Thuurke

Ik heb ook een ipad en mijn router is een bbox 2 van Belgacom en ik heb er nog geeneen probleem mee ondervonden. Het is wel de oudste ipad, ipad 1 Maar dat doet er niet toe, denk ik.

Beste, Even een update: Mijn pc herkent wel het 'netwerk 3' als ik hem op mijn kamer aansluit (via de router) => al een goed begin. Maar 'netwerk 3' heeft wel geen internettoegang, maar het lampje op de rangebooster van Internet brandt wel. Ik heb geen CD/DVD van de (oude) router, maar het type is: Linksys rangebooster Model No WRT54GR ver 1.1 Gr Arthur

Beste, Voor mijn (school)werk wenste ik internet op mijn kamer (ik heb daar zo'n aansluiting met nummer 3) Dus ik heb op de benedenverdieping in het kastje (waar alles staat van internet en telefonie) een kabel van de hoofdbox van belgacom naar internetstopcontact nummer 3 verbonden in het kastje. nu heb ik boven een (oude) wireless rangebooster gevonden en daarmee het stopcontact in mijn kamer aangesloten en volgens dat toestel was er daar internet. goed...ik bracht dus de laptop naar boven om uit te proberen maar de laptop herkende blijkbaar geen netwerk via kabel. ik heb het al ook eens geprobeerd een kabel rechtstreeks van de muur in het toestel en met een 'tussenstop' in de rangebooster. beide manieren lukken blijkbaar niet, iemand een idee? Alvast bedankt Arthur (ps beneden hebben we een bbox2 router verbonden met een hele apotheek en met slotje nr 1)

Ok, dankje

Hallo, Bij mijn grootvader heeft per ongelijk zijn telenet configuratie van thunderbird weggegooid. Kunnen jullie even kort vermelden hoe ik die configuratie van telenet weer moet instellen? Arthur

Beste, GELUKT. ik kan weer een normaal account openen (standaardaccount) Ik heb gewoon gedaan wat je zei (met ccleaner) en als kers op de taart heb ik nog windows instellingen (gereset) met winoptimiser en alles ging weer. ECHT BEDANKT Arthur

Gedaan, wat nu??

