Ga naar inhoud

matthieu

Lid
  • Items

    17
  • Registratiedatum

  • Laatst bezocht

matthieu's prestaties

  1. Ik heb nergens nog last van. Volgens mij is het opgelost! Hartelijk bedankt voor jullie tijd en hulp!
  2. Beste Jion Bedankt dat je het even overneemt. Microsoft security Essentials heb ik verwijderd. Nog eens een MBAM-scan gedaan. Er waren 2 detecties, maar ik denk niet dat er iets ergs tussen zat (zal uit logje blijken zeker?) Groeten Matthieu MBAM Scanlog.txt
  3. Logje van Adwcleaner. Ik meen te verstaan dat mijn pc nu virusvrij is? Alvast bedankt voor de hulp Matthieu AdwCleaner[S0].txt
  4. Ik heb zoek.exe laten lopen met het juiste script. Hieronder het logje. Ik kreeg wel een melding dat zoek.exe geen toegang tot iets kon krijgen. (zie foto bijlage) Alvast bedankt voor de hulp! Matthieu zoek-results2.txt
  5. Beste Kape Alvast bedankt voor de hulp! Daarnet bij het opstarten had ik even last met 'Anyprotect', dat moet ook een of andere malware zijn die zich op mijn pc heeft genesteld. Nochtans had ik die gisteren verwijderd. Er kwam bij het openen van het internet ook een popup met 'US green card'-reclame. Ik heb zoek.exe laten lopen en voeg het logje toe als bijlage. Groeten Matthieu zoek-results.txt
  6. Beste Vandaag heb ik te kampen gekregen met het Windows end-user license agreement virus die ik samen met mijn download ontvangen heb. Ik heb bij de programmalijst gekeken en zag meteen dat er een nieuw programma bij was dat Remote Access gaf tot mijn computer. Dit heb ik eerst verwijderd (terwijl ik microsoft security Essentials en Avira antivirus liet lopen). Bij het verwijderen heb ik uiteraard mijn internetconnectie manueel stopgezet. Bij het terug aansluiten was het er nog steeds. Er waren intussen, bij herconnectie, nog wat programma's gedownload (fake antivirus onder andere), maar die heb ik snel verwijderd. (Antivirus herkende ze niet eens als virus? ) Daarna heb ik nog eens mijn program files gecheckt en alles gewist dat ik vandaag heb gedownload (behalve vlc, maar dat vormt volgens mij geen probleem), alsook heb ik mijn temp files gewist tot en met gisteren. Volgens mij is nu het grootste probleem weg, maar ik vind het maar een linke boel (met die remote access.. brrr, nare ervaring mee) en heb ik RSIT gedownload om zo een logje te posten samen met mijn normale hijackthis-log. Hopelijk kunnen jullie, waar mijn beperkte computerkennis tekortschiet, mijn logjes doorkijken en de onregelmatigheden eruit vissen. Alvast bedankt Matthieu hijackthis.log log.txt
  7. Zoek.exe Version 4.0.0.3 Updated 05-July-2013 Tool run by Sergeant on za 06/07/2013 at 15:21:32,99. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Windows\SysWOW64\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\Sergeant\Desktop\zoek.exe C:\Windows\system32\conhost.exe ==== System Restore Info ====================== 6/07/2013 15:22:36 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) 64 Bit HP CIO Components Installer Adobe AIR Adobe Download Assistant Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Reader XI - Nederlands Adobe Shockwave Player 11.6 Adobe Widget Browser Aeria Ignite Alliance of Valiant Arms Apple Application Support Apple Mobile Device Support Apple Software Update Assassin's Creed III Assassin's Creed III 1.01 avast Free Antivirus Bejeweled 2 Deluxe Belarc Advisor 8.2 Bing Bar BitTorrent Blasterball 3 Bonjour BufferChm CCleaner Chuzzle Deluxe Compatibiliteitspakket voor het 2007 Microsoft Office system Copy Counter-Strike: Source CyberLink DVD Suite Deluxe D3DX10 De SimsT 3 Destinations DeviceDiscovery Diagnostisch hulpprogramma voor hardware Diner Dash DirectX for Managed Code Update (Summer 2004) DJ_AIO_06_F2400_SW_Min Dora's Carnival Adventure Dropbox Egypt Ti Program Editor F2400 Facebook Video Calling 1.2.0.287 Farming Simulator 2013 Demo Fastest Free YouTube Downloader to MP3 Converter FATE FreeOCR v4.2 Game Booster 3 Google Chrome Google Earth Google Update Helper GPBaseService2 Hewlett-Packard ACLM.NET v1.2.1.1 HiJackThis HP Advisor HP Customer Experience Enhancements HP Customer Participation Program 13.0 HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 HP Game Console HP Games HP Imaging Device Functions 13.0 HP Odometer HP Print Projects 1.0 HP Product Detection HP Remote Solution HP Setup HP Solution Center 13.0 HP Support Assistant HP Support Information HP Update HPDiagnosticAlert HPPhotoGadget hpPrintProjects HPProductAssistant HPSSupply hpWLPGInstaller HyperCam 3 Intel® Graphics Media Accelerator Driver iTunes Java 7 Update 17 Java Auto Updater Jewel Quest Solitaire 2 Junk Mail filter update League of Legends LogMeIn Hamachi Magic Desktop Mah Jong Medley MarketResearch McAfee Security Scan Plus Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended NLD Language Pack Microsoft Antimalware Service