:\ProgramData\AVG10 2011-04-24 18:29:27 ----D---- C:\Program Files (x86)\AVG 2011-04-24 18:25:35 ----D---- C:\ProgramData\MFAData 2011-04-24 09:25:55 ----SHD---- C:\$RECYCLE.BIN 2011-04-24 09:25:48 ----SD---- C:\Users\aarontristan\AppData\Roaming\Microsoft 2011-04-24 09:25:48 ----D---- C:\Users\aarontristan\AppData\Roaming\Media Center Programs 2011-04-24 09:25:48 ----D---- C:\Users\aarontristan\AppData\Roaming\Macromedia 2011-04-24 09:25:09 ----D---- C:\Program Files (x86)\Common Files\Protexis 2011-04-24 09:25:08 ----D---- C:\ProgramData\Corel 2011-04-24 09:24:15 ----D---- C:\Program Files (x86)\Common Files\Corel 2011-04-24 09:23:57 ----D---- C:\Program Files (x86)\Corel 2011-04-24 09:23:40 ----D---- C:\ProgramData\Partner 2011-04-24 09:23:30 ----D---- C:\ProgramData\Google 2011-04-24 09:23:05 ----D---- C:\Program Files (x86)\Google 2011-04-24 09:21:08 ----SHD---- C:\Recovery 2011-04-24 09:21:08 ----SHD---- C:\Documents and Settings 2011-04-24 09:21:00 ----D---- C:\Windows\SoftwareDistribution 2011-04-24 09:07:00 ----ASH---- C:\pagefile.sys 2011-04-24 09:07:00 ----ASH---- C:\hiberfil.sys 2011-04-24 08:38:42 ----D---- C:\Users\aarontristan\AppData\Roaming\Windows Live Writer 2011-04-24 08:32:22 ----D---- C:\Users\aarontristan\AppData\Roaming\Adobe 2011-04-24 08:32:02 ----D---- C:\Users\aarontristan\AppData\Roaming\Google 2011-04-24 08:27:02 ----D---- C:\Users\aarontristan\AppData\Roaming\Intel Corporation 2011-04-24 08:26:12 ----D---- C:\Users\aarontristan\AppData\Roaming\Identities 2011-04-23 23:03:32 ----SHD---- C:\ProgramData\Templates 2011-04-23 23:03:31 ----SHD---- C:\ProgramData\Start Menu 2011-04-23 22:56:18 ----SHD---- C:\ProgramData\Favorites 2011-04-23 22:56:17 ----SHD---- C:\ProgramData\Documents 2011-04-23 22:56:17 ----SHD---- C:\ProgramData\Desktop 2011-04-23 22:56:15 ----SHD---- C:\ProgramData\Application Data ======List of files/folders modified in the last 1 months====== 2011-04-25 22:25:48 ----D---- C:\Windows\winsxs 2011-04-25 22:25:48 ----D---- C:\Windows\Tasks 2011-04-25 22:25:47 ----D---- C:\Windows\SysWOW64\nl-NL 2011-04-25 22:25:47 ----D---- C:\Windows\inf 2011-04-25 22:25:26 ----D---- C:\Windows\registration 2011-04-25 20:55:41 ----D---- C:\Windows\Temp 2011-04-25 20:30:27 ----D---- C:\Windows 2011-04-25 20:30:00 ----RD---- C:\Program Files 2011-04-25 20:27:48 ----SHD---- C:\Windows\Installer 2011-04-25 20:27:38 ----SHD---- C:\System Volume Information 2011-04-25 18:03:23 ----RD---- C:\Program Files (x86) 2011-04-25 17:26:21 ----RSD---- C:\Windows\assembly 2011-04-25 17:26:21 ----D---- C:\Windows\Microsoft.NET 2011-04-25 17:02:39 ----D---- C:\Windows\SysWOW64 2011-04-25 17:02:23 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2011-04-25 12:44:54 ----D---- C:\Program Files (x86)\Windows Live 2011-04-25 12:28:12 ----D---- C:\Windows\Logs 2011-04-25 12:28:06 ----D---- C:\Program Files (x86)\Internet Explorer 2011-04-25 12:27:56 ----D---- C:\Windows\servicing 2011-04-25 12:27:52 ----D---- C:\Windows\System32 2011-04-25 03:40:03 ----D---- C:\Windows\tr-TR 2011-04-25 03:40:03 ----D---- C:\Windows\SysWOW64\XPSViewer 2011-04-25 03:40:03 ----D---- C:\Windows\SysWOW64\winrm 2011-04-25 03:40:02 ----D---- C:\Windows\SysWOW64\WCN 2011-04-25 03:40:02 ----D---- C:\Windows\SysWOW64\wbem 2011-04-25 03:40:01 ----D---- C:\Windows\SysWOW64\tr 2011-04-25 03:39:59 ----D---- C:\Windows\SysWOW64\slmgr 2011-04-25 03:39:58 ----D---- C:\Windows\SysWOW64\pt 2011-04-25 03:39:56 ----D---- C:\Windows\SysWOW64\Printing_Admin_Scripts 2011-04-25 03:39:56 ----D---- C:\Windows\SysWOW64\pl 2011-04-25 03:39:54 ----D---- C:\Windows\SysWOW64\MUI 2011-04-25 03:39:54 ----D---- C:\Windows\SysWOW64\migwiz 2011-04-25 03:39:54 ----D---- C:\Windows\SysWOW64\it 2011-04-25 03:39:51 ----D---- C:\Windows\SysWOW64\hu 2011-04-25 03:39:49 ----D---- C:\Windows\SysWOW64\fr 2011-04-25 03:39:47 ----D---- C:\Windows\SysWOW64\es 2011-04-25 03:39:45 ----D---- C:\Windows\SysWOW64\en 2011-04-25 03:39:44 ----D---- C:\Windows\SysWOW64\el 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\DriverStore 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\drivers\tr-TR 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\drivers\sl-SI 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\drivers\pt-PT 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\drivers\pl-PL 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\drivers\it-IT 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\drivers\hu-HU 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\drivers\fr-FR 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\drivers\es-ES 