retlawv

Hier het nieuwe logje. emptyclsid; {043C5167-00BB-4324-AF7E-62013FAEDACF};c wat is dit aub? Groetjes Zoek.exe Version 4.0.0.1 Updated 04-February-2013 Tool run by Eigenaar on ma 04/02/2013 at 16:16:04,98. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3826912991-2257764698-3240775044-1000\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully ==== Deleting CLSID Registry Values ======================

Hallo bedankt voor de reactie hier het logje van zoek .exe na de heropstart van de pc Zoek.exe Version 4.0.0.1 Updated 04-February-2013 Tool run by Eigenaar on ma 04/02/2013 at 12:31:03,24. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\Dwm.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Fighters\FighterSuiteService.exe C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system\HsMgr64.exe C:\Windows\SysWOW64\HsMgr.exe C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe C:\Windows\System32\StikyNot.exe C:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXE C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\splwow64.exe C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskeng.exe c:\program files (x86)\real\realplayer\Update\realsched.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\taskhost.exe C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICCYU7IA\zoek.exe C:\Users\Eigenaar\AppData\Local\Temp\RarSFX0\zoek.com C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\mshta.exe C:\Windows\system32\wbem\wmiprvse.exe ==== Creating Sample_20130402_1234.zip ====================== Copied file C:\Users\Eigenaar\AppData\Roaming\yusetup2010.exe to sample sample\yusetup2010.exe renamed to 4E8CB41A24384B28DB85C56E1B26EDC0 C:\Users\Public\Desktop\sample_20130402_1234.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3826912991-2257764698-3240775044-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3826912991-2257764698-3240775044-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_USERS\S-1-5-21-3826912991-2257764698-3240775044-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully ==== FireFox Fix ====================== ==== Deleting Files \ Folders ====================== "C:\Users\Eigenaar\AppData\Roaming\yusetup2010.exe" deleted "C:\Program Files (x86)\SweetIM" deleted "C:\Users\Eigenaar\AppData\Roaming\NCH Software" deleted "C:\Users\Eigenaar\AppData\Roaming\eType" deleted "C:\Users\Eigenaar\AppData\Roaming\YourFileDownloader" deleted "C:\ProgramData\SweetIM" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Internet Explorer: 9.0.8112.16421 Memory (RAM): 4028 MB CPU Info: Intel® Core i5 CPU 650 @ 3.20GHz CPU Speed: 3191,6 MHz Sound Card: Luidsprekers (ASUS Xonar D2X Au | S/PDIF Pass-through Device (ASU | Luidsprekers (ASUS Xonar D2X Co | Luidsprekers (Bluetooth SCO Aud | Luidsprekers (Bluetooth AV Audi | Display Adapters: NVIDIA GeForce GT 240 | NVIDIA GeForce GT 240 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Bluetooth PAN Network Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: 2x (D: | E: | ) D: HL-DT-STDVDRAM GH22NS50 | E: HL-DT-STDVDRAM GH22NS50 Ports: COM7 | COM8 | COM9 | COM10 | COM11 | COM3 | COM4 | COM5 | COM6 | COM1 LPT1 Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 465,7GB | F: 396,8GB | G: 534,7GB Hard Disks - Free: C: 372,1GB | F: 290,3GB | G: 168,2GB Manufacturer *: Award Software International, Inc. BIOS Info: AT/AT COMPATIBLE | 03/02/10 | GBT - 42302e31 Time Zone: Romance (standaardtijd) Motherboard *: Gigabyte Technology Co., Ltd. P55A-UD3 Sun Java version: niet Sun Java version: opdracht, Country: Belgi‰ Language: NLB ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-02-03 08:13:02 7FE06278473E9A0D68B08AC56460330C 67584 --s-a-w- C:\Windows\BootStat.dat ====== C:\Users\Eigenaar\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\Program Files (x86) ===== 2013-02-02 13:59:07 -------- d-----w- C:\Program Files (x86)\Loaris 2013-01-31 13:41:24 -------- d-----w- C:\Program Files (x86)\HighCriteria ======= C: ===== 2013-02-02 13:13:13 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\Eigenaar\AppData\Roaming ====== 2013-02-02 10:39:06 -------- d-----w- C:\users\Eigenaar\AppData\Local\Programs 2013-01-09 13:03:01 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\uTorrent ====== C:\Users\Eigenaar ====== ====== C: exe-files == 2013-02-02 14:20:38 96704B810C19EA2F1FF646F7F62B439E 180877 ----a-w- C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP\WiseCustomCalla21.exe 2013-02-02 14:20:38 6B110E925294547A7D288F26DA19D199 179687 ----a-w- C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP\WiseCustomCalla18.exe 2013-02-02 13:59:07 A7D4B8D86A939266EF693A7D548A1102 715038 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\unins000.exe 2013-02-02 13:59:07 59E9E22638068876F68BD42831B4B6A5 4884480 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\ltr12.exe === C: other files == 2013-02-04 11:34:08 23BDBE8375E3F913C89C43D3F071EC84 5523958 ----a-w- C:\Users\Public\Desktop\sample_20130402_1234.zip 2013-02-02 14:24:43 FB18CE1AD93E94C3DE2A9FBE3FDC2725 945 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421645023.zip 2013-02-02 14:24:43 F64C2457E148959EF952622EC66DB58D 790 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421713426.zip 2013-02-02 14:24:43 E3F0CABCA9B69FBAB00E8AE871EF7FAC 383 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421690625.zip 2013-02-02 14:24:43 B147329D103CAA106778D3912530DBEF 717 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421667014.zip 2013-02-02 14:24:43 7CC683593C101FE648BAE48190D351A2 89634 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421743866.zip 2013-02-02 14:24:42 BF9A8BC20CFDA52430B2D38C9D1E6DD5 6164 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421622338.zip 2013-02-02 14:24:42 8F4F5EF7ED646E7E54304965F2D65CF9 1670 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421572569.zip 2013-02-02 14:24:42 3B4D0679BDD75F75A9E15785B4ABCF0F 570 