Eerst twee opmerkingen: - Ik heb Avast antivirus alle schilden uitgeschakelt, maar toen ik het logje in combofix sleepte was het weer van dan antivirus niet uitgeschakelt was maar ik heb OK geklikt. - Zoals twee keer komt er na de heropstart van de pc en combofix is teneinde: 'Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering' toen ik Chrome startte. Ik heb de pc dan afgemeld en weer aangemeld en dan kon ik Chrome starten. Hier het logje: ComboFix 12-03-14.01 - HP 15/03/2012 12:16:27.11.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4063.2792 [GMT 1:00] Gestart vanuit: c:\users\HP\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\HP\Desktop\CFScript.txt AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . FILE :: "c:\windows\AutoKMS.exe" "c:\windows\KMSEmulator.exe" "c:\windows\SysWow64\sho984B.tmp" "c:\windows\Tasks\AutoKMS.job" "c:\windows\Tasks\AutoKMSDaily.job" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\AutoKMS.exe c:\windows\KMSEmulator.exe c:\windows\SysWow64\sho984B.tmp c:\windows\Tasks\AutoKMS.job c:\windows\Tasks\AutoKMSDaily.job . . (((((((((((((((((((( Bestanden Gemaakt van 2012-02-15 to 2012-03-15 )))))))))))))))))))))))))))))) . . 2012-03-14 20:52 . 2012-03-14 20:55 -------- d-----w- c:\users\HP\AppData\Roaming\.minecraft 2012-03-14 20:47 . 2012-03-14 20:47 -------- d-----w- c:\users\HP\AppData\Roaming\MinecraftTools 2012-03-13 11:38 . 2012-03-13 11:38 -------- d-----w- c:\program files\iPod 2012-03-13 11:38 . 2012-03-13 11:39 -------- d-----w- c:\program files\iTunes 2012-03-13 11:38 . 2012-03-13 11:39 -------- d-----w- c:\program files (x86)\iTunes 2012-03-13 05:52 . 2012-03-01 12:21 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{848807DD-64CE-4EAA-83F4-A95FE84F3609}\mpengine.dll 2012-03-12 16:41 . 2012-03-12 16:41 388096 ----a-r- c:\users\HP\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-11 10:34 . 2012-03-14 17:53 -------- d-----w- c:\users\HP\AppData\Roaming\.spoutcraft 2012-03-11 09:58 . 2012-03-11 09:58 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2012-03-10 18:36 . 2012-03-10 18:36 -------- d-----w- c:\program files (x86)\Scratch 2012-03-10 18:30 . 2012-03-10 18:30 -------- d-----w- c:\programdata\MediaMonkey 2012-03-10 18:30 . 2012-03-10 18:31 -------- d-----w- c:\users\HP\AppData\Roaming\MediaMonkey 2012-03-09 20:04 . 2012-03-09 20:04 -------- d-----w- c:\program files (x86)\Microsoft Works 2012-03-09 20:02 . 2012-03-09 20:02 -------- d-----w- c:\program files\CCleaner 2012-03-09 19:45 . 2012-03-09 20:00 -------- d-----w- C:\MATS 2012-03-09 19:22 . 2012-03-09 19:22 -------- d-----w- c:\windows\PCHEALTH 2012-03-09 17:57 . 2009-08-24 20:13 34304 ----a-w- c:\windows\system32\DfSdkBt.exe 2012-03-09 17:57 . 2012-03-09 17:57 -------- d-----w- c:\program files (x86)\Ashampoo 2012-03-09 11:33 . 2012-03-09 11:33 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-03-09 11:33 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-23 08:18 . 2010-11-01 18:22 279656 ------w- c:\windows\system32\MpSigStub.exe 2011-12-21 08:18 . 2011-12-21 08:18 66048 ----a-w- c:\windows\SysWow64\VCLSMP50.bpl 2011-12-21 08:18 . 2011-12-21 08:18 26624 ----a-w- c:\windows\SysWow64\ssmenu.dll 2011-12-21 08:18 . 2011-12-21 08:18 248832 ----a-w- c:\windows\SysWow64\VCLX50.bpl 2011-12-21 08:18 . 2011-12-21 08:18 2020864 ----a-w- c:\windows\SysWow64\VCL50.bpl 2011-12-21 07:40 . 2010-11-12 19:54 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-03-13_12.08.15 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-03-13 12:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-03-15 11:30 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-03-13 12:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-03-15 11:30 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-03-13 12:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-03-15 11:30 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-11-01 19:41 . 2012-03-15 11:32 67788 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-03-15 11:32 44980 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-11-01 19:09 . 2012-03-15 11:32 16702 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1561261077-3936807583-1715766741-1000_UserData.bin + 2010-11-08 20:23 . 2012-03-13 13:28 3376 c:\windows\system32\wdi\ERCQueuedResolutions.dat - 2010-11-08 20:23 . 