Ga naar inhoud

peerspecial

Lid
  • Items

    21
  • Registratiedatum

  • Laatst bezocht

peerspecial's prestaties

  1. Logfile of random's system information tool 1.09(written by random/random) Run by hp at 2014-04-29 00:14:07 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 105 GB (47%) free of 225 GB Total RAM: 1979 MB (41% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 0:14:14, on 29-4-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17041) Boot mode: Normal Running processes: C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Java\JavaUpdate\jusched.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Users\hp\AppData\Local\PirritSuggestor\PirritDesktop.exe C:\Program Files(x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\hp.exe R1 - HKCU\Software\Microsoft\InternetExplorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\InternetExplorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\InternetExplorer\Main,Default_Page_URL = Google R1 - HKLM\Software\Microsoft\InternetExplorer\Main,Default_Search_URL = Google R0 - HKLM\Software\Microsoft\InternetExplorer\Main,Start Page = Google R1 -HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =http=http://127.0.0.1:9880 O2 - BHO: Java Plug-In SSV Helper -{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files(x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account -{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\CommonFiles\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: (no name) -!{98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: (no name) -!{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: (no name) -!{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) O3 - Toolbar: (no name) -!{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) O3 - Toolbar: (no name) -!{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file) O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files(x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files(x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files(x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched]"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [WLSync] C:\Program Files(x86)\Windows Live\Mesh\WLSync.exe /background O4 - Startup: Dropbox.lnk =hp\AppData\Roaming\Dropbox\bin\Dropbox.exe O9 - Extra button: @C:\Program Files(x86)\Hewlett-Packard\HP SupportFramework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 -{25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files(x86)\Hewlett-Packard\HP SupportFramework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files(x86)\Hewlett-Packard\HP SupportFramework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 -{25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files(x86)\Hewlett-Packard\HP SupportFramework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button:@C:\Windows\WindowsMobile\INetRepl.dll,-222 -{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) -{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem:@C:\Windows\WindowsMobile\INetRepl.dll,-223 -{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Skype Click to Call -{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\InternetExplorer\skypeieplugin.dll (file missing) O9 - Extra button: Onderzoek -{92780B25-18CC-41C8-B9BE-3C9C571A8263} -C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files(x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files(x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS]Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3}(Image Uploader Control) -http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}(Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: wlpg -{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\WindowsLive\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service(AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\CommonFiles\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service(AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated -C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters)- Andrea Electronics Corporation -C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112(ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Scheduler(AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\ProgramFiles (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection(AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files(x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Com4QLBEx - Hewlett-Packard DevelopmentCompany, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick LaunchButtons\Com4QLBEx.exe O23 - Service: Cron Service for Prey (CronService) -Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100(EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118(Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: HP Support Assistant Service -Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP SupportFramework\hpsa_service.exe O23 - Service: HP Software Framework Service(hpqwmiex) - Hewlett-Packard Company - C:\Program Files(x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000(IEEtwCollectorService) - Unknown owner -C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknownowner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc LabelingService (LightScribeService) - Hewlett-Packard Company - C:\Program Files(x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknownowner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files(x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files(x86)\Nero\Update\NASvc.exe O23 - Service:@%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner -C:\Windows\system32\lsass.exe (file missing) O23 - Service: PirritDesktop - Unknown owner -C:\Users\hp\AppData\Local\PirritSuggestor\PirritService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300(ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (filemissing) O23 - Service: @%systemroot%\system32\Locator.exe,-2(RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1(SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3(SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1(Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101(sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. -C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe O23 - Service:@%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner -C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service:@%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner -C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100(vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102(VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service:@%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner -C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service:@%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner -C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WinRST - Unknown owner - C:\ProgramFiles (x86)\WinRST\WinRST.exe O23 - Service:@%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner -C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows MediaPlayer\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files(x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9532 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exeObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=OnSubSystemType=Windows ServerDll=basesrv,1ServerDll=winsrv:UserServerDllInitialization,3ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exeObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=OnSubSystemType=Windows ServerDll=basesrv,1ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -kLocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -kLocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -kLocalServiceAndNoImpersonation "C:\Program Files (x86)\Avira\AntiVirDesktop\sched.exe" C:\Windows\system32\svchost.exe -kLocalServiceNoNetwork "C:\Program Files (x86)\CommonFiles\Adobe\ARM\1.0\armsvc.exe" C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe "C:\Program Files (x86)\Avira\AntiVirDesktop\avguard.exe" "C:\Prey\platform\windows\cronsvc.exe" C:\Windows\SysWOW64\svchost.exe -k netsvcs "C:\Program Files (x86)\CommonFiles\LightScribe\LSSrvc.exe" "C:\Program Files (x86)\Common Files\MicrosoftShared\VS7DEBUG\MDM.EXE" C:\Windows\System32\svchost.exe -k HPZ12 C:\Users\hp\AppData\Local\PirritSuggestor\PirritService.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\WinRST\WinRST.exe" "C:\Program Files\Common Files\MicrosoftShared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 1104 "taskhost.exe" taskeng.exe {A11C616A-8BCF-43AB-A186-51F586197851} "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Windows\System32\hkcmd.exe" "C:\Program Files\IDT\WDM\sttray64.exe" "C:\Windows\WindowsMobile\wmdc.exe" "C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe"/systemstartup "C:\Program Files (x86)\Hewlett-Packard\HPWireless Assistant\HPWAMain.exe" "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe"/min "C:\Program Files (x86)\Common Files\Java\JavaUpdate\jusched.exe" "C:\Program Files (x86)\Avira\AntiVirDesktop\avshadow.exe" avshadowcontrol0_00000600 "C:\Program Files(x86)\CyberLink\YouCam\YCMMirage.exe" "C:\Program Files\InternetExplorer\iexplore.exe"http://istart.webssearches.com/?type=sc&ts=1398474320&from=tugs&uid=WDCXWD2500BEKT-60V5T1_WD-WXG1A30R9654R9654 "C:\Program Files (x86)\InternetExplorer\IEXPLORE.EXE" SCODEF:3932 CREDAT:209921 /prefetch:2 C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files(x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" C:\Windows\system32\svchost.exe -k WindowsMobile C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -kNetworkServiceNetworkRestricted C:/Users/hp/AppData/Local/PirritSuggestor\PirritDesktop.exe "C:\Program Files(x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding "C:\Program Files (x86)\Hewlett-Packard\HPSupport Framework\hpsa_service.exe" "C:\Program Files(x86)\Nero\Update\NASvc.exe" "C:\Program Files\Windows MediaPlayer\wmpnetwk.exe" "C:\Windows\System32\MsSpellCheckingFacility.exe"-Embedding "C:\Program Files (x86)\InternetExplorer\IEXPLORE.EXE" SCODEF:3932 CREDAT:4142320 /prefetch:2 taskeng.exe {24726A5F-BCF9-4F8C-8799-2D5C6DA6409A} "C:\Windows\system32\SearchFilterHost.exe" 0508 512 520 65536 516 "C:\Windows\system32\SearchProtocolHost.exe"Global\UsGthrFltPipeMssGthrPipe23_ Global\UsGthrCtrlFltPipeMssGthrPipe23 1-2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0(compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)""C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc""DownLevelDaemon" taskhost.exe $(Arg0) "C:\Users\hp\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5\3Z4VM9JU\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\PC Optimizer Pro Idle.job C:\Windows\tasks\PC Optimizer Pro64 startups.job C:\Windows\tasks\PCHelpers1st.job C:\Windows\tasks\PCHelpers_period.