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421594907.zip 2013-02-02 14:24:42 0AE83FEAF2ECDDE2D53B0082B8CAE78A 380 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421547338.zip 2013-02-02 14:24:41 A0934552BBDBE0412BBCEB139D6565CF 717 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421476852.zip 2013-02-02 14:24:41 40864641EC29CD3AC819D3E95864C477 6164 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421430440.zip 2013-02-02 14:24:41 244080AE331CC7AEAD82E1F81172CF03 383 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421499421.zip 2013-02-02 14:24:41 212BC96CF429B83D642F13D60E0F95C6 945 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421453704.zip 2013-02-02 14:24:41 20E378F3A18D8A84F548709DF1C17580 790 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421525463.zip 2013-02-02 14:24:40 F4786F8023DFA9695811AECA8743706C 570 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421407060.zip 2013-02-02 14:24:40 E41EECCC0DF213C20C486B83D06450BE 10845 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\storage\413076421381829.zip 2013-02-02 14:20:38 8761181CBB2E028D6CAD018011BAD55F 175992 ----a-w- C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP\WiseCustomCalla20.dll 2013-02-02 14:20:38 6256CD1A5ADE17263EB0AA0758E576A4 176545 ----a-w- C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP\WiseCustomCalla17.dll 2013-02-02 14:20:38 1DC2021A8D1506391926C58D918DFF83 176035 ----a-w- C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP\WiseCustomCalla2.dll 2013-02-02 14:20:38 1DC2021A8D1506391926C58D918DFF83 176035 ----a-w- C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP\WiseCustomCalla19.dll 2013-02-02 14:20:37 A19AF884F239123A8FF28FC657C26057 27499 ----a-w- C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP\WiseCustomCall.dll 2013-02-02 14:20:37 6B110E925294547A7D288F26DA19D199 179687 ----a-w- C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP\WiseCustomCalla.dll 2013-02-02 13:59:10 291A8431FD603A093410A0EABAF822F9 58688 ----a-w- C:\Program Files (x86)\Loaris\Trojan Remover 1.2\UnHookLib.dll 2013-02-02 13:13:13 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3826912991-2257764698-3240775044-1000\Software\Microsoft\Windows\CurrentVersion\Run] "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="C:\Program Files\Alwil Software\Avast5\avastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Cmaudio8788GX64"="C:\Windows\system\HsMgr64.exe Envoke" "Cmaudio8788GX"="C:\Windows\syswow64\HsMgr.exe Envoke" "Cmaudio8788"="C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" "LanguageShortcut"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD\\Language\\Language.exe\"" "beid"="\"C:\\Program Files (x86)\\Belgium Identity Card\\beid35gui.exe\" /startup" "Standby"="\"c:\\Program Files (x86)\\Common Files\\Corel\\Standby\\Standby.exe\" -START" "GrooveMonitor"="\"C:\\Program Files (x86)\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" "HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" "RemoteControl"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD\\PDVDServ.exe\"" "Norton Ghost 15.0"="\"C:\\Program Files (x86)\\Norton Ghost\\Agent\\VProTray.exe\"" "TkBellExe"="\"c:\\program files (x86)\\real\\realplayer\\Update\\realsched.exe\" -osboot" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Garmin Lifetime Updater] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Garmin Lifetime Updater" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Garmin\\Lifetime Updater\\GarminLifetime.exe /StartMinimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes' Anti-Malware] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Malwarebytes' Anti-Malware" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RemoteControl" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD\\PDVDServ.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl11] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RemoteControl11" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\CyberLink\\PowerDVD11\\PDVD11Serv.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Steam" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SUPERAntiSpyware" "hkey"="HKCU" "command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\HP\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Cmaudio8788GX64"="C:\\Windows\\system\\HsMgr64.exe Envoke" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/01/2013 11:00] C:\Windows\tasks\Cyberlink Trigger Task.job --a------ C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [23/11/2006 15:10] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29/11/2012 20:35] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="John Fogerty Creedence Clearwater Revival" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="John Fogerty Creedence Clearwater Revival" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {043C5167-00BB-4324-AF7E-62013FAEDACF} Web Search... Url="How to uninstall your unsupported add-on" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {480CB490-830C-49B9-8A8B-3C111908D9E4} Yahoo//search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== HijackThis Entries ====================== O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO_TIMELINEREMOVE.Bho - {e7b9b609-19ad-40a4-a288-b300a3087465} - mscoree.dll (file missing) O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} (Flatcast Viewer 5.2) - http://92.51.137.94/objects/NpFv522.dll O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F561} (Flatcast Viewer 5.3) - http://download.flatcast.net/objects/NpFv530.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GenericMount Helper Service - Symantec - C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe O23 - Service: SymSnapService - Symantec - C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICCYU7IA will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Eigenaar\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICCYU7IA" not found