2012-03-11 20:53 3376 c:\windows\system32\wdi\ERCQueuedResolutions.dat - 2012-03-13 12:06 . 2012-03-13 12:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-03-15 11:29 . 2012-03-15 11:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-03-15 11:29 . 2012-03-15 11:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-03-13 12:06 . 2012-03-13 12:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 09:16 . 2012-03-12 19:11 706350 c:\windows\system32\perfh013.dat + 2009-07-14 09:16 . 2012-03-14 16:11 706350 c:\windows\system32\perfh013.dat - 2009-07-14 02:36 . 2012-03-12 19:11 620384 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-03-14 16:11 620384 c:\windows\system32\perfh009.dat - 2009-07-14 09:16 . 2012-03-12 19:11 136120 c:\windows\system32\perfc013.dat + 2009-07-14 09:16 . 2012-03-14 16:11 136120 c:\windows\system32\perfc013.dat - 2009-07-14 02:36 . 2012-03-12 19:11 108566 c:\windows\system32\perfc009.dat + 2009-07-14 02:36 . 2012-03-14 16:11 108566 c:\windows\system32\perfc009.dat + 2009-07-14 05:01 . 2012-03-15 11:28 284972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2012-03-13 12:05 284972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2010-11-03 21:06 . 2012-03-15 11:28 5299336 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1561261077-3936807583-1715766741-1000-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "chromium"="c:\users\HP\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-03-10 1049072] "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-06 421736] . c:\users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 0 (0x0) "NoFileAssociate"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-15 136176] R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x] R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896] R3 cpuz134;cpuz134;c:\program files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [x] R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-15 136176] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc Akamai REG_MULTI_SZ Akamai . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}] 2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe . Inhoud van de 'Gedeelde Taken' map . 2012-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-15 16:37] . 2012-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-15 16:37] . 2012-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1561261077-3936807583-1715766741-1000Core.job - c:\users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-23 16:29] . 2012-03-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1561261077-3936807583-1715766741-1000UA.job - c:\users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-23 16:29] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm IE: Free YouTube to Mp3 Converter - c:\users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\31z2ozdb.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p= FF - prefs.js: network.proxy.type - 0 FF - user.js: browser.blink_allowed - true FF - user.js: network.prefetch-next - true FF - user.js: nglayout.initialpaint.delay - 250 FF - user.js: layout.spellcheckDefault - 1 FF - user.js: browser.urlbar.autoFill - false FF - user.js: browser.search.openintab - false FF - user.js: browser.tabs.closeButtons - 1 FF - user.js: browser.tabs.opentabfor.middleclick - true FF - user.js: browser.tabs.tabMinWidth - 100 FF - user.js: browser.urlbar.hideGoButton - false . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) Toolbar-!{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) Toolbar-!{87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file) . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai] "ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe . ************************************************************************** . Voltooingstijd: 2012-03-15 12:40:11 - machine werd herstart ComboFix-quarantined-files.txt 2012-03-15 11:40 ComboFix2.txt 2012-03-14 19:51 ComboFix3.txt 2012-03-14 11:34 ComboFix4.txt 2012-03-13 12:24 ComboFix5.txt 2012-03-15 11:13 . Pre-Run: 212.375.711.744 bytes beschikbaar Post-Run: 212.024.045.568 bytes beschikbaar . - - End Of File - - A5311C79F7733DE6E042CA30DF09BA4A ---------- Post toegevoegd om 12:48 ---------- Vorige post was om 12:46 ---------- Ah, maar dat was in normale modus, vergeten veilige te doen. Maar misschien is het opgelost, ik wacht tot uw antwoord.

