Skylinertje

Ik wil graag de naam van de administrator wijzigen (met alle rechten, instellingen, mappen, documenten). In de professional versie van windows 7 is dat makkelijk: via system 32 naar bestandje secpol.msc en dan lokaal beleid, beveiligingsopties... en dan kunnen we de naam wijzigen. Maar in de home editie heb je dat niet. Hoe kan ik dat toch doen, zonder te formatteren en zo? Er moet toch ook een oplossing voor zijn?

Ik denk dat het ok is. Heb eerst problemen gehad met de updates, maar dat heb ik toch kunnen oplossen. Die geïnfecteerde bestanden zitten nu in quarantaine in Qoobox. Moet ik die verwijderen of niet? Want nu worden ze bij scans wel nog altijd gegeven natuurlijk. Bedankt in elk geval!

ComboFix 12-11-14.01 - Naam 2012-11-15 10:06:08.2.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.6127.3516 [GMT 1:00] Gestart vanuit: c:\users\Naam\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Naam\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} AV: PC Tools Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: PC Tools Spyware Doctor with AntiVirus *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "C:\DUMP41df.tmp" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Tarma Installer c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . konden niet verwijderd worden c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . konden niet verwijderd worden . . (((((((((((((((((((( Bestanden Gemaakt van 2012-10-15 to 2012-11-15 )))))))))))))))))))))))))))))) . . 2012-11-15 09:40 . 2012-11-15 09:40 -------- d-----w- c:\windows\SysWow64\WCID 2012-11-15 09:27 . 2012-11-15 09:27 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-14 14:34 . 2012-08-07 15:18 972192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AFAEBA77-C190-407D-9569-C96350A4BAA8}\gapaengine.dll 2012-11-14 14:34 . 2012-11-14 14:34 -------- d-----w- C:\f3513152111646150af7f67f 2012-11-14 14:32 . 2012-10-17 00:31 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CBB3029F-941E-4CCC-97F2-56161CD165FE}\mpengine.dll 2012-11-14 14:19 . 2012-11-14 14:19 -------- d-----w- C:\fbf4e4962b869f12765b4055 2012-11-14 14:19 . 2012-11-14 14:19 -------- d-----w- c:\program files (x86)\Common Files\Skype 2012-11-14 14:19 . 2012-11-14 14:19 -------- d-----r- c:\program files (x86)\Skype 2012-11-03 13:01 . 2012-11-03 13:01 -------- d-----w- c:\users\Naam\AppData\Roaming\Malwarebytes 2012-11-03 13:01 . 2012-11-03 13:01 -------- d-----w- c:\programdata\Malwarebytes 2012-11-03 13:01 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-03 13:01 . 2012-11-10 23:53 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-11-03 11:30 . 2012-06-22 13:21 706776 --s---w- c:\windows\system32\drivers\TfSysMon.sys 2012-11-03 11:30 . 2012-06-22 13:21 65664 --s---w- c:\windows\system32\drivers\TfFsMon.sys 2012-11-03 11:30 . 2012-06-22 13:21 41968 --s---w- c:\windows\system32\drivers\TfNetMon.sys 2012-11-03 11:11 . 2012-06-22 10:39 85224 ----a-w- c:\windows\system32\drivers\PCTBD64.sys 2012-11-03 11:08 . 2012-06-22 14:35 251560 ----a-w- c:\windows\system32\drivers\PCTSD64.sys 2012-11-03 11:08 . 2012-11-03 11:30 -------- d-----w- c:\programdata\PC Tools 2012-11-03 11:08 . 2012-11-03 11:08 -------- d-----w- c:\users\Naam\AppData\Roaming\TestApp 2012-11-03 10:54 . 2012-11-03 10:54 -------- d-----w- c:\users\Naam\AppData\Roaming\TuneUp Software 2012-11-03 10:49 . 2012-11-03 15:16 -------- d-----w- c:\programdata\MFAData 2012-11-03 10:49 . 2012-11-03 13:38 -------- d-----w- c:\users\Naam\AppData\Local\Avg2013 2012-11-03 10:49 . 2012-11-03 10:49 -------- d-----w- c:\users\Naam\AppData\Local\MFAData 2012-11-03 10:32 . 2012-11-03 10:32 -------- d-----w- c:\users\Naam\AppData\Roaming\Fighters 2012-11-03 10:32 . 2012-11-03 10:32 -------- d-----w- c:\programdata\Fighters 2012-11-03 10:32 . 2012-11-03 10:32 -------- d-----w- c:\program files\Fighters 2012-11-03 10:32 . 2012-11-03 10:32 -------- d-----w- c:\program files (x86)\Fighters 2012-11-03 10:26 . 2012-11-03 10:34 -------- d-----w- c:\users\Naam\AppData\Roaming\Systweak 2012-11-03 10:26 . 2012-09-21 11:05 17080 ----a-w- c:\windows\system32\roboot64.exe 2012-11-02 12:44 . 2012-11-02 12:44 22064 ----a-w- c:\windows\DCEBoot64.exe 2012-10-29 16:22 . 2012-11-02 10:18 -------- d-----w- c:\program files (x86)\CD & DVD Label Maker 2012-10-29 16:19 . 