petraveldman

Nee dat werkt ook niet, maar vind het eigenlijk wel prima zo hoor. Mn laptop is weer lekker snel geworden vriendelijk bedankt

Oke die is verwijderd alleen die andere 3 programma´s zijn me helaas niet gelukt.

Hier het logje van combofix ComboFix 12-09-24.03 - petra 25-09-2012 19:28:32.1.1 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.1919.700 [GMT 2:00] Gestart vanuit: c:\users\petra\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\cb.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\cb.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\cb.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\cid.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\cid.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\CLSV.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\CLSV.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\CLSV.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\CLSV.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\CLSV.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\DBOLE.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\DBOLE.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\ddv.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\ddv.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\ddv.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\delfile.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\delfile.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\delfile.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\delfile.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\delfile.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\dudl.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\dudl.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\eb.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\eb.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\eb.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\eb.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\eb.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\energy.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\energy.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\energy.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\energy.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\energy.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\exec.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\exec.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\exec.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\exec.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\exec.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\fan.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\fan.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\fan.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\fix.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\fix.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\fix.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\FS.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\FW.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\FW.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\FW.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\FW.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\gid.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\gid.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\gid.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\gid.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\grid.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\grid.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\hymt.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\hymt.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\hymt.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\hymt.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\kernel32.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\kernel32.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\kernel32.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\kernel32.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\kernel32.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\pal.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\pal.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\pal.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\pal.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\pal.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\PE.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\PE.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\PE.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\PE.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\PE.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\ppal.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\ppal.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\ppal.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\runddl.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\runddl.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\SICKBOY.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\SICKBOY.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\SICKBOY.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\SICKBOY.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\SICKBOY.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\sld.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\sld.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\sld.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\sld.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\SM.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\SM.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\SM.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\snl2w.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\snl2w.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\snl2w.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\std.dll c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\std.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\std.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\std.tmp c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\tempdoc.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\tempdoc.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\tjd.drv c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\tjd.exe c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\tjd.sys c:\users\petra\AppData\Roaming\Microsoft\Windows\Recent\tjd.tmp c:\windows\IsUn0413.exe c:\windows\msvcr71.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-25 to 2012-09-25 )))))))))))))))))))))))))))))) . . 2012-09-25 17:49 . 2012-09-25 17:49 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-09-25 17:44 . 2012-09-25 17:44 -------- d-----w- c:\users\petra\AppData\Local\Diagnostics 2012-09-25 16:52 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-09-25 16:52 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-09-25 16:48 . 2012-09-25 16:48 -------- d-----w- c:\program files\CCleaner 2012-09-25 16:28 . 2012-09-25 16:29 186 ----a-w- c:\windows\DeleteOnReboot.bat 2012-09-25 14:45 . 2012-09-25 14:45 -------- d-----w- c:\users\petra\AppData\Roaming\AVG2013 2012-09-25 14:44 . 2012-09-25 14:44 -------- d-----w- c:\users\petra\AppData\Roaming\TuneUp Software 2012-09-25 14:43 . 2012-09-25 14:43 31080 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2012-09-25 14:43 . 2012-09-25 16:28 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search 2012-09-25 14:41 . 2012-09-25 14:53 -------- d-----w- c:\programdata\AVG2013 2012-09-25 14:34 . 2012-09-25 14:53 -------- d-----w- c:\users\petra\AppData\Local\Avg2013 2012-09-25 14:34 . 2012-09-25 14:34 -------- d-----w- c:\users\petra\AppData\Local\MFAData 2012-09-25 14:19 . 2012-09-25 14:19 -------- d-----w- c:\users\petra\AppData\Local\Windows Live Writer 2012-09-25 14:19 . 2012-09-25 14:19 -------- d-----w- c:\users\petra\AppData\Roaming\Windows Live Writer 2012-09-25 14:13 . 2012-09-25 14:13 -------- d-----w- c:\users\petra\AppData\Roaming\Malwarebytes 2012-09-25 14:12 . 2012-09-25 14:12 -------- d-----w- c:\programdata\Malwarebytes 2012-09-25 14:12 . 2012-09-25 14:12 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-09-25 14:12 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-25 14:01 . 