Opnieuw een soort fout dat je geen programma's kon openen door iets van het register, maar is na afmelden gelukt. Hier is het logje: ComboFix 12-03-14.01 - HP 14/03/2012 20:32:53.10.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4063.2651 [GMT 1:00] Gestart vanuit: c:\users\HP\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\HP\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\AutoKMS.exe" "c:\windows\SysWow64\sho984B.tmp" "c:\windows\Tasks\AutoKMS.job" "c:\windows\Tasks\AutoKMSDaily.job" . . (((((((((((((((((((( Bestanden Gemaakt van 2012-02-14 to 2012-03-14 )))))))))))))))))))))))))))))) . . 2012-03-13 19:55 . 2012-03-13 19:56 -------- d-----w- c:\users\HP\AppData\Roaming\.minecraft 2012-03-13 16:50 . 2012-03-13 16:50 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{848807DD-64CE-4EAA-83F4-A95FE84F3609}\offreg.dll 2012-03-13 11:38 . 2012-03-13 11:38 -------- d-----w- c:\program files\iPod 2012-03-13 11:38 . 2012-03-13 11:39 -------- d-----w- c:\program files\iTunes 2012-03-13 11:38 . 2012-03-13 11:39 -------- d-----w- c:\program files (x86)\iTunes 2012-03-13 05:52 . 2012-03-01 12:21 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{848807DD-64CE-4EAA-83F4-A95FE84F3609}\mpengine.dll 2012-03-12 19:39 . 2012-03-14 19:45 78848 ----a-w- c:\windows\KMSEmulator.exe 2012-03-12 16:41 . 2012-03-12 16:41 388096 ----a-r- c:\users\HP\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-11 10:34 . 2012-03-14 17:53 -------- d-----w- c:\users\HP\AppData\Roaming\.spoutcraft 2012-03-11 09:58 . 2012-03-11 09:58 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2012-03-10 18:36 . 2012-03-10 18:36 -------- d-----w- c:\program files (x86)\Scratch 2012-03-10 18:30 . 2012-03-10 18:30 -------- d-----w- c:\programdata\MediaMonkey 2012-03-10 18:30 . 2012-03-10 18:31 -------- d-----w- c:\users\HP\AppData\Roaming\MediaMonkey 2012-03-09 21:30 . 2012-03-09 21:30 0 ----a-w- c:\windows\SysWow64\sho984B.tmp 2012-03-09 20:04 . 2012-03-09 20:04 -------- d-----w- c:\program files (x86)\Microsoft Works 2012-03-09 20:02 . 2012-03-09 20:02 -------- d-----w- c:\program files\CCleaner 2012-03-09 19:45 . 2012-03-09 20:00 -------- d-----w- C:\MATS 2012-03-09 19:22 . 2012-03-09 19:22 -------- d-----w- c:\windows\PCHEALTH 2012-03-09 17:57 . 2009-08-24 20:13 34304 ----a-w- c:\windows\system32\DfSdkBt.exe 2012-03-09 17:57 . 2012-03-09 17:57 -------- d-----w- c:\program files (x86)\Ashampoo 2012-03-09 15:42 . 2012-03-09 15:42 647168 ----a-w- c:\windows\AutoKMS.exe 2012-03-09 11:33 . 2012-03-09 11:33 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-03-09 11:33 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-23 08:18 . 2010-11-01 18:22 279656 ------w- c:\windows\system32\MpSigStub.exe 2011-12-21 08:18 . 2011-12-21 08:18 66048 ----a-w- c:\windows\SysWow64\VCLSMP50.bpl 2011-12-21 08:18 . 2011-12-21 08:18 26624 ----a-w- c:\windows\SysWow64\ssmenu.dll 2011-12-21 08:18 . 2011-12-21 08:18 248832 ----a-w- c:\windows\SysWow64\VCLX50.bpl 2011-12-21 08:18 . 2011-12-21 08:18 2020864 ----a-w- c:\windows\SysWow64\VCL50.bpl 2011-12-21 07:40 . 2010-11-12 19:54 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-03-13_12.08.15 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-03-13 12:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-03-14 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-03-13 12:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-03-14 19:45 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-03-13 12:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-03-14 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-11-01 19:41 . 2012-03-14 16:07 67416 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-03-14 16:07 44900 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-11-01 19:09 . 2012-03-14 16:07 16670 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1561261077-3936807583-1715766741-1000_UserData.bin + 2010-11-08 20:23 . 2012-03-13 13:28 3376 c:\windows\system32\wdi\ERCQueuedResolutions.dat - 2010-11-08 20:23 . 2012-03-11 20:53 3376 c:\windows\system32\wdi\ERCQueuedResolutions.dat - 2012-03-13 12:06 . 2012-03-13 12:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-03-14 19:44 . 