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\ProgramFiles\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll[2012-07-17 529664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files(x86)\Hewlett-Packard\HP SupportFramework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28303416] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files(x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Microsoft-account - C:\Program Files(x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll[2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\InternetExplorer\Toolbar] !{98889811-442D-49dd-99D7-DC866BE87DBC} !{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\InternetExplorer\Toolbar] !{98889811-442D-49dd-99D7-DC866BE87DBC} !{2318C2B1-4965-11d4-9B18-009027A5CD4F} !{872b5b88-9db5-4310-bdd0-ac189557e5f5} !{EEE6C35B-6118-11DC-9C72-001320C79847} !{95080B13-AA71-4EE8-B951-7E98221E1ED5} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe[2009-09-11 387608] "SysTrayApp"=C:\ProgramFiles\IDT\WDM\sttray64.exe [2009-08-13 456192] "Windows Mobile DeviceCenter"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"=C:\Program Files(x86)\Hewlett-Packard\HP HealthCheck\ActiveCheck\product_line\NCPluginUpdater.exe [2014-04-22 21720] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WLSync"=C:\Program Files (x86)\WindowsLive\Mesh\WLSync.exe /background [] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\CommonFiles\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe[2011-01-07 2747744] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\DivXMediaServer] C:\Program Files (x86)\DivX\DivX MediaServer\DivXMediaServer.exe [2012-11-13 450560] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[2012-11-30 1263512] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\iLivid] C:\Users\hp\AppData\Local\iLivid\iLivid.exe -autorun[] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\KPN Assistent] C:\Program Files (x86)\KPN\KPN Assistent\KPNAssistent\KPN_Assistent.exe /auto [] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\lxdiamon] C:\Program Files (x86)\Lexmark 3500-4500Series\lxdiamon.exe [2007-03-05 20480] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\lxdimon.exe] C:\Program Files (x86)\Lexmark 3500-4500Series\lxdimon.exe [2007-03-06 435120] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\ManyCam] C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe /silent[] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Media Finder] C:\Program Files (x86)\Media Finder\Media Finder.exe/opentotray [] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Messenger (Yahoo!)] C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe -quiet[] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\NetWorx] C:\Program Files\NetWorx\networx.exe [2012-02-274692480] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe[] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe/minimized /regrun [] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\JavaUpdate\jusched.exe [2013-07-02 254336] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\VoipBuster] C:\Program Files(x86)\VoipBuster.com\VoipBuster\VoipBuster.exe -nosplash -minimized [] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupfolder\C:^Users^hp^AppData^Roaming^Microsoft^Windows^StartMenu^Programs^Startup^Dropbox.lnk] C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe[2014-01-03 33508336] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupfolder\C:^Users^hp^AppData^Roaming^Microsoft^Windows^StartMenu^Programs^Startup^PalTalk.lnk] C:\PROGRA~2\PALTAL~1\paltalk.exe [2013-07-20 9969760] [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupfolder\C:^Users^hp^AppData^Roaming^Microsoft^Windows^StartMenu^Programs^Startup^Webshots.lnk] C:\PROGRA~2\Webshots\315~1.761\Launcher.exe /t [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "WirelessAssistant"=C:\Program Files(x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744] "avgnt"=C:\Program Files (x86)\Avira\AntiVirDesktop\avgnt.exe [2014-02-18 689744] "Adobe ARM"=C:\Program Files (x86)\CommonFiles\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "SunJavaUpdateSched"=C:\Program Files(x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] C:\Users\hp\AppData\Roaming\Microsoft\Windows\StartMenu\Programs\Startup Dropbox.lnk - C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2009-08-27 259584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -C:\Windows\system32\webcheck.dll [2014-04-27 243200] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLinkedConnections"=1 "EnableLUA"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1month====== 2014-04-28 00:22:21 ----A----C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-27 16:03:52 ----D---- C:\Program Files\trendmicro 2014-04-27 16:03:50 ----D---- C:\rsit 2014-04-27 14:43:54 ----D---- C:\Windows\ERUNT 2014-04-27 03:22:28 ----D---- C:\Program Files(x86)\WinRST 2014-04-27 03:07:58 ----A----C:\Windows\system32\IEUDINIT.EXE 2014-04-27 02:53:19 ----A---- C:\Windows\SYSWOW64\elshyph.dll 2014-04-27 02:53:14 ----A----C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2014-04-27 02:53:14 ----A----C:\Windows\SYSWOW64\msls31.dll 2014-04-27 02:53:14 ----A----C:\Windows\SYSWOW64\jsIntl.dll 2014-04-27 02:53:14 ----A---- C:\Windows\system32\elshyph.dll 2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\wininet.dll 2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\urlmon.dll 2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\msrating.dll 2014-04-27 02:53:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\ieui.dll 2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\iertutil.dll 2014-04-27 02:53:13 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\dxtrans.dll 2014-04-27 02:53:13 ----A----C:\Windows\SYSWOW64\dxtmsft.dll 2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\wextract.exe 2014-04-27 02:53:12 ----A---- C:\Windows\SYSWOW64\url.dll 2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\licmgr10.dll 2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\inseng.dll 2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\iexpress.exe 2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\iesetup.dll 2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\iernonce.dll 2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\iedkcs32.dll 2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\ieapfltr.dll 2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\ieapfltr.dat 2014-04-27 02:53:12 ----A----C:\Windows\SYSWOW64\icardie.dll 2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\webcheck.dll 2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\vbscript.dll 2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\pngfilt.dll 2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\occache.dll 2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\mshtmled.dll 2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\MshtmlDac.dll 2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\mshtml.dll 2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\msfeeds.dll 2014-04-27 02:53:11 ----A----C:\Windows\SYSWOW64\ieUnatt.exe 2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\SetIEInstalledDate.exe 2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\mshtmler.dll 2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\mshta.exe 2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\msfeedssync.exe 2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\msfeedsbs.dll 2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\jscript9diag.dll 2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\jscript9.dll 2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\jscript.dll 2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\imgutil.dll 2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\iesysprep.dll 2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\iepeers.dll 2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-04-27 02:53:10 ----A----C:\Windows\SYSWOW64\IEAdvpack.dll 2014-04-27 02:53:10 ----A----C:\Windows\system32\jsIntl.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\wininet.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\urlmon.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\SetIEInstalledDate.exe 2014-04-27 02:53:09 ----A----C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-27 02:53:09 ----A----C:\Windows\system32\msrating.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\msls31.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\mshtmler.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\msfeedssync.exe 2014-04-27 02:53:09 ----A----C:\Windows\system32\msfeedsbs.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\jsproxy.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\jscript9diag.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\jscript9.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\ieui.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\iesysprep.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\iertutil.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\ieframe.dll 2014-04-27 02:53:09 ----A----C:\Windows\system32\IEAdvpack.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\wextract.exe 2014-04-27 02:53:08 ----A----C:\Windows\system32\webcheck.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\vbscript.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\url.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\pngfilt.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\occache.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\mshtmlmedia.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\mshtmled.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\mshtml.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\msfeeds.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\licmgr10.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\inseng.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\iexpress.exe 2014-04-27 02:53:08 ----A----C:\Windows\system32\ieUnatt.exe 2014-04-27 02:53:08 ----A----C:\Windows\system32\iesetup.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\iernonce.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\iedkcs32.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\ieapfltr.