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\drivers\en-US 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\drivers\el-GR 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\drivers\de-DE 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\drivers\da-DK 2011-04-25 03:39:42 ----D---- C:\Windows\SysWOW64\Dism 2011-04-25 03:39:41 ----D---- C:\Windows\SysWOW64\de 2011-04-25 03:39:40 ----D---- C:\Windows\SysWOW64\da 2011-04-25 03:39:38 ----D---- C:\Windows\SysWOW64\com 2011-04-25 03:38:49 ----D---- C:\Windows\Speech 2011-04-25 03:38:49 ----D---- C:\Windows\sl-SI 2011-04-25 03:38:41 ----D---- C:\Windows\rescache 2011-04-25 03:38:41 ----D---- C:\Windows\pt-PT 2011-04-25 03:38:39 ----D---- C:\Windows\pl-PL 2011-04-25 03:38:32 ----D---- C:\Windows\it-IT 2011-04-25 03:38:30 ----D---- C:\Windows\IME 2011-04-25 03:38:30 ----D---- C:\Windows\hu-HU 2011-04-25 03:38:26 ----D---- C:\Windows\fr-FR 2011-04-25 03:38:26 ----D---- C:\Windows\es-ES 2011-04-25 03:38:26 ----D---- C:\Windows\en-US 2011-04-25 03:38:26 ----D---- C:\Windows\el-GR 2011-04-25 03:38:26 ----D---- C:\Windows\ehome 2011-04-25 03:38:23 ----D---- C:\Windows\de-DE 2011-04-25 03:38:23 ----D---- C:\Windows\da-DK 2011-04-25 03:38:15 ----D---- C:\Windows\AppPatch 2011-04-25 03:38:02 ----D---- C:\Program Files (x86)\Windows Sidebar 2011-04-25 03:38:00 ----D---- C:\Program Files (x86)\Windows Photo Viewer 2011-04-25 03:38:00 ----D---- C:\Program Files (x86)\Windows Media Player 2011-04-25 03:37:59 ----D---- C:\Program Files (x86)\Windows Mail 2011-04-25 03:37:59 ----D---- C:\Program Files (x86)\Windows Defender 2011-04-25 03:37:58 ----D---- C:\Program Files (x86)\Common Files\System 2011-04-24 20:05:19 ----D---- C:\Windows\SysWOW64\sl-SI 2011-04-24 20:05:19 ----D---- C:\Windows\SysWOW64\pt-PT 2011-04-24 20:05:19 ----D---- C:\Windows\SysWOW64\pl-PL 2011-04-24 20:05:19 ----D---- C:\Windows\SysWOW64\it-IT 2011-04-24 20:05:19 ----D---- C:\Windows\SysWOW64\hu-HU 2011-04-24 20:05:18 ----D---- C:\Windows\SysWOW64\tr-TR 2011-04-24 20:05:18 ----D---- C:\Windows\SysWOW64\migration 2011-04-24 20:05:18 ----D---- C:\Windows\SysWOW64\fr-FR 2011-04-24 20:05:18 ----D---- C:\Windows\SysWOW64\es-ES 2011-04-24 20:05:18 ----D---- C:\Windows\SysWOW64\en-US 2011-04-24 20:05:18 ----D---- C:\Windows\SysWOW64\el-GR 2011-04-24 20:05:18 ----D---- C:\Windows\SysWOW64\de-DE 2011-04-24 20:05:18 ----D---- C:\Windows\SysWOW64\da-DK 2011-04-24 20:05:11 ----D---- C:\Windows\PolicyDefinitions 2011-04-24 19:32:59 ----D---- C:\Windows\debug 2011-04-24 19:25:11 ----AD---- C:\ProgramData\Temp 2011-04-24 18:33:30 ----HD---- C:\ProgramData 2011-04-24 18:33:22 ----D---- C:\Windows\Prefetch 2011-04-24 18:31:17 ----D---- C:\Windows\SysWOW64\drivers 2011-04-24 18:28:51 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2011-04-24 12:26:56 ----D---- C:\Windows\SysWOW64\sysprep 2011-04-24 12:26:56 ----D---- C:\Windows\SysWOW64\drivers\UMDF 2011-04-24 09:25:48 ----RD---- C:\Users 2011-04-24 09:25:09 ----D---- C:\Program Files (x86)\Common Files 2011-04-24 09:24:37 ----RSD---- C:\Windows\Fonts 2011-04-24 09:21:19 ----D---- C:\Windows\Panther 2011-04-24 09:21:09 ----SD---- C:\ProgramData\Microsoft 2011-04-24 09:09:16 ----D---- C:\Windows\SysWOW64\RTCOM 2011-03-31 17:10:14 ----D---- C:\Backup My Data ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [] R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [] R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [] R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%; C:\Windows\system32\DRIVERS\RTL8192su.sys [] S3 IAMTVE;Driver for Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTVE.sys [] S3 IAMTXPE;Driver for Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTXPE.sys [] S3 ioatdma1;ioatdma1; C:\Windows\System32\Drivers\qd162x64.sys [] S3 ioatdma2;Intel® QuickData Technology device ver.2; C:\Windows\System32\Drivers\qd262x64.sys [] S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [] S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2011-02-08 2707512] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-02-15 7421280] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [] R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [] R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-24 182768] S3 Partner Service;Partner Service; C:\ProgramData\Partner\Partner.exe [2011-04-24 332272] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF----------------- ---------- Post toegevoegd om 21:00 ---------- Vorige post was om 20:58 ---------- is dit juist?? hoop dat ik hier geen dommeteiten uitsteek! krijg slechts één file?