NL-NL Language Pack Microsoft Application Error Reporting Microsoft Motocross Madness 2 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office PowerPoint Viewer 2007 (Dutch) Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual J# .NET Redistributable Package 1.1 Microsoft Works Microsoft WSE 3.0 Runtime Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 More Games from HP Games Mozilla Firefox 19.0 (x86 nl) Mozilla Maintenance Service MSVC80_x64_v2 MSVC80_x86_v2 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nokia Connectivity Cable Driver Nokia PC Suite Notepad++ NVIDIA-configuratiescherm 305.57 NVIDIA 3D Vision controllerstuurprogramma 305.57 NVIDIA 3D Vision stuurprogramma 305.57 NVIDIA Grafisch stuurprogramma 305.57 NVIDIA HD Audio-stuurprogramma 1.3.18.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.12.0613 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.10.8 NVIDIA Update Components Pando Media Booster Peggle PerformanceTest v8.0 PlayReady PC Runtime amd64 Polar Bowler Polar Golfer Power2Go PowerDirector QuickTime ReaConverter 6.8 Standard Realtek High Definition Audio Driver Recovery Manager RuneScape Launcher 1.2.2 Scan Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Shop for HP Supplies SimpleOCR 3.1 Skype Click to Call SkypeT 6.3 Slingo Deluxe Software Informer 1.0 BETA SolutionCenter Speccy Status Steam StoneLoops of Jurassica Super Collapse 3 svBuilder SwiftKit swMSM System Requirements Lab for Intel Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Taalpakket voor Microsoft .NET Framework 4 Extended - NLD THE GAME OF LIFE Toolbox TP6800 PC Camera Driver TrayApp TuneUp Utilities Language Pack (nl-NL) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Virtual Families Virtual Villagers - The Secret City VisualBee for Microsoft PowerPoint WebReg Windows-stuurprogrammapakket - Nokia Modem (06/01/2009 7.01.0.4) Windows-stuurprogrammapakket - Nokia Modem (10/05/2009 4.2) Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver World of Goo Yahtzee YTD Video Downloader 4.0 Zuma Deluxe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default user.js not found ---- Lines yontoo removed from prefs.js ---- ---- Lines yontoo modified from prefs.js ---- user_pref("extensions.enabledAddons", "plugin%40yontoo.com:1.20.02,%7B3b56bcc7-54e5-44a2-9b44-66c3ef58c13e%7D:0.9.5.1,%7BEB9394A3-4AD6-4918-9537-31A1FD8E8EDF%7D:2.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0"); user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\",\"mtime\":1330618344834},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1371842407769}}},{\"name\":\"app-profile\",\"addons\":{\"plugin@yontoo.com\":{\"descriptor\":\"C:\\\\Users\\\\Sergeant\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\k8hyjwy4.default\\\\extensions\\\\plugin@yontoo.com.xpi\",\"mtime\":1361642537829},\"{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\":{\"descriptor\":\"C:\\\\Users\\\\Sergeant\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\k8hyjwy4.default\\\\extensions\\\\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\",\"mtime\":1370020759850},\"{90b49673-5506-483e-b92b-ca0265bd9ca8}\":{\"descriptor\":\"C:\\\\Users\\\\Sergeant\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\k8hyjwy4.default\\\\extensions\\\\{90b49673-5506-483e-b92b-ca0265bd9ca8}\",\"mtime\":1362420786686},\"{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\":{\"descriptor\":\"C:\\\\Users\\\\Sergeant\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\k8hyjwy4.default\\\\extensions\\\\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\",\"mtime\":1361036606875}}}]"); ---- Lines mybrowserbar removed from prefs.js ---- ---- Lines mybrowserbar modified from prefs.js ---- user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{90b49673-5506-483e-b92b-ca0265bd9ca8}:3.3.3.2,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27,{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29,{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.9.0.9216,youtubedownloader@mybrowserbar.com:5.0,{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.27"); ---- FireFox user.js and prefs.js backups ---- prefs_20130607_1526_.backup ==== Deleting Files \ Folders ====================== "C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default\extensions\plugin@yontoo.com.xpi" not found "C:\Users\Sergeant\AppData\Roaming\RSBuddy_masser.ini" deleted "C:\windows\SysNative\Tasks\DealPly" deleted "C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default\searchplugins\BrowserDefender.xml" deleted "C:\Users\Sergeant\AppData\Roaming\Digsby" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader" deleted "C:\Windows\SysWow64\AI_RecycleBin" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-07-04 20:43:35 E9C8673674ECF840EE59ED805DBE9966 41664 ----a-w- C:\Windows\avastSS.scr ====== C:\Users\Sergeant\AppData\Local\Temp ==== 2013-07-04 12:37:20 B0F6507F8666E89DD9F192313D88EB98 389632 ----a-w- C:\Users\Sergeant\AppData\Local\Temp\uninst1.exe 2013-07-04 08:53:42 E990FC354E1A08AC8C7B544FB1A32ABA 376832 ----a-w- C:\Users\Sergeant\AppData\Local\Temp\uninstaller.exe 2013-07-04 08:53:42 CBEA94357CF0600E9096A1AD20C4F48A 123904 ----a-w- C:\Users\Sergeant\AppData\Local\Temp\GenericUninstall.exe 2013-07-04 08:53:16 E8F591D698233F0D06EFC291A2840D26 7464720 ----a-w- C:\Users\Sergeant\AppData\Local\Temp\bundlesweetimsetup.exe 2013-07-04 08:53:08 6E1799926209C193FDB2E05A271C5B49 10340624 ----a-w- C:\Users\Sergeant\AppData\Local\Temp\BackupSetup.exe ====== C:\Windows\SysWOW64 ===== 2013-07-04 20:44:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\config.nt ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-07-04 20:44:10 2B0C485EBE31E02C7B405F8DD072598D 287840 ----a-w- C:\Windows\Sysnative\aswBoot.exe 2013-07-04 08:53:50 D029339C0F59CF662094EDDF8C42B2B5 608080 ----a-w- C:\Windows\Sysnative\msvcp100.dll ====== C:\Windows\Sysnative\drivers ===== 2013-07-04 20:44:23 A5F29AC2F0ADE8B995B49D7350CE3AC0 175 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys.sum 2013-07-04 20:44:23 2E83D2621E87C493AB45DC6655BA77D4 175 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys.sum 2013-07-04 20:44:19 3815DB16CDA62190F5C0A65118F3D714 378944 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys 2013-07-04 20:44:19 0BAEFD3F648C6E7AB52990DD9565E4E2 33400 ----a-w- C:\Windows\Sysnative\drivers\aswFsBlk.sys 2013-07-04 20:44:16 64E2BAB4096C13D2342BC4661C967E07 72016 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys 2013-07-04 20:44:14 8C0800CDB501CFC1164B286A0478DC10 1030952 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys 2013-07-04 20:44:14 29DD8E458A84171202AA4979364C30C0 64288 ----a-w- C:\Windows\Sysnative\drivers\aswTdi.sys 2013-07-04 20:44:13 22F521108881DC59837F6FC614E0568F 189936 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys 2013-07-04 20:44:12 5573AA70993A2BB81525B1C704B88763 65336 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys 2013-07-04 20:44:10 FA562F34ED6633C66170B09182B4C049 80816 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys 2013-07-04 12:49:30 E86C64478D9A90D62255FE9EB0150C6E 175 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys.sum ====== C:\Windows\Tasks ====== 2013-07-04 20:44:10 9380CC70FF6F87D31F7318267188DB9E 4182 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\Program Files (x86) ===== 2013-07-04 08:55:17 -------- d-----w- C:\Program Files (x86)\Free Mouse Auto Clicker 2013-06-21 18:36:13 -------- d-----w- C:\Program Files (x86)\Aeria Games ======= C: ===== 2013-07-05 15:50:43 40506D235CFEAEE7F4D3C3C1C9E6DBC7 15209 ----a-w- C:\AdwCleaner[s1].txt 2013-07-05 15:50:18 FF8CE9601B65B974F4434E8AE6FC279B 15027 ----a-w- C:\AdwCleaner[R1].txt ====== C:\Users\Sergeant\AppData\Roaming ====== 2013-07-02 19:38:40 -------- d-----w- C:\users\Sergeant\AppData\Roaming\DVDVideoSoft 2013-06-27 08:42:25 -------- d-----w- C:\users\Sergeant\AppData\Locallow\ge1164 2013-06-22 13:12:19 -------- d-----w- C:\users\Sergeant\AppData\Roaming\LolClient 2013-06-22 09:34:15 -------- d-----w- C:\users\Sergeant\AppData\Local\PMB Files 2013-06-21 19:45:07 -------- d-----w- C:\users\Sergeant\AppData\Roaming\Awesomium 2013-06-21 19:10:08 -------- d-----w- C:\users\Sergeant\AppData\Local\Aeria Games 2013-06-21 18:41:07 -------- d-----w- C:\users\Sergeant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames ====== C:\Users\Sergeant ====== 2013-07-05 15:49:55 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 ----a-w- C:\Users\Sergeant\Desktop\adwcleaner.exe 2013-07-04 20:44:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus 2013-07-04 08:55:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Mouse Auto Clicker 2013-07-02 19:39:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2013-06-22 11:23:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewFeature1 2013-06-22 09:34:14 -------- d-----w- C:\ProgramData\PMB Files 2013-06-22 09:33:51 -------- d-----w- C:\Users\Sergeant\.swt 2013-06-21 19:09:31 -------- d-----w- C:\ProgramData\Aeria Games 2013-06-21 18:36:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames ====== C: exe-files == 2013-07-06 10:18:51 1822ADC5524849A1101358E26453B200 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1872680462-3295556290-3718705865-1000\$IPNCQME.exe 2013-07-06 10:18:15 CC8FEA70604A0B9A8586D1B9A02FACDE 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1872680462-3295556290-3718705865-1000\$IXXDQ08.exe 2013-07-06 09:10:32 C3190BA6ED6220369EEEED081A14DDFC 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdateOnDemand.exe 2013-07-06 09:10:32 5F42FBCE3A8D9ED552E9852A23CA382F 800024 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdateSetup.exe 