sjonpol

Beste, alvast bedankt voor je reactie. Ik moet wel zeggen dat ik de mail terug goed gekregen heb. Voor alle zekerheid volgt hier de log file zoals gevraagd. Logfile of random's system information tool 1.10 (written by random/random) Run by frqncine at 2014-11-17 21:35:23 Microsoft Windows 8.1 System drive C: has 251 GB (88%) free of 286 GB Total RAM: 3982 MB (57% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:35:30, on 17-11-2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17416) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\SupTab\HpUI.exe C:\Program Files (x86)\SupTab\Loader32.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\frqncine.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://myhome.vi-view.com/web/?type=ds&ts=1416251497&from=cor&uid=HGSTXHTS541075A9E680_JD12001W107HAA107HAAX&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://myhome.vi-view.com/web/?type=ds&ts=1416251497&from=cor&uid=HGSTXHTS541075A9E680_JD12001W107HAA107HAAX&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MaintainerSvc4.00.5030318 - Unknown owner - C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7626 bytes ======Listing Processes====== wininit.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k NetworkService "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe" C:\ProgramData\IePluginServices\PluginService.exe -service C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\WINDOWS\system32\SearchIndexer.exe /Embedding "C:\Program Files\ASUS\P4G\InsOnSrv.exe" C:\WINDOWS\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe" "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe" C:\WINDOWS\System32\WinLogon.exe -SpecialSession -hiberboot "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe" "C:\Program Files\ASUS\P4G\InsOnWMI.exe" taskhostex.exe C:\WINDOWS\Explorer.EXE KBFiltr.exe "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "C:\Program Files (x86)\SupTab\HpUI.exe" -run C:\Windows\System32\skydrive.exe -Embedding "C:\Program Files (x86)\SupTab\Loader64.exe" "C:\Program Files (x86)\SupTab\Loader32.exe" C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Windows\System32\igfxpers.exe" "C:\WINDOWS\system32\igfxsrvc.exe" -Embedding "C:\Program Files (x86)\Windows Live\Mail\wlmail.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3996.0.146188614\757692167" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/None/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/DevHQPExperimentsControlR2/PasswordGeneration/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3:LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_34/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WebRTC-ApplicationUDPSendSocketSize/Default/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="3996.2.968625214\650139856" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/None/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/DevHQPExperimentsControlR2/PasswordGeneration/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3:LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_34/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WebRTC-ApplicationUDPSendSocketSize/Default/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="3996.4.1134025934\525714653" /prefetch:673131151 "C:\Windows\System32\SettingSyncHost.exe" -Embedding "C:\Windows\system32\FBAgent.exe" dashost.exe {9db99f1d-bdf2-45b6-b67d3ebedafd7d87} "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3996.5.1196779212\479618786" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/None/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/DevHQPExperimentsControlR2/PasswordGeneration/Disabled/Prerender/PrerenderMulti/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/cd=3:LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_34/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WebRTC-ApplicationUDPSendSocketSize/Default/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="3996.8.717640852\1803233592" /prefetch:673131151 "C:\Program Files\WindowsApps\Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe\Map.exe" -ServerName:AppexMaps.AppXx8y9crt3hzfbmxxth4eth2nn11ahfpfx.mca "C:\Users\frqncine\Downloads\RSITx64.exe" C:\WINDOWS\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /c# C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler# ======Registry dump====== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04 40336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-04-26 3187360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4] c:\windows\temp\DisableS3S464\sethigh.cmd [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2013-03-08 95192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-12 13263072] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-11-17 21:35:23 ----D---- C:\rsit 2014-11-17 21:35:23 ----D---- C:\Program Files\trend micro 2014-11-17 21:27:15 ----D---- C:\Program Files (x86)\deal2dealit 2014-11-17 21:24:39 ----D---- C:\ProgramData\374311380 2014-11-17 21:08:14 ----D---- C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009 2014-11-17 20:59:57 ----D---- C:\ProgramData\ChampionDeals 2014-11-17 20:58:55 ----D---- C:\ProgramData\deal2dealit 2014-11-17 20:58:37 ----D---- C:\ProgramData\f25cb3e6521ce1d6 2014-11-17 20:58:10 ----D---- C:\Users\frqncine\AppData\Roaming\ParetoLogic 2014-11-17 20:58:10 ----D---- C:\Users\frqncine\AppData\Roaming\DriverCure 2014-11-17 20:58:00 ----D---- C:\ProgramData\ParetoLogic 2014-11-17 20:26:25 ----D---- C:\Users\frqncine\AppData\Roaming\IsolatedStorage 2014-11-17 20:26:25 ----D---- C:\ProgramData\IsolatedStorage 2014-11-17 20:25:40 ----D---- C:\Users\frqncine\AppData\Roaming\Solvusoft 2014-11-17 20:24:54 ----D---- C:\Spacekace 2014-11-17 20:21:26 ----A---- C:\WINDOWS\system32\drivers\{55bbc577-fb0b-4e77-8a51-e033716a9ead}w64.sys 