2012-09-25 14:01 -------- d-----w- c:\windows\nl 2012-09-25 13:59 . 2012-09-25 13:59 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition 2012-09-25 13:57 . 2012-03-08 16:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-09-25 13:57 . 2012-09-25 14:08 -------- d-----w- c:\program files\Windows Live 2012-09-25 13:50 . 2012-09-25 17:11 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-09-25 13:49 . 2012-09-25 13:49 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\9a2190e41cd9b2404\bingbarsetup.exe 2012-09-25 13:49 . 2012-09-25 13:49 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\90f939611cd9b2403\MeshBetaRemover.exe 2012-09-25 13:49 . 2012-09-25 13:49 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\895145ee1cd9b2402\DSETUP.dll 2012-09-25 13:49 . 2012-09-25 13:49 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\895145ee1cd9b2402\DXSETUP.exe 2012-09-25 13:49 . 2012-09-25 13:49 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\895145ee1cd9b2402\dsetup32.dll 2012-09-25 13:49 . 2012-09-25 13:49 6260088 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\8313bd3a1cd9b2401\Silverlight.4.0.exe 2012-09-25 13:47 . 2012-09-25 16:21 -------- d-----w- c:\users\petra\AppData\Roaming\BrowserCompanion 2012-09-25 13:27 . 2012-09-25 13:27 388096 ----a-r- c:\users\petra\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-09-25 13:27 . 2012-09-25 13:27 -------- d-----w- c:\program files (x86)\Trend Micro 2012-09-17 16:58 . 2012-09-17 16:58 56672 ----a-w- c:\windows\system32\drivers\avgidsha.sys 2012-09-14 03:34 . 2012-09-14 03:34 105312 ----a-w- c:\windows\system32\drivers\avgmfx64.sys 2012-09-12 09:47 . 2012-09-12 09:47 199520 ----a-w- c:\windows\system32\drivers\avgtdia.sys 2012-09-12 09:47 . 2012-09-12 09:47 175968 ----a-w- c:\windows\system32\drivers\avgldx64.sys 2012-09-12 07:53 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll 2012-09-12 07:53 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2012-09-12 07:53 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-09-12 07:53 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\rndismpx.sys 2012-09-12 07:53 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys 2012-09-12 07:53 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-09-12 07:53 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys 2012-09-12 07:53 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-20 08:13 . 2012-04-04 08:14 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-09-20 08:13 . 2012-04-04 08:14 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-09-12 06:49 . 2009-11-30 17:32 64462936 ----a-w- c:\windows\system32\MRT.exe 2012-08-13 14:40 . 2012-08-13 14:40 150880 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys 2012-08-10 02:52 . 2012-08-10 02:52 40288 ----a-w- c:\windows\system32\drivers\avgrkx64.sys 2012-08-09 11:56 . 2012-08-09 11:56 230240 ----a-w- c:\windows\system32\drivers\avgloga.sys 2012-07-18 18:15 . 2012-08-23 19:00 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-06 20:07 . 2012-08-23 20:43 552960 ----a-w- c:\windows\system32\drivers\bthport.sys 2012-07-04 22:16 . 2012-08-23 19:00 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-07-04 22:13 . 2012-08-23 19:00 59392 ----a-w- c:\windows\system32\browcli.dll 2012-07-04 22:13 . 2012-08-23 19:00 136704 ----a-w- c:\windows\system32\browser.dll 2012-07-04 21:14 . 2012-08-23 19:00 41984 ----a-w- c:\windows\SysWow64\browcli.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ares"="c:\program files (x86)\Ares\Ares.exe" [2010-10-27 1015808] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624] "ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-09-14 3039352] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2013\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-22 135664] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-20 250288] R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-08-26 34440] R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-07-09 140800] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-22 135664] R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-08-26 30344] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4924336] R3 qcusbser;Garmin-Asus USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\qcusbser.sys [2009-12-19 126440] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-12 1255736] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-09-17 56672] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-08-09 230240] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-08-10 40288] S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-08-26 24840] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-08-13 150880] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-09-12 175968] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-09-14 105312] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-12 199520] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-09-25 31080] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-09-17 359552] S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-08-20 5751928] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-08-20 184304] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2009-09-26 819600] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-09-23 447848] S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-09-25 722528] S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-08-21 44032] S3 GUCI_AVS;ASUS USB2.0 UVC VGA WebCam;c:\windows\system32\DRIVERS\GUCI_AVS.sys [2009-06-23 693248] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] S3 sftfs;sftfs;c:\program files (x86)\Microsoft Application Virtualization Client\drivers\sftfslh.sys [2009-09-23 712536] S3 sftplay;sftplay;c:\program files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys [2009-09-23 261480] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-09-23 25944] S3 sftvol;sftvol;c:\program files (x86)\Microsoft Application Virtualization Client\drivers\sftvollh.sys [2009-09-23 17752] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-09-23 203608] S3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys [2009-09-04 555520] . . Inhoud van de 'Gedeelde Taken' map . 2012-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 08:13] . 2012-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-22 18:12] . 2012-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-22 18:12] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584] "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://downloads.phpnuke.org/nl/index.php?rvs=google mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.2.254 DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab DPF: {BA58DE43-8189-42E6-871E-82159844CAC0} - hxxp://laplace.elearning.ism.nl/DesktopModules/Courses/FullScreenComponents/ISM_KioskEnableXControl1.cab . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Wow6432Node-HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd Wow6432Node-HKLM-Run-vProt - c:\program files (x86)\AVG Secure Search\vprot.exe Wow6432Node-HKLM-Run-ROC_ROC_NT - c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe Toolbar-Locked - (no file) Toolbar-10 - (no file) Toolbar-!!{8769adce-dba5-48e9-afb5-67b12cdf2e61} - (no file) WebBrowser-{37295164-6894-4F93-AD7D-B7DE830DBB96} - (no file) WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file) HKLM-Run-SiSTray - c:\program files (x86)\SiS VGA Utilities\SiSTray.exe AddRemove-ASUSUSBDEVIC - c:\windows\uninstall.exe AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-09-25 19:58:07 ComboFix-quarantined-files.txt 2012-09-25 17:58 . Pre-Run: 67.884.077.056 bytes beschikbaar Post-Run: 68.603.830.272 bytes beschikbaar . - - End Of File - - 663B19531E55FA05BDB2CC8D601B2DA2 Hier het logje van MBAM Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.0.1400 www.malwarebytes.org Databaseversie: v2012.09.25.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 petra :: PETRA-PC [administrator] Realtime bescherming: Ingeschakeld 25-9-2012 19:59:24 mbam-log-2012-09-25 (19-59-24).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 210723 Verstreken tijd: 8 minuut/minuten, 50 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) En hoe verwijder ik nu combofix en adwcleaner?