2013-07-06 09:10:32 1017788353D8349BF6086B9CDDC8CB7B 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdateBroker.exe 2013-07-06 09:10:26 CA35155F6B4C4DB2513AAAA868BAFF47 324488 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler64.exe 2013-07-06 09:10:26 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdate.exe 2013-07-06 09:10:26 09C87F376507122A5FE1CBE06E015512 239496 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe 2013-07-06 09:10:21 5F42FBCE3A8D9ED552E9852A23CA382F 800024 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.149\GoogleUpdateSetup.exe 2013-07-05 15:49:55 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 ----a-w- C:\Users\Sergeant\Desktop\adwcleaner.exe 2013-07-05 15:49:17 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 ----a-w- C:\Users\Sergeant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LCLX3ZKQ\adwcleaner.exe 2013-07-04 20:44:10 2B0C485EBE31E02C7B405F8DD072598D 287840 ----a-w- C:\Windows\System32\aswBoot.exe 2013-07-04 20:41:01 D42333215F75726DEB98F1F439FA3E62 6604352 ----a-w- C:\Users\Sergeant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\61WOJ3JE\avast_free_antivirus_setup_online.exe 2013-07-04 12:37:20 B0F6507F8666E89DD9F192313D88EB98 389632 ----a-w- C:\Users\Sergeant\AppData\Local\Temp\uninst1.exe 2013-07-04 08:53:59 A19E47E60BCA969F66420154E722F168 917488 ----a-w- C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QU8G04K4\SkywalkerSetup[1].exe 2013-07-04 08:53:42 E990FC354E1A08AC8C7B544FB1A32ABA 376832 ----a-w- C:\Users\Sergeant\AppData\Local\Temp\uninstaller.exe 2013-07-04 08:53:42 CBEA94357CF0600E9096A1AD20C4F48A 123904 ----a-w- C:\Users\Sergeant\AppData\Local\Temp\GenericUninstall.exe 2013-07-04 08:53:16 E8F591D698233F0D06EFC291A2840D26 7464720 ----a-w- C:\Users\Sergeant\AppData\Local\Temp\bundlesweetimsetup.exe 2013-07-04 08:53:08 6E1799926209C193FDB2E05A271C5B49 10340624 ----a-w- C:\Users\Sergeant\AppData\Local\Temp\BackupSetup.exe === C: other files == 2013-07-04 20:44:19 3815DB16CDA62190F5C0A65118F3D714 378944 ----a-w- C:\Windows\System32\drivers\aswSP.sys 2013-07-04 20:44:19 0BAEFD3F648C6E7AB52990DD9565E4E2 33400 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys 2013-07-04 20:44:16 64E2BAB4096C13D2342BC4661C967E07 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2013-07-04 20:44:14 8C0800CDB501CFC1164B286A0478DC10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-07-04 20:44:14 29DD8E458A84171202AA4979364C30C0 64288 ----a-w- C:\Windows\System32\drivers\aswTdi.sys 2013-07-04 20:44:13 22F521108881DC59837F6FC614E0568F 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-07-04 20:44:12 5573AA70993A2BB81525B1C704B88763 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2013-07-04 20:44:10 FA562F34ED6633C66170B09182B4C049 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1872680462-3295556290-3718705865-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\Sergeant\AppData\Local\Akamai\netsession_win.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "Aeria Ignite"="C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe silent" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\Sergeant\AppData\Local\Akamai\netsession_win.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS6ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EA Core] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EA Core" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Electronic Arts\\EADM\\Core.exe\" -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Easybits Recovery] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Easybits Recovery" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\EasyBits For Kids\\ezRecover.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Facebook Update" "hkey"="HKCU" "command"="\"C:\\Users\\Sergeant\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPADVISOR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPADVISOR" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\HPAdvisor.exe autorun=AUTORUN" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LogMeIn Hamachi Ui" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes' Anti-Malware] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Malwarebytes' Anti-Malware" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MurGee.com Auto Clicker] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MurGee.com Auto Clicker" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Auto Clicker\\AutoClicker.exe :silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NortonOnlineBackupReminder] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NortonOnlineBackupReminder" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\Activation\\NobuActivation.exe\" UNATTENDED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Suite Tray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PC Suite Tray" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Nokia\\Nokia PC Suite 7\\PCSuite.exe\" -onlytray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC-Doctor for Windows localizer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PC-Doctor for Windows localizer" "hkey"="HKLM" "command"="C:\\Program Files\\PC-Doctor for Windows\\localizer.