2014-11-17 20:12:57 ----D---- C:\ProgramData\IePluginServices 2014-11-17 20:12:43 ----D---- C:\Program Files (x86)\SupTab 2014-11-17 20:12:28 ----D---- C:\ProgramData\WindowsMangerProtect 2014-11-17 20:11:18 ----D---- C:\Program Files (x86)\Optimizer Pro 2014-11-12 08:19:28 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll 2014-11-12 08:19:28 ----A---- C:\WINDOWS\system32\schannel.dll 2014-11-12 08:19:28 ----A---- C:\WINDOWS\system32\dpapisrv.dll 2014-11-12 08:19:27 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll 2014-11-12 08:19:27 ----A---- C:\WINDOWS\system32\ncryptsslp.dll 2014-11-12 08:19:03 ----A---- C:\WINDOWS\system32\rdpcorets.dll 2014-11-12 08:19:03 ----A---- C:\WINDOWS\system32\lsasrv.dll 2014-11-12 08:19:03 ----A---- C:\WINDOWS\system32\certcli.dll 2014-11-12 08:19:02 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll 2014-11-12 08:19:02 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll 2014-11-12 08:19:02 ----A---- C:\WINDOWS\system32\rfxvmt.dll 2014-11-12 08:19:02 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys 2014-11-12 08:19:02 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys 2014-11-12 08:19:02 ----A---- C:\WINDOWS\system32\drivers\cng.sys 2014-11-12 08:19:02 ----A---- C:\WINDOWS\system32\adtschema.dll 2014-11-12 08:19:01 ----A---- C:\WINDOWS\SYSWOW64\msaudite.dll 2014-11-12 08:19:01 ----A---- C:\WINDOWS\system32\rdpudd.dll 2014-11-12 08:19:01 ----A---- C:\WINDOWS\system32\msaudite.dll 2014-11-12 08:18:10 ----A---- C:\WINDOWS\system32\oleaut32.dll 2014-11-12 08:18:09 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll 2014-11-12 08:18:08 ----A---- C:\WINDOWS\SYSWOW64\msi.dll 2014-11-12 08:18:08 ----A---- C:\WINDOWS\system32\msi.dll 2014-11-12 08:18:07 ----A---- C:\WINDOWS\SYSWOW64\authui.dll 2014-11-12 08:18:07 ----A---- C:\WINDOWS\system32\authui.dll 2014-11-12 08:18:06 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll 2014-11-12 08:18:06 ----A---- C:\WINDOWS\system32\msihnd.dll 2014-11-12 08:18:06 ----A---- C:\WINDOWS\system32\consent.exe 2014-11-12 08:18:06 ----A---- C:\WINDOWS\system32\appinfo.dll 2014-11-12 08:18:01 ----A---- C:\WINDOWS\system32\wuaueng.dll 2014-11-12 08:18:00 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll 2014-11-12 08:18:00 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll 2014-11-12 08:18:00 ----A---- C:\WINDOWS\system32\wucltux.dll 2014-11-12 08:18:00 ----A---- C:\WINDOWS\system32\wuapi.dll 2014-11-12 08:17:59 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll 2014-11-12 08:17:59 ----A---- C:\WINDOWS\SYSWOW64\wups.dll 2014-11-12 08:17:59 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll 2014-11-12 08:17:59 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe 2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wuwebv.dll 2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wups2.dll 2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wups.dll 2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wudriver.dll 2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wuauclt.exe 2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wuapp.exe 2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wuaext.dll 2014-11-12 08:17:16 ----A---- C:\WINDOWS\system32\user32.dll 2014-11-12 08:17:15 ----A---- C:\WINDOWS\SYSWOW64\user32.dll 2014-11-12 08:17:14 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys 2014-11-12 08:17:14 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys 2014-11-12 08:17:13 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys 2014-11-12 08:17:12 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll 2014-11-12 08:17:12 ----A---- C:\WINDOWS\system32\winshfhc.dll 2014-11-12 08:16:36 ----A---- C:\WINDOWS\system32\mshtml.dll 2014-11-12 08:16:26 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll 2014-11-12 08:15:19 ----A---- C:\WINDOWS\system32\ieframe.dll 2014-11-12 08:15:08 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll 2014-11-12 08:14:55 ----A---- C:\WINDOWS\system32\jscript9.dll 2014-11-12 08:14:50 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll 2014-11-12 08:14:47 ----A---- C:\WINDOWS\system32\wininet.dll 2014-11-12 08:14:46 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll 2014-11-12 08:14:46 ----A---- C:\WINDOWS\system32\urlmon.dll 2014-11-12 08:14:45 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll 2014-11-12 08:14:45 ----A---- C:\WINDOWS\system32\iertutil.dll 2014-11-12 08:14:44 ----A---- C:\WINDOWS\system32\inetcomm.dll 2014-11-12 08:14:44 ----A---- C:\WINDOWS\system32\actxprxy.dll 2014-11-12 08:14:43 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll 2014-11-12 08:14:43 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll 2014-11-12 08:14:42 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll 2014-11-12 08:14:42 ----A---- C:\WINDOWS\system32\jscript9diag.dll 2014-11-12 08:14:42 ----A---- C:\WINDOWS\system32\jscript.dll 2014-11-12 08:14:41 ----A---- C:\WINDOWS\system32\ieui.dll 2014-11-12 08:14:40 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll 2014-11-12 08:14:40 ----A---- C:\WINDOWS\system32\msfeeds.dll 2014-11-12 08:14:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll 2014-11-12 08:14:38 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll 2014-11-12 08:14:38 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll 2014-11-12 08:14:38 ----A---- C:\WINDOWS\system32\vbscript.dll 2014-11-12 08:14:37 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll 2014-11-12 08:14:37 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll 2014-11-12 08:14:37 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll 2014-11-12 08:14:37 ----A---- C:\WINDOWS\system32\dxtrans.dll 2014-11-12 08:14:37 ----A---- C:\WINDOWS\system32\dxtmsft.dll 2014-11-12 