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\ieapfltr.dat 2014-04-27 02:53:08 ----A----C:\Windows\system32\ie4uinit.exe 2014-04-27 02:53:08 ----A----C:\Windows\system32\icardie.dll 2014-04-27 02:53:08 ----A---- C:\Windows\system32\dxtrans.dll 2014-04-27 02:53:08 ----A----C:\Windows\system32\dxtmsft.dll 2014-04-27 02:53:07 ----A----C:\Windows\system32\MshtmlDac.dll 2014-04-27 02:53:07 ----A----C:\Windows\system32\mshta.exe 2014-04-27 02:53:07 ----A---- C:\Windows\system32\jscript.dll 2014-04-27 02:53:07 ----A----C:\Windows\system32\imgutil.dll 2014-04-27 02:53:07 ----A----C:\Windows\system32\iepeers.dll 2014-04-27 02:53:07 ----A----C:\Windows\system32\ieetwproxystub.dll 2014-04-27 02:53:07 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-04-27 02:53:07 ----A----C:\Windows\system32\ieetwcollector.exe 2014-04-27 02:06:05 ----D---- C:\Program Files(x86)\Hosts_Anti_Adwares_PUPs 2014-04-27 02:04:41 ----D---- C:\AdwCleaner 2014-04-26 03:09:51 ----D---- C:\Program Files(x86)\Uninstaller 2014-04-26 03:08:34 ----D----C:\Users\hp\AppData\Roaming\SupTab 2014-04-26 03:08:25 ----D---- C:\ProgramData\WPM 2014-04-26 03:08:03 ----D----C:\Users\hp\AppData\Roaming\Optimizer Elite Max 2014-04-26 03:06:57 ----D---- C:\Users\hp\AppData\Roaming\VOPackage 2014-04-26 03:03:37 ----D---- C:\Program Files(x86)\Optimizer Elite Max 2014-04-22 20:38:13 ----D---- C:\Windows\nl 2014-04-22 20:33:04 ----A----C:\Windows\SYSWOW64\javaws.exe 2014-04-22 20:32:17 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-04-22 20:32:17 ----A----C:\Windows\SYSWOW64\javaw.exe 2014-04-22 20:32:17 ----A----C:\Windows\SYSWOW64\java.exe 2014-04-22 14:04:20 ----A---- C:\AVScanner.ini 2014-04-09 11:03:43 ----A----C:\Windows\SYSWOW64\iologmsg.dll 2014-04-09 11:03:43 ----A----C:\Windows\system32\iologmsg.dll 2014-04-09 11:03:43 ----A----C:\Windows\system32\drivers\storport.sys 2014-04-09 11:03:43 ----A----C:\Windows\system32\drivers\msiscsi.sys 2014-04-09 11:03:43 ----A---- C:\Windows\system32\drivers\Diskdump.sys 2014-04-09 11:03:32 ----A----C:\Windows\SYSWOW64\kernel32.dll 2014-04-09 11:03:32 ----A----C:\Windows\system32\wow64win.dll 2014-04-09 11:03:32 ----A----C:\Windows\system32\wow64.dll 2014-04-09 11:03:32 ----A---- C:\Windows\system32\kernel32.dll 2014-04-09 11:03:31 ----A----C:\Windows\SYSWOW64\setup16.exe 2014-04-09 11:03:31 ----A----C:\Windows\SYSWOW64\ntvdm64.dll 2014-04-09 11:03:31 ----A----C:\Windows\system32\wow64cpu.dll 2014-04-09 11:03:31 ----A---- C:\Windows\system32\ntvdm64.dll 2014-04-09 11:03:30 ----A----C:\Windows\SYSWOW64\wow32.dll 2014-04-09 11:03:30 ----A----C:\Windows\SYSWOW64\user.exe 2014-04-09 11:03:30 ----A----C:\Windows\SYSWOW64\instnm.exe 2014-04-09 11:03:28 ----A----C:\Windows\system32\drivers\ntfs.sys 2014-04-04 17:55:47 ----D---- C:\Program Files(x86)\Mozilla Firefox 2014-04-04 03:10:36 ----A----C:\Windows\SYSWOW64\FlashPlayerInstaller.exe 2014-04-04 01:27:05 ----A----C:\Windows\SYSWOW64\wer.dll 2014-04-04 01:27:05 ----A---- C:\Windows\system32\wwansvc.dll 2014-04-04 01:27:05 ----A----C:\Windows\system32\wer.dll 2014-04-04 01:27:04 ----A----C:\Windows\system32\win32k.sys 2014-04-04 01:27:04 ----A----C:\Windows\system32\qedit.dll 2014-04-04 01:27:03 ----A----C:\Windows\SYSWOW64\WindowsCodecs.dll 2014-04-04 01:27:03 ----A----C:\Windows\SYSWOW64\qedit.dll 2014-04-04 01:27:03 ----A----C:\Windows\system32\WindowsCodecs.dll 2014-03-31 21:41:40 ----A----C:\Windows\SYSWOW64\sirenacm.dll 2014-03-31 21:34:22 ----A---- C:\Windows\WLXPGSS.SCR ======List of files/folders modified in the last 1month====== 2014-04-29 00:14:13 ----D---- C:\Windows\temp 2014-04-28 23:27:35 ----A----C:\Windows\SYSWOW64\TempWmicBatchFile.bat 2014-04-28 21:46:21 ----D----C:\Windows\system32\config 2014-04-28 21:28:08 ----D----C:\Users\hp\AppData\Roaming\Dropbox 2014-04-28 21:28:01 ----D---- C:\ProgramData 2014-04-28 21:28:01 ----A----C:\ProgramData\HPWALog.txt 2014-04-28 00:23:21 ----D---- C:\Windows\winsxs 2014-04-28 00:23:15 ----D----C:\Windows\SYSWOW64\nl-NL 2014-04-28 00:23:15 ----D----C:\Windows\system32\nl-NL 2014-04-28 00:23:15 ----D---- C:\Windows\System32 2014-04-28 00:23:12 ----D----C:\Windows\system32\catroot 2014-04-28 00:23:11 ----D----C:\Windows\system32\catroot2 2014-04-28 00:22:01 ----SHD---- C:\System VolumeInformation 2014-04-27 23:14:09 ----D----C:\Windows\system32\DriverStore 2014-04-27 16:03:52 ----RD---- C:\Program Files 2014-04-27 14:47:47 ----RD---- C:\Program Files (x86) 2014-04-27 14:47:47 ----D---- C:\Windows\SysWOW64 2014-04-27 14:43:54 ----D---- C:\Windows 2014-04-27 14:03:16 ----D----C:\Windows\system32\Tasks 2014-04-27 14:03:14 ----D---- C:\Windows\Tasks 2014-04-27 13:57:39 ----SHD---- C:\Windows\Installer 2014-04-27 13:57:38 ----D---- C:\Config.Msi 2014-04-27 03:12:13 ----D---- C:\Windows\Panther 2014-04-27 03:11:06 ----D---- C:\Program Files(x86)\Google 2014-04-27 03:09:39 ----D---- C:\Program Files(x86)\Internet Explorer 2014-04-27 03:09:36 ----D---- C:\ProgramFiles\Internet Explorer 2014-04-27 03:09:35 ----D---- C:\Windows\SYSWOW64\migration 2014-04-27 03:09:35 ----D----C:\Windows\SYSWOW64\en-US 2014-04-27 03:09:32 ----D----C:\Windows\system32\migration 2014-04-27 03:09:32 ----D----C:\Windows\system32\en-US 2014-04-27 03:09:32 ----D----C:\Windows\PolicyDefinitions 2014-04-27 02:58:05 ----HD---- C:\Windows\msdownld.tmp 2014-04-27 02:58:05 ----D---- C:\Windows\inf 2014-04-27 02:58:00 ----D---- C:\Windows\Logs 2014-04-27 02:28:56 ----D---- C:\Windows\debug 2014-04-27 02:16:05 ----D---- C:\ProgramData\Skype 2014-04-27 02:16:04 ----RD---- C:\Program Files(x86)\Skype 2014-04-27 02:16:04 ----D---- C:\Program Files(x86)\Common Files 2014-04-27 02:16:01 ----D----C:\Users\hp\AppData\Roaming\Skype 2014-04-27 02:13:46 ----D---- C:\ProgramData\Google 2014-04-27 02:12:57 ----HD---- C:\Program Files(x86)\InstallShield Installation Information 2014-04-27 02:04:46 ----A----C:\Windows\system32\PerfStringBackup.INI 2014-04-27 00:16:45 ----D---- C:\Program Files(x86)\ManyCam 2014-04-26 03:08:34 ----D---- C:\Windows\Prefetch 2014-04-26 03:07:09 ----D----C:\Users\hp\AppData\Roaming\vlc 2014-04-25 22:31:59 ----A----C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-04-22 20:49:14 ----D---- C:\Program Files(x86)\Windows Live 2014-04-22 20:38:37 ----D---- C:\ProgramData\Oracle 2014-04-22 20:32:17 ----D---- C:\Program Files(x86)\Java 2014-04-22 00:34:10 ----A----C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-04-15 16:22:49 ----D---- C:\Windows\system32\NDF 2014-04-15 14:41:19 ----D---- C:\Windows\rescache 2014-04-10 11:27:45 ----SD---- C:\Users\hp\AppData\Roaming\Microsoft 2014-04-09 20:58:25 ----D----C:\Windows\system32\drivers 2014-04-09 20:58:24 ----D---- C:\Windows\AppPatch 2014-04-09 12:33:27 ----D---- C:\Windows\system32\MRT 2014-04-09 12:30:34 ----A----C:\Windows\system32\MRT.exe 2014-04-04 23:57:53 ----D---- C:\Program Files(x86)\Winsent Messenger 2014-04-04 22:42:48 ----D---- C:\ProgramData\WinsentMessenger 2014-04-04 11:40:27 ----D---- C:\ProgramFiles\Microsoft Silverlight 2014-04-04 11:40:27 ----D---- C:\Program Files(x86)\Microsoft Silverlight 2014-04-04 01:14:43 ----D---- C:\Windows\system32\wfp 2014-04-04 01:14:37 ----D---- C:\Windows\system32\wbem 2014-04-04 00:13:42 ----D---- C:\Windows\L2Schemas 2014-04-04 00:13:41 ----D----C:\Windows\SYSWOW64\Macromed 2014-04-04 00:13:40 ----D----C:\Windows\system32\Macromed 2014-04-04 00:13:36 ----D----C:\Windows\system32\CodeIntegrity 2014-04-04 00:13:36 ----D---- C:\Windows\AppCompat 2014-04-04 00:13:26 ----D---- C:\Program Files\CommonFiles\Microsoft Shared 2014-04-04 00:12:11 ----D---- C:\Windows\registration ======List of drivers (R=Running, S=Stopped, 0=Boot,1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 27216] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys[2010-09-07 30288] R0 pciide;pciide;C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost;C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys[2010-12-08 308304] R1 Avgmfx64;AVG Mini-Filter Resident Anti-VirusShield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2010-09-07 41040] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys [2010-11-12 382032] R1 avipbb;avipbb;C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-17 131576] R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys [2013-10-07 28600] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-17 108440] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys [2010-08-02 32880] R3 HpqKbFiltr;HpqKbFilter Driver;C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys[2009-08-27 7369600] R3 IntcHdmiAddService;Intel® High Definition AudioHDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264] R3 NETw5s64;Intel® Wireless WiFi Link adapterstuurprogramma onder Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys[2010-01-13 7675392] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys[2009-08-13 487936] R3 SynTP;Synaptics TouchPad Driver;C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-15 273456] S2 Aspi32;Aspi32;C:\Windows\system32\drivers\Aspi32.sys [] S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys[2009-06-10 1146880] S3 athr;Stuurprogramma Atheros Extensible draadlozeLAN-apparaat; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688] S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 157264] S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 35920] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1;C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3BthEnum;Bluetooth-stuurprogramma voor aanvraagblok;C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network);C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort;C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio;C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys[2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4;C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968] S3 dot4usb;Dot4USB Filter Dot4USB Filter;C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 FTDIBUS;USB Serial Converter Driver;C:\Windows\system32\drivers\ftdibus.sys [2013-11-16 79592] S3 FTSER2K;USB Serial Port Driver;C:\Windows\system32\drivers\ftser2k.sys [2014-01-14 86376] S3 GKUPRO2D;GKUPRO2D;C:\Windows\System32\Drivers\GKUPRO2D.sys [2005-02-18 120704] S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928] S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160] S3 NETw1v64;Intel® Wireless WiFi Link 1000 SeriesAdapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw1v64.sys [2009-07-21 7058432] S3 netw5v64;Intel® Wireless WiFi Link 5000 SeriesAdapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI);C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys[2009-09-02 225280] S3 RT-USB;Ross-Tech USB driver;C:\Windows\system32\drivers\RT-USB64.SYS [2010-06-16 70984] S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys[2010-11-20 109056] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS[2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys[2010-11-20 59392] S3 usbscan;Stuurprogramma voor USB-scanner;C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 WinUsb;WinUsb-stuurprogramma;C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot,1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\ProgramFiles (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe[2009-03-02 89600] R2 AntiVirSchedulerService;Avira Scheduler; C:\ProgramFiles (x86)\Avira\AntiVir Desktop\sched.exe [2014-02-18 