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Software Informer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Software Informer" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Software Informer\\softinfo.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Steam" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Steam\\Steam.exe\" -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TPPOLL] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TPPOLL" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\TOPRO\\TPPOLL.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\hp\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk" "backup"="C:\\Windows\\pss\\McAfee Security Scan Plus.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\MCAFEE~1\\202B13~1.181\\SSSCHE~1.EXE " "item"="McAfee Security Scan Plus" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Sergeant^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\Sergeant\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Sergeant\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe " "item"="Dropbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FLEXnet Licensing Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GameConsoleService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Hamachi2Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HP Support Assistant Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\hpqwmiex] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IDriverT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McComponentHostService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvUpdatusService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Steam Client Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Stereo Service] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1872680462-3295556290-3718705865-1000Core.job --a------ [undetermined Task] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1872680462-3295556290-3718705865-1000UA.job --a------ C:\Users\Sergeant\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/07/2012 11:58] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12/03/2010 18:49] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12/03/2010 18:49] C:\Windows\tasks\PCDRScheduledMaintenance.job --a------ C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [18/09/2009 09:11] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default - Html Validator - %ProfilePath%\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default D4BD9F86123C87ECA570418B69326F99 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.170.2 0B6942AC1F6D825AE7FDFF2D6ADDA979 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll - Shockwave Flash 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Sergeant\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director B6A800D881A0176C544988870861E798 - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 12:45] Skype Click to Call - Sergeant - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="Google" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {6E88696E-269A-4512-A138-40D487D7A54D} Bing Url="{searchTerms} - Bing" {E06CF33F-8A8E-464D-BF83-6BD381222BB6} Yahoo//search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1872680462-3295556290-3718705865-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-1872680462-3295556290-3718705865-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-1872680462-3295556290-3718705865-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-1872680462-3295556290-3718705865-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E54729E8-BB3D-4270-9D49-7389EA579090} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{E54729E8-BB3D-4270-9D49-7389EA579090} deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sergeant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Sergeant\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sergeant\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sergeant\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sergeant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\users\Sergeant\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Sergeant\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Sergeant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on za 06/07/2013 at 16:18:56,48 ======================
  8. Ik denk dat ik te vroeg gejuicht heb, daarnet is weer heel de boel vastgelopen, misschien kan je nog problemen uit mijn logjes halen?