08:14:36 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll 2014-11-12 08:14:36 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll 2014-11-12 08:14:36 ----A---- C:\WINDOWS\system32\webcheck.dll 2014-11-12 08:14:36 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll 2014-11-12 08:14:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll 2014-11-12 08:14:35 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll 2014-11-12 08:14:35 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll 2014-11-12 08:14:35 ----A---- C:\WINDOWS\system32\msrating.dll 2014-11-12 08:14:35 ----A---- C:\WINDOWS\system32\iedkcs32.dll 2014-11-12 08:14:35 ----A---- C:\WINDOWS\system32\ie4uinit.exe 2014-11-12 08:14:35 ----A---- C:\WINDOWS\system32\hlink.dll 2014-11-12 08:14:34 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll 2014-11-12 08:14:34 ----A---- C:\WINDOWS\SYSWOW64\inseng.dll 2014-11-12 08:14:34 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe 2014-11-12 08:14:34 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll 2014-11-12 08:14:34 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll 2014-11-12 08:14:34 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll 2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\msfeedsbs.dll 2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\inseng.dll 2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\ieUnatt.exe 2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\iesysprep.dll 2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\iepeers.dll 2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\ieetwcollector.exe 2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\wextract.exe 2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\pngfilt.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\occache.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\licmgr10.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\imgutil.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\iexpress.exe 2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\IEAdvpack.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\pngfilt.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\occache.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\mshtmled.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\MshtmlDac.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\licmgr10.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\jsproxy.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\imgutil.dll 2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\iernonce.dll 2014-11-12 08:14:32 ----A---- C:\WINDOWS\SYSWOW64\url.dll 2014-11-12 08:14:32 ----A---- C:\WINDOWS\SYSWOW64\mshta.exe 2014-11-12 08:14:32 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe 2014-11-12 08:14:32 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll 2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\wextract.exe 2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\url.dll 2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\mshta.exe 2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\msfeedssync.exe 2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\iexpress.exe 2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\iesetup.dll 2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\IEAdvpack.dll 2014-11-12 08:14:14 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll 2014-11-12 08:14:14 ----A---- C:\WINDOWS\system32\msxml3.dll 2014-11-12 08:14:12 ----A---- C:\WINDOWS\SYSWOW64\packager.dll 2014-11-12 08:14:12 ----A---- C:\WINDOWS\system32\packager.dll 2014-11-12 08:14:11 ----A---- C:\WINDOWS\system32\win32k.sys 2014-11-12 08:14:09 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll 2014-11-12 08:14:09 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll 2014-11-12 08:14:09 ----A---- C:\WINDOWS\system32\audiosrv.dll 2014-11-12 08:14:09 ----A---- C:\WINDOWS\system32\AudioSes.dll 2014-11-12 08:14:09 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll 2014-11-12 08:14:09 ----A---- C:\WINDOWS\system32\AudioEng.dll 2014-11-12 08:14:09 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll 2014-11-12 08:14:09 ----A---- C:\WINDOWS\system32\audiodg.exe 2014-11-12 08:14:08 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll 2014-11-12 08:14:08 ----A---- C:\WINDOWS\system32\EncDump.dll 2014-11-12 08:14:02 ----A---- C:\WINDOWS\system32\shell32.dll 2014-11-12 08:14:01 ----A---- C:\WINDOWS\system32\ntoskrnl.exe 2014-11-12 08:14:00 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll 2014-11-12 08:13:58 ----A---- C:\WINDOWS\system32\twinui.dll 2014-11-12 08:13:58 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll 2014-11-12 08:13:57 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll 2014-11-12 08:13:57 ----A---- C:\WINDOWS\system32\localspl.dll 2014-11-12 08:13:57 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys 2014-11-12 08:13:56 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll 2014-11-12 08:13:56 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-11-12 08:13:55 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll 2014-11-12 08:13:54 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll 2014-11-12 08:13:54 ----A---- C:\WINDOWS\system32\win32spl.dll 2014-11-12 08:13:53 ----A---- C:\WINDOWS\system32\WsmSvc.dll 2014-11-12 08:13:53 ----A---- C:\WINDOWS\system32\drivers\netio.sys 2014-11-12 08:13:52 ----AC---- C:\WINDOWS\system32\drivers\USBSTOR.SYS 2014-11-12 08:13:52 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll 2014-11-12 08:13:52 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll 2014-11-12 08:13:52 ----A---- C:\WINDOWS\system32\puiobj.dll 2014-11-12 08:13:52 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS 2014-11-12 08:13:51 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll 