romijo

23 juni 2012

Lukt niet hij gaat gewoon weer zijn instalatie doen

vr.gr.

23 juni 2012

okè ga ik nu doen

23 juni 2012

Héééééél véééééél dank !!!! maar ik ben er nog niet doe precies wat je zegt om combofix te uninstaleren, maar i.p.v. begint hij zich te instaleren en gaat opnieuw de eerdere procedure doen ?? overigens staat hij er 2x op in downloads en op bureaublad.

dus ben ik nog maar niet verder gegaan met de schoonmaak, zal toch denk ik het rijtje op volgorde af moeten werken.

wacht eerst je antwoord even af.

vr.gr.

---------- Post toegevoegd om 20:05 ---------- Vorige post was om 20:03 ----------

heb het wel tot 3x toe geprobeerd en was ik weer vergeten die virusscanner uit te schakelen dus dat maar snel gedaan.

23 juni 2012

Heb hem verwijderd. gaf geen probleem

er werd natuurlijk wel gevraagd of ik het echt wilde en dat het schade aan het register kon brengen.

vr.gr.

---------- Post toegevoegd om 16:34 ---------- Vorige post was om 16:26 ----------

opnieuw opgestart en krijg nu geen foutmelding meer

23 juni 2012

Zo simpel is het tjonge je moet het maar weten bedankt ik zie het volgende zie screenshotje

heb er nog niets mee gedaan.

och.. ik kan hem niet toevoegen er is helemaal geen screenshot heeft hem wel opgeslagen maar als 'n ander bestand

nou ja, ik zag hem èèn keer staan de csbdmd.dll

vr.gr.

---------- Post toegevoegd om 15:35 ---------- Vorige post was om 15:27 ----------

csbdmd Reg_SZ rundll 32 exe "C:\users\mieke\appData\local\\tem............

dit zie ik staan

gr.

23 juni 2012

Fijn te horen retlawv, ik heb er ook 't volste vertrouwen in bedankt voor je stimulans.

23 juni 2012

Hoi kape, fijn dat je er weer bent, ik heb 't volgende gedaan: eerst regedit ingetypt dat komt bovenaan als enige in het rijtje staan

daar klik ik op en zie enorm veel mappen die ik dus de vorige dag heb doorzocht stuk voor stuk (bijna niet te doen) en daar niets gevonden, nu vandaag regedit - bewerken - zoeken tegelijk ingetypt en dan krijg ik het volgende te zien.

die heb ik dus meteen weer weggeklikt, jeetje ben ik nou zo dom, ik weet echt niet hoe ik het anders moet doen.

ik kom niet in een zoekveld terecht ??

vr. gr.

22 juni 2012

ik denk dan dat ik je verkeerd begrepen heb sorry ben toch niet blond, maar ga nu dan denk ik maar CSBDMD.DLL in zoekveld plaatsen ?? is dat goed dan??

vr.gr.

---------- Post toegevoegd om 00:57 ---------- Vorige post was om 00:55 ----------

sorry ik vergeet je vraag te beantwoorden, ik heb het bestand niet èèn keer gevonden, had regedit ingetypt en daarna gescrold gezocht in de vele, vele, bestanden

vr.gr.

---------- Post toegevoegd om 01:00 ---------- Vorige post was om 00:57 ----------

Dat lukt ook niet, in zoekveld plaatsen.

ik ga er nu mee stoppen in de hoop dat je er morgen weer bent.

vr. gr. en dank voor alle hulp

22 juni 2012

Ik heb gezocht en gezocht maar kan niets vinden, zelfs niets wat er op lijkt, ik hoop dat ik niets over het hoofd heb gezien want het is me toch een grote lijst pffffff....

vr.gr.

22 juni 2012

Dat heb ik gedaan, en het lijkt erop dat de snelkoppelingen blijven staan had er 2 elders geplaatst en die zijn na herstart blijven staan, nu zie ik telkens bij opstarten de volgende afbeelding, was voorheen zo nu en dan.

vr.gr.