  9. Ik kan terug normaal opstarten en heb geen problemen meer Bedankt voor jullie hulp
  10. Ik heb de nodige stappen uitgevoerd, maar "O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.2.5.0.cab" kon HijackThis niet verwijderen (ik zal een foto toevoegen), ook stond "R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Homepage}" er niet meer tussen, dus kon ik het niet verwijderen. Ik Heb AdwCleaner laten lopen: # AdwCleaner v2.304 - Verslag gemaakt op 05/07/2013 om 17:50:43 # Geactualiseerd op 03/07/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Sergeant - SERGEANTM # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Sergeant\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijderd : C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default\bProtector_extensions.rdf File Verwijderd : C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default\searchplugins\Babylon.xml File Verwijderd : C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default\searchplugins\delta.xml File Verwijderd : C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default\searchplugins\search.xml File Verwijderd : C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default\searchplugins\SweetIM Search.xml File Verwijderd : C:\Windows\SysWOW64\conduitEngine.tmp Map Verwijderd : C:\Program Files (x86)\Yontoo Map Verwijderd : C:\ProgramData\Babylon Map Verwijderd : C:\ProgramData\Tarma Installer Map Verwijderd : C:\ProgramData\visualbee Map Verwijderd : C:\Users\Sergeant\AppData\Local\Conduit Map Verwijderd : C:\Users\Sergeant\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc Map Verwijderd : C:\Users\Sergeant\AppData\Local\visualbeeexe Map Verwijderd : C:\Users\Sergeant\AppData\LocalLow\Conduit Map Verwijderd : C:\Users\Sergeant\AppData\LocalLow\Toolbar4 Map Verwijderd : C:\Users\Sergeant\AppData\Roaming\Babylon Map Verwijderd : C:\Users\Sergeant\AppData\Roaming\DealPly Map Verwijderd : C:\Users\Sergeant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly Map Verwijderd : C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default\Conduit Map Verwijderd : C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default\CT2612669 Map Verwijderd : C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8} Map Verwijderd : C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} Map Verwijderd : C:\Users\Sergeant\AppData\Roaming\OpenCandy ***** [Register] ***** Sleutel Verwijderd : HKCU\Software\APN PIP Sleutel Verwijderd : HKCU\Software\Conduit Sleutel Verwijderd : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Sleutel Verwijderd : HKCU\Software\Softonic Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT1934975 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2068683 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2438727 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2538476 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2680363 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Api Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Sleutel Verwijderd : HKLM\Software\Conduit Sleutel Verwijderd : HKLM\Software\Freeze.com Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijderd : HKLM\Software\PIP Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Sleutel Verwijderd : HKLM\SOFTWARE\Tarma Installer Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16457 Vervangen : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/hypercam/{3FCC09D9-58D4-4BD5-8085-96FE5286C7CD} --> hxxp://www.google.com -\\ Mozilla Firefox v19.0 (nl) File : C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default\prefs.js C:\Users\Sergeant\AppData\Roaming\Mozilla\Firefox\Profiles\k8hyjwy4.default\user.js ... Verwijderd ! Verwijderd : user_pref("CT2612669.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Verwijderd : user_pref("CT2612669.CTID", "CT2612669"); Verwijderd : user_pref("CT2612669.CurrentServerDate", "16-3-2011"); Verwijderd : user_pref("CT2612669.DialogsAlignMode", "LTR"); Verwijderd : user_pref("CT2612669.