2014-11-12 08:13:51 ----A---- C:\WINDOWS\system32\untfs.dll 2014-11-12 08:13:51 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll 2014-11-12 08:13:50 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll 2014-11-12 08:13:50 ----A---- C:\WINDOWS\system32\FXSAPI.dll ======List of files/folders modified in the last 1 month====== 2014-11-17 21:35:23 ----RD---- C:\Program Files 2014-11-17 21:30:40 ----D---- C:\WINDOWS\Prefetch 2014-11-17 21:29:35 ----D---- C:\WINDOWS\Temp 2014-11-17 21:27:33 ----SHD---- C:\WINDOWS\Installer 2014-11-17 21:27:24 ----D---- C:\WINDOWS\system32\config 2014-11-17 21:27:15 ----RD---- C:\Program Files (x86) 2014-11-17 21:27:08 ----HD---- C:\ProgramData 2014-11-17 21:26:43 ----D---- C:\WINDOWS\system32\Tasks 2014-11-17 21:26:42 ----D---- C:\WINDOWS\Tasks 2014-11-17 21:26:40 ----D---- C:\Program Files (x86)\Common Files 2014-11-17 21:24:06 ----SHD---- C:\System Volume Information 2014-11-17 21:01:39 ----D---- C:\WINDOWS\system32\sru 2014-11-17 20:39:35 ----A---- C:\WINDOWS\SYSWOW64\log.txt 2014-11-17 20:38:13 ----A---- C:\WINDOWS\win.ini 2014-11-17 20:37:25 ----D---- C:\Windows 2014-11-17 20:31:20 ----D---- C:\WINDOWS\Inf 2014-11-17 20:31:20 ----D---- C:\WINDOWS\debug 2014-11-17 20:21:26 ----D---- C:\WINDOWS\system32\drivers 2014-11-17 20:03:24 ----D---- C:\WINDOWS\WinSxS 2014-11-17 20:02:12 ----D---- C:\WINDOWS\Resources 2014-11-17 08:55:58 ----D---- C:\WINDOWS\Microsoft.NET 2014-11-13 15:06:48 ----HD---- C:\Program Files\WindowsApps 2014-11-13 15:06:48 ----D---- C:\WINDOWS\AppReadiness 2014-11-13 09:22:47 ----D---- C:\WINDOWS\rescache 2014-11-13 09:03:57 ----RSD---- C:\WINDOWS\assembly 2014-11-13 09:03:52 ----D---- C:\WINDOWS\system32\DriverStore 2014-11-13 08:26:40 ----D---- C:\WINDOWS\SysWOW64 2014-11-12 20:43:10 ----RD---- C:\WINDOWS\System32 2014-11-12 20:43:09 ----RD---- C:\WINDOWS\ToastData 2014-11-12 20:43:08 ----RD---- C:\WINDOWS\ImmersiveControlPanel 2014-11-12 20:43:08 ----D---- C:\WINDOWS\apppatch 2014-11-12 20:43:06 ----D---- C:\Program Files\Windows Defender 2014-11-12 20:43:06 ----D---- C:\Program Files (x86)\Windows Defender 2014-11-12 20:43:04 ----D---- C:\WINDOWS\system32\wbem 2014-11-12 20:43:02 ----D---- C:\WINDOWS\SYSWOW64\nl-NL 2014-11-12 20:43:02 ----D---- C:\WINDOWS\system32\nl-NL 2014-11-12 20:43:00 ----D---- C:\WINDOWS\SYSWOW64\migration 2014-11-12 20:43:00 ----D---- C:\Program Files (x86)\Internet Explorer 2014-11-12 20:42:59 ----D---- C:\WINDOWS\system32\migration 2014-11-12 20:42:58 ----D---- C:\Program Files\Internet Explorer 2014-11-12 12:51:13 ----D---- C:\WINDOWS\CbsTemp 2014-11-12 12:45:53 ----D---- C:\WINDOWS\system32\MRT 2014-11-12 12:42:36 ----A---- C:\WINDOWS\system32\MRT.exe 2014-11-12 08:11:47 ----D---- C:\WINDOWS\system32\catroot2 2014-11-11 11:34:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2014-10-30 12:25:26 ----N---- C:\WINDOWS\system32\MpSigStub.exe 2014-10-30 01:55:02 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-14 647736] R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-05-10 157016] R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416] R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152] R3 ATP;@oem5.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2013-11-08 70928] R3 HIDSwitch;@oem7.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280] R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-12-18 3262816] R3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-10-26 342528] R3 iwdbus;@oem18.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-22 26008] R3 kbfiltr;@oem6.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992] R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS-minipoortstuurprogramma voor Qualcomm Atheros AR81xx PCI-E Ethernet-controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224] R3 MEIx64;@oem14.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784] R3 netr28x;@oem4.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-11-02 2606768] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912] S1 MpKsl26590425;MpKsl26590425; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A3E5C60F-4DBC-445A-9566-8DAE0F001D7A}\MpKsl26590425.sys [] S3 intaud_WaveExtensible;@oem17.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-22 39320] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544] S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;UMDF-reflectorservice voor LocationProvider; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2014-05-31 227840] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704] R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2013-09-02 1282152] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-09-09 111416] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896] R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-11-17 714208] R2 MaintainerSvc4.00.5030318;MaintainerSvc4.00.5030318; C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe [2014-11-17 123632] R3 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-04-29 277120] R3 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192] R3 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104] R3 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856] R3 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720] R3 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-07-17 277824] R3 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-07-17 365376] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-21 116648] S3 cphs;Intel® Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-21 116648] -----------------EOF----------------- Verder wou ik nog een vraag stellen: Nu blijkt op diezelfde pc steeds reclame te verschijnen telkens er in google iets wordt gezocht. Meestal is dit iets zoals aff.couploss.com... MVG, K