22 juni 2012

ComboFix 12-06-21.03 - MIEKE 22-06-2012 12:06:47.2.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4087.2737 [GMT 2:00]

Gestart vanuit: c:\users\MIEKE\Desktop\ComboFix.exe

AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

FW: ESET Persoonlijke firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . konden niet verwijderd worden

c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . konden niet verwijderd worden

.

---- Voorgaande Run -------

.

C:\install.exe

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoods.crx

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoods.png

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsApp.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsEng.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\uninstall.exe

c:\programdata\FullRemove.exe

c:\programdata\page\page.ico

c:\programdata\page\page.URL

c:\users\MIEKE\AppData\Roaming\Ciokmu\ycsy.iwe

c:\users\MIEKE\AppData\Roaming\ImgBurn.exe

c:\users\MIEKE\AppData\Roaming\inst.exe

c:\users\MIEKE\AppData\Roaming\Microsoft\~DFK2377dd1.tmp

c:\users\MIEKE\AppData\Roaming\Microsoft\1eaadjc.dll

c:\users\MIEKE\AppData\Roaming\Microsoft\bass.dll

c:\users\MIEKE\AppData\Roaming\Microsoft\engine_vx.dll

c:\users\MIEKE\AppData\Roaming\Microsoft\kfgresk.dll

c:\users\MIEKE\AppData\Roaming\Microsoft\peaadje.dll

c:\users\MIEKE\AppData\Roaming\Microsoft\qwadjb.dll

c:\users\MIEKE\AppData\Roaming\Microsoft\rsaadjd.dll

c:\users\MIEKE\AppData\Roaming\yuvcodecs-1.3.exe

c:\windows\Installer\{2b55e4c9-08fe-e89f-3338-eb4e4fbd0c2e}\@

c:\windows\Installer\{2b55e4c9-08fe-e89f-3338-eb4e4fbd0c2e}\L\00000004.@

c:\windows\Installer\{2b55e4c9-08fe-e89f-3338-eb4e4fbd0c2e}\L\1afb2d56

c:\windows\Installer\{2b55e4c9-08fe-e89f-3338-eb4e4fbd0c2e}\U\00000004.@

c:\windows\Installer\{2b55e4c9-08fe-e89f-3338-eb4e4fbd0c2e}\U\00000008.@

c:\windows\Installer\{2b55e4c9-08fe-e89f-3338-eb4e4fbd0c2e}\U\000000cb.@

c:\windows\Installer\{2b55e4c9-08fe-e89f-3338-eb4e4fbd0c2e}\U\80000032.@

c:\windows\IsUn0413.exe

c:\windows\iun6002.exe

c:\windows\security\Database\tmp.edb

c:\windows\SysWow64\avisynth.dll

c:\windows\SysWow64\devil.dll

c:\windows\SysWow64\Packet.dll

c:\windows\SysWow64\pthreadVC.dll

c:\windows\SysWow64\wpcap.dll

c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . konden niet verwijderd worden

c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . konden niet verwijderd worden

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_NPF

-------\Service_npf

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-05-22 to 2012-06-22 ))))))))))))))))))))))))))))))

.

2012-06-22 10:13 . 2012-06-22 10:13 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-06-21 19:46 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-21 19:46 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-21 19:46 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-21 19:46 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-21 19:46 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-21 19:46 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-21 19:46 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-21 19:46 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-21 19:46 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-21 16:11 . 2012-06-21 16:11 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-06-20 21:26 . 2012-06-20 21:26 -------- d-----w- c:\program files (x86)\Photosynth

2012-06-20 21:20 . 2012-06-20 21:20 -------- d-----w- c:\program files\Microsoft Silverlight

2012-06-20 21:20 . 2012-06-20 21:20 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2012-06-14 16:15 . 2012-06-14 16:15 -------- d-----w- c:\program files (x86)\PhotoStitcher

2012-06-01 07:47 . 2012-06-01 07:47 -------- d-----w- c:\users\MIEKE\AppData\Roaming\MOVAVI

2012-06-01 07:47 . 2012-06-01 07:48 -------- d-----w- c:\programdata\Movavi Video Editor 7 SE

2012-06-01 07:46 . 2012-06-01 07:47 -------- d-----w- c:\program files (x86)\Movavi Video Editor 7 SE