440400] R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-02-18 440400] R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2014-01-25 23552] R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 HP Support Assistant Service;HP Support AssistantService; C:\Program Files (x86)\Hewlett-Packard\HP SupportFramework\hpsa_service.exe [2013-11-04 92160] R2 LightScribeService;LightScribeService Direct DiscLabeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2009-08-20 73728] R2 MDM;Machine Debug Manager; C:\Program Files(x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120] R2 NAUpdate;@C:\Program Files(x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe[2010-02-18 462632] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe[2009-07-14 27136] R2 PirritDesktop;PirritDesktop;C:\Users\hp\AppData\Local\PirritSuggestor\PirritService.exe [2014-03-18 52056] R2 Pml Driver HPZ12;Pml Driver HPZ12;C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104;C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 STacSV;Audio Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe[2009-08-13 240640] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079;C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 WinRST;WinRST; C:\Program Files(x86)\WinRST\WinRST.exe [2014-03-18 59904] R2 wlidsvc;Windows Live ID Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2012-07-17 2292480] R3 hpqwmiex;HP Software Framework Service; C:\ProgramFiles (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760] S2 clr_optimization_v4.0.30319_32;Microsoft .NETFramework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NETFramework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11124088] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player UpdateService; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe[2014-04-22 257712] S3 aspnet_state;ASP.NET-statusservice;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-1151808] S3 Com4QLBEx;Com4QLBEx; C:\Program Files(x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896] S3IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000;C:\Windows\system32\IEEtwCollector.exe [2014-04-27 111616] S3 ose;Office Source Engine; C:\Program Files(x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601;C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-25 1255736] S4 AVG Security Toolbar Service;AVG Security ToolbarService; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-11-25517448] S4 AVGIDSAgent;AVGIDSAgent; C:\Program Files(x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-01-066128720] S4 avgwd;AVG WatchDog; C:\Program Files(x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400] S4 GameConsoleService;GameConsoleService; C:\ProgramFiles (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-06-06 250616] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11139856] S4NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11139856] S4NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11139856] -----------------EOF--------------
  2. Ik ben nu al een paar dagen aan het knutselen om een heel vervelende trojan die zowel op mijn laptop als op een pc gekomen is - weg te krijgen en tot nu toe lukt niets.. Ik vrees dat ik ook steeds naar allerlei sites gestuurd wordt die allemaal verbonden zijn aan deze malware verspreider - die dit gewoon zomaar lekker mag en kan blijven doen ,, heeft niemand een probleem mee denk ik dan maar.. Wat moet ik doen? Graag hulp. Peter. Ik heb al wel een logje gemaakt. info.txt logfile of random's system information tool 1.09 2014-04-27 16:04:13 ======Uninstall list====== -->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Diner Dash\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Dora's Carnival Adventure\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Farm Frenzy\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\HP Game Console\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Jewel Quest Solitaire 2\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Mah Jong Medley\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Peggle\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\StoneLoops of Jurassica\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Super Collapse 3\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\THE GAME OF LIFE\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Virtual Families\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\World of Goo\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Yahtzee\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall 64 Bit HP CIO Components Installer-->MsiExec.exe /I{BC741628-0AFC-405C-8946-DD46D1005A0A} 7-Zip 4.65-->"C:\Program Files (x86)\7-Zip\Uninstall.exe" Aangifte inkomstenbelasting 2012-->C:\Program Files (x86)\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012u.exe Acrobat.com-->msiexec /qb /x {628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0} Acrobat.com-->MsiExec.exe /I{628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0} Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6} Adobe Flash Player 13 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_182_ActiveX.exe -maintain activex Adobe Flash Player 13 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_182_Plugin.exe -maintain plugin Adobe Reader XI (11.0.06) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001} Adobe Shockwave Player-->MsiExec.exe /X{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11} AVG 2011-->MsiExec.exe /I{544974E3-D015-401C-900C-E5D137BC930E} avg deinst.-->"C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" /AppMode=SETUP /Uninstall Avira Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe" CodecInstaller 2.10.4-->C:\Program Files (x86)\JockerSoft\CodecInstaller\uninst.exe Compatibiliteitspakket voor het 2007 Microsoft Office system-->MsiExec.exe /X{90120000-0020-0413-0000-0000000FF1CE} CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink PowerDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\setup.exe" /z-uninstall CyberLink PowerDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall EasyObdII Free Software version 2.4.0-->"C:\Program Files (x86)\EasyObdII Free Software\unins000.exe" Free Internet Eraser-->"C:\Program Files (x86)\PrivacyEraser Computing\Free Internet Eraser\unins000.exe" Free YouTube Download version 3.1.38.1005-->C:\Program Files (x86)\Common Files\DVDVideoSoft\Uninstall.exe Hewlett-Packard ACLM.NET v1.2.2.3-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F} High-Definition Video Playback 10-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E} HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe" HP Quick Launch Buttons-->"C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -runfromtemp -l0x0413 -removeonly uninst HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17B4760F-334B-475D-829F-1A3E94A6A4E6}\setup.exe" -l0x9 -removeonly HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe" -runfromtemp -l0x0409 -removeonly HP Update-->MsiExec.exe /X{D46D081B-F60E-467E-A7C4-117B70D76731} HP User Guides 0148-->MsiExec.exe /X{9D3318E1-5A9F-4A95-A7A1-7E045403AE34} HP Wireless Assistant-->MsiExec.exe /X{54CC7901-804D-4155-B353-21F0CC9112AB} IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly Intel® Graphics Media Accelerator Driver-->C:\Windows\SysWOW64\igxpun.exe -uninstall IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe Java 7 Update 55-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217025FF} Java 6 Update 15 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416015FF} Java SE Development Kit 6 Update 15 (64-bit)-->MsiExec.exe /I{64A3A4F4-B792-11D6-A78A-00B0D0160150} K-Lite Codec Pack 7.0.0 (Standard)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" LightScribe System Software-->MsiExec.exe /X{CC8E94A2-55C7-4460-953C-2A790180578C} Malwarebytes Anti-Malware versie 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Media Player Classic - Home Cinema v1.5.2.3456 x64-->"C:\Program Files\Media Player Classic - Home Cinema\unins000.exe" Microsoft .NET Framework 4.5.1 (Nederlands)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\NLD\\Setup.exe /repair /x86 /x64 /lcid 1043 Microsoft .NET Framework 4.5.1 (NLD)-->MsiExec.exe /X{9EBB0AF2-4AD2-3ABA-95EF-977EBEA1CB09} Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64 Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} Microsoft Office 2003 Web Services Toolkit - NLD-->MsiExec.exe /X{D36274D4-2A80-4A7F-8BF6-69DDCE1A76D7} Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE} Microsoft Office Outlook Connector-->MsiExec.exe /X{95140000-007A-0413-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (Dutch)-->MsiExec.exe /X{95120000-00AF-0413-0000-0000000FF1CE} Microsoft Office Professional Editie 2003-->MsiExec.exe /I{90110413-6000-11D3-8CFE-0150048383C9} Microsoft PowerPoint Viewer-->MsiExec.exe /X{95140000-00AF-0413-0000-0000000FF1CE} Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft Works-->MsiExec.exe /I{5158F1F5-FA1B-4D49-B546-55A5004B89BD} Movie Maker-->MsiExec.exe /X{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2} Movie Maker-->MsiExec.exe /X{DD67BE4B-7E62-4215-AFA3-F123A800A389} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77} MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} Nero 10 ClipartPack-->MsiExec.exe /X{96ED4B78-300E-4033-AE6C-C115CEB4DF07} Nero 10 Menu TemplatePack 1-->MsiExec.exe /X{42C8B7DF-FEB0-4D51-B169-506B6BEC5797} Nero 10 Menu TemplatePack 2-->MsiExec.exe /X{E712C273-7564-4C8E-AA59-0FA19BC35117} Nero 10 Menu TemplatePack 3-->MsiExec.exe /X{92146419-AE44-4C8B-A48B-0ABB1B5EC026} Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604} Nero 10 Movie ThemePack 1-->MsiExec.exe /X{43FBAB46-5969-4200-9958-1FF81FEE506F} Nero 10 Movie ThemePack 2-->MsiExec.exe /X{70F19404-B96C-4EBB-AD2B-3574F8736197} Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7} Nero 10 Sample ImagePack-->MsiExec.exe /X{ACD15FDF-FC42-4175-B477-576F92FF2256} Nero 10 Sample Videos-->MsiExec.exe /X{92A10E9D-EA00-4A46-8F22-EEA660992D61} Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE} Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6} Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB} Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345} Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00} Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517} Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38} Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F} Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8} Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521} Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC} Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C} Nero Dolby Files 10-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97} Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98} Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7} Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E} Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953} Nero