Hier een logje van MBAM Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.0.1400 www.malwarebytes.org Databaseversie: v2012.09.25.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 petra :: PETRA-PC [administrator] Realtime bescherming: Ingeschakeld 25-9-2012 16:16:07 mbam-log-2012-09-25 (16-16-07).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 209634 Verstreken tijd: 18 minuut/minuten, 30 seconde(n) Geheugenprocessen gedetecteerd: 1 C:\Users\petra\AppData\Local\RavenBleuSA\bin\1.0.14.0\RavenBleuSA.exe (Adware.Hotbar.RB) -> 1576 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 30 HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.ShoppingReport2) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\RavenBleuSA (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\RavenBleuSA (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\ScanQuery (Adware.ScanQuery) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 5 HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|RavenBleuSA (Adware.Hotbar.RB) -> Data: "C:\Users\petra\AppData\Local\RavenBleuSA\bin\1.0.14.0\RavenBleuSA.exe" -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Best Antivirus Software (Rogue.BestAntivirusSoftware) -> Data: "C:\ProgramData\c303d7\BAc30_8020.exe" /s /d -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 1 HKCR\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|URL (Hijack.SearchPage) -> Slecht: (Findgala.com Search Engine}) Goed: ({searchTerms} - Google Search}) -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 6 C:\Users\petra\AppData\Roaming\Best Antivirus Software (Rogue.BestAntivirusSoftware) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion (PUP.Blabbers) -> Zal worden verwijderd tijdens het herstarten. C:\Users\petra\Local Settings\Application Data\RavenBleuSA (Adware.Hotbar.RB) -> Zal worden verwijderd tijdens het herstarten. C:\Users\petra\Local Settings\Application Data\RavenBleuSA\bin (Adware.Hotbar.RB) -> Zal worden verwijderd tijdens het herstarten. C:\Users\petra\Local Settings\Application Data\RavenBleuSA\bin\1.0.14.0 (Adware.Hotbar.RB) -> Zal worden verwijderd tijdens het herstarten. C:\Users\petra\Local Settings\Application Data\RavenBleuSA\data (Adware.Hotbar.RB) -> Zal worden verwijderd tijdens het herstarten. Bestanden gedetecteerd: 24 C:\Program Files (x86)\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Zal worden verwijderd tijdens het herstarten. C:\Users\petra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Best Antivirus Software.lnk (Rogue.BestAntivirusSoftware) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Antivirus Software.lnk (Rogue.BestAntivirusSoftware) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\petra\AppData\Roaming\Best Antivirus Software\cookies.sqlite (Rogue.BestAntivirusSoftware) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\petra\AppData\Roaming\Best Antivirus Software\Instructions.ini (Rogue.BestAntivirusSoftware) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\logo.ico (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\terms.lnk.url (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\updater.ini (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\petra\AppData\Local\RavenBleuSA\bin\1.0.14.0\RavenBleuSA.exe (Adware.Hotbar.RB) -> Zal worden verwijderd tijdens het herstarten. C:\Users\petra\Local Settings\Application Data\RavenBleuSA\bin\1.0.14.0\copyright.txt (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\petra\Local Settings\Application Data\RavenBleuSA\bin\1.0.14.0\RavenBleuSA.exe (Adware.Hotbar.RB) -> Zal worden verwijderd tijdens het herstarten. C:\Users\petra\Local Settings\Application Data\RavenBleuSA\bin\1.0.14.0\RavenBleuSACB.exe (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\petra\Local Settings\Application Data\RavenBleuSA\bin\1.0.14.0\RavenBleuSAHook.dll (Adware.Hotbar.RB) -> Zal worden verwijderd tijdens het herstarten. C:\Users\petra\Local Settings\Application Data\RavenBleuSA\bin\1.0.14.0\RavenBleuUninstaller.exe (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\petra\Local Settings\Application Data\RavenBleuSA\data\RavenBleuSA.dat (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\petra\Local Settings\Application Data\RavenBleuSA\data\RavenBleuSAau.dat (Adware.Hotbar.RB) -> Zal worden verwijderd tijdens het herstarten. C:\Users\petra\Local Settings\Application Data\RavenBleuSA\data\RavenBleuSA_kyf.dat (Adware.Hotbar.RB) -> Zal worden verwijderd tijdens het herstarten. (einde) En dat van security check hij staat nu al een kwartier op performing system health check