2012-05-30 19:02 . 2012-05-30 19:02 -------- d-----w- c:\program files (x86)\SoftOrbits Photo Retoucher

2012-05-28 12:32 . 2012-05-28 12:32 -------- d-----w- c:\users\MIEKE\AppData\Roaming\ffDiaporama

2012-05-25 07:25 . 2012-05-25 07:25 -------- d-----w- c:\users\MIEKE\AppData\Local\Aiseesoft Studio

2012-05-25 07:24 . 2012-05-25 07:24 -------- d-----w- c:\programdata\Aiseesoft Studio

2012-05-25 07:24 . 2012-05-25 07:24 -------- d-----w- c:\program files (x86)\Aiseesoft Studio

2012-05-23 18:48 . 2012-05-23 18:50 -------- d-----w- c:\users\MIEKE\AppData\Roaming\Ibewy

2012-05-23 18:48 . 2012-05-23 18:49 -------- d-----w- c:\users\MIEKE\AppData\Roaming\Ypidd

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-06-10 11:33 . 2012-03-30 11:24 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-06-10 11:33 . 2011-06-09 07:08 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-06 14:57 . 2012-05-06 14:57 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2012-05-06 14:57 . 2011-07-22 07:04 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-05-04 19:18 . 2012-04-13 21:18 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-05-04 06:01 . 2012-05-04 06:01 265797 ----a-w- c:\windows\SysWow64\pdvcodec.dll

2012-04-08 17:06 . 2012-04-08 17:06 388096 ----a-r- c:\users\MIEKE\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-04-04 13:56 . 2012-04-10 19:13 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-08 06:06 . 2012-01-12 15:43 1261568 ----a-w- c:\program files (x86)\ess.msi

2011-12-08 06:01 . 2012-01-12 15:26 1245184 ----a-w- c:\program files (x86)\eav.msi

2011-10-10 11:55 . 2011-10-11 21:52 2254848 ----a-w- c:\program files (x86)\sp_setup.msi

2011-09-22 11:12 . 2012-01-12 15:26 375056 ----a-w- c:\program files (x86)\updater.dll

2011-09-22 11:11 . 2012-01-12 15:26 561480 ----a-w- c:\program files (x86)\eguiUpdate.dll

2011-09-22 11:11 . 2012-01-12 15:26 1694992 ----a-w- c:\program files (x86)\SysRescue.exe

2011-09-22 11:10 . 2012-01-12 15:26 1877272 ----a-w- c:\program files (x86)\SysInspector.exe

2011-09-22 11:10 . 2012-01-12 15:26 196848 ----a-w- c:\program files (x86)\shellExt.dll

2011-09-22 11:09 . 2012-01-12 15:26 380200 ----a-w- c:\program files (x86)\eplgOutlook.dll

2011-09-22 11:09 . 2012-01-12 15:26 403384 ----a-w- c:\program files (x86)\eplgOE.dll

2011-09-22 11:09 . 2012-01-12 15:26 11976 ----a-w- c:\program files (x86)\eplgHooks.dll

2011-09-22 11:09 . 2012-01-12 15:26 107768 ----a-w- c:\program files (x86)\eguiMailPlugins.dll

2011-09-22 11:07 . 2012-01-12 15:26 136120 ----a-w- c:\program files (x86)\http_dll.dll

2011-09-22 11:07 . 2012-01-12 15:26 36192 ----a-w- c:\program files (x86)\EHttpSrv.exe

2011-09-22 11:07 . 2012-01-12 15:26 246288 ----a-w- c:\program files (x86)\eguiHips.dll

2011-09-22 11:06 . 2012-01-12 15:43 500168 ----a-w- c:\program files (x86)\eplgOutlookSmon.dll

2011-09-22 11:06 . 2012-01-12 15:43 442512 ----a-w- c:\program files (x86)\eplgOESmon.dll

2011-09-22 11:06 . 2012-01-12 15:43 224152 ----a-w- c:\program files (x86)\eguiSmon.dll

2011-09-22 11:05 . 2012-01-12 15:26 556848 ----a-w- c:\program files (x86)\eguiScan.dll