Beste, mijn ouders krijgen sinds vandaag volgende melding:wlmail.exe - toegangspunt niet gevonden Kan toegangspunt van procedure__crtCreateSymbolicLinkW niet vinden in DLL-bestand C:\Program Files(x86)\SubTap\MSVCP110.dll. Kan je mij zo snel mogelijk helpen zodat mijn ouders terug via live ail hun berichten kunnen bekijken. MVG, Kristof Je kan mij via mail e-mailadres verwijderd bereiken

Beste, heel bedankt, m'n mappen zijn terug zichtbaar geworden. Veel dank aan jou en Kape voor de snelle hulp. Nu ik hier toch beig ben met alles op te schonen. Ik heb wel gezien dat m'n Microsoft security essentials nog steeds dagelijks dezelfde wormen verwijderd. Is het dan zo dat ze niet helemaal weg te krijgen zijn, of is er een beter methode om dit opgelost te krijgen? Het gaat over Win32/Dorkbot!lnk en Win32/Dorkbot.A. Nog een laatste vraag, is Microsoft sec. ess. wel een goede anti-virus en indien niet heb jij een goed (liefst gratis) alternatief, en heb je een voorstel voor anti-spyware? In elk geval, nogmaals veel dank aan jou en Kape. Jullie hebben me snel en goed geholpen. Jullie forum is een echte aanrader. MVG, Kristof

