Soms langzaam en wat is de log van gmer

jordan634

22-07-2012 11:34

Hallo,
ik had laatst dat het me opviel dat mijn cpu hard aan het werken was ik heb daarom gekeken naar de prossesen en stond dat winword 25% gebruikte en dat twee keer maar ik was niet meer aan het werk in word, en mijn comp. reageert de ene keer langzaam en de andere keer gewoon.
Ik heb daarom gescant met mbam niets gevonden, online niets, en avg niets maar ik had laatst een scan gedraait gmer die verschillende (virussen, ik weet het niet vond) ik heb daar ook een logje van gemaakt als jullie willen kijken wat dat is?
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:20:50, on 22-7-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Jordan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Jordan\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - (no file)
O4 - HKLM\..\Run: C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: “C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” -start
O4 - HKLM\..\Run: “C:\Program Files\AVG\AVG2012\avgtray.exe”
O4 - HKLM\..\Run: C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\RunOnce: C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe
O4 - HKCU\..\Run: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: “C:\Program Files\FileHippo.com\UpdateChecker.exe” /background
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Users\Jordan\AppData\Roaming\Spotify\Spotify.exe” /uri spotify:autostart
O4 - HKCU\..\Run: “C:\Users\Jordan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v1140/Navigram.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
–
End of file - 8612 bytes
GMER 1.0.15.15087 - http://www.gmer.net
Rootkit scan 2012-07-21 10:58:59
Windows 6.1.7601 Service Pack 1
Running: GMER_1.0.15.15087.exe; Driver: C:\Users\Jordan\AppData\Local\Temp\uxryqpob.sys
—- System - GMER 1.0.15 —-
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeKey
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeMultipleKeys
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory
INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E39AF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E39104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E393F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E21634
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E21898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E391DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E39958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E396F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E39F2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E3A1A8
—- Kernel code sections - GMER 1.0.15 —-
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82E943C9 1 Byte
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82ECDD52 19 Bytes {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1357 82ED500C 8 Bytes {ADD AL, 0xf0; PUSH ESI; XCHG EDX, EAX; AAM 0xf0; PUSH ESI; XCHG EDX, EAX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 139F 82ED5054 4 Bytes {JBE 0xffffffffffffffef; PUSH ESI; XCHG EDX, EAX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 166F 82ED5324 8 Bytes
.text ntkrnlpa.exe!KeRemoveQueueEx + 16E3 82ED5398 4 Bytes {PUSH ESI; OUT DX, EAX; PUSH ESI; XCHG EDX, EAX}
.text peauth.sys A0819C9D 28 Bytes
.text peauth.sys A0819CC1 28 Bytes
PAGE peauth.sys A081FB9B 72 Bytes
PAGE peauth.sys A081FBEC 111 Bytes
PAGE peauth.sys A082002C 102 Bytes
—- User code sections - GMER 1.0.15 —-
.text C:\Program Files\Mozilla Thunderbird\thunderbird.exe ntdll.dll!LdrGetProcedureAddress + 26 76F62239 7 Bytes JMP 5FFAD50E C:\Program Files\Mozilla Thunderbird\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Thunderbird\thunderbird.exe kernel32.dll!K32GetDeviceDriverBaseNameW + 5D 760193D6 7 Bytes JMP 6094F868 C:\Program Files\Mozilla Thunderbird\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Thunderbird\thunderbird.exe kernel32.dll!QueryPerformanceCounter + 13 7601C435 7 Bytes JMP 6094F822 C:\Program Files\Mozilla Thunderbird\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Thunderbird\thunderbird.exe GDI32.dll!GetViewportOrgEx + 26C 7639884B 7 Bytes JMP 6094F88F C:\Program Files\Mozilla Thunderbird\xul.dll (Mozilla Foundation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!EnableWindow 76268D02 5 Bytes JMP 6C5A9EAC C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxParamW 76283B9B 5 Bytes JMP 6C50187B C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxIndirectParamW 76293B7F 5 Bytes JMP 6C6F8D86 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxParamA 762ACF42 5 Bytes JMP 6C6F8D21 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxIndirectParamA 762AD274 5 Bytes JMP 6C6F8DEB C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxIndirectA 762BE869 5 Bytes JMP 6C6F8CA8 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxIndirectW 762BE963 5 Bytes JMP 6C6F8C2F C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxExA 762BE9C9 5 Bytes JMP 6C6F8BCB C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxExW 762BE9ED 5 Bytes JMP 6C6F8B67 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe kernel32.dll!CreateThread 7601DCC2 5 Bytes JMP 6C5675CB C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!EnableWindow 76268D02 5 Bytes JMP 6C5A9EAC C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!CallNextHookEx 7626ABE1 5 Bytes JMP 6C5C7FDF C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!UnhookWindowsHookEx 7626ADF9 5 Bytes JMP 6C5EECE0 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DefWindowProcA 7626BB1C 7 Bytes JMP 6C5697F5 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!CreateWindowExA 7626BF40 5 Bytes JMP 6C57362B C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!SetWindowsHookExW 