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...] Verwijderd : user_pref("CT2612669.FeedLastCount129206864782289142", 50); Verwijderd : user_pref("CT2612669.FeedPollDate129206864782914144", "Wed Mar 16 2011 13:00:26 GMT+0100 (Romance (s[...] Verwijderd : user_pref("CT2612669.FeedTTL129206864782914144", 40); Verwijderd : user_pref("CT2612669.FirstServerDate", "13-11-2010"); Verwijderd : user_pref("CT2612669.FirstTime", true); Verwijderd : user_pref("CT2612669.FirstTimeFF3", true); Verwijderd : user_pref("CT2612669.FirstTimeSettingsDone", true); Verwijderd : user_pref("CT2612669.FixPageNotFoundErrors", true); Verwijderd : user_pref("CT2612669.GroupingServerCheckInterval", 1440); Verwijderd : user_pref("CT2612669.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Verwijderd : user_pref("CT2612669.Initialize", true); Verwijderd : user_pref("CT2612669.InitializeCommonPrefs", true); Verwijderd : user_pref("CT2612669.InstallationAndCookieDataSentCount", 3); Verwijderd : user_pref("CT2612669.InstalledDate", "Sat Nov 13 2010 18:36:40 GMT+0100 (Romance (standaardtijd))"); Verwijderd : user_pref("CT2612669.IsGrouping", false); Verwijderd : user_pref("CT2612669.IsMulticommunity", false); Verwijderd : user_pref("CT2612669.IsOpenThankYouPage", true); Verwijderd : user_pref("CT2612669.IsOpenUninstallPage", true); Verwijderd : user_pref("CT2612669.LanguagePackLastCheckTime", "Tue Mar 15 2011 21:11:30 GMT+0100 (Romance (standa[...] Verwijderd : user_pref("CT2612669.LanguagePackReloadIntervalMM", 1440); Verwijderd : user_pref("CT2612669.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Verwijderd : user_pref("CT2612669.LastLogin_2.7.2.0", "Wed Mar 16 2011 13:00:26 GMT+0100 (Romance (standaardtijd)[...] Verwijderd : user_pref("CT2612669.LatestVersion", "2.7.2.0"); Verwijderd : user_pref("CT2612669.Locale", "en"); Verwijderd : user_pref("CT2612669.LoginCache", 4); Verwijderd : user_pref("CT2612669.MCDetectTooltipHeight", "83"); Verwijderd : user_pref("CT2612669.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Verwijderd : user_pref("CT2612669.MCDetectTooltipWidth", "295"); Verwijderd : user_pref("CT2612669.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...] Verwijderd : user_pref("CT2612669.SearchFromAddressBarIsInit", true); Verwijderd : user_pref("CT2612669.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...] Verwijderd : user_pref("CT2612669.SearchInNewTabEnabled", true); Verwijderd : user_pref("CT2612669.SearchInNewTabIntervalMM", 1440); Verwijderd : user_pref("CT2612669.SearchInNewTabLastCheckTime", "Tue Mar 15 2011 21:11:30 GMT+0100 (Romance (stan[...] Verwijderd : user_pref("CT2612669.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Verwijderd : user_pref("CT2612669.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Verwijderd : user_pref("CT2612669.SettingsCheckIntervalMin", 120); Verwijderd : user_pref("CT2612669.SettingsLastCheckTime", "Wed Mar 16 2011 13:00:25 GMT+0100 (Romance (standaardt[...] Verwijderd : user_pref("CT2612669.SettingsLastUpdate", "1299166293"); Verwijderd : user_pref("CT2612669.ThirdPartyComponentsInterval", 504); Verwijderd : user_pref("CT2612669.ThirdPartyComponentsLastCheck", "Tue Mar 15 2011 21:11:29 GMT+0100 (Romance (st[...] Verwijderd : user_pref("CT2612669.ThirdPartyComponentsLastUpdate", "1246790578"); Verwijderd : user_pref("CT2612669.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID"); Verwijderd : user_pref("CT2612669.UserID", "UN67089983448997914"); Verwijderd : user_pref("CT2612669.ValidationData_Search", 0); Verwijderd : user_pref("CT2612669.ValidationData_Toolbar", 2); Verwijderd : user_pref("CT2612669.alertChannelId", "1005466"); Verwijderd : user_pref("CT2612669.clientLogIsEnabled", false); Verwijderd : user_pref("CT2612669.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Verwijderd : user_pref("CT2612669.myStuffEnabled", true); Verwijderd : user_pref("CT2612669.myStuffPublihserMinWidth", 400); Verwijderd : user_pref("CT2612669.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Verwijderd : user_pref("CT2612669.myStuffServiceIntervalMM", 1440); Verwijderd : user_pref("CT2612669.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Verwijderd : user_pref("CT2612669.