MediaHub 10 Help (CHM)-->MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272} Nero MediaHub 10-->MsiExec.exe /X{1F7FB68F-52F6-46A3-B42F-38CE46295AE5} Nero Multimedia Suite 10-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD} Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF} Nero Recode 10-->MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807} Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7} Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023} Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5} Nero SoundTrax 10-->MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2} Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702} Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65} Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A} Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27} Nero Vision 10-->MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E} Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE} Nero WaveEditor 10-->MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230} NetWorx 5.2.2-->"C:\Program Files\NetWorx\unins000.exe" OBD II logger-->C:\WINDOWS\st6unst.exe -n "C:\Program Files (x86)\OBD II logger\ST6UNST.LOG" OutlookTempCleaner-->MsiExec.exe /I{F741BC84-68C7-4369-9778-432A40EC254A} Photo Common-->MsiExec.exe /X{C3538BF4-735B-45F3-B09E-C541A007E4E8} Photo Gallery-->MsiExec.exe /X{07AAB66E-4718-422D-9218-4AFB3C922A71} Photo Gallery-->MsiExec.exe /X{F4DEB840-B638-4BCE-AC6B-057EF31E0012} PL-2303 USB-to-Serial-->"C:\Program Files (x86)\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\setup.exe" -runfromtemp -l0x0009 -removeonly Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall PowerDVD-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\CyberLink\PowerDVD\Uninst.isu" QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A} Realtek 8136 8168 8169 Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -l0x0013 -removeonly Recovery Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall Revo Uninstaller 1.95-->C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe Revo Uninstaller Pro 3.0.2-->"C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe" Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D} Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A} Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120} Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Uninstall Helper-->msiexec.exe /x {82BF2C5E-79A7-4A13-B508-D5E64A5B141E} Uninstall Helper-->MsiExec.exe /X{82BF2C5E-79A7-4A13-B508-D5E64A5B141E} VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F} VCDS-Release-10.6.4-->"C:\ROSS-TECH\VCDS\unins000.exe" VLC media player 2.0.5-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe Vuze-->C:\Program Files\Vuze\uninstall.exe Windows Live Communications Platform-->MsiExec.exe /I{41C61308-6CFD-4D54-AB6A-7136ED08A18E} Windows Live Essentials-->MsiExec.exe /I{1B905A9B-EB74-4C70-B81B-5F446C178566} Windows Live ID Sign-in Assistant-->MsiExec.exe /I{CE52672C-A0E9-4450-8875-88A221D5CD50} Windows Live Installer-->MsiExec.exe /I{659CB81C-B54E-4DF1-B618-F35777393A54} Windows Live Messenger-->MsiExec.exe /X{5B71ABE2-65A3-4507-A227-3FF413FDA9C4} Windows Live Messenger-->MsiExec.exe /X{E703613B-BDAB-433E-A66A-DE0263E3D35D} Windows Live Photo Common-->MsiExec.exe /X{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9} Windows Live PIMT Platform-->MsiExec.exe /I{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4} Windows Live SOXE Definitions-->MsiExec.exe /I{D1893000-EA77-493C-8DDD-E262436E959B} Windows Live SOXE-->MsiExec.exe /I{CDC1AB00-01FF-4FC7-816A-16C67F0923C0} Windows Live UX Platform Language Pack-->MsiExec.exe /I{290C2B0A-CEE1-4F55-AB46-4571EC01DA96} Windows Live UX Platform-->MsiExec.exe /I{00F9DB8C-65D7-4D47-AB5F-F698EE38580D} Windows Mobile Apparaatcentrum-->MsiExec.exe /X{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B} WinRAR 4.00 beta 1 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe WinRAR 4.00 beta 1 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe ======System event log====== Computer Name: hp-PC Event Code: 104 Message: Logboekbestand Windows PowerShell is gewist. Record Number: 528142 Source Name: Microsoft-Windows-Eventlog Time Written: 20140427125550.546663-000 Event Type: Informatie User: hp-PC\hp Computer Name: hp-PC Event Code: 104 Message: Logboekbestand Media Center is gewist. Record Number: 528141 Source Name: Microsoft-Windows-Eventlog Time Written: 20140427125550.406262-000 Event Type: Informatie User: hp-PC\hp Computer Name: hp-PC Event Code: 104 Message: Logboekbestand Key Management Service is gewist. Record Number: 528140 Source Name: Microsoft-Windows-Eventlog Time Written: 20140427125550.265862-000 Event Type: Informatie User: hp-PC\hp Computer Name: hp-PC Event Code: 104 Message: Logboekbestand Internet Explorer is gewist. Record Number: 528139 Source Name: Microsoft-Windows-Eventlog Time Written: 20140427125550.141062-000 Event Type: Informatie User: hp-PC\hp Computer Name: hp-PC Event Code: 104 Message: Logboekbestand System is gewist. Record Number: 528138 Source Name: Microsoft-Windows-Eventlog Time Written: 20140427125549.922661-000 Event Type: Informatie User: hp-PC\hp =====Application event log===== Computer Name: hp-PC Event Code: 902 Message: De Software Protection-service is gestart. 6.1.7601.17514 Record Number: 120617 Source Name: Microsoft-Windows-Security-SPP Time Written: 20140427135202.000000-000 Event Type: Informatie User: Computer Name: hp-PC Event Code: 1003 Message: De statuscontrole van de licentie door de Software Protection-service is voltooid. Id van toepassing=55c92734-d682-4d71-983e-d6ec3f16059f Licentiestatus= 1: 01f5fc37-a99e-45c5-b65e-d762f3518ead, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 2: 2e7d060d-4714-40f2-9896-1e4f15b612ad, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 3: 3b965dfc-31d9-4903-886f-873a0382776c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 4: 586bc076-c93d-429a-afe5-a69fbc644e88, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 5: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 6: 5e35dc43-389b-47c5-b889-2088b06738cb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 7: 6a7d5d8a-92af-4e6a-af4b-8fddaec800e5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 8: 9ab82e0c-ffc9-4107-baa1-c65a8bd3ccc3, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 9: 9f83d90f-a151-4665-ae69-30b3f63ec659, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 10: a63275f4-530c-48a7-b0d3-4f00d688d151, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 11: b8a4bb91-69b1-460d-93f8-40e0670af04a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 12: d2c04e90-c3dd-4260-b0f3-f845f5d27d64, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 0 0 msft:rm/algorithm/bios/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )] 13: e68b141f-4dfa-4387-b3b7-e65c4889216e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 14: ee4e1629-bcdc-4b42-a68f-b92e135f78d7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 15: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 16: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] Record Number: 120616 Source Name: Microsoft-Windows-Security-SPP Time Written: 20140427135202.000000-000 Event Type: Informatie User: Computer Name: hp-PC Event Code: 1066 Message: Initialisatiestatus voor serviceobjecten. C:\Windows\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/pkey/2005, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/licenserenewal/1.0, 0x00000000, 0x00000000 Record Number: 120615 Source Name: Microsoft-Windows-Security-SPP Time Written: 20140427135202.000000-000 Event Type: Informatie User: Computer Name: hp-PC Event Code: 900 Message: De Software Protection-service wordt gestart. Record Number: 120614 Source Name: Microsoft-Windows-Security-SPP Time Written: 20140427135159.000000-000 Event Type: Informatie User: Computer Name: hp-PC Event Code: 0 Message: PowerEvent is verwerkt door de service. Record Number: 120613 Source Name: HP Support Assistant Service Time Written: 20140427133654.000000-000 Event Type: Informatie User: =====Security event log===== Computer Name: hp-PC Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 119453 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140427135347.017243-000 Event Type: Controle geslaagd User: Computer Name: hp-PC Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: HP-PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x1d0 Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 119452 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140427135346.892443-000 Event Type: Controle geslaagd User: Computer Name: hp-PC Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 119451 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140427135136.899197-000 Event Type: Controle geslaagd User: Computer Name: hp-PC Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: HP-PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x1d0 Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 119450 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140427135136.899197-000 Event Type: Controle geslaagd User: Computer Name: hp-PC Event Code: 1102 Message: Het controlelogboek is gewist. Onderwerp: Beveiligings-id: S-1-5-21-2871515856-2589426266-17003624-1000 Accountnaam: hp Domeinnaam: hp-PC Aanmeldings-id: 0x2b815 Record Number: 119449 Source Name: Microsoft-Windows-Eventlog Time Written: 20140427125549.548261-000 Event Type: Controle geslaagd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Users\hp\AppData\Local\Smartbar\Application;%PROGRAMFILES%\Internet Explorer;C:\Program Files (x86)\Windows Live\Shared "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=1 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel "PROCESSOR_REVISION"=170a "OnlineServices"=Online Services "Platform"=MCD "PCBRAND"=Presario -----------------EOF-----------------
  3. hier komt het laatste nieuwe logje.. het typen gaat weer prima.. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:51:39, on 17-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Webshots\3.1.5.7619\webshots.scr C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files (x86)\MSN Toolbar\01.01.2607.0\nl\msntb.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe /auto O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: Dropbox.lnk = hp\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Webshots.lnk = C:\Program Files (x86)\Webshots\3.1.5.7619\Launcher.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll (file missing) O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 12683 bytes hopelijk is alle rommel nu weggepoetst.. dankzij jullie .. in ieder geval al hartstikke bedankt Peter.