7626E30C 5 Bytes JMP 6C5A25AC C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!CreateWindowExW 7626EC7C 5 Bytes JMP 6C5D03B7 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DefWindowProcW 7627507D 7 Bytes JMP 6C5C8042 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxParamW 76283B9B 5 Bytes JMP 6C50187B C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxIndirectParamW 76293B7F 5 Bytes JMP 6C6F8D86 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxParamA 762ACF42 5 Bytes JMP 6C6F8D21 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxIndirectParamA 762AD274 5 Bytes JMP 6C6F8DEB C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxIndirectA 762BE869 5 Bytes JMP 6C6F8CA8 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxIndirectW 762BE963 5 Bytes JMP 6C6F8C2F C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxExA 762BE9C9 5 Bytes JMP 6C6F8BCB C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxExW 762BE9ED 5 Bytes JMP 6C6F8B67 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe ole32.dll!OleLoadFromStream 74BC6143 5 Bytes JMP 6C6F955F C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe kernel32.dll!CreateThread 7601DCC2 5 Bytes JMP 6C5675CB C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!EnableWindow 76268D02 5 Bytes JMP 6C5A9EAC C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!CallNextHookEx 7626ABE1 5 Bytes JMP 6C5C7FDF C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!UnhookWindowsHookEx 7626ADF9 5 Bytes JMP 6C5EECE0 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DefWindowProcA 7626BB1C 7 Bytes JMP 6C5697F5 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!CreateWindowExA 7626BF40 5 Bytes JMP 6C57362B C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!SetWindowsHookExW 7626E30C 5 Bytes JMP 6C5A25AC C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!CreateWindowExW 7626EC7C 5 Bytes JMP 6C5D03B7 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DefWindowProcW 7627507D 7 Bytes JMP 6C5C8042 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxParamW 76283B9B 5 Bytes JMP 6C50187B C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxIndirectParamW 76293B7F 5 Bytes JMP 6C6F8D86 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxParamA 762ACF42 5 Bytes JMP 6C6F8D21 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxIndirectParamA 762AD274 5 Bytes JMP 6C6F8DEB C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxIndirectA 762BE869 5 Bytes JMP 6C6F8CA8 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxIndirectW 762BE963 5 Bytes JMP 6C6F8C2F C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxExA 762BE9C9 5 Bytes JMP 6C6F8BCB C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxExW 762BE9ED 5 Bytes JMP 6C6F8B67 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe ole32.dll!OleLoadFromStream 74BC6143 5 Bytes JMP 6C6F955F C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe kernel32.dll!CreateThread 7601DCC2 5 Bytes JMP 6C5675CB C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!EnableWindow 76268D02 5 Bytes JMP 6C5A9EAC C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!CallNextHookEx 7626ABE1 5 Bytes JMP 6C5C7FDF C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!UnhookWindowsHookEx 7626ADF9 5 Bytes JMP 6C5EECE0 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DefWindowProcA 7626BB1C 7 Bytes JMP 6C5697F5 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!CreateWindowExA 7626BF40 5 Bytes JMP 6C57362B C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!SetWindowsHookExW 7626E30C 5 Bytes JMP 6C5A25AC C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!CreateWindowExW 7626EC7C 5 Bytes JMP 6C5D03B7 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DefWindowProcW 7627507D 7 Bytes JMP 6C5C8042 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxParamW 76283B9B 5 Bytes JMP 6C50187B C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxIndirectParamW 76293B7F 5 Bytes JMP 6C6F8D86 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxParamA 762ACF42 5 Bytes JMP 6C6F8D21 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!DialogBoxIndirectParamA 762AD274 5 Bytes JMP 6C6F8DEB C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxIndirectA 762BE869 5 Bytes JMP 6C6F8CA8 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxIndirectW 762BE963 5 Bytes JMP 6C6F8C2F C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxExA 762BE9C9 5 Bytes JMP 6C6F8BCB C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe USER32.dll!MessageBoxExW 762BE9ED 5 Bytes JMP 6C6F8B67 C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe ole32.dll!OleLoadFromStream 74BC6143 5 Bytes JMP 6C6F955F C:\Windows\system32\IEFRAME.dll (Internetbrowser/Microsoft Corporation)
—- User IAT/EAT - GMER 1.0.15 —-
IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe @ C:\Windows\system32\USER32.dll C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe @ C:\Windows\system32\GDI32.dll C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe @ C:\Windows\system32\ADVAPI32.dll C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe @ C:\Windows\system32\SHLWAPI.dll C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
—- Devices - GMER 1.0.15 —-
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\0000004a halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
—- EOF - GMER 1.0.15 —-
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Databaseversie: v2012.07.22.03
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Jordan :: JORDAN-PC
22-7-2012 10:30:42
mbam-log-2012-07-22 (10-30-42).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 184550
Verstreken tijd: 3 minuut/minuten, 46 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
fazantje