Dit is juist gemaakt en in normale modus Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:03:36, on 3/02/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\SysWOW64\HsMgr.exe C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe C:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXE C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = John Fogerty Creedence Clearwater Revival R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO_TIMELINEREMOVE.Bho - {e7b9b609-19ad-40a4-a288-b300a3087465} - mscoree.dll (file missing) O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKCU\..\Run: [beid] C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} (Flatcast Viewer 5.2) - http://92.51.137.94/objects/NpFv522.dll O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F561} (Flatcast Viewer 5.3) - http://download.flatcast.net/objects/NpFv530.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GenericMount Helper Service - Symantec - C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe O23 - Service: SymSnapService - Symantec - C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10322 bytes

Hallo, Ik had wat problemen met de pc maar denk dat ze opgelost zijn. Toch heb ik nog een logje gemaakt met Hijackthis. Kan dat iemand nakijken aub dan ben ik zeker dat alles ok is.Logje is vanmorgen gemaakt maar ben gans de dag weg geweest. Heel erg bedankt en fijne avond Walter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:13:20, on 3/02/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Safe mode with network support Running processes: C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = John Fogerty Creedence Clearwater Revival R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO_TIMELINEREMOVE.Bho - {e7b9b609-19ad-40a4-a288-b300a3087465} - mscoree.dll (file missing) O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKCU\..\Run: [beid] C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} (Flatcast Viewer 5.2) - http://92.51.137.94/objects/NpFv522.dll O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F561} (Flatcast Viewer 5.3) - http://download.flatcast.net/objects/NpFv530.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GenericMount Helper Service - Symantec - C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe O23 - Service: SymSnapService - Symantec - C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10075 bytes

Clarkie ik ga de fabrieksinstellingen terug zetten op die pc. Ben niet gek van registercleaners. Bedankt voor de hulp en fijne eindejaarsfeesten

Weet ik echt niet. Ik weet dat hij al op verschillende pc's staat zonder problemen.

Dat programma stond erop Clarkie maar na systeemherstel was dat weg en nu wilde ik dat herinstalleren op die pc van mijn broer. Vind dat een heel goed programma.Staat trouwens ook op mijn pc.