2011-09-22 11:04 . 2012-01-12 15:26 1648672 ----a-w- c:\program files (x86)\eguiEpfw.dll

2011-09-22 11:04 . 2012-01-12 15:43 744856 ----a-w- c:\program files (x86)\eguiParental.dll

2011-09-22 11:03 . 2012-01-12 15:26 25904 ----a-w- c:\program files (x86)\eh64.exe

2011-09-22 11:03 . 2012-01-12 15:26 4035152 ----a-w- c:\program files (x86)\egui.exe

2011-09-22 11:03 . 2012-01-12 15:26 909024 ----a-w- c:\program files (x86)\eguiProductRcd.dll

2011-09-22 11:02 . 2012-01-12 15:26 896664 ----a-w- c:\program files (x86)\eguiProduct.dll

2011-09-22 11:02 . 2012-01-12 15:26 254016 ----a-w- c:\program files (x86)\eplgOEEmon.dll

2011-09-22 11:02 . 2012-01-12 15:26 234952 ----a-w- c:\program files (x86)\eplgOutlookEmon.dll

2011-09-22 11:02 . 2012-01-12 15:26 120128 ----a-w- c:\program files (x86)\eguiEmon.dll

2011-09-22 11:01 . 2012-01-12 15:26 43408 ----a-w- c:\program files (x86)\eeclnt.exe

2011-09-22 11:01 . 2012-01-12 15:26 115008 ----a-w- c:\program files (x86)\eguiDmon.dll

2011-09-22 11:01 . 2012-01-12 15:26 167472 ----a-w- c:\program files (x86)\DMON.dll

2011-09-22 11:01 . 2012-01-12 15:26 46480 ----a-w- c:\program files (x86)\ecmd.exe

2011-09-22 11:01 . 2012-01-12 15:26 278664 ----a-w- c:\program files (x86)\ecls.exe

2011-09-22 11:00 . 2012-01-12 15:26 346728 ----a-w- c:\program files (x86)\eguiAmon.dll

2011-09-22 11:00 . 2012-01-12 15:26 70176 ----a-w- c:\program files (x86)\callmsi.exe

2011-09-21 19:33 . 2012-01-12 15:43 369708 ----a-w- c:\program files (x86)\SS64NL.exe

2011-09-21 18:09 . 2012-01-12 15:13 369686 ----a-w- c:\program files (x86)\EAV64NL.exe

2010-09-20 11:24 . 2012-01-12 15:43 0 ----a-r- c:\program files (x86)\ekrnParentalLang.dll

2010-09-20 11:24 . 2012-01-12 15:43 0 ----a-r- c:\program files (x86)\eguiParentalLang.dll

2010-08-24 12:46 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnHipsLang.dll

2010-08-24 12:46 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiHipsLang.dll

2010-01-26 10:11 . 2011-12-03 22:35 444283 ----a-w- c:\program files (x86)\Common Files\WinPcapNmap.exe

2009-08-11 12:37 . 2012-01-12 15:26 1655296 ----a-w- c:\program files (x86)\mfc80u.dll

2009-08-11 12:37 . 2012-01-12 15:26 802640 ----a-w- c:\program files (x86)\msvcr80.dll

2009-08-11 12:37 . 2012-01-12 15:26 1068368 ----a-w- c:\program files (x86)\msvcp80.dll

2008-09-12 13:42 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\SysRescueLang.dll

2008-07-14 08:10 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\eplgTbSmonLang.dll

2008-07-14 08:10 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eplgTbLang.dll

2008-05-19 13:47 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\SysInspectorLang.dll

2008-04-23 11:44 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnDmonLang.dll

2008-04-23 11:44 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiDmonLang.dll

2007-09-12 08:45 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eclsLang.dll

2007-08-07 07:13 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnMailPluginsLang.dll

2007-08-07 07:13 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiMailPluginsLang.dll

2007-07-12 14:12 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\eplgOESmonLang.dll

2007-07-12 14:12 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eplgOELang.dll

2007-05-29 14:04 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ShellExtLang.dll

2007-05-10 15:22 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\eplgOutlookSmonLang.dll

2007-05-10 07:59 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnScanLang.dll