  4. opnieuw aan de praat gekregen en nu dit nieuwe logje na hijacktis en vervolgens cmbofix. Hopelijk is het nu weer normaal. en okee. grtz Peter ComboFix 12-07-16.01 - hp 16-07-2012 22:52:44.3.1 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.1979.888 [GMT 2:00] Gestart vanuit: c:\users\hp\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-16 to 2012-07-16 )))))))))))))))))))))))))))))) . . 2012-07-16 21:02 . 2012-07-16 21:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-16 19:36 . 2012-07-16 19:36 -------- d-----w- c:\program files (x86)\Microsoft 2012-07-16 19:35 . 2012-07-16 19:35 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\21a39b331cd638a03\bingbarsetup.exe 2012-07-15 13:43 . 2012-07-15 13:43 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB67DFE1-1289-4426-8515-392A52A42CE8}\offreg.dll 2012-07-13 17:48 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB67DFE1-1289-4426-8515-392A52A42CE8}\mpengine.dll 2012-07-11 22:13 . 2012-07-11 22:30 -------- d-----w- c:\program files (x86)\MP3Gain 2012-07-10 23:41 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-08 20:18 . 2012-07-08 20:18 -------- d-----w- c:\program files (x86)\Common Files\sqlite-dll-win32-x86-3071000 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-16 20:45 . 2012-03-07 14:58 29 ----a-w- c:\windows\SysWow64\TempWmicBatchFile.bat 2012-07-11 21:10 . 2012-04-04 13:31 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-11 21:10 . 2011-05-19 21:46 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-03 11:46 . 2012-02-22 16:43 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-09 17:21 . 2010-12-29 13:29 178688 ----a-w- c:\windows\SysWow64\unrar.dll 2012-06-02 22:19 . 2012-06-08 20:56 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-08 20:56 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-08 20:56 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-08 20:56 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-08 20:56 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-08 20:56 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-08 20:56 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-08 20:56 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-08 20:56 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-05-22 13:47 . 2012-06-14 11:28 405176 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll 2012-05-20 20:12 . 2011-01-25 13:48 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2012-05-20 20:12 . 2010-12-27 14:11 856712 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-05-14 21:31 . 2010-12-27 14:11 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2012-05-10 14:39 . 2012-05-10 14:39 388096 ----a-r- c:\users\hp\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-05-09 10:21 . 2012-05-20 22:14 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-05-09 10:21 . 2010-12-26 00:02 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-05-04 11:06 . 2012-06-12 17:37 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 10:03 . 2012-06-12 17:37 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03 . 2012-06-12 17:37 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40 . 2012-06-12 17:37 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-04-28 03:55 . 2012-06-12 17:36 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-26 05:41 . 2012-06-12 17:37 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-04-26 05:41 . 2012-06-12 17:37 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-04-26 05:34 . 2012-06-12 17:37 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-04-24 05:37 . 2012-06-12 17:36 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-04-24 05:37 . 2012-06-12 17:36 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-04-24 05:37 . 2012-06-12 17:36 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-04-24 04:36 . 2012-06-12 17:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-04-24 04:36 . 2012-06-12 17:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-04-24 04:36 . 2012-06-12 17:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-04-21 23:40 . 2011-01-15 14:29 856712 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-07-15_14.00.36 ))))))))))))))))))))))))))))))))))))))))) . + 2009-11-15 11:53 . 2012-07-16 19:18 79958 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:10 . 2012-07-14 23:58 66106 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-16 19:46 66106 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-12-21 12:41 . 2012-07-16 19:46 21064 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2871515856-2589426266-17003624-1000_UserData.bin + 2012-02-12 12:37 . 2011-12-15 13:00 97312 c:\windows\system32\drivers\avgntflt.sys + 2009-12-05 00:40 . 2012-07-15 20:43 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-05 00:40 . 2012-07-14 12:32 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-12-05 00:40 . 2012-07-15 20:43 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-12-05 00:40 . 2012-07-14 12:32 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-07-14 12:32 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-07-15 20:43 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-07-15 13:33 . 2012-07-15 13:33 25600 c:\windows\Installer\180ba.msi + 2010-12-25 23:21 . 2012-07-16 19:42 6136 c:\windows\system32\wdi\ERCQueuedResolutions.dat - 2012-07-15 13:20 . 2012-07-15 13:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-07-16 19:45 . 2012-07-16 19:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-07-16 19:45 . 2012-07-16 19:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-07-15 13:20 . 2012-07-15 13:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-02-12 12:37 . 2011-12-15 13:00 130760 c:\windows\system32\drivers\avipbb.sys - 2009-07-14 05:01 . 2012-07-15 00:19 399108 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-07-16 19:42 399108 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-07-24 18:34 . 2012-07-16 19:42 1494192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2871515856-2589426266-17003624-1000-12288.dat + 2011-04-01 09:18 . 2011-04-01 09:18 4556800 c:\windows\Installer\fd483.msi + 2010-12-25 23:21 . 2012-07-16 19:42 16633960 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2871515856-2589426266-17003624-1000-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-11-01 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 60464] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-12-15 258512] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "KPN Assistent"="c:\program files (x86)\KPN\KPN Assistent\KPN_Assistent.exe" [2011-08-18 33560288] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] Webshots.lnk - c:\program files (x86)\Webshots\3.1.5.7619\Launcher.exe [2011-9-20 157088] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136] R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-09 136176] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 250056] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 157264] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 35920] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] R3 GKUPRO2D;GKUPRO2D;c:\windows\system32\Drivers\GKUPRO2D.sys [2005-02-18 120704] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-09 136176] R3 NETw1v64;Intel® Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw1v64.sys [2009-07-20 7058432] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-25 1255736] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120] R4 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-11-25 517448] R4 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-01-06 6128720] R4 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 27216] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2010-09-07 30288] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2010-12-08 308304] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2010-09-07 41040] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2010-11-12 382032] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-12-15 27760] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe [2009-03-02 89600] S2 AGCoreService;AG Core Services;c:\program files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe [2010-06-29 20480] S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-12-15 86224] S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2011-02-15 19968] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-02-18 462632] S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-08-02 32880] S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 NETw5s64;Intel® Wireless WiFi Link adapter stuurprogramma onder Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 21:10] . 2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-09 12:13] . 2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-09 12:13] . 2012-06-29 c:\windows\Tasks\HPCeeScheduleForhp.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4SyncOverlay1] @="{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F}" [HKEY_CLASSES_ROOT\CLSID\{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F}] c:\program files (x86)\4Sync\ShellExt.dll [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4SyncOverlay2] @="{C72C6188-BEF2-46E5-A89A-52F0ED75219E}" [HKEY_CLASSES_ROOT\CLSID\{C72C6188-BEF2-46E5-A89A-52F0ED75219E}] c:\program files (x86)\4Sync\ShellExt.dll [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4SyncOverlay3] @="{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7}" [HKEY_CLASSES_ROOT\CLSID\{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7}] c:\program files (x86)\4Sync\ShellExt.dll [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4SyncOverlay4] @="{CB1EFEF8-D5E0-49D1-B768-41B48B1D7803}" [HKEY_CLASSES_ROOT\CLSID\{CB1EFEF8-D5E0-49D1-B768-41B48B1D7803}] c:\program files (x86)\4Sync\ShellExt.dll [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 97792 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 97792 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 97792 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 97792 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-10 165912] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-10 387608] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-10 365592] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-08-13 456192] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-15 171520] "lxdimon.exe"="c:\program files (x86)\Lexmark 3500-4500 Series\lxdimon.exe" [2007-03-06 435120] "lxdiamon"="c:\program files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-03-05 20480] "NetWorx"="c:\program files\NetWorx\networx.exe" [2012-02-27 4692480] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 192.168.2.254 Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-!{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file) Toolbar-!{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) Toolbar-!{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) Toolbar-!{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file) WebBrowser-{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1} - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) WebBrowser-{B80F591E-FE9A-46CF-A13E-180377240586} - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{9427041A-A8DC-4D06-9A68-93873486E957} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file) WebBrowser-{09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-07-16 23:06:21 ComboFix-quarantined-files.txt 2012-07-16 21:06 ComboFix2.txt 2012-07-16 19:23 ComboFix3.txt 2012-07-15 14:03 . Pre-Run: 127.540.912.128 bytes beschikbaar Post-Run: 127.118.372.864 bytes beschikbaar . - - End Of File - - 7EF5A8FB189BAF9F3D80218FC3EA0F2A
  5. Helaas is er weer ies mis gegaan .. een of anderre sleutel mst ik kon niets beetersss bedenken dan systeem terug zetten. weerkt weer bijna niet.. sorry.