2012-11-15 09:29 -------- d-----w- c:\program files\Microsoft Silverlight 2012-10-29 16:19 . 2012-11-15 09:29 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-10-29 16:10 . 2012-10-29 17:23 -------- d-----w- c:\programdata\NCH Software 2012-10-29 16:10 . 2012-10-29 20:26 -------- d-----w- c:\program files (x86)\NCH Software 2012-10-29 16:10 . 2012-10-29 16:10 -------- d-----w- c:\users\Naam\AppData\Roaming\NCH Software 2012-10-28 11:46 . 2012-10-28 11:46 -------- d-----w- c:\users\Naam\AppData\Local\TimeParadox 2012-10-23 18:06 . 2012-10-23 18:06 -------- d-----w- c:\program files (x86)\Common Files\Java . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-10 14:45 . 2011-07-12 02:46 287303 ----a-w- C:\DUMP41df.tmp 2012-10-29 20:04 . 2011-07-15 18:11 66395536 ----a-w- c:\windows\system32\MRT.exe 2012-10-10 11:26 . 2012-04-01 09:58 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-10 11:26 . 2011-07-19 08:37 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-09-24 13:32 . 2012-09-08 10:52 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-09-24 13:32 . 2011-10-15 09:44 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-08-30 21:03 . 2012-08-30 21:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-30 21:03 . 2011-04-27 14:25 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-08-21 11:01 . 2012-10-08 15:27 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-08-21 11:01 . 2011-07-16 18:41 125872 ----a-w- c:\windows\system32\GEARAspi64.dll 2012-08-21 11:01 . 2011-07-16 18:41 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files (x86)\Winamp Toolbar\winamptb.dll" [2011-06-29 1937736] . [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-07-15 39408] "MyTomTomSA.exe"="c:\program files (x86)\MyTomTom 3\MyTomTomSA.exe" [2012-05-18 434168] "NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-08-03 1086376] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-23 98304] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600] "BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992] "LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-08-30 61112] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-12-09 606208] "WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-07-11 74752] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-06-25 1073352] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ \0 . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2011-07-21 44672] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896] R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [2012-06-22 92928] R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-06-22 402368] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2012-06-22 41968] R3 ThreatFire;ThreatFire;c:\program files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-14 1255736] S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240] S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920] S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [2012-04-23 426616] S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [2012-02-28 453896] S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [2012-02-28 1096176] S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2012-06-22 65664] S0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [2012-06-22 706776] S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2012-06-22 341200] S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [2012-06-22 251560] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-01 89600] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-23 203264] S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-06-22 575448] S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-08-06 681528] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768] S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-08-13 11576] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] S3 LVUVC64;QuickCam Communicate Deluxe(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848] S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824] S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224] S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [2012-06-22 85224] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 10:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 11:26] . 2012-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-15 09:25] . 