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Verwijderd : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...] Verwijderd : user_pref("CommunityToolbar.ToolbarsList", "CT2612669"); Verwijderd : user_pref("CommunityToolbar.ToolbarsList2", "CT2612669"); Verwijderd : user_pref("CommunityToolbar.twitter.user_20566976.LastCheckTime", "Wed Mar 16 2011 13:00:28 GMT+0100[...] Verwijderd : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers"); Verwijderd : user_pref("extentions.y2layers.installId", "93eea731-92f2-4639-bddb-73c33ee812ac"); -\\ Google Chrome v27.0.1453.116 File : C:\Users\Sergeant\AppData\Local\Google\Chrome\User Data\Default\Preferences Verwijderd [l.2214] : homepage = "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=02EF18A9052C2AB3&affID=121562&tsp=4[...] Verwijderd [l.2419] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=02EF18A9052C[...] ************************* AdwCleaner[R1].txt - [15027 octets] - [05/07/2013 17:50:18] AdwCleaner[s1].txt - [15106 octets] - [05/07/2013 17:50:43] ########## EOF - C:\AdwCleaner[s1].txt - [15167 octets] ########## Nu nog een logje van HijackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:06:21, on 5/07/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Sergeant\AppData\Local\Akamai\netsession_win.exe" O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.aeriagames.com O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.137.0.cab O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12229 bytes Alvast bedankt voor de hulp
  11. Normaal opstarten lukte niet, ik had blijkbaar systeemherstel tot mijn beschikking (windows maakt blijkbaar zelf "back-ups" aan). Alles loopt weer, maar ik zal hieronder toch nog een HijackThis logje plaatsen van de pc nu, kwestie van zeker te zijn Alvast bedankt voor jullie snelle reactie! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:05:09, on 4/07/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe C:\Users\Sergeant\AppData\Local\Akamai\netsession_win.exe C:\Users\Sergeant\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Homepage} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {ef13cf4f-2753-470c-88d2-b10effbc2092} - (no file) R3 - URLSearchHook: (no name) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Sergeant\AppData\Local\Akamai\netsession_win.exe" O4 - HKLM\..\Policies\Explorer\Run: [sysLogger32] rundll32.exe ",z O4 - HKLM\..\Policies\Explorer\Run: [sysLogger64] rundll32.exe "C:\ProgramData\SysLogger\core64_175.dll",z O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.aeriagames.com O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.137.0.cab O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12620 bytes
  12. Goedenamiddag Sinds vandaag kan mijn pc niet meer normaal opstarten, enkel nog in veilige modus. Volgens mij heb ik dus een virus, maar ik heb al 3 scanners (avast, microsoft securety essentials en Malwarebytes) laten lopen (elk apart) en geen vindt iets. Ik heb alvast HijackThis laten lopen Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:39:30, on 4/07/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Safe mode with network support Running processes: C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?ptr=100&crg=3.1010000.10039&barid={390A6460-E487-11E2-B020-18A9052C2AB3} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {ef13cf4f-2753-470c-88d2-b10effbc2092} - (no file) R3 - URLSearchHook: (no name) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\Policies\Explorer\Run: [sysLogger32] rundll32.exe ",z O4 - HKLM\..\Policies\Explorer\Run: [sysLogger64] rundll32.exe "C:\ProgramData\SysLogger\core64_175.dll",z O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.aeriagames.com O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.137.0.cab O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12906 bytes Ik heb geen backups gemaakt voor systeemherstel, dus dat is waarschijnlijk een "dead-end". Alvast bedankt Matthieu Sergeant
  13. Die andere foutmelding komt er niet meer op.., enne mijn virusscanner detecteerd heelde tijd een virus...
  14. Het lukt niet maar er komt altijd op dat mijn systeem het niet toelaat om een bepaalde host te bekijken ofzo en dat is de "notepad c:/windows/system32/drivers/etc/hosts" enne er staat dat ik dat moet aanpassen maar ik weet niet hoe. Ook als ik mijn computer opstart zegt hij dat hij die host niet kan openen. ook zegt de hijackthis op het einde dat hij hijackthis file x86 ook niet kan openen.
  15. Ik snap niet hoe hijackthis werkt, ik ben windows 7 gebruiker en ik zie nergens gebruik als administrator.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.