Hallo Clarkie, Inderdaad norton ghost 15 Ik heb gedaan wat daar stond.Cmd uitgevoerd als administrator en dan regsvr32 vbscript.dll ingegeven maar dan krijg ik volgende melding Wordt niet herkend als interne of externe opdracht,programma of bestand Alvast bedankt

Hallo, Bij het installeren van Norton ghost verschijnt opeens de volgende melding. error 2738 vb script runtime Wat is dit juist en hoe kan ik dit verhelpen? Alvast bedankt en fijne avond nog Walter

Hallo Clarkie, Heel erg bedankt.Het werkt weer zoals het moet.Hier mag een slotje op. Fijne avond nog Walter

Mijn vriendin heeft een laptop met windows vista.Ze krijgt heel dikwijls bijlagen niet open of als er in de mail zelf staat klik hier op om iets te starten gaat dat ook dikwijls niet. en dan komt er steeds een kadertje op het scherm met volgende mededeling: http://www.quizyourprofile.com/guessyournumber.swfEr is voor deze bewerking geen programma aan het opgegeven bestand gekoppeld. Maak een koppeling via het onderdeel Koppelingen instellen van het Configuratiescherm. Weet iemand hier een oplossing voor?Alvast bedankt Walter [TABLE=class: ecxMsoNormalTable, width: 100%] [TR] [TD=width: 100%] [TABLE=class: ecxMsoNormalTable, width: 100%] [TR] [TD=width: 100%] [TABLE=class: ecxMsoNormalTable, width: 100%] [TR] [TD=width: 100%] [/TD] [/TR] [/TABLE] [/TD] [/TR] [/TABLE] [/TD] [/TR] [/TABLE]

Als kape je helpt komt alles dik in orde romijo dat is echt een pc crack.

Bedankt kweezie Wabbit.Fijn weekend enog

Het geeft hey inderdaad zo aan maar heb dit in normale modus gedaan.

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:35:57, on 7/06/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Safe mode with network support Running processes: C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = John Fogerty Creedence Clearwater Revival R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe O4 - HKLM\..\Run: [sfagent] C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [iSPMonitor] G:\programmas\isp monitor\isp.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} (Flatcast Viewer 5.2) - http://92.51.137.94/objects/NpFv522.dll O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F561} (Flatcast Viewer 5.3) - http://download.flatcast.net/objects/NpFv530.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GenericMount Helper Service - Symantec - C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe O23 - Service: SymSnapService - Symantec - C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9528 bytes

Hallo ComboFix is reeds verwijderd.En ik heb zeker servicepak 1 op mijn pc staan.Ik heb het juist nog gecontroleerd met een programma SIW en ook door rechts opcomputer en op eigenschappen te klikken. Toch bedankt Walter

Hallo Kape, Heel erg bedankt he.Het is nu weg via veilige modus.Ben erg blij met je vlugge en deskundige hulp. Fijne avond nog en nogmaals bedankt. Walter

Werkt prima nu Kape.Maar die 020 Winlogon notify staat er nog wel steeds in hoor.Kan die echt kwaad?

Heb dat allemaal gedaan Kape.