2012-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-15 09:25] . 2012-11-15 c:\windows\Tasks\HP Photo Creations Communicator.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2012-05-29 11:22] . 2012-11-13 c:\windows\Tasks\HPCeeScheduleForNaam.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . 2012-11-12 c:\windows\Tasks\HPCeeScheduleForNaam-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . 2012-11-15 c:\windows\Tasks\SLOW-PCfighter64-Naam-Notification.job - c:\program files\Fighters\SLOW-PCfighter\Sync.exe [2012-03-02 16:07] . 2012-11-15 c:\windows\Tasks\SLOW-PCfighter64-Naam-Startup.job - c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe [2012-03-02 16:07] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-08-15 37888] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-09-27 489472] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nieuwsblad.be/ uLocal Page = c:\windows\system32\blank.htm uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll TCP: DhcpNameServer = 195.130.130.130 195.130.131.130 DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\users\Ruth Nelis\AppData\Roaming\Mozilla\Firefox\Profiles\wqwu9wqm.default\ FF - prefs.js: browser.startup.homepage - www.sporting.be FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2012-10-23 20:06; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} FF - ExtSQL: 2012-11-03 12:11; {cb84136f-9c44-433a-9048-c5cd9df1dc16}; c:\program files (x86)\PC Tools\PC Tools Security\BDT\Firefox FF - ExtSQL: !HIDDEN! 2011-07-15 11:58; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . - - - - ORPHANS VERWIJDERD - - - - . BHO-{99079a25-328f-4bd4-be04-00955acaa0a7} - (no file) Toolbar-10 - (no file) Toolbar-{99079a25-328f-4bd4-be04-00955acaa0a7} - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\SysWOW64\ezSharedSvcHost.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe c:\progra~2\COMMON~1\Nokia\MPLATF~1\NOKIAM~1.EXE c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe . ************************************************************************** . Voltooingstijd: 2012-11-15 10:54:47 - machine werd herstart ComboFix-quarantined-files.txt 2012-11-15 09:54 ComboFix2.txt 2012-11-14 12:38 . Pre-Run: 1 160 172 216 320 bytes beschikbaar Post-Run: 1 158 625 021 952 bytes beschikbaar . - - End Of File - - 4673ED67C0BAD157BD7603C2D8FD567D

Ik heb dat dus uitgevoerd. Moest weg en wilde mijn pc afsluiten. 2 updates te installeren. we zijn ondertussen meer dan 5 uur verder en het is nog steeds: update 2 van 2 installeren. Da's toch niet normaal? Ik zie wel dat pc nog steeds bezig is, is niet vastgelopen of zo. Kan ik mijn pc nu "abrupt" stoppen, want ik weet niet of ik hierop moet blijven wachten.... is echt al meer dan 5 uur.

ComboFix 12-11-13.02 - <Naam> 2012-11-14 12:55:26.1.8 - x64 MINIMAL Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.6127.4544 [GMT 1:00] Gestart vanuit: c:\users\Naam\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\StartSearch plugin C:\Thumbs.db c:\users\Naam\AppData\Local\assembly\tmp c:\windows\Installer\{dd0bd7b0-a732-9892-fd78-617160c2080d}\@ c:\windows\Installer\{dd0bd7b0-a732-9892-fd78-617160c2080d}\L\00000004.@ c:\windows\Installer\{dd0bd7b0-a732-9892-fd78-617160c2080d}\L\201d3dde c:\windows\Installer\{dd0bd7b0-a732-9892-fd78-617160c2080d}\U\00000004.@ c:\windows\Installer\{dd0bd7b0-a732-9892-fd78-617160c2080d}\U\00000008.@ c:\windows\Installer\{dd0bd7b0-a732-9892-fd78-617160c2080d}\U\000000cb.@ c:\windows\Installer\{dd0bd7b0-a732-9892-fd78-617160c2080d}\U\80000000.@ c:\windows\Installer\{dd0bd7b0-a732-9892-fd78-617160c2080d}\U\80000064.@ . . (((((((((((((((((((( Bestanden Gemaakt van 2012-10-14 to 2012-11-14 )))))))))))))))))))))))))))))) . . 2012-11-14 12:04 . 2012-11-14 12:04 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-03 13:01 . 2012-11-03 13:01 -------- d-----w- c:\users\Naam\AppData\Roaming\Malwarebytes 2012-11-03 13:01 . 2012-11-03 13:01 -------- d-----w- c:\programdata\Malwarebytes 2012-11-03 13:01 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-03 13:01 . 2012-11-10 23:53 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-11-03 11:30 . 2012-06-22 13:21 706776 --s---w- c:\windows\system32\drivers\TfSysMon.sys 2012-11-03 11:30 . 2012-06-22 13:21 65664 --s---w- c:\windows\system32\drivers\TfFsMon.sys 2012-11-03 11:30 . 2012-06-22 13:21 41968 --s---w- c:\windows\system32\drivers\TfNetMon.sys 2012-11-03 11:11 . 