22-07-2012 20:13

Hoi Jordan,
Start HijackThis en klik op scan en vink de volgende regel aan:
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - (no file)
Sluit alle vensters, behalve hijackthis en klik op Fix checked.
Download ComboFix >>hier<<, tevens kunt u daar lezen hoe u Combofix dient te gebruiken.
BELANGRIJK ! Sla ComboFix.exe op je Bureaublad op.
Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.
Hier is een handleiding over hoe je ze kan uitschakelen: hier of hier
Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
Dubbelklik op “Combofix.exe” om de tool te starten.
Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de ‘tool’ vastlopen.
Note: Als er een error wordt getoond met de melding “Illegal operation attempted on a registery key that has been marked for deletion”, herstart dan de computer.
Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht, samen met een nieuw HijackThis logje.
Succes,
Huib;)
jordan634

22-07-2012 20:14

ik kom er ook achter dat mijn hardschijf van 146 GB voorheen voor drie kwart vol zat en als ik er nu naar kijk voor maar een kwart
fazantje

22-07-2012 20:37

Hoi Jordan,
Voer even uit wat er gevraagd is en we kunnen verder kijken.
Wat harde schijf betreft kan ik nu nog niets over zeggen.
Succes,
Huib;)
jordan634

22-07-2012 20:40

C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\AVG\AVG2012\avgcfgex.exe
C:\Windows\Explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jordan\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: “C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” -start
O4 - HKLM\..\Run: “C:\Program Files\AVG\AVG2012\avgtray.exe”
O4 - HKLM\..\Run: C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”
O4 - HKLM\..\RunOnce: C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe
O4 - HKCU\..\Run: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: “C:\Program Files\FileHippo.com\UpdateChecker.exe” /background
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Users\Jordan\AppData\Roaming\Spotify\Spotify.exe” /uri spotify:autostart
O4 - HKCU\..\Run: “C:\Users\Jordan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v1140/Navigram.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
–
End of file - 8656 bytes
ComboFix 12-07-21.01 - Jordan 22-07-2012 20:29:54.2.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3503.2392
Gestart vanuit: c:\users\Jordan\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-06-22 to 2012-07-22 ))))))))))))))))))))))))))))))
.
.
2012-07-22 18:33 . 2012-07-22 18:33 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-07-22 13:45 . 2012-07-22 13:45 ——– d—–w- c:\users\Jordan\AppData\Local\ElevatedDiagnostics
2012-07-21 17:54 . 2012-07-21 17:54 ——– d-sh–w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-07-19 16:00 . 2012-07-19 16:13 ——– d—–w- c:\programdata\Spotnet
2012-07-19 16:00 . 2012-07-19 16:00 ——– d—–w- c:\program files\Spotnet
2012-07-19 13:57 . 2012-07-19 14:25 ——– d—–w- c:\users\Jordan\AppData\Roaming\pdfforge
2012-07-19 13:57 . 2012-07-05 11:02 81920 —-a-w- c:\windows\system32\pdfcmon.dll
2012-07-19 13:57 . 2004-03-08 23:00 662288 —-a-w- c:\windows\system32\MSCOMCT2.OCX
2012-07-19 13:57 . 2012-07-19 13:57 ——– d—–w- c:\program files\PDFCreator
2012-07-19 13:57 . 1998-07-05 23:00 23552 —-a-w- c:\windows\system32\MSMPIDE.DLL
2012-07-17 08:02 . 2012-07-22 09:42 ——– d—–r- c:\users\Public
2012-07-16 13:57 . 2012-07-16 14:11 ——– d—–w- c:\program files\SpotLite
2012-07-14 15:02 . 2012-07-22 10:47 ——– d—–w- c:\users\Jordan\AppData\Local\Spotify
2012-07-14 15:02 . 2012-07-22 18:16 ——– d—–w- c:\users\Jordan\AppData\Roaming\Spotify
2012-07-11 17:18 . 2012-05-31 03:41 6762896 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B80A18C2-DEF7-4ADD-8FA0-69308D125C1D}\mpengine.dll
2012-07-11 04:43 . 2012-06-12 02:40 2345984 —-a-w- c:\windows\system32\win32k.sys
2012-07-06 18:19 . 2012-05-04 09:59 514560 —-a-w- c:\windows\system32\qdvd.dll
2012-06-30 17:10 . 2012-06-30 17:10 ——– d—–w- c:\windows\nl
2012-06-30 17:06 . 2012-06-30 17:06 89944 —-a-w- c:\program files\Common Files\Windows Live\.cache\a74371e21cd56e201\DSETUP.dll
2012-06-30 17:06 . 2012-06-30 17:06 537432 —-a-w- c:\program files\Common Files\Windows Live\.cache\a74371e21cd56e201\DXSETUP.exe
2012-06-30 17:06 . 2012-06-30 17:06 1801048 —-a-w- c:\program files\Common Files\Windows Live\.cache\a74371e21cd56e201\dsetup32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-22 18:09 . 2011-09-19 14:30 17488 —-a-w- c:\windows\gdrv.sys