2012-03-14 19:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-03-14 19:44 . 2012-03-14 19:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-03-13 12:06 . 2012-03-13 12:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 09:16 . 2012-03-12 19:11 706350 c:\windows\system32\perfh013.dat + 2009-07-14 09:16 . 2012-03-14 16:11 706350 c:\windows\system32\perfh013.dat - 2009-07-14 02:36 . 2012-03-12 19:11 620384 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-03-14 16:11 620384 c:\windows\system32\perfh009.dat - 2009-07-14 09:16 . 2012-03-12 19:11 136120 c:\windows\system32\perfc013.dat + 2009-07-14 09:16 . 2012-03-14 16:11 136120 c:\windows\system32\perfc013.dat - 2009-07-14 02:36 . 2012-03-12 19:11 108566 c:\windows\system32\perfc009.dat + 2009-07-14 02:36 . 2012-03-14 16:11 108566 c:\windows\system32\perfc009.dat + 2009-07-14 05:01 . 2012-03-14 19:43 284972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2012-03-13 12:05 284972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2010-11-03 21:06 . 2012-03-14 19:43 5195632 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1561261077-3936807583-1715766741-1000-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "chromium"="c:\users\HP\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-03-10 1049072] "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-06 421736] . c:\users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Steam.lnk - c:\program files (x86)\Steam\Steam.exe [2011-3-16 1242448] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 0 (0x0) "NoFileAssociate"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-15 136176] R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x] R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896] R3 cpuz134;cpuz134;c:\program files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [x] R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-15 136176] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc Akamai REG_MULTI_SZ Akamai . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}] 2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe . Inhoud van de 'Gedeelde Taken' map . 2012-03-14 c:\windows\Tasks\AutoKMS.job - c:\windows\AutoKMS.exe [2012-03-09 15:42] . 2012-03-14 c:\windows\Tasks\AutoKMSDaily.job - c:\windows\AutoKMS.exe [2012-03-09 15:42] . 2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-15 16:37] . 2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-15 16:37] . 2012-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1561261077-3936807583-1715766741-1000Core.job - c:\users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-23 16:29] . 2012-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1561261077-3936807583-1715766741-1000UA.job - c:\users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-23 16:29] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm IE: Free YouTube to Mp3 Converter - c:\users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\31z2ozdb.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p= FF - prefs.js: network.proxy.type - 0 FF - user.js: browser.blink_allowed - true FF - user.js: network.prefetch-next - true FF - user.js: nglayout.initialpaint.delay - 250 FF - user.js: layout.spellcheckDefault - 1 FF - user.js: browser.urlbar.autoFill - false FF - user.js: browser.search.openintab - false FF - user.js: browser.tabs.closeButtons - 1 FF - user.js: browser.tabs.opentabfor.middleclick - true FF - user.js: browser.tabs.tabMinWidth - 100 FF - user.js: browser.urlbar.hideGoButton - false . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) Toolbar-!{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) Toolbar-!{87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file) . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai] "ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe . ************************************************************************** . Voltooingstijd: 2012-03-14 20:51:51 - machine werd herstart ComboFix-quarantined-files.txt 2012-03-14 19:51 ComboFix2.txt 2012-03-14 11:34 ComboFix3.txt 2012-03-13 12:24 ComboFix4.txt 2011-07-23 15:58 . Pre-Run: 209.175.625.728 bytes beschikbaar Post-Run: 209.027.448.832 bytes beschikbaar . - - End Of File - - 035D2CBB0B8B1D1EC027CAA76F8F1507

