tuergopt program not found-skipping autocheck

Ben

24-10-2012 13:38

Hallo,
Open een kladblok bestand. (Start>Alle programma’s>Bureau-accessoires>Kladblok),
kopieer en plak het volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenster:
Folder::
c:\program files (x86)\Giant Savings
c:\progra~3\BROWSE~1
Registry::
“AppInit_DLLs”=-
Sla dit op op je Bureaublad als CFScript.txt.
Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :
Dit zal ComboFix doen herstarten.
Na het herstarten van je computer, (indien het vraagt om te herstarten), kopieer en plak de inhoud van Combofix.txt in je volgende antwoord en vertel hoe het gaat.
Gr.Ben
Antivirusprikbord.nl
mar

24-10-2012 16:02

hoi
Hier zijn de logjes van de pc.
Malwarebytes Anti-Malware (PRO) 1.65.1.1000
www.malwarebytes.org
Databaseversie: v2012.10.24.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Gebruiker :: GEBRUIKER-PC
Realtime bescherming: Uitgeschakeld
24-10-2012 13:31:43
mbam-log-2012-10-24 (13-31-43).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 30100
Verstreken tijd: 1 minuut/minuten, 6 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
ComboFix 12-10-24.01 - Gebruiker 24-10-2012 15:49:18.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4055.2528
Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-09-24 to 2012-10-24 ))))))))))))))))))))))))))))))
.
.
2012-10-24 13:53 . 2012-10-24 13:53 ——– d—–w- c:\users\UpdatusUser\AppData\Local\temp
2012-10-24 13:53 . 2012-10-24 13:53 ——– d—–w- c:\users\Public\AppData\Local\temp
2012-10-24 13:53 . 2012-10-24 13:53 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-10-24 13:53 . 2012-10-24 13:53 ——– d—–w- c:\users\AppData\AppData\Local\temp
2012-10-24 10:11 . 2012-10-12 07:19 9291768 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AAB00DFA-D0AE-4C23-90FB-F4CB046142E0}\mpengine.dll
2012-10-22 15:38 . 2012-10-12 07:19 9291768 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-20 05:07 . 2012-10-02 05:13 972192 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3EF9BF17-A8BF-4C28-B789-09751F4415CB}\gapaengine.dll
2012-10-16 19:08 . 2012-10-16 19:09 ——– d—–w- c:\program files (x86)\TuneUp Utilities 2013
2012-10-15 12:40 . 2012-10-15 12:40 477168 —-a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-10-15 12:40 . 2012-10-15 12:40 ——– d—–w- c:\program files (x86)\Java
2012-10-10 21:06 . 2012-08-11 00:56 715776 —-a-w- c:\windows\system32\kerberos.dll
2012-10-10 21:06 . 2012-08-10 23:56 542208 —-a-w- c:\windows\SysWow64\kerberos.dll
2012-10-10 21:06 . 2012-06-02 05:41 1464320 —-a-w- c:\windows\system32\crypt32.dll
2012-10-10 21:06 . 2012-06-02 04:36 1159680 —-a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 21:06 . 2012-06-02 05:41 184320 —-a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 21:06 . 2012-06-02 05:41 140288 —-a-w- c:\windows\system32\cryptnet.dll
2012-10-10 21:06 . 2012-06-02 04:36 140288 —-a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 21:06 . 2012-06-02 04:36 103936 —-a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-10 12:20 . 2012-10-10 12:20 ——– d—–w- c:\users\Gebruiker\AppData\Roaming\Western Software Technologies
2012-10-02 05:14 . 2012-10-02 05:13 972192 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-27 19:24 . 2012-09-27 19:24 ——– d—–w- c:\program files (x86)\TomTom International B.V
2012-09-27 19:24 . 2012-09-27 19:24 ——– d—–w- c:\program files (x86)\MyTomTom 3
2012-09-27 18:11 . 2012-09-27 18:11 ——– d—–w- c:\users\Gebruiker\AppData\Local\CRE
2012-09-26 06:11 . 2012-08-21 21:01 245760 —-a-w- c:\windows\system32\OxpsConverter.exe
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-15 12:40 . 2011-01-18 07:49 473072 —-a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-10 21:25 . 2010-12-10 10:43 65309168 —-a-w- c:\windows\system32\MRT.exe
2012-10-09 12:11 . 2012-08-16 13:19 696760 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 12:11 . 2011-09-11 18:26 73656 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-29 17:54 . 2010-12-11 15:12 25928 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-09-21 17:17 . 2012-09-21 17:11 207 —-a-w- c:\windows\DeleteOnReboot.bat
2012-09-20 17:00 . 2012-09-20 17:00 31080 —-a-w- c:\windows\system32\drivers\avgtpx64.sys
2012-09-19 19:38 . 2012-09-24 06:43 167424 —-a-w- c:\windows\zoek-delete.exe
2012-08-30 20:03 . 2012-08-30 20:03 228768 —-a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2012-03-20 18:44 128456 —-a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-24 11:15 . 2012-09-22 04:28 17810944 —-a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 04:28 10925568 —-a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 04:28 2312704 —-a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 04:28 1346048 —-a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 04:28 1392128 —-a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 04:28 1494528 —-a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 04:28 237056 —-a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 04:28 85504 —-a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 04:28 173056 —-a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 04:28 816640 —-a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 04:28 599040 —-a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 04:28 2144768 —-a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 04:28 729088 —-a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 04:28 96768 —-a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 04:28 2382848 —-a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 04:28 248320 —-a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 04:28 1800704 —-a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 04:28 1129472 —-a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 04:28 1427968 —-a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 04:28 142848 —-a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 04:28 420864 —-a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 04:28 2382848 —-a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-23 08:26 . 2012-09-18 10:43 9310152 ——w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{91822C35-7FDC-4F3B-9DED-AD24212201C4}\mpengine.dll