2012-06-22 10:39 85224 ----a-w- c:\windows\system32\drivers\PCTBD64.sys 2012-11-03 11:08 . 2012-06-22 14:35 251560 ----a-w- c:\windows\system32\drivers\PCTSD64.sys 2012-11-03 11:08 . 2012-11-03 11:30 -------- d-----w- c:\programdata\PC Tools 2012-11-03 11:08 . 2012-11-03 11:08 -------- d-----w- c:\users\Naam\AppData\Roaming\TestApp 2012-11-03 10:54 . 2012-11-03 10:54 -------- d-----w- c:\users\Naam\AppData\Roaming\TuneUp Software 2012-11-03 10:49 . 2012-11-03 15:16 -------- d-----w- c:\programdata\MFAData 2012-11-03 10:49 . 2012-11-03 13:38 -------- d-----w- c:\users\Naam\AppData\Local\Avg2013 2012-11-03 10:49 . 2012-11-03 10:49 -------- d-----w- c:\users\Naam\AppData\Local\MFAData 2012-11-03 10:32 . 2012-11-03 10:32 -------- d-----w- c:\users\Naam\AppData\Roaming\Fighters 2012-11-03 10:32 . 2012-11-03 10:32 -------- d-----w- c:\programdata\Fighters 2012-11-03 10:32 . 2012-11-03 10:32 -------- d-----w- c:\program files\Fighters 2012-11-03 10:32 . 2012-11-03 10:32 -------- d-----w- c:\program files (x86)\Fighters 2012-11-03 10:26 . 2012-11-03 10:34 -------- d-----w- c:\users\Naam\AppData\Roaming\Systweak 2012-11-03 10:26 . 2012-09-21 11:05 17080 ----a-w- c:\windows\system32\roboot64.exe 2012-11-02 12:44 . 2012-11-02 12:44 22064 ----a-w- c:\windows\DCEBoot64.exe 2012-10-29 16:22 . 2012-11-02 10:18 -------- d-----w- c:\program files (x86)\CD & DVD Label Maker 2012-10-29 16:19 . 2012-10-29 16:19 -------- d-----w- c:\program files\Microsoft Silverlight 2012-10-29 16:19 . 2012-10-29 16:19 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-10-29 16:19 . 2012-11-02 10:07 -------- d-----w- c:\programdata\Tarma Installer 2012-10-29 16:10 . 2012-10-29 17:23 -------- d-----w- c:\programdata\NCH Software 2012-10-29 16:10 . 2012-10-29 20:26 -------- d-----w- c:\program files (x86)\NCH Software 2012-10-29 16:10 . 2012-10-29 16:10 -------- d-----w- c:\users\Naam\AppData\Roaming\NCH Software 2012-10-28 11:46 . 2012-10-28 11:46 -------- d-----w- c:\users\Naam\AppData\Local\TimeParadox 2012-10-23 18:06 . 2012-10-23 18:06 -------- d-----w- c:\program files (x86)\Common Files\Java . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-10 14:45 . 2011-07-12 02:46 287303 ----a-w- C:\DUMP41df.tmp 2012-10-10 11:26 . 2012-04-01 09:58 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-10 11:26 . 2011-07-19 08:37 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-09-24 13:32 . 2012-09-08 10:52 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-09-24 13:32 . 2011-10-15 09:44 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-08-21 11:01 . 2012-10-08 15:27 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-08-21 11:01 . 2011-07-16 18:41 125872 ----a-w- c:\windows\system32\GEARAspi64.dll 2012-08-21 11:01 . 2011-07-16 18:41 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files (x86)\Winamp Toolbar\winamptb.dll" [2011-06-29 1937736] . [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-07-15 39408] "MyTomTomSA.exe"="c:\program files (x86)\MyTomTom 3\MyTomTomSA.exe" [2012-05-18 434168] "NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-08-03 1086376] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-23 98304] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600] "BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992] "LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-08-30 61112] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-12-09 606208] "WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-07-11 74752] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-06-25 1073352] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896] "ISTray"="c:\program files (x86)\PC Tools\PC Tools Security\pctsGui.exe" [2012-06-22 2673624] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ \0 . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2011-07-21 44672] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-14 1255736] S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240] S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920] S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [2012-04-23 426616] S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [2012-02-28 453896] S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [2012-02-28 1096176] S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2012-06-22 65664] S0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [2012-06-22 706776] S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2012-06-22 341200] S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [2012-06-22 251560] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-01 89600] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-23 203264] S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-06-22 575448] S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x] S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-08-06 681528] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768] S2 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-06-22 402368] S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-08-13 11576] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] S3 LVUVC64;QuickCam Communicate Deluxe(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848] S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824] S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224] S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [2012-06-22 85224] S3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [2012-06-22 92928] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800] S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2012-06-22 41968] S3 ThreatFire;ThreatFire;c:\program files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service [x] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - PCTSDInjDriver64 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 10:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-11-13 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 11:26] . 2012-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-15 09:25] . 2012-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-15 09:25] . 2012-11-13 c:\windows\Tasks\HP Photo Creations Communicator.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2012-05-29 11:22] . 2012-11-13 c:\windows\Tasks\HPCeeScheduleForNaam.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . 2012-11-12 c:\windows\Tasks\HPCeeScheduleForNaam-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . 2012-11-14 c:\windows\Tasks\SLOW-PCfighter64-Naam-Notification.job - c:\program files\Fighters\SLOW-PCfighter\Sync.exe [2012-03-02 16:07] . 2012-11-14 c:\windows\Tasks\SLOW-PCfighter64-Naam-Startup.job - c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe [2012-03-02 16:07] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-08-15 37888] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-09-27 489472] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nieuwsblad.be/ uLocal Page = c:\windows\system32\blank.htm uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\users\Naam\AppData\Roaming\Mozilla\Firefox\Profiles\wqwu9wqm.default\ FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - www.sporting.be FF - prefs.js: keyword.URL - hxxp://startsear.ch/?aff=2&src=sp&cf=9fcabc6b-1860-11e1-a5bc-e069958c83f8&q= FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2012-10-23 20:06; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} FF - ExtSQL: 2012-11-03 12:11; {cb84136f-9c44-433a-9048-c5cd9df1dc16}; c:\program files (x86)\PC Tools\PC Tools Security\BDT\Firefox FF - ExtSQL: !HIDDEN! 2011-07-15 11:58; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . - - - - ORPHANS VERWIJDERD - - - - . BHO-{99079a25-328f-4bd4-be04-00955acaa0a7} - (no file) Toolbar-10 - (no file) Toolbar-{99079a25-328f-4bd4-be04-00955acaa0a7} - (no file) Wow6432Node-HKCU-Run-AdobeBridge - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) SafeBoot-MsMpSvc Toolbar-10 - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe c:\windows\SysWOW64\ezSharedSvcHost.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files (x86)\PC Tools\PC Tools Security\pctsSvc.exe c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe c:\progra~2\COMMON~1\Nokia\MPLATF~1\NOKIAM~1.EXE c:\program files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe c:\program files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2012-11-14 13:37:58 - machine werd herstart ComboFix-quarantined-files.txt 2012-11-14 12:37 . Pre-Run: 1 153 013 215 232 bytes beschikbaar Post-Run: 1 158 582 824 960 bytes beschikbaar . - - End Of File - - 1E61AD07C76597059E30EC341C96E8BE PS: Ik heb overal waar mijn echte naam stond (naam van computer en gebruiker ook mijn echte naam) veranderd in Naam.