Ok, ik heb het uitgevoerd als administrator, na het proces is de pc automatisch afgesloten en opgestart en als ik dan iets wou open (bv google chrome) dan staat er iets van ongeldige registersleutel en kan ik dus niet openen. Dus ik heb de pc afgemeldt en weer aangemeldt en het logje gezocht. Het resultaat: ComboFix 12-03-13.01 - HP 14/03/2012 12:18:58.9.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4063.2626 [GMT 1:00] Gestart vanuit: c:\users\HP\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-02-14 to 2012-03-14 )))))))))))))))))))))))))))))) . . 2012-03-13 19:55 . 2012-03-13 19:56 -------- d-----w- c:\users\HP\AppData\Roaming\.minecraft 2012-03-13 16:50 . 2012-03-13 16:50 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{848807DD-64CE-4EAA-83F4-A95FE84F3609}\offreg.dll 2012-03-13 11:38 . 2012-03-13 11:38 -------- d-----w- c:\program files\iPod 2012-03-13 11:38 . 2012-03-13 11:39 -------- d-----w- c:\program files\iTunes 2012-03-13 11:38 . 2012-03-13 11:39 -------- d-----w- c:\program files (x86)\iTunes 2012-03-13 05:52 . 2012-03-01 12:21 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{848807DD-64CE-4EAA-83F4-A95FE84F3609}\mpengine.dll 2012-03-12 19:39 . 2012-03-14 11:29 78848 ----a-w- c:\windows\KMSEmulator.exe 2012-03-12 16:41 . 2012-03-12 16:41 388096 ----a-r- c:\users\HP\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-11 10:34 . 2012-03-13 17:16 -------- d-----w- c:\users\HP\AppData\Roaming\.spoutcraft 2012-03-11 09:58 . 2012-03-11 09:58 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2012-03-10 18:36 . 2012-03-10 18:36 -------- d-----w- c:\program files (x86)\Scratch 2012-03-10 18:30 . 2012-03-10 18:30 -------- d-----w- c:\programdata\MediaMonkey 2012-03-10 18:30 . 2012-03-10 18:31 -------- d-----w- c:\users\HP\AppData\Roaming\MediaMonkey 2012-03-09 21:30 . 2012-03-09 21:30 0 ----a-w- c:\windows\SysWow64\sho984B.tmp 2012-03-09 20:04 . 2012-03-09 20:04 -------- d-----w- c:\program files (x86)\Microsoft Works 2012-03-09 20:02 . 2012-03-09 20:02 -------- d-----w- c:\program files\CCleaner 2012-03-09 19:45 . 2012-03-09 20:00 -------- d-----w- C:\MATS 2012-03-09 19:22 . 2012-03-09 19:22 -------- d-----w- c:\windows\PCHEALTH 2012-03-09 17:57 . 2009-08-24 20:13 34304 ----a-w- c:\windows\system32\DfSdkBt.exe 2012-03-09 17:57 . 2012-03-09 17:57 -------- d-----w- c:\program files (x86)\Ashampoo 2012-03-09 15:42 . 2012-03-09 15:42 647168 ----a-w- c:\windows\AutoKMS.exe 2012-03-09 11:33 . 2012-03-09 11:33 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-03-09 11:33 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-23 08:18 . 2010-11-01 18:22 279656 ------w- c:\windows\system32\MpSigStub.exe 2011-12-21 08:18 . 2011-12-21 08:18 66048 ----a-w- c:\windows\SysWow64\VCLSMP50.bpl 2011-12-21 08:18 . 2011-12-21 08:18 26624 ----a-w- c:\windows\SysWow64\ssmenu.dll 2011-12-21 08:18 . 2011-12-21 08:18 248832 ----a-w- c:\windows\SysWow64\VCLX50.bpl 2011-12-21 08:18 . 2011-12-21 08:18 2020864 ----a-w- c:\windows\SysWow64\VCL50.bpl 2011-12-21 07:40 . 2010-11-12 19:54 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-03-13_12.08.15 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-03-13 12:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-03-14 11:01 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-03-13 12:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-03-14 11:01 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-03-13 12:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-03-14 11:01 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-11-01 19:41 . 2012-03-14 11:02 67218 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-03-14 11:02 44782 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-11-01 19:09 . 2012-03-14 11:02 16646 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1561261077-3936807583-1715766741-1000_UserData.bin - 2010-11-08 20:23 . 2012-03-11 20:53 3376 c:\windows\system32\wdi\ERCQueuedResolutions.dat + 2010-11-08 20:23 . 2012-03-13 13:28 3376 c:\windows\system32\wdi\ERCQueuedResolutions.dat - 2012-03-13 12:06 . 2012-03-13 12:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-03-14 11:28 . 2012-03-14 11:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-03-13 12:06 . 2012-03-13 12:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-03-14 11:28 . 2012-03-14 11:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 05:01 . 2012-03-13 12:05 284972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-03-14 11:27 284972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2010-11-03 21:06 . 2012-03-14 11:27 5195632 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1561261077-3936807583-1715766741-1000-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "chromium"="c:\users\HP\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-03-10 1049072] "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-06 421736] . c:\users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Steam.lnk - c:\program files (x86)\Steam\Steam.exe [2011-3-16 1242448] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 0 (0x0) "NoFileAssociate"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-15 136176] R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x] R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896] R3 cpuz134;cpuz134;c:\program files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [x] R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-15 136176] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x] R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc Akamai REG_MULTI_SZ Akamai . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}] 2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe . Inhoud van de 'Gedeelde Taken' map . 2012-03-14 c:\windows\Tasks\AutoKMS.job - c:\windows\AutoKMS.exe [2012-03-09 15:42] . 2012-03-14 c:\windows\Tasks\AutoKMSDaily.job - c:\windows\AutoKMS.exe [2012-03-09 15:42] . 2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-15 16:37] . 2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-15 16:37] . 2012-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1561261077-3936807583-1715766741-1000Core.job - c:\users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-23 16:29] . 2012-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1561261077-3936807583-1715766741-1000UA.job - c:\users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-23 16:29] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm IE: Free YouTube to Mp3 Converter - c:\users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\31z2ozdb.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p= FF - prefs.js: network.proxy.type - 0 FF - user.js: browser.blink_allowed - true FF - user.js: network.prefetch-next - true FF - user.js: nglayout.initialpaint.delay - 250 FF - user.js: layout.spellcheckDefault - 1 FF - user.js: browser.urlbar.autoFill - false FF - user.js: browser.search.openintab - false FF - user.js: browser.tabs.closeButtons - 1 FF - user.js: browser.tabs.opentabfor.middleclick - true FF - user.js: browser.tabs.tabMinWidth - 100 FF - user.js: browser.urlbar.hideGoButton - false . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) Toolbar-!{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) Toolbar-!{87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file) . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai] "ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe . ************************************************************************** . Voltooingstijd: 2012-03-14 12:34:43 - machine werd herstart ComboFix-quarantined-files.txt 2012-03-14 11:34 ComboFix2.txt 2012-03-13 12:24 ComboFix3.txt 2011-07-23 15:58 . Pre-Run: 212.002.172.928 bytes beschikbaar Post-Run: 211.933.614.080 bytes beschikbaar . - - End Of File - - 74916EA60F52C3A6ED90C16C7E1E09BA