ComboFix 12-06-07.03 - Eigenaar 07/06/2012 15:40:42.4.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4027.1582 [GMT 2:00] Gestart vanuit: c:\users\Eigenaar\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\9CC9A69BE2.sys c:\programdata\A8EDA91138.sys c:\users\Eigenaar\AppData\Local\Temp\{C6286201-FDA5-4B1E-9C94-E46784488DAD}\fpb.tmp c:\users\Eigenaar\AppData\Roaming\inst.exe c:\users\Eigenaar\AppData\Roaming\vso_ts_preview.xml c:\windows\iun6002.exe c:\windows\SysWow64\avisynth.dll c:\windows\SysWow64\devil.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-07 to 2012-06-07 )))))))))))))))))))))))))))))) . . 2012-06-07 13:48 . 2012-06-07 13:48 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-06-07 13:48 . 2012-06-07 13:48 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-06-07 13:48 . 2012-06-07 13:48 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-05 16:47 . 2012-06-05 16:47 -------- d-----w- C:\CloneDVDTemp 2012-06-05 09:28 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5B6CB350-4CBD-42A4-A8A7-0FA2DCF19EEF}\mpengine.dll 2012-06-01 18:10 . 2012-06-01 18:10 -------- d-----w- c:\program files (x86)\Common Files\xing shared 2012-06-01 18:10 . 2012-06-01 18:10 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2012-06-01 18:10 . 2012-06-01 18:10 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2012-05-26 15:45 . 2012-05-26 15:45 -------- d-----w- c:\program files (x86)\Hewlett-Packard 2012-05-09 09:20 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll 2012-05-09 09:20 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-09 09:20 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-09 09:20 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-05-09 09:20 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-09 09:20 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-09 09:19 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-09 09:19 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-09 09:19 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-09 09:19 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 09:19 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 09:19 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-09 09:19 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-08 14:10 . 2012-06-03 14:12 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\DVD Flick 2012-05-08 14:10 . 2008-08-31 11:27 28672 ----a-w- c:\windows\SysWow64\mousewheel.ocx 2012-05-08 14:10 . 2007-08-31 16:36 36864 ----a-w- c:\windows\SysWow64\trayicon_handler.ocx 2012-05-08 14:10 . 2004-03-08 22:00 662288 ----a-w- c:\windows\SysWow64\mscomct2.ocx 2012-05-08 14:10 . 2003-01-26 11:41 40960 ----a-w- c:\windows\SysWow64\ssubtmr6.dll 2012-05-08 14:10 . 1998-06-23 22:00 164144 ----a-w- c:\windows\SysWow64\comct232.ocx 2012-05-08 14:10 . 2012-05-08 14:10 -------- d-----w- c:\program files (x86)\DVD Flick 2012-05-08 14:10 . 2004-03-08 22:00 212240 ----a-w- c:\windows\SysWow64\richtx32.ocx . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-30 13:08 . 2010-09-30 11:33 5642 --sha-w- c:\programdata\KGyGaAvL.sys 2012-05-05 11:58 . 2012-04-03 11:42 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-05 11:58 . 2011-05-14 07:38 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-05 11:58 . 2012-04-14 12:58 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-04-04 13:56 . 2010-09-29 20:15 24904 ----a-w- c:\windows\system32\drivers\mbam.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISPMonitor"="g:\programmas\isp monitor\isp.exe" [2011-01-12 418304] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-07 4241512] "CommonToolkitTray"="c:\program files (x86)\Fighters\Tray\FightersTray.exe" [2011-10-05 1429128] "sfagent"="c:\program files (x86)\Fighters\SPAMfighter\sfagent.exe" [2011-11-15 1204872] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD\Language\Language.exe" "beid"="c:\program files (x86)\Belgium Identity Card\beid35gui.exe" /startup "Standby"="c:\program files (x86)\Common Files\Corel\Standby\Standby.exe" -START "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe "RemoteControl"="c:\program files (x86)\CyberLink\PowerDVD\PDVDServ.exe" "Norton Ghost 15.0"="c:\program files (x86)\Norton Ghost\Agent\VProTray.exe" "TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696] R3 GenericMount Helper Service;GenericMount Helper Service;c:\program files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe [2010-02-12 2227216] R3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2009-07-14 9728] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [x] S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-11-11 140672] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 ISPMonitorSrv;ISP Monitor;c:\program files (x86)\ISP Monitor\ISPMonitorSrv.exe [2008-06-09 36864] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120] S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files (x86)\Fighters\SPAMfighter\sfus.exe [2011-11-15 215688] S2 Suite Service;Suite Service;c:\program files (x86)\Fighters\FighterSuiteService.exe [2011-10-13 1318536] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-01-19 2019648] S3 cmudaxp;ASUS Xonar D2X Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [x] S3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 SymSnapService;SymSnapService;c:\program files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2009-09-21 2963960] S3 TotRec8;Total Recorder WDM audio filter driver;c:\windows\system32\drivers\TotRec8.sys [x] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2012-06-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 11:58] . 2011-01-02 c:\windows\Tasks\Cyberlink Trigger Task.job - c:\program files (x86)\CyberLink\PowerDVD\PDVDServ.exe [2011-01-02 14:10] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-07 00:15 135408 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2009-10-30 8151040] "Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704] "Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.ping.be/~tor-4707/dutch.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.3 195.130.131.3 DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} - hxxp://92.51.137.94/objects/NpFv522.dll DPF: {E55FD215-A32E-43FE-A777-A7E8F165F561} - hxxp://download.flatcast.net/objects/NpFv530.dll . - - - - ORPHANS VERWIJDERD - - - - . URLSearchHooks-{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file) Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) AddRemove-ISPMonitor - c:\windows\iun6002.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*] "Licence0"="REMOVED" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-06-07 15:59:06 ComboFix-quarantined-files.txt 2012-06-07 13:59 . Pre-Run: 403.336.335.360 bytes beschikbaar Post-Run: 404.195.123.200 bytes beschikbaar . - - End Of File - - 8690733D8D677DEB86445140804FD520