2012-08-22 18:12 . 2012-09-12 06:46 1913200 —-a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 06:46 950128 —-a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 06:46 376688 —-a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 06:46 288624 —-a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 09:12 . 2011-11-27 19:04 285328 —-a-w- c:\windows\system32\aswBoot.exe
2012-08-20 17:38 . 2012-10-10 21:07 44032 —-a-w- c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 06:46 574464 —-a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 06:46 490496 —-a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe”
“Skype”=“c:\program files (x86)\Skype\Phone\Skype.exe”
“OfficeSyncProcess”=“c:\program files\Microsoft Office\Office14\MSOSYNC.EXE”
“MyTomTomSA.exe”=“c:\program files (x86)\MyTomTom 3\MyTomTomSA.exe”
.
“SwitchBoard”=“c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe”
“AdobeCS6ServiceManager”=“c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe”
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
.
“ConsentPromptBehaviorAdmin”= 0 (0x0)
“ConsentPromptBehaviorUser”= 0 (0x0)
“EnableLUA”= 0 (0x0)
“EnableUIADesktopToggle”= 0 (0x0)
“PromptOnSecureDesktop”= 0 (0x0)
“EnableLinkedConnections”= 1 (0x1)
.
“mixer1”=wdmaud.drv
.
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck turegopt /AM
.
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
@=“Service”
.
“HP Software Update”=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
“SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe”
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe
R2 KMService;KMService;c:\windows\system32\srvany.exe
R2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor64.sys
R2 MBAMService;MBAMService;e:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
R3 SetupNTGLM7X;SetupNTGLM7X;F:\NTGLM7X.sys
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
S2 MBAMScheduler;MBAMScheduler;e:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys
S3 netr7364;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr7364.sys
S3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys
S3 RTL8167;Realtek 8167 NT-stuurprogramma;c:\windows\system32\DRIVERS\Rt64win7.sys
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys
.
.
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhoud van de ‘Gedeelde Taken’ map
.
2012-10-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
.
2012-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
2012-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
.
——— X64 Entries ———–
.
.
“BCSSync”=“c:\program files\Microsoft Office\Office14\BCSSync.exe”
“AdobeAAMUpdater-1.0”=“c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe”
“MSC”=“c:\program files\Microsoft Security Client\msseces.exe”
.
——- Bijkomende Scan ——-
.
uLocal Page = c:\windows\system32\blank.htm
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\3b8i8jfo.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS VERWIJDERD - - - -
.
Wow6432Node-HKLM-Run- - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-SaTaN`s SpeelAutomaten - c:\windows\iun6002.exe
.
.
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (2) (S-1-5-21-1848488349-641486460-2212997090-1000)
@Denied: (2) (LocalSystem)
“Progid”=“WindowsLiveMail.Email.1”
.
@Denied: (2) (S-1-5-21-1848488349-641486460-2212997090-1000)
@Denied: (2) (LocalSystem)
“Progid”=“WindowsLiveMail.VCard.1”
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx”
“ThreadingModel”=“Apartment”
.
@=“0”
.
@=“ShockwaveFlash.ShockwaveFlash.11”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“ShockwaveFlash.ShockwaveFlash”
.
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx”
“ThreadingModel”=“Apartment”
.
@=“FlashFactory.FlashFactory.1”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“FlashFactory.FlashFactory”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-10-24 15:55:42
ComboFix-quarantined-files.txt 2012-10-24 13:55
ComboFix2.txt 2012-10-24 10:05
.
Pre-Run: 278.307.717.120 bytes beschikbaar
Post-Run: 278.227.017.728 bytes beschikbaar
.
- - End Of File - - EF1AE3DDE7000EC95FF3E09A44EC6593
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:02:32, on 24-10-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe” -launchedbylogin
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun
O4 - HKCU\..\Run: “C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”
O4 - HKCU\..\Run: “C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe”
O4 - HKUS\S-1-5-21-1848488349-641486460-2212997090-1003\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-1848488349-641486460-2212997090-1003\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 11731 bytes
alvast bedankt.
mar
Ben