Tool is vastgelopen. Kan dit niet opnieuw doen. Blijft steeds halverwege hangen.

2 dagen terug had ik een probleem op de computer. Bij Internet Explorer zei hij steeds dat er een fout was opgekomen en dat hij explorer terug moest herstarten. Gisteren deed ik een scan, eerst met AVG, daarna met Spyware doctor. Ze gaven beiden infecties aan. Er zaten infecties in mijn services.exe, wat uiteraard totaal niet ok is. Ze konden deze ook niet zomaar verwijderen of terug in orde brengen. Er waren ook nog enkele andere infecties, maar dit konden ze grotendeels oplossen. Uiteindelijk deed ik nog Malwarebytes' Anti-Malware (MBAM). Omdat AVG een trial was, heb ik deze terug verwijderd (op de goede manier via configuratiescherm). Na dit alles en opnieuw opstarten, is er iets heel raar gebeurd. Mijn documenten zijn weg.... outlook kan ik niet meer openen omdat hij het pst bestand niet vindt, dit staat onder die map van Mijn documenten. MAAR: mijn muziek, mijn afbeeldingen, ... staan wel allemaal nog op de pc. Het is nu echt wel een ramp, want het was jammer genoeg effe geleden dat ik nog een backup had uitgevoerd. Er staat heel veel belangrijke info die ik nodig heb. Ben dus echt wel in paniek. Heb al systeemherstel proberen doen van donderdag, maar dit doet hij niet. Hij doet het herstel zoals het zou moeten, pc start dan terug op en dan geeft hij foutmelding. Dit komt wellicht doordat er die infectie in die services. exe zit. Heeft iemand een oplossing? Zal ik mijn documenten effectief allemaal kwijt zijn, waarvoor ik echt vrees...? Graag enige hulp aub en hopelijk wat goed nieuws. Ik weet niet of die Combofix en zo een oplossing kan bieden...? Bedankt

Heb het al kunnen oplossen... HEb de berekeningen niet in subformulier gezet, maar gewoon in query. Dan werkte het.

Afbeelding is groter gemaakt. Nee, formuliernaam is niet gewijzigd. Wel berekeningen die zijn bijgekomen, en wellicht komt het daardoor, denk ik.

Hoi, ik heb een subformulier gemaakt op basis van een query. Er was een bepaalde code nodig in mijn programma om een paar zaken te laten werken. Nu wil ik in mijn subformulier de som van een veld nemen, om die waarden te kunnen opnemen. Maar dat wil hij niet meer doen. Zie afbeelding: De SOm pakket en het factuurbedrag, wil niet meer opgeteld worden, ik krijg #fout in mijn uiteindelijke gegevens. Hoe zou ik dit kunnen aanpassen?

Dit is de code: Option Compare Database Private Sub Form_Close() Dim rst As Recordset Dim rstParking As Recordset Dim Plaats As String Dim f As Field Set rst = CurrentDb.OpenRecordset("select * from [qryAbonnementenParking]", DB_OPEN_DYNASET) Set rstParking = CurrentDb.OpenRecordset("select * from [tblParkingsOverzicht]", DB_OPEN_DYNASET) For Each f In rstParking.Fields rstParking.Edit f.Value = Null rstParking.Update Next f If rst.RecordCount > 0 Then rst.MoveFirst Do Until rst.EOF Plaats = rst![Plaats klant] For Each f In rstParking.Fields If f.Name = "P" & Plaats Then rstParking.Edit f.Value = "Abon" rstParking.Update End If Next f rst.MoveNext Loop End If rst.Close Set rst = Nothing rstParking.Close Set rstParking = Nothing [Form_frmOverzichtParkings].Refresh End Sub Private Sub KlantID_AfterUpdate() Me.Refresh End Sub MAar hij geeft telkens een fout aan de rode tekst. Wat kan er verkeerd zijn?