2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiLang.dll

2007-04-25 13:09 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\ekrnSmonLang.dll

2007-04-25 13:09 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\eguiSmonLang.dll

2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eplgOutlookLang.dll

2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eplgOutlookEmonLang.dll

2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnUpdateLang.dll

2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnLang.dll

2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnEpfwLang.dll

2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiUpdateLang.dll

2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiScanLang.dll

2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiEpfwLang.dll

2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiEmonLang.dll

2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiAmonLang.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ContactKeeper Birthday reminder"="c:\program files (x86)\ContactKeeper\ContactKeeper.exe" [2011-11-11 921600]

"ChromeFrameHelper"="c:\users\MIEKE\AppData\Local\Google\Chrome\Application\19.0.1084.56\chrome_frame_helper.exe" [2012-06-07 96792]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]

"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]

"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]

"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2009-09-01 75048]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"TrayServer"="c:\program files (x86)\MAGIX\Video_deluxe_16_Plus_Download-versie\TrayServer.exe" [2008-09-10 90112]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"IndexSearch"="c:\program files (x86)\Nuance\PaperPort\IndexSearch.exe" [2010-03-08 46368]

"PaperPort PTD"="c:\program files (x86)\Nuance\PaperPort\pptd40nt.exe" [2010-03-08 29984]

"PPort12reminder"="c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" [2010-02-09 328992]

"PDFHook"="c:\program files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-05 636192]

"PDF5 Registry Controller"="c:\program files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-05 62752]

"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-03-28 1611160]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-9-22 110592]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer3"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 136176]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-10 257224]

R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]

R3 Droppix Service;Droppix Service;c:\program files (x86)\Common Files\Droppix\DxService.exe [2009-08-28 221184]

R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 136176]

R3 IAMTVE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTVE.sys [x]

R3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTXPE.sys [x]

R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [x]

R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [x]

R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x]

R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x]

R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [x]

R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]

R3 LVUVC64;Logitech Webcam 300(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]

S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]

S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]

S2 {6E090BD5-4EF5-4bf0-A968-74049E88E935};Power Control [2011/05/09 19:58];c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\000.fcl [2010-01-25 10:32 146928]

S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/05/10 00:09];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [2009-09-01 14:59 146928]

S2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;c:\program files (x86)\Abrosoft\FantaMorph5\FantaUp.exe [2010-11-18 224176]

S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-10-26 37280]

S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]

S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-12-02 74752]

S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2011-12-02 8704]

S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-10 13336]

S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000]

S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-08 144672]

S2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]

S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [x]

S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]

S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]

S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [x]

S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [x]

S3 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]

S3 gwfilt64;gwfilt64;c:\windows\system32\drivers\gwfilt64.sys [x]

S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]

S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2010-08-16 11:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-06-22 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 11:33]

.

2012-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 19:56]

.

2012-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 19:56]

.

2012-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2245337307-2652089892-1536042135-1001Core.job

- c:\users\MIEKE\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-10 11:32]

.

2012-06-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2245337307-2652089892-1536042135-1001UA.job

- c:\users\MIEKE\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-10 11:32]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]

"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.startpagina.nl/

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_m7721&r=17360511t306pe425v195w46m1t624

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Free YouTube to MP3 Converter - c:\users\MIEKE\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Openen in PDF Viewer Plus - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm

TCP: DhcpNameServer = 88.159.1.200 88.159.1.201

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

ShellIconOverlayIdentifiers-{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} - (no file)

Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - c:\program files (x86)\4Sync\ShellExt.dll

ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - c:\program files (x86)\4Sync\ShellExt.dll

ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - c:\program files (x86)\4Sync\ShellExt.dll

HKLM-Run-csbdmd - c:\users\MIEKE\AppData\Local\Temp\csbdmd.dll

HKLM-Run-combofix - c:\combofix\CF26669.3XE

AddRemove-Adobe Photoshop 7.0 - c:\windows\ISUN0413.EXE

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\uninstall.exe

AddRemove-HelixYUVCodecs - c:\windows\system32\uninstHelixYUV.exe

AddRemove-WYSIWYG_Web_Builder_7_NL - c:\windows\iun6002.exe

AddRemove-{9570A579-88E2-4B73-A28F-3ED8FCB8C0D8}_is1 - c:\program files (x86)\WebSite X5 v9 - Free\unins000.exe

.