Beste, ik heb je het logje per mail doorgestuurd, maar ik zie nu wel de snelkoppelingen op m'n hdd's terug. Wel met een icoontje alsof ze niet herkend worden door een programma op m'n PC. Dit is misschien wel reeds een stap in de goede richting, want tervoren kon ik enkel die mappen zien door het pad in te geven in de balk bovenaan. Hopelijk komt het allemaal nog snor. MVG, Kristof

Beste, ik zie geen verschil met de vorige toestand van de harde schijven, de mappen zijn nog steeds onzichtbaar en die recycler en autorin staat er nog steeds. MVG, Kristof

Beste, ik probeer al 4x om de log door te sturen, maar of de log is te groot, of er scheelt iets anders. Er verschijnt steeds iets dat het te lang duurt en meer dan 30 sec. Is er een andere manier om de log door te sturen? MVG, Kristof

Beste, ik heb gisteren 3 keer de eset online scan gestart in veilige modus, maar hij bleef telkens op 55% hangen. Er kwam geen foutmelding en de verstreken scantijd bleef wel doorlopen, maar voor de rest gebeurde er niets meer. Kan ik hier iets aan doen, of is er een alternatief voor deze scan, die ik misschien wel kan proberen? MVG, Kristof

Beste, hier nog het mbam logje van een andere externe hdd: Malwarebytes' Anti-Malware 1.51.2.1300 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 8249 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 27/11/2011 14:40:37 mbam-log-2011-11-27 (14-40-37).txt Scantype: Volledige scan (I:\|) Objecten gescand: 217878 Verstreken tijd: 2 uur/uren, 46 minuut/minuten, 7 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 4 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: i:\copy oude hdd laptop\mijn documenten\bittorent\vmware6keygen.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully. i:\copy oude hdd laptop\mijn documenten\prog setups\vmware\vmware workstation v5.0.0.13124 keygen.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully. i:\Progs\acdsee.v9.0.108.photo.manager.incl.keymaker-core\KEY.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully. i:\system volume information\_restore{78788bed-f6fe-4f6f-aafe-fdb5e070a426}\RP615\A0051449.exe (Trojan.Agent) -> Quarantined and deleted successfully. Verder moet ik zeggen dat bij mij de link van die ESET online scanner niet werkt. Moet ik die dan uitvoeren in veilige modus? En als dat het geval is, hoe kan ik dan het best mijn logje bewaren om nadien naar jou toe te kunnen sturen? MVG, K