Neen, ik heb systeemherstelgedaan naar 1/01/12

Dit was dan toch al gebeurd?

Beste, Ik vertrouw deze zaakjes niet echt, bij het runnen van combofix en dan die foutmelding piept de pc 1 keer. We hebben al veel in panne gezeten met de pc dus ik wil niet noch eens. De vorige keer dat we de laptop binnen gedaan hebben voor onderhoud zei de pc-hersteller dat dit probleem van het aanmelden van een tweede account aan het register lag. We konden toen de pc herinstalleren zodat het register gereset wordt of gewoon met het probleem blijven zitten. Kunnen jullie niet juist het register onderzoeken /mij dingen laten bijvoegen,... in de plaats van combofix, hjackthis te doen of zo?? Ik ken er niet echt veel van, maar jullie zullen wel weten wat te doen:top: Dit is zeker GEEN verwijt naar jullie toe!!! Thuurke

HijackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:25:18, on 12/03/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe C:\Program Files (x86)\Steam\steam.exe C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\HP\Desktop\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [chromium] C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window O4 - HKUS\S-1-5-21-1561261077-3936807583-1715766741-1006\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1561261077-3936807583-1715766741-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Steam.lnk = C:\Program Files (x86)\Steam\Steam.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Microsoft Office\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/Magic%20Ball%204/Images/stg_drm.ocx O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files%20(x86)/Magic%20Ball%204/Images/armhelper.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - (no file) O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10223 bytes ---------- Post toegevoegd om 20:41 ---------- Vorige post was om 20:40 ---------- MalwareBytes Malwarebytes Anti-Malware 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.03.09.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 HP :: HP-PC [administrator] 12/03/2012 20:26:12 mbam-log-2012-03-12 (20-26-12).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 342124 Verstreken tijd: 8 minuut/minuten, 2 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\HP\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:45:36, on 12/03/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{8540E6BF-0C6F-4E98-B105-6D5C7912B9C3} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [chromium] C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window O4 - HKUS\S-1-5-21-1561261077-3936807583-1715766741-1006\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1561261077-3936807583-1715766741-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Steam.lnk = C:\Program Files (x86)\Steam\Steam.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file) O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Microsoft Office\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/Magic%20Ball%204/Images/stg_drm.ocx O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files%20(x86)/Magic%20Ball%204/Images/armhelper.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - (no file) O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10740 bytes

Beste, Wanneer ik het windows gastaccount inschakel en ik meldt aan op dat gastaccount, dan toont de pc aanmelden, bureaublad voorbereiden en dan meldt het account zich direct weer af. Dit proces gebeurt ook met standaardaccounts, niet met administratoraccounts. Kortom er is iets dat het aanmelden verhindert. Volgens mij is er iets mis in het register van windows, maar geen idee wat. Thuurke

Maar goed, ik heb die generator verwijderd van mijn pc omdat ik veel slechte opmerkingen daarover gelezen heb op het internet en omdat ik niet weer wil dat mijn pc op een of ander manier traag zou gaan door illegale dingen. Ik zal jullie niet meer lastigvallen van office 2010, ik zal nu mijn office 2007 (standaard gekochte) verder gebruiken. Ik heb familie met office 2010, daar kan ik dan gaan 'testen'. toch bedankt voor jullie hulp!