"ImagePath"="\SystemRoot\system32\drivers\1394ohci.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{6E090BD5-4EF5-4bf0-A968-74049E88E935}]

"ImagePath"="\??\c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\000.fcl"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]

"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FotoManager10Deluxe.8.alb"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="MAGIXviewer.eps"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="MAGIXviewer.gif"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="MAGIXviewer.iff"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="MAGIXviewer.pcd"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="MAGIXviewer.png"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="MAGIXviewer.tga"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="MAGIXviewer.tif"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="MAGIXviewer.tiff"

.

[HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\png*¾ZÌ`<aV]

"0"=hex:14,00,1f,44,47,1a,03,59,72,3f,a7,44,89,c5,55,95,fe,6b,30,ee,20,00,00,

00,1a,00,ee,bb,fe,23,00,00,10,00,30,81,e2,33,1e,4e,76,46,83,5a,98,39,5c,3b,\

"MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe

c:\windows\SysWOW64\PSIService.exe

c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

c:\program files (x86)\Cyberlink\Shared files\RichVideo.exe

c:\program files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE

.

**************************************************************************

.

Voltooingstijd: 2012-06-22 12:20:14 - machine werd herstart

ComboFix-quarantined-files.txt 2012-06-22 10:20

.

Pre-Run: 542.980.186.112 bytes beschikbaar

Post-Run: 542.580.260.864 bytes beschikbaar

.

- - End Of File - - B17D5CB91F2ECBD27530028CFA5DC9E7

Ben tegen de avond weer terug hartelijk dank alvast weer vr.gr.

22 juni 2012

22 juni 2012

Ja krijg hem nog steeds, en alles is nog verward ook de snelkoppelingen zijn eigenwijs en gaan allemaal weer links van bureaublad staan. poeh,poeh, komt dit nog wel goed?

vr.gr. en veel dank voor de hulp.

22 juni 2012

sorry opnieuw gedaan was blijkbaar nog niet goed wakker.

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Databaseversie: v2012.06.22.03

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

MIEKE :: MIEKE-PC [administrator]

22-6-2012 9:05:33

mbam-log-2012-06-22 (09-05-33).txt

Scantype: Snelle scan

Uitgeschakelde scanopties: P2P

Objecten gescand: 212999

Verstreken tijd: 50 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

log van hijtack opnieuw

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:11:20, on 22-6-2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Users\MIEKE\AppData\Local\Google\Chrome\Application\19.0.1084.56\chrome_frame_helper.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe

C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe

C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe

C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe

C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"

O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Download-versie\TrayServer.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"

O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"

O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"

O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe

O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe

O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [ContactKeeper Birthday reminder] "C:\Program Files (x86)\ContactKeeper\ContactKeeper.exe" /Reminder

O4 - HKCU\..\Run: [Google Update] "C:\Users\MIEKE\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

O4 - HKCU\..\Run: [ChromeFrameHelper] "C:\Users\MIEKE\AppData\Local\Google\Chrome\Application\19.0.1084.56\chrome_frame_helper.exe" --startup

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\MIEKE\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O8 - Extra context menu item: Openen in PDF Viewer Plus - res://C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Users\MIEKE\AppData\Local\Google\Chrome\Application\19.0.1084.56\npchrome_frame.dll

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - Unknown owner - C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe

O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe

O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Droppix Service - Unknown owner - C:\Program Files (x86)\Common Files\Droppix\DxService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13850 bytes

sorry ik hoop dat ik het nu goed gedaan heb.

vr.gr.

22 juni 2012

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Databaseversie: v2012.06.22.03

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

MIEKE :: MIEKE-PC [administrator]

22-6-2012 8:40:48

mbam-log-2012-06-22 (08-40-48).txt

Scantype: Snelle scan

Uitgeschakelde scanopties: P2P

Objecten gescand: 213019

Verstreken tijd: 4 minuut/minuten, 8 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

2de log hijack

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 8:52:30, on 22-6-2012