2012-07-12 14:34 . 2012-05-28 09:06 426184 —-a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-12 14:34 . 2011-09-19 17:46 70344 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-07 14:22 . 2012-04-23 13:03 772592 —-a-w- c:\windows\system32\npdeployJava1.dll
2012-07-07 14:22 . 2011-09-19 17:49 687600 —-a-w- c:\windows\system32\deployJava1.dll
2012-07-03 11:46 . 2011-11-25 15:37 22344 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-06-02 22:19 . 2012-06-22 05:26 53784 —-a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 05:26 45080 —-a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 05:26 35864 —-a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 05:26 577048 —-a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-22 05:26 1933848 —-a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-22 05:26 2422272 —-a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-22 05:26 88576 —-a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 05:26 171904 —-a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-22 05:26 33792 —-a-w- c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2011-10-06 08:57 237072 ——w- c:\windows\system32\MpSigStub.exe
2012-05-01 04:44 . 2012-06-13 04:19 164352 —-a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:17 . 2012-06-13 04:19 183808 —-a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 04:45 . 2012-06-13 04:19 58880 —-a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 04:45 . 2012-06-13 04:19 129536 —-a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:41 . 2012-06-13 04:19 8192 —-a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 04:36 . 2012-06-13 04:19 140288 —-a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 04:19 1158656 —-a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 04:19 103936 —-a-w- c:\windows\system32\cryptnet.dll
2007-03-12 16:59 . 2007-03-12 16:59 299008 —-a-w- c:\program files\navigram_register.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
“ISUSPM Startup”=“c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe”
“FileHippo.com”=“c:\program files\FileHippo.com\UpdateChecker.exe”
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe”
“Spotify”=“c:\users\Jordan\AppData\Roaming\Spotify\Spotify.exe”
“Spotify Web Helper”=“c:\users\Jordan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”
.
“RtHDVCpl”=“c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe”
“ISUSScheduler”=“c:\program files\Common Files\InstallShield\UpdateService\issch.exe”
“AVG_TRAY”=“c:\program files\AVG\AVG2012\avgtray.exe”
“CanonMyPrinter”=“c:\program files\Canon\MyPrinter\BJMyPrt.exe”
“CanonSolutionMenuEx”=“c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE”
“IgfxTray”=“c:\windows\system32\igfxtray.exe”
“HotKeysCmds”=“c:\windows\system32\hkcmd.exe”
“Persistence”=“c:\windows\system32\igfxpers.exe”
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“GrooveMonitor”=“c:\program files\Microsoft Office\Office12\GrooveMonitor.exe”
.
“RPMKickstart”=“c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe”
.
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
“aux”=wdmaud.drv
.
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup
.
backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup
backupExtension=.Startup
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\system32\IntelCpHeciSvc.exe
R3 cpuz134;cpuz134;c:\users\Jordan\AppData\Local\Temp\Rar$EXa0.369\pcwiz_x32.sys
R3 etdrv;etdrv;c:\windows\etdrv.sys
R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe
R3 GVTDrv;GVTDrv;c:\windows\system32\Drivers\GVTDrv.sys
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe
S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files\GIGABYTE\EnergySaver2\des2svr.exe
S2 Smart TimeLock;Smart TimeLock Service;c:\program files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys
S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys
.
.
Inhoud van de ‘Gedeelde Taken’ map
.
2012-07-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
2012-07-12 c:\windows\Tasks\Norton Security Scan for Jordan.job
- c:\progra~1\NORTON~2\Engine\361~1.11\Nss.exe
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.nl/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 188.142.0.22 188.142.0.6
.
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-07-22 20:34:26
ComboFix-quarantined-files.txt 2012-07-22 18:34
.
Pre-Run: 112.945.651.712 bytes beschikbaar
Post-Run: 113.404.841.984 bytes beschikbaar
.
- - End Of File - - F5581A3382DFA5A15FC7D1BF6F4F22DA
fazantje