Die soort van generator heeft iemand op mij pc gezet, maar ik wist niet waarvoor het diende. Is dit een goed iets of een slecht iets ( dan verwijder ik het meteen)? Office 2007 heb ik gekocht

Beste, Het zit namelijk zo: 2 jaar geleden kocht ik mijn laptop met win 7 home premium (standaard). Tamelijk recent probeerde ik win 7 professional te downloaden op het internet en te activeren met windows loader. Maar deze week kwam ik tot besef dat mijn pc trager werkte met win7 pro en heb ik weer de home premium gezet door middel van systeemherstel van begin dit jaar (ook omdat mijn pc niet meer opstartte) ------------------------------------------------------------------------------------------------------------------ Nu heb ik een logje van Speccy gemaakt: ​http://speccy.piriform.com/results/dPyAGG1OsHbFXyOY7oxRYZy

Fix it is al gepasseerd, ccleaner had ik al, dus is gebeurd. maar weer dezelfde fout bij het installeren.

Beste, Je begrijpt het niet, sorry vr de verwarring: admins blokkeerden/verwijderden mijn topics omdat ik win7 pro op een illegale manier gedownloaded heb. ik zit dit tekstje van win7 erbij zodat ze weten dat ik geOon weer home premium heb (dat zat bij mijn laptop) Mijn vraag is gewoon die van office 2010, ze zeggen dat er al trial versies op mijn pc zijn geinstalleerd, maar ik vind geen office 2010 programmas op mijn pc. kan iemand helpen? ---------- Post toegevoegd om 17:53 ---------- Vorige post was om 17:52 ---------- De trial versie van office en de code haalde ik op de website van microsoft

Eerst wil ik iets zeggen (vooraleer u mijn topic sluit): windows 7 professional heb ik gedeinstalleerd en weer home premium gezet (standaard) om verdere problemen met winows te voorkomen. Zoals de titel het zegt heb ik een installatiefout als ik office 2010 trial installeer: Arthur

Hallo, Op mijn pc kan ik gewoon op mijn account inloggen (administratoraccount), maar als ik inlog op de windows-gastaccount of op een gewoon standaardaccount meldt hij de gebruiker aan, bureaublad voorbereiden en dan direct weer afmelden i.p.v bureaublad tonen. Ik weet niet waar dit aan zal liggen. Alvast bedankt PS ik heb geen recovery dvd/cd van windows, is niet meegeleverd met de pc

Mijn excuses voor dit late antwoord, ik dacht dat ik verwittigt zou worden via email als er een antwoord is => blijkbaar niet. Het probleem is ondertussen al opgelost, ik heb Windows Loader gedownloaded en zo windows 7 professional kunnen activeren. Maar mijn nieuwe vraag is of ik het windows 7 register opnieuw kan installeren (resetten dus), want windows meldt direct af na het aanmelden op een gastaccount, dus iets fout in het register Arthur Ik heb dus niets van recovery cd of dvd of systeemherstelschijf ---------- Post toegevoegd om 21:49 ---------- Vorige post was om 21:47 ---------- Maar op mijn normaal (admin account) kan ik wel inloggen.

Beste, Mijn computer heeft een windows 7 Home Premium code: XXXXX-XXXXX-XXXXX-XXXXX-XXXXX Maar ik heb de stommiteit begaan om een code te geven voor professional en nu moet ik een activatiecode geven , maar dit heb ik niet. Ik wil weer naar Home Premium met mijn oorspronkelijke code, is dit nog mogelijk? Hou er aub rekening mee: ik heb GEEN windows 7 installatie dvd/cd Mvg Thuurke graag spoedig antwoord