24-10-2012 16:08

Hallo,
Heeft deze pc nog problemen ?
Gr.Ben
Antivirusprikbord.nl
mar

24-10-2012 16:51

Hoi
Bij opstarten komt er een melding tuergopt program not found-skipping autocheck
Hij start gewoon op maar dit komt tijdens het opstarten.
gr mar
mar

24-10-2012 16:52

Hoi
ook bij hert opstarten van de deskop komt deze een melding tuergopt program not found-skipping autocheck
Hij start gewoon op maar dit komt tijdens het opstarten.
gr mar
mar

24-10-2012 17:20

Hoi
Ik hoefde niet opnieuw op te starten.
En ik heb ook geen idee combofix zijn werk heeft gedaan.
Nu ik het opstart lijkt de meldig weg te zijn
bedankt voor zover
gr mar
ComboFix 12-10-23.02 - hansenmarjo 24-10-2012 16:00:58.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6048.3878
Gestart vanuit: c:\users\hansenmarjo\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\hansenmarjo\Desktop\CFScript.txt..txt
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~3\BROWSE~1\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\5075e2b30_2027628.dmp
c:\progra~3\BROWSE~1\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports\5075e2b30_2027628.gz
c:\progra~3\BROWSE~1\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00
c:\progra~3\BROWSE~1\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01
c:\progra~3\BROWSE~1\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02
c:\progra~3\BROWSE~1\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10
c:\progra~3\BROWSE~1\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11
c:\progra~3\BROWSE~1\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12
c:\progra~3\BROWSE~1\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20
c:\progra~3\BROWSE~1\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21
c:\progra~3\BROWSE~1\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\chrome.manifest
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\browsemngr-3.6.xpt
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\browsemngr.js
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\overlay.xul
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\install.rdf
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22
c:\progra~3\BROWSE~1\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe
c:\program files (x86)\Giant Savings
c:\program files (x86)\Giant Savings\Giant Savings.dll
c:\program files (x86)\Giant Savings\Giant Savings.exe
c:\program files (x86)\Giant Savings\Giant Savings.ico
c:\program files (x86)\Giant Savings\Giant Savings.ini
c:\program files (x86)\Giant Savings\Giant SavingsInstaller.log
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-09-24 to 2012-10-24 ))))))))))))))))))))))))))))))
.
.
2012-10-24 15:07 . 2012-10-24 15:07 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-10-24 13:51 . 2012-10-12 07:19 9291768 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DDD962A3-77CF-4648-B065-633B268EA7D3}\mpengine.dll