Oke het is gelukt hij staat op het bureaublad, alleen als ik op verwijderen klik dan gaat die bezig. Alleen ongeveer op de helft krijg ik een error. Line 2056 (File ´´C:/Users/petra/desktop/adwcleaner.exe'' Error: veriable used withour being declared.

En nog een probleem met adwcleaner ik krijg hem niet goed geinstalleerd. Ik heb wel een schermpje en ik kan op zoeken en verwijderen klikken enz. Maar geen snelkoppeling op mn bureaublad

Het klinkt misschien gek maar ik krijg ze niet verwijderd terwijl ik het volgens mij gewoon goed doet. En over dat MVPS HOSTS, als ik die uitvoer dan zie ik een klein blauwe schermpje met het volgende Mvps.bat started from directory: C:/Users/petra/downloads/hosts/ Het systeem kan het opgegeven bestand niet vinden. Toegang geweigerd. THE MVPS HOSTS FILE IS NOW UPDATED Previous version saved and renamed to HOSTS.MVP Druk op een toets om door te gaan... En dit is het logje van hijackthis dat de rest niet kan verwijderen Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:06:52, on 25-9-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Windows\AsScrPro.exe C:\Program Files\SiS VGA Utilities\SiSTray.exe C:\Program Files (x86)\Ares\Ares.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Users\petra\AppData\Roaming\BrowserCompanion\tcbhn.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O1 - Hosts: 149.5.18.173 www.google-analytics.com. O1 - Hosts: 149.5.18.173 ad-emea.doubleclick.net. O1 - Hosts: 149.5.18.173 www.statcounter.com. O1 - Hosts: 108.163.215.51 www.google-analytics.com. O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net. O1 - Hosts: 108.163.215.51 www.statcounter.com. O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - !!{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: (no name) - !!{8769adce-dba5-48e9-afb5-67b12cdf2e61} - (no file) O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [ROC_ROC_NT] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [EPSON BX300F Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE /FU "C:\Windows\TEMP\E_S73A9.tmp" /EF "HKCU" O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {BA58DE43-8189-42E6-871E-82159844CAC0} (ISM_KioskEnableX Control) - http://laplace.elearning.ism.nl/DesktopModules/Courses/FullScreenComponents/ISM_KioskEnableXControl1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12185 bytes