Ik ben een bepaalde database aan het maken. Nu, het zit zo: In deze database is er de mogelijk om de pakketten samen te stellen voor de klanten, de bedrijven die sponsoren dus. Dus stel: er is een bedrijf en dat sponsort 10000 euro. Dan wordt in het formulier frmInschrijvingPakket via een subformulier SubfrmInschijfinhoudPakket het pakket samengesteld. Elk artikel heeft een prijs. De optelling wordt dan gemaakt bij het kiezen van de verschillende artikelen in dat pakket (Bijv.: 2 keer een matchbal is dan 2 x 2500 euro, 1 x advertenties in de sportinger, is dan die prijs erbij, een beetje boarding bijv. en dan menu’s.) Menu kost normaal 46 euro en dan het aantal. De artikelen worden opgeteld en stel dat we aan een bedrag komen van 10870 euro (Bedrag Pakket). Dan krijgt die klant automatisch korting en dat wordt daarin gezet. Een korting verdeeld op al deze gekozen artikelen (elk evenveel), MAAR er mag GEEN korting op de menu’s worden gegeven. Dus dit mag niet in die berekening mee zitten. Het uiteindelijke bedrag dat moet betaald worden is sowieso dat sponsorbedrag van 10000 euro (uiteraard allemaal nog zonder btw). Dus op elk artikel komt een korting van zoveel %, die bedragen + het bedrag van de menu’s (zonder korting) moet dan aan 10 000 euro komen. Ik had al allerlei berekeningen gemaakt om dit te doen kloppen, met =IFF([Artikelgroep]=2;……), maar toch is er telkens iets verkeerd. NU denk ik dat het enkel echt kan kloppen als we dan het sponsorbedrag verminderen met het bedrag van de menu’s. Dat heb ik in Sponsorbedragmenu gezet. Maar dan zouden we het bedrag van het pakket ook moeten verminderen met het bedrag van de menu’s om deze berekening te kunnen laten kloppen. Maar daar is iets dat maar niet wil kloppen in mijn berekening. Wellicht is het met VB vrij snel op te lossen. Maar ik weet niet of dit op korte tijd is op te lossen.Ik had een oplossing, maar: Ik kan blijkbaar in een subformulier geen 1 query's samenvoegen --> dat lukt wel, maar dan kan ik mijn keuzelijsten daarin niet meer gebruiken! Het is kort dag? zou dit tegen morgen willen opgelost hebben. Wie heeft ideeën? Contacteer me en ik stuur de database via WeTransfer door. Het is moeilijk om mijn probleem hier uit te leggen. Ik zie dat er wel mensen komen kijken, maar dat er geen reacties binnenkomen, omdat mijn probleem wellicht niet concreet genoeg is. Als iemand toch echt wil helpen, please, stuur dan iets, ik doe het nodige om het concreet uit te leggen en te tonen. Maar ik kan mijn database hier niet tonen wegens te groot. Ik heb qryPakketInhoud Dit is de sql: SELECT tblInschrijfinhoudPakket.[inschrijving PakketID], tblInschrijvingPakket.Datum, tblKlanten.Naam, tblInschrijvingPakket.KlantID, tblArtikelen.OmschrijvingNL, tblInschrijfinhoudPakket.PakketID, tblArtikelen.Artikelcode, tblArtikelen.Verkoopprijs AS Dagprijs, tblArtikelen.Seizoenprijs, tblArtikelen.[Prijs/maand], tblArtikelen.