Hallo Kape, Hier is dat Combofix logje Alvast bedankt Walter ComboFix 12-06-07.03 - Eigenaar 07/06/2012 15:40:42.4.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4027.1582 [GMT 2:00] Gestart vanuit: c:\users\Eigenaar\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\9CC9A69BE2.sys c:\programdata\A8EDA91138.sys c:\users\Eigenaar\AppData\Local\Temp\{C6286201-FDA5-4B1E-9C94-E46784488DAD}\fpb.tmp c:\users\Eigenaar\AppData\Roaming\inst.exe c:\users\Eigenaar\AppData\Roaming\vso_ts_preview.xml c:\windows\iun6002.exe c:\windows\SysWow64\avisynth.dll c:\windows\SysWow64\devil.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-07 to 2012-06-07 )))))))))))))))))))))))))))))) . . 2012-06-07 13:48 . 2012-06-07 13:48 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-06-07 13:48 . 2012-06-07 13:48 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-06-07 13:48 . 2012-06-07 13:48 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-05 16:47 . 2012-06-05 16:47 -------- d-----w- C:\CloneDVDTemp 2012-06-05 09:28 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5B6CB350-4CBD-42A4-A8A7-0FA2DCF19EEF}\mpengine.dll 2012-06-01 18:10 . 2012-06-01 18:10 -------- d-----w- c:\program files (x86)\Common Files\xing shared 2012-06-01 18:10 . 2012-06-01 18:10 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2012-06-01 18:10 . 2012-06-01 18:10 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2012-05-26 15:45 . 2012-05-26 15:45 -------- d-----w- c:\program files (x86)\Hewlett-Packard 2012-05-09 09:20 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll 2012-05-09 09:20 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-09 09:20 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-09 09:20 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-05-09 09:20 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-09 09:20 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-09 09:19 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-09 09:19 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-09 09:19 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-09 09:19 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 09:19 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 09:19 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-09 09:19 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-08 14:10 . 2012-06-03 14:12 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\DVD Flick 2012-05-08 14:10 . 2008-08-31 11:27 28672 ----a-w- c:\windows\SysWow64\mousewheel.ocx 2012-05-08 14:10 . 2007-08-31 16:36 36864 ----a-w- c:\windows\SysWow64\trayicon_handler.ocx 2012-05-08 14:10 . 2004-03-08 22:00 662288 ----a-w- c:\windows\SysWow64\mscomct2.ocx 2012-05-08 14:10 . 2003-01-26 11:41 40960 ----a-w- c:\windows\SysWow64\ssubtmr6.dll 2012-05-08 14:10 . 1998-06-23 22:00 164144 ----a-w- c:\windows\SysWow64\comct232.ocx 2012-05-08 14:10 . 2012-05-08 14:10 -------- d-----w- c:\program files (x86)\DVD Flick 2012-05-08 14:10 . 2004-03-08 22:00 212240 ----a-w- c:\windows\SysWow64\richtx32.ocx . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-30 13:08 . 2010-09-30 11:33 5642 --sha-w- c:\programdata\KGyGaAvL.sys 2012-05-05 11:58 . 2012-04-03 11:42 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-05 11:58 . 2011-05-14 07:38 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-05 11:58 . 2012-04-14 12:58 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-04-04 13:56 . 2010-09-29 20:15 24904 ----a-w- c:\windows\system32\drivers\mbam.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

Hallo Kape, Bedankt voor je snelle reactie.Heb wel een probleem. Als ik Hijackthis opstart en scan selecteer dan staat deze onderstaande niet in het lijstje. O20 - Winlogon Notify: rkotrem - rkotrem.dll (file missing). Als ik dan de logfile safe dan staat deze 020 Winlogon wel in dat lijstje. Nogmaals bedankt Walter

Hallo, Kan er aub iemand mijn logje nakijken?Alvast bedankt en fijne dag verder. Groetjes Walter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:27:42, on 4/01/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Windows\SysWOW64\HsMgr.exe C:\Program Files (x86)\ISP Monitor\isp.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXE C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = John Fogerty Creedence Clearwater Revival R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [Norton Ghost 15.0] "C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files (x86)\ISP Monitor\isp.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} (Flatcast Viewer 5.2) - http://92.51.137.94/objects/NpFv522.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O20 - Winlogon Notify: rkotrem - rkotrem.dll (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GenericMount Helper Service - Symantec - C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files (x86)\ISP Monitor\ISPMonitorSrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SymSnapService - Symantec - C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9343 bytes

download de avast clean tool.Is gemakkelijk te vinden via google.En avast is zo weg. Walter

download de avast clean tool.Is gemakkelijk te vinden via google.En avast is zo weg. Walter