  6. Weer aan de slag met het probleem oplossen.. en inderdaad begint het typen weer min of meer normaal te worden. Ik heb de scan nu uitgvoerd als admin. en hopelijk heeft dat ook geholpen. hierbij nu de laatste logfile. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:48:18, on 16-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Webshots\3.1.5.7619\webshots.scr C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files (x86)\MSN Toolbar\01.01.2607.0\nl\msntb.dll O3 - Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: (no name) - !{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file) O3 - Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) O3 - Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) O3 - Toolbar: (no name) - !{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file) O3 - Toolbar: (no name) - !{FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - (no file) O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe /auto O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: Dropbox.lnk = hp\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Webshots.lnk = C:\Program Files (x86)\Webshots\3.1.5.7619\Launcher.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 12722 bytes Nogmaals alle respect. groet Peter.
  7. Ik vrees dat het probleem dan in het administrator gedeelte zit.. Het programma wordt gewoon normaal zonder iets geopend en vraagt nergens naar ik kreeg wel een melding over iets.. maar dat ging weg toen ik op ok drukte (snap al die vreemde meldingen niet).. misschien een simpele uitleg wat ik verkeerd doe en hoe het dan wel moet? afmelden en in safe mous opstarten heb ik ook nog nooit gedaan.. (ben helaas een echte dombo) maar toch alvast kei bedankt.. (evt morgen weer een dag..)..
  8. eerst volgens aanwijzing gescand en verwijderd en nieuwe log gemaakt. (het typen gaat weer 100% !). Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:53:44, on 15-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Webshots\3.1.5.7619\webshots.scr C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: agihelper.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll (file missing) O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll (file missing) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: 4sharedExt - {95525BD9-6136-4A26-8263-9CEE295D442D} - C:\Program Files (x86)\4shared Toolbar\4sharedExt32.dll (file missing) O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files (x86)\MSN Toolbar\01.01.2607.0\nl\msntb.dll O3 - Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: (no name) - !{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file) O3 - Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) O3 - Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) O3 - Toolbar: (no name) - !{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file) O3 - Toolbar: (no name) - !{FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - (no file) O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe /auto O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: Dropbox.lnk = hp\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Webshots.lnk = C:\Program Files (x86)\Webshots\3.1.5.7619\Launcher.exe O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\hp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 13381 bytes Ik denk dat het aardig okee is.. super gaaf als dat zo zou zijn..haast ongelooflijk.. Peter.
  9. het hijacklog 1e.. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:47:48, on 15-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Webshots\3.1.5.7619\webshots.scr C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Eazel search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: agihelper.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll (file missing) O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll (file missing) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: 4sharedExt - {95525BD9-6136-4A26-8263-9CEE295D442D} - C:\Program Files (x86)\4shared Toolbar\4sharedExt32.dll (file missing) O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files (x86)\MSN Toolbar\01.01.2607.0\nl\msntb.dll O3 - Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: (no name) - !{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file) O3 - Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) O3 - Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) O3 - Toolbar: (no name) - !{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file) O3 - Toolbar: (no name) - !{FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - (no file) O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe /auto O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: Dropbox.lnk = hp\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Webshots.lnk = C:\Program Files (x86)\Webshots\3.1.5.7619\Launcher.exe O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\hp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 13556 bytes en het malware bites log. Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Databaseversie: v2012.07.14.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 hp :: HP-PC [administrator] Realtime bescherming: Ingeschakeld 15-7-2012 22:49:56 mbam-log-2012-07-15 (22-49-56).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 214195 Verstreken tijd: 5 minuut/minuten, 29 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
  10. ik hoop dat ik het juist gedaan heb . kreeg volgens mij avira niet echt uitgeschakeld.. hoplijk is dat niet verkeerd.. anders moet ik het nog een keer doen.. maar dus eerst hierbij de log van combofix. ComboFix 12-07-14.01 - hp 15-07-2012 15:49:34.1.1 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.1979.808 [GMT 2:00] Gestart vanuit: c:\users\hp\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\security\Database\tmp.edb c:\windows\TEMP\goopdate.dllc5f10 c:\windows\TEMP\goopdateres_nl.dllc673a c:\windows\TEMP\psmachine.dllc6798 . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-15 to 2012-07-15 )))))))))))))))))))))))))))))) . . 2012-07-15 14:00 . 2012-07-15 14:00 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-15 13:43 . 2012-07-15 13:43 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB67DFE1-1289-4426-8515-392A52A42CE8}\offreg.dll 2012-07-13 17:48 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB67DFE1-1289-4426-8515-392A52A42CE8}\mpengine.dll 2012-07-11 22:13 . 2012-07-11 22:30 -------- d-----w- c:\program files (x86)\MP3Gain 2012-07-10 23:41 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-08 20:18 . 2012-07-08 20:18 -------- d-----w- c:\program files (x86)\Common Files\sqlite-dll-win32-x86-3071000 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-15 13:41 . 2012-03-07 14:58 29 ----a-w- c:\windows\SysWow64\TempWmicBatchFile.bat 2012-07-11 21:10 . 2012-04-04 13:31 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-11 21:10 . 2011-05-19 21:46 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-03 11:46 . 2012-02-22 16:43 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-09 17:21 . 2010-12-29 13:29 178688 ----a-w- c:\windows\SysWow64\unrar.dll 2012-06-02 22:19 . 2012-06-08 20:56 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-08 20:56 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-08 20:56 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-08 20:56 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-08 20:56 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-08 20:56 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-08 20:56 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-08 20:56 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-08 20:56 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-05-22 13:47 . 2012-06-14 11:28 405176 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll 2012-05-20 20:12 . 2011-01-25 13:48 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2012-05-20 20:12 . 2010-12-27 14:11 856712 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-05-14 21:31 . 2010-12-27 14:11 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2012-05-10 14:39 . 2012-05-10 14:39 388096 ----a-r- c:\users\hp\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-05-09 10:21 . 2012-05-20 22:14 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-05-09 10:21 . 2010-12-26 00:02 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-05-08 21:54 . 2012-02-12 12:37 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-05-08 21:54 . 2012-02-12 12:37 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys 2012-05-04 11:06 . 2012-06-12 17:37 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 10:03 . 2012-06-12 17:37 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03 . 2012-06-12 17:37 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40 . 2012-06-12 17:37 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-04-28 03:55 . 2012-06-12 17:36 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-26 05:41 . 2012-06-12 17:37 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-04-26 05:41 . 2012-06-12 17:37 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-04-26 05:34 . 2012-06-12 17:37 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-04-24 05:37 . 2012-06-12 17:36 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-04-24 05:37 . 2012-06-12 17:36 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-04-24 05:37 . 2012-06-12 17:36 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-04-24 04:36 . 2012-06-12 17:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-04-24 04:36 . 2012-06-12 17:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-04-24 04:36 . 2012-06-12 17:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-04-21 23:40 . 2011-01-15 14:29 856712 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}] 2010-11-05 01:58 297808 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2010-11-25 08:49 2463048 ----a-w- c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-11-01 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 60464] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "KPN Assistent"="c:\program files (x86)\KPN\KPN Assistent\KPN_Assistent.exe" [2011-08-18 33560288] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] Webshots.lnk - c:\program files (x86)\Webshots\3.1.5.7619\Launcher.exe [2011-9-20 157088] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136] R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-09 136176] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 250056] R3 GKUPRO2D;GKUPRO2D;c:\windows\system32\Drivers\GKUPRO2D.sys [2005-02-18 120704] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-09 136176] R3 NETw1v64;Intel® Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw1v64.sys [2009-07-20 7058432] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-25 1255736] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120] R4 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-11-25 517448] R4 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-01-06 6128720] R4 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 27216] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2010-09-07 30288] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2010-12-08 308304] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2010-09-07 41040] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2010-11-12 382032] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-12-15 27760] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe [2009-03-02 89600] S2 AGCoreService;AG Core Services;c:\program files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe [2010-06-29 20480] S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224] S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2011-02-15 19968] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-02-18 462632] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 157264] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 35920] S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-08-02 32880] S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 NETw5s64;Intel® Wireless WiFi Link adapter stuurprogramma onder Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 21:10] . 