Het is al in orde dit is de goede logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:39:21, on 25-9-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Windows\AsScrPro.exe C:\Program Files\SiS VGA Utilities\SiSTray.exe C:\Program Files (x86)\Ares\Ares.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Users\petra\AppData\Roaming\BrowserCompanion\tcbhn.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O1 - Hosts: 149.5.18.173 www.google-analytics.com. O1 - Hosts: 149.5.18.173 ad-emea.doubleclick.net. O1 - Hosts: 149.5.18.173 www.statcounter.com. O1 - Hosts: 108.163.215.51 www.google-analytics.com. O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net. O1 - Hosts: 108.163.215.51 www.statcounter.com. O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - !!{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: (no name) - !!{8769adce-dba5-48e9-afb5-67b12cdf2e61} - (no file) O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [ROC_ROC_NT] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [EPSON BX300F Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE /FU "C:\Windows\TEMP\E_S73A9.tmp" /EF "HKCU" O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: tcbhn.lnk = petra\AppData\Roaming\BrowserCompanion\tcbhn.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {BA58DE43-8189-42E6-871E-82159844CAC0} (ISM_KioskEnableX Control) - http://laplace.elearning.ism.nl/DesktopModules/Courses/FullScreenComponents/ISM_KioskEnableXControl1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12262 bytes

Als ik weer een scan uitvoer van hijackthis dan doe ik scan and save a logfile. Maar het is gewoon dezelfde logje van half 4 wat doe ik verkeerd?

Hallo, Mijn laptop is zeer traag ik wil eigenlijk alleen graag weten wat ik kan verwijderen van hijackthis. Want ik heb enige ervaring gekregen door deze site van jullie. Ik zal ccleaner installeren en MBAM dus dat komt allemaal wel goed. Hier een logje van hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:30:02, on 25-9-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files\SiS VGA Utilities\SiSTray.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Ares\Ares.exe C:\Users\petra\AppData\Local\RavenBleuSA\bin\1.0.14.0\RavenBleuSA.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = blekko | spam-free search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Analysis of program downloads scanned for viruses and spyware. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {37295164-6894-4f93-ad7d-b7de830dbb96} - (no file) R3 - URLSearchHook: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files (x86)\PHPNukeDU\tbPHPN.dll R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O1 - Hosts: 149.5.18.173 www.google-analytics.com. O1 - Hosts: 149.5.18.173 ad-emea.doubleclick.net. O1 - Hosts: 149.5.18.173 www.statcounter.com. O1 - Hosts: 108.163.215.51 www.google-analytics.com. O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net. O1 - Hosts: 108.163.215.51 www.statcounter.com. O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files (x86)\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll (file missing) O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (file missing) O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing) O2 - BHO: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files (x86)\PHPNukeDU\tbPHPN.dll O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: blekko search bar - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: DataMngr - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\BROWSE~1.DLL O2 - BHO: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files (x86)\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll (file missing) O3 - Toolbar: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files (x86)\PHPNukeDU\tbPHPN.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll O3 - Toolbar: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll O3 - Toolbar: blekko search bar - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd O4 - HKLM\..\Run: [btTray] "C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [EPSON BX300F Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE /FU "C:\Windows\TEMP\E_S73A9.tmp" /EF "HKCU" O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h O4 - HKCU\..\Run: [RavenBleuSA] "C:\Users\petra\AppData\Local\RavenBleuSA\bin\1.0.14.0\RavenBleuSA.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [best Antivirus Software] "C:\ProgramData\c303d7\BAc30_8020.exe" /s /d O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: FancyStart daemon.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {BA58DE43-8189-42E6-871E-82159844CAC0} (ISM_KioskEnableX Control) - http://laplace.elearning.ism.nl/DesktopModules/Courses/FullScreenComponents/ISM_KioskEnableXControl1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing) O20 - AppInit_DLLs: C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe (file missing) O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15432 bytes