Beste, de situatie op de externe hdd en usb-sticks is op 't eerste zicht dezelfde gebleven. Op elk apparaat staat zeker een recycler map en een autorun. Sommige hebben ook nog een system volume information bestand. Wat wel is, alle recycler bestanden zijn dezelfde dacht ik. In die map zit steeds een 470a1245.exe en een desktop.ini bestand. De mbam scan voor de andere hdd is nog steeds aan 't lopen. MVG, K

Beste, de scan met mbam voor die andere hdd is bezig, maar mag ik controleren op de andere hdd of usb-sticks of er wat veranderd is? 't is immers zo dat ik dacht dat telkens wanneer ik een nieuw usb toestel voor massaopslag aansloot het virus dat usn-ammaraat infecteerde. Indien ik toch die apparaten mag controleren zeg het me. MVG, K

't heeft wat geduurd eer ik kon verder doen. Hier volgen de 2 logjes. Ik wou wel nog vragen of het zin heeft om mbam nog eens opnieuw uit te voeren met een externe usb hdd erop aangesloten, omdat ik die bij vorige scan niet kon gebruiken? Malwarebytes' Anti-Malware 1.51.2.1300 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 8249 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 27/11/2011 9:24:07 mbam-log-2011-11-27 (09-24-07).txt Scantype: Volledige scan (C:\|D:\|E:\|F:\|G:\|H:\|) Objecten gescand: 361861 Verstreken tijd: 8 uur/uren, 41 minuut/minuten, 21 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 4 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\documents and settings\Kristof\mijn documenten\bittorent\vmware6keygen.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully. c:\documents and settings\Kristof\mijn documenten\prog setups\vmware\vmware workstation v5.0.0.13124 keygen.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\documents and settings\Kristof\application data\469.tmp.vir (Trojan.Passwords.H) -> Quarantined and deleted successfully. h:\mijn documenten\prog setups\vmware\vmware workstation v5.0.0.13124 keygen.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:01:19, on 27/11/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17103) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\DNA\btdna.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HPQ\Shared\hpqwmi.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [spotify] "C:\Documents and Settings\Kristof\Application Data\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O17 - HKLM\System\CS1\Services\Tcpip\..\{0B2245DA-D3E3-46B4-A196-78FA4C899FC7}: NameServer = 83.217.75.130,217.22.50.3 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 11076 bytes MVG, K

Beste, alvast bedankt voor de snelle reactie, hier volgt het logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:15:02, on 26/11/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17103) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Freecorder\FLVSrvc.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\DNA\btdna.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HPQ\Shared\hpqwmi.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [spotify] "C:\Documents and Settings\Kristof\Application Data\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - Global Startup: VPN Client.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O17 - HKLM\System\CS1\Services\Tcpip\..\{0B2245DA-D3E3-46B4-A196-78FA4C899FC7}: NameServer = 83.217.75.130,217.22.50.3 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 11842 bytes

Beste, ik ga al beginnen met met te excuseren voor als er iets op een verkeerde plaats gepost word, maar dit is hier de eerste keer. Mijn probleem: ik krijg meldingen van microsoft security essentials nl met dotkbot!lnk en dorkbot.A de anti-virus beweert telkens dat de worm verwijderd is, maar toch komt die steeds terug. Om echt met m'n pc te werken of surfen vormt er zich niet direkt een probleem. Het grootste probleem is dat de externe hdd's die ik bezit en er op aansluit blijkbaar ook geïnfecteerd raken. Eerst werden al m'n mappen snelkoppelingen, maar toen kon ik op die manier nog aan al m'n bestanden. Nu is het nog wat erger geworden en vind ik enkel nog een recycler map en eventueel een andere map, maar ik kan daar niets meer in terugvinden. Kan iemand mij helpen? Ik wou proberen om een lege usb-stick aan te sluiten op m'n pc, ook daar kwamen direct zo'n recycler map en een autorun.inf map. Indien jullie meer info nodig hebben om me te helpen laat gerust weten. MVG, Kristof