2012-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-09 12:13] . 2012-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-09 12:13] . 2012-06-29 c:\windows\Tasks\HPCeeScheduleForhp.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 97792 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 97792 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 97792 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 97792 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-10 165912] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-10 387608] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-10 365592] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-08-13 456192] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-15 171520] "lxdimon.exe"="c:\program files (x86)\Lexmark 3500-4500 Series\lxdimon.exe" [2007-03-06 435120] "lxdiamon"="c:\program files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-03-05 20480] "NetWorx"="c:\program files\NetWorx\networx.exe" [2012-02-27 4692480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://nl.woofi.info mLocal Page = c:\windows\SysWOW64\blank.htm IE: Free YouTube to MP3 Converter - c:\users\hp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.2.254 Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll . - - - - ORPHANS VERWIJDERD - - - - . BHO-{28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll BHO-{95525BD9-6136-4A26-8263-9CEE295D442D} - c:\program files (x86)\4shared Toolbar\4sharedExt32.dll Toolbar-!{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file) Toolbar-!{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) Toolbar-!{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) Toolbar-!{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file) Wow6432Node-HKCU-Run-HPADVISOR - c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe Wow6432Node-HKLM-Run-NWEReboot - (no file) BHO-{95525BD9-6136-4A26-8263-9CEE295D442D} - c:\program files (x86)\4shared Toolbar\4sharedExt64.dll Toolbar-!{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file) Toolbar-!{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) Toolbar-!{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) Toolbar-!{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file) WebBrowser-{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1} - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) WebBrowser-{B80F591E-FE9A-46CF-A13E-180377240586} - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{9427041A-A8DC-4D06-9A68-93873486E957} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file) WebBrowser-{09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - (no file) ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - c:\program files (x86)\4Sync\ShellExt.dll ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - c:\program files (x86)\4Sync\ShellExt.dll ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - c:\program files (x86)\4Sync\ShellExt.dll ShellIconOverlayIdentifiers-{CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} - c:\program files (x86)\4Sync\ShellExt.dll HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-Aangifte inkomstenbelasting 2010 - c:\program files (x86)\Belastingdienst\Aangifte inkomstenbelasting\2010\ib2010u.exe AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe AddRemove-Lexmark 3500-4500 Series - c:\program files (x86) (x86)\Lexmark 3500-4500 Series\Install\x64\Uninst.exe AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe AddRemove-FoxTab FLV Player - c:\program files (x86)\FoxTabFLVPlayer\Uninstall\Uninstall.exe AddRemove-FoxTab PDF Converter - c:\program files (x86)\FoxTabPDFConverter\Uninstall\Uninstall.exe AddRemove-Uncompressor - c:\progra~2\UNCOMP~1\Uninstall\Uninstall.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-07-15 16:03:37 ComboFix-quarantined-files.txt 2012-07-15 14:03 . Pre-Run: 129.033.777.152 bytes beschikbaar Post-Run: 128.621.613.056 bytes beschikbaar . - - End Of File - - 4B5C870F5196CF2F3FBE35B20BCE425F ikhoor het graag..n.b. typen blijft heel lastig.. grtz.. peter.
  11. Hartelijk dank voor de huklp en hopelijk kom ik nu van dat sqlite gedoe af maar het toetenbord probleem blijft bestaan en lijkt zelfs wel erger geworden te zijn Ik kan nu enkel de juiste letter produceren als ik tenminste een paar tellen tussen iedere aaslag laat - dan werken de meeste toetsen wel.... maar in ieder geval bedankt voor het meehelpen.. Peter
  12. hallo bedank voor de snelle reactie.. ik heb hijakthis op mijn laptop staan.. en heb een logje gemaakt.. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:04:56, on 14-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: NormalRunning processes: C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Webshots\3.1.5.7619\webshots.scr C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GXR2966A\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Eazel search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Compaq | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Eazel search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Eazel search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing R3 - URLSearchHook: agihelper.AGUtils - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - mscoree.dll (file missing) R3 - URLSearchHook: (no name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - (no file) R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file) R3 - URLSearchHook: (no name) - {9427041a-a8dc-4d06-9a68-93873486e957} - (no file) R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file) R3 - URLSearchHook: (no name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file) R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: agihelper.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll (file missing) O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll (file missing) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: 4sharedExt - {95525BD9-6136-4A26-8263-9CEE295D442D} - C:\Program Files (x86)\4shared Toolbar\4sharedExt32.dll (file missing) O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files (x86)\MSN Toolbar\01.01.2607.0\nl\msntb.dll O3 - Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll (file missing) O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: (no name) - !{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file) O3 - Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) O3 - Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) O3 - Toolbar: (no name) - !{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file) O3 - Toolbar: (no name) - !{FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - (no file) O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe /auto O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Startup: Dropbox.lnk = hp\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Webshots.lnk = C:\Program Files (x86)\Webshots\3.1.5.7619\Launcher.exe O8 - Extra context menu item: &4shared Search - res://C:\Program Files (x86)\4shared Toolbar\4sharedbar64.dll/MENUSEARCH.HTM O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\hp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 15554 bytes hopelijk heb ik het goed gedaan.. en kan iemand hier iets mee.. alvast dank..peter.
  13. Geacht Forum, Ik heb een dubbele vraag.. die mogelijk zelfs mt elkaar te maken zou kunnen hebben.. 1e -Ik krijg bij het opstarten van mijn laptopje al een poos een melding over SQlite3 dll .. ontbreekt en dat ik daar dan blijkaar iets mee moet doen. Ik heb geen idee wat dat sqlite voor mij betekent of wat voor ding dat nu eigenlijk is.. Ik wil liever geen vreemde dingen op mijn laptopje hebben, want ik heb al problemen gnoeg met dat ding. 2e- Soms regageren bepaalde toetsen van het toetsenbord niet of niet goed - ook deze tekst typen gaat lastig omdat sommige letters plotseling niet verschijnen - vooral als ik in hotmail iets beantwoord.. en pas na heel hard extra in kloppen o.i.d. werkt het dan weer eventjes... Ik denk zelf dat het door een of andere programma komt.. want ik heb it eigenlijk pas gekeregen nadat ik Google choom verwijderd heb van mijn laptop - omdat ik het niet goed vond werken..maar het kan natuulijk ook gewoon domme toeval zijn of zelfs iets anders zijn. In Word werkt alles trouwens plotseling perfect..???? vreemd toch.. Ik hoop dat iemand mij kan/wil helpen.. Ik ben uiteraard maar een simpele gebruiker..groet Peter.
  14. ik ga het gelijk proberen.. de eerste aanval werkte niet .. bij hardware staat de kaart als aanwezig .. en het volume staat nu ook open, maar er gebeurt niks. Ik probeer nog de andere versie van xp.. misschien heb ik dan meer kans.. ingewikkeld klusje.. maar zou leuk zijn als het gaat werken.. Thanks,, Peter.
  15. hallo stegisoft, Sorry dat ik er toch nog een keer op moet terug komen, want .. de computer gaat dus nu inderdaad al wel keurig op internet, maar het geluid doet het dus ook niet (hoort bij de drivers van het gedeelte van het board dat foetsie is).. Ik dacht ook even slim te zijn en e oplossing net als mijn zoon te maken, door er een gewone pci geluids kaart in te prikken.. want die had ik nog ergens liggen - een mooie Soundblaster sb 0220 van Creatif weer het probleem dat ik hier ook geen driver voor heb (geen cd meer) en ik dacht dat dit toch een gewaardeerd bedrijf zou zijn met een prima ondersteuning, dus waar ik als simpele ziel makkelijk een driver zou kunnen ophalen.. Nou niets is minder waar,,, de soundblaster is (door mij) niet te voorzien van een driver, wat een ellende.. zoiets zou toch gewoon ook voor een leek een beetje makkelijk te vinden en te verhelpen moeten zijn,.,. dus vandaar dat ik nogmaals hier op terug moet komen.. alle hulp is welkom.. groet Peter..
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.