22-07-2012 20:55

Hoi Jordan,
De logjes zien er goed uit.
Doe het volgende nog even:
Download OTC.exe (by OldTimer) hier.
• Plaats het bestand op je bureaublad.
• Zorg dat er een internetverbinding is.
• Klik vervolgens met je rechtermuisknop op OTCleanIt.exe en kies voor Run as Administrator (Nederlands: Uitvoeren als Administrator) om het programma te starten.
• Lukt dat niet , doen dan dubbelklikken op het icoon.
• Klik nu op de knop “CleanUp!”
• Als je firewall, of een ander beveiligingsprogramma, een waarschuwing geeft dat OTC.exe internettoegang wil, mag je dit toestaan, het programma heeft die connectie nodig.
• OTC zal als laatste vragen of je de computer herstarten wilt, dit mag je toestaan, hiermee verwijdert het zichzelf ook.
Download AdwCleaner by Xplode hier, en plaats het op jou Bureaublad.
Sluit alle openstaande vensters.
Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren…
Klik vervolgens op Delete.
Klik bij AdwCleaner – Information op OK
Klik bij AdwCleaner – Restart Required op OK
Alle icoontjes verdwijnen van het Bureaublad,dit is normaal, maar komen terug.
Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner.txt ) post de inhoud in een volgende bericht.
Succes,
Huib;)
jordan634