[Abonnement/prijs], IIf([Dagprijs] Is Null,0,[Dagprijs]*[Aantal]) AS [Tot dagprijs], IIf([seizoenprijs] Is Null,0,[seizoenprijs]*[Aantal]) AS [Tot seizoenprijs], IIf([Prijs/maand] Is Null,0,[Prijs/maand]*[Aantal]) AS [Tot maandprijs], IIf([abonnement/prijs] Is Null,0,[Abonnement/prijs]*[Aantal/abon]) AS [Tot abonnementsprijs], tblInschrijfinhoudPakket.Aantal, tblInschrijfinhoudPakket.[Aantal/Abon], [Tot dagprijs]+[Tot seizoenprijs]+[Tot Maandprijs]+[Tot abonnementsprijs] AS Totaal, tblInschrijfinhoudPakket.Opmerking, tblInschrijfinhoudPakket.BoardingplaatsID, tblBoarding.[Prijs/m], tblBoarding.[Lengte (in m)], IIf([Prijs/m] Is Null,0,[Prijs/m]*[Lengte (in m)]) AS [Prijs boarding], [Totaal]+[Prijs Boarding] AS Subtotaal, tblArtikelen.BTWPercentage, [subtotaal]/100*[tblArtikelen.BTWPercentage] AS [btw-bedrag], tblInschrijvingPakket.[Aantal seizoenen], tblInschrijvingPakket.Sponsorbedrag, tblArtikelen.Artikelgroep, IIf([Artikelgroep]=2,[sponsorbedrag]-[subtotaal],0) AS SponsorbedragMenu, tblArtikelgroepen.[Korting toegelaten?] FROM tblArtikelgroepen INNER JOIN (tblArtikelen INNER JOIN (tblBoarding RIGHT JOIN ((tblKlanten INNER JOIN tblInschrijvingPakket ON tblKlanten.ID = tblInschrijvingPakket.KlantID) INNER JOIN tblInschrijfinhoudPakket ON tblInschrijvingPakket.[inschrijving PakketID] = tblInschrijfinhoudPakket.[inschrijving PakketID]) ON tblBoarding.BoardingID = tblInschrijfinhoudPakket.BoardingplaatsID) ON tblArtikelen.ID = tblInschrijfinhoudPakket.PakketID) ON tblArtikelgroepen.ID = tblArtikelen.Artikelgroep WHERE (((tblArtikelen.Artikelgroep)=1 Or (tblArtikelen.Artikelgroep)=2)); Maar dan heb ik in SubfrmInschrijfinhoudPakket: subfrm.jpg Maar daar zit dus de fout! Eigenlijk heb ik volgende zaken hierbij nodig: Uit qryTotalenPAkketZonderMenu’s: qry1.jpg Dit geeft de juiste procenten weer van wat van elk artikel mag worden afgetrokken. MAAR dit mag niet op artikels uit artikelgroep 2 (dus menu’s e.d.) qryTotalenPakektZonderMenu’s is gebaseerd op qryBedragenZonderMenu’sTest qry2.jpg Nu: ik had beide query’s: qryPakketInhoud en qryTotalenPakketZonderMenu’s samen in een subformulier gezet. Dit kon me de juiste %-en bezorgen. Maar dan werken mijn keuzelijsten daarin niet. Dus dat is geen optie. Op de moment heb ik al zovele berekeningen en zaken gedaan, dat ik het ofwel te moeilijk aan het maken ben nu. Eigenlijk zou ik in qryPakketInhoud moeten kunnen zeggen dat er korting wordt berekend op alles behalve op de menu’s. Dus we hebben daar dan een Totaal pekket, en een Sponsorbedrag. Dus da’s moet dat Sponsorbedrag – het bedrag van de menu’s gaan en het totale pakket ook – bedrag van de menu’s. En dan wordt het aantal % berekend via dat (zie bijv. frmOverzichtPakkettenKlanten  daar staat aantal % juist in)….. maar als er een menu wordt gekozen in de lijst, dan moet het % bedrag altijd 0 zijn. Dan is er geen korting. Hopelijk is dit iets duidelijker. Bedankt! Bedankt!