pff misschien kan ik er beter af blijven, ik vind dat bestand niet terug en de pc ook niet en als ik nu nog op hijackthis klik zegt hij this program is still running maar ik vind nergens iets terug....

sorry maar ben nog zo groen achter mijn oren hij opent kladblok als ik hijackthis laat lopen en dan zegt hij dat hij die program file (x86) niet kan vinden en kladblok blijft leeg? ---------- Post toegevoegd om 19:21 ---------- Vorige post was om 19:13 ---------- for some reason your system denied write access to the hosts file if any hijacked domains are in this file, hijackthis will not be able to fix this if it happens you need to edit the file yourself to do this click start run and type : notepad c:\Windows\System32\drivers\etc\hosts ??

hey is ondertussen gelukt en heb logbestand, er opent zich inderdaad een kladblok maar daar komt niks op, en ik kan die logfile niet kopieren?of vind ik dit ergens anders terug??

Ondertussen terug thuis... Als ik die hijack this wil laten lopen dan geeft mijn pc allerhande verwittigingen, dit kan schade toebrengen aan pc, couldn't verified enzo??

Ik heb advanced system care gebruikt... Bij de crash dit weekend was er plots een zwart scherm met enkel de melding : weet niet meer volledig, choose boot device of zoiets, press any key steeds opnieuw, via usb zat er nog een card reader in pc, heb dit verwijderd en toen kreeg ik plots restore en dan is hij via cyberlinck volledig opnieuw opgestart, na uren is hij(of zij) terug opgestart maar alles alle instellingen waren weg... spannend...

Hey, ik zal deze avond eens kijken of dit lukt...klinkt ingewikkeld maar .... Mijn zoon speelt meestal op spelletjes nl en mijn man snooker online via facebook... Gisteren zo'n schoonmaak programma laten lopen, héééél veel fouten zowel trojan als privacy als registerfouten enzo groetjes

Hey, ik ben hier nieuw op het forum maar hopelijk kunnen jullie mij van een aantal frustraties afhelpen grrr:embarassed: Een maandje geleden kochten wij een nieuwe pc uit den lidl(of was het aldi) een medion, nadat onze laptop het had begeven.. Maar ondertussen zitten we alweer met een heel pak problemen, dit weekend was hij volledig gecrasht, is via cyberlink restore terug opgestart.. Ik heb er een AVG virusbeschermer opzitten, en na die crash ook een windows programma om de pc schoon te houden... Deze ochtend alweer problemen, weer systeemherstel! Blijkbaar hebben we steeds problemen na het spelen van spelletjes, kan iemand ons helpen?? Met vriendelijke frustratie groetjes:-)