22-07-2012 21:13

fazantje Schreef:
——————————————————-
> Hoi Jordan,
>
> De logjes zien er goed uit.
>
> Doe het volgende nog even:
>
> Download OTC.exe (by OldTimer) hier.
> • Plaats het bestand op je bureaublad.
> • Zorg dat er een internetverbinding is.
> • Klik vervolgens met je rechtermuisknop op
> OTCleanIt.exe en kies voor Run as Administrator
> (Nederlands: Uitvoeren als Administrator) om het
> programma te starten.
> • Lukt dat niet , doen dan dubbelklikken op het
> icoon.
> • Klik nu op de knop “CleanUp!”
> • Als je firewall, of een ander
> beveiligingsprogramma, een waarschuwing geeft dat
> OTC.exe internettoegang wil, mag je dit toestaan,
> het programma heeft die connectie nodig.
> • OTC zal als laatste vragen of je de computer
> herstarten wilt, dit mag je toestaan, hiermee
> verwijdert het zichzelf ook.
>
>
> Download AdwCleaner by Xplode hier, en plaats het
> op jou Bureaublad.
>
> Sluit alle openstaande vensters.
> Rechtsklik op AdwCleaner en selecteer als
> Administrator uitvoeren…
> Klik vervolgens op Delete.
>
> Klik bij AdwCleaner – Information op OK
> Klik bij AdwCleaner – Restart Required op OK
>
> Alle icoontjes verdwijnen van het Bureaublad,dit
> is normaal, maar komen terug.
> Je PC word opnieuw opgestart en er een opent
> logfile (C:\ AdwCleaner.txt ) post de inhoud in
> een volgende bericht.
>
> Succes,
> Huib;)
>
# AdwCleaner v1.703 - Logfile created 07/22/2012 at 21:06:29
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Jordan - JORDAN-PC
# Running from : C:\Users\Jordan\Desktop\adwcleaner.exe
# Option
# AdwCleaner v1.703 - Logfile created 07/22/2012 at 21:06:57
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Jordan - JORDAN-PC
# Running from : C:\Users\Jordan\Desktop\adwcleaner.exe
# Option
***** *****
***** *****
Folder Deleted : C:\Users\Jordan\AppData\Local\Babylon
Folder Deleted : C:\Users\Jordan\AppData\Local\Conduit
Folder Deleted : C:\Users\Jordan\AppData\LocalLow\Bandoo
Folder Deleted : C:\Users\Jordan\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jordan\AppData\LocalLow\jziptoolbar
Folder Deleted : C:\Users\Jordan\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Jordan\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Jordan\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Jordan\AppData\Roaming\Bandoo
Folder Deleted : C:\Users\Jordan\AppData\Roaming\pdfforge
Folder Deleted : C:\Program Files\Windows jZip Toolbar
***** *****
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2780316
Key Deleted : HKCU\Software\AppDataLow\Software\RewardsArcade
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\bandoo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\RewardsArcade.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\RewardsArcade.FBApi
Key Deleted : HKLM\SOFTWARE\Classes\RewardsArcade.FBApi.1
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\SweetIM
***** *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{60BE6B2E-F2F5-4404-AA1E-4381D4A6EEA2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E48C56F-08CD-43AA-A6EF-C1EC891551AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
***** *****
-\\ Internet Explorer v9.0.8112.16421
Registry is clean.
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner.txt - ##########
fazantje

22-07-2012 21:24

Hoi Jordan,
Dit was een mooie opruiming, zoals je zelf al zag(tu)
Nu je harde schijf:
Dit heeft niets te maken met de problemen die je had, en daarom verwijs ik je dan ook naar de colega van het hard- en software prikbord (klik hier )
Vertel even dat je van hier bent door gestuurd;)
Succes,
Huib;)
jordan634

22-07-2012 21:24

Er is iets heel raars aan de hand lijkt wel in de disscussie lijst onder mij nog iemand met de zelfde naam is dat puur toeval of niet?
fazantje

22-07-2012 21:33

Hoi Jordan,
Dit is geen puur toeval.
Dit ben jij zelf:D
Mail adres e.d. is het zelfde.
Begint jou achternaam met een K
Kijk even naar de datum: 25-10-2011
Groetjes Huib;)

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Soms langzaam en wat is de log van gmer

jordan634

fazantje

jordan634

fazantje

jordan634

fazantje

jordan634

fazantje

jordan634

fazantje