2012-10-24 08:12 . 2012-10-08 12:28 34656 —-a-w- c:\windows\system32\TURegOpt.exe
2012-10-24 08:12 . 2012-10-08 12:28 25952 —-a-w- c:\windows\system32\authuitu.dll
2012-10-24 08:12 . 2012-10-08 12:28 21344 —-a-w- c:\windows\SysWow64\authuitu.dll
2012-10-24 08:12 . 2012-10-24 08:13 ——– d—–w- c:\program files (x86)\TuneUp Utilities 2013
2012-10-23 20:59 . 2012-10-23 21:00 ——– d—–w- c:\users\hansenmarjo\AppData\Local\Deployment
2012-10-23 20:59 . 2012-10-23 20:59 ——– d—–w- c:\users\hansenmarjo\AppData\Local\Apps
2012-10-21 16:02 . 2012-10-04 11:47 972192 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{54A5A44C-25CD-4905-9191-ABBCD8839B56}\gapaengine.dll
2012-10-21 16:02 . 2012-10-12 07:19 9291768 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-18 08:03 . 2012-10-18 08:03 ——– d—–w- c:\users\hansenmarjo\AppData\Roaming\SunRay Games
2012-10-18 07:42 . 2012-10-18 07:42 ——– d—–w- c:\users\hansenmarjo\AppData\Roaming\SMIGames
2012-10-10 19:47 . 2012-10-10 19:47 ——– d—–w- c:\users\hansenmarjo\AppData\Roaming\DreamTaleGame
2012-10-10 07:59 . 2012-06-02 05:41 184320 —-a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 07:59 . 2012-06-02 05:41 1464320 —-a-w- c:\windows\system32\crypt32.dll
2012-10-10 07:59 . 2012-06-02 04:36 1159680 —-a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 07:59 . 2012-06-02 05:41 140288 —-a-w- c:\windows\system32\cryptnet.dll
2012-10-10 07:59 . 2012-06-02 04:36 140288 —-a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 07:59 . 2012-06-02 04:36 103936 —-a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-10 07:57 . 2012-09-14 19:19 2048 —-a-w- c:\windows\system32\tzres.dll
2012-10-10 07:57 . 2012-09-14 18:28 2048 —-a-w- c:\windows\SysWow64\tzres.dll
2012-10-04 11:47 . 2012-10-04 11:47 972192 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-10-04 11:43 . 2012-10-04 11:43 ——– d—–w- c:\programdata\Intenium
2012-09-26 08:50 . 2012-08-21 21:01 245760 —-a-w- c:\windows\system32\OxpsConverter.exe
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-24 13:49 . 2012-08-21 06:07 45056 —-a-w- c:\windows\SysWow64\acovcnt.exe
2012-10-24 13:49 . 2012-08-20 12:28 387 —-a-w- c:\users\hansenmarjo\AppData\Roaming\sp_data.sys
2012-10-10 07:55 . 2012-08-21 11:30 65309168 —-a-w- c:\windows\system32\MRT.exe
2012-09-29 17:54 . 2012-09-16 21:06 25928 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-08-30 20:03 . 2012-08-30 20:03 228768 —-a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2012-03-20 18:44 128456 —-a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-27 23:49 . 2012-09-14 19:52 9310152 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A1BE10EB-9298-4EED-9960-4B53B21F0C22}\mpengine.dll
2012-08-24 11:15 . 2012-09-22 18:23 17810944 —-a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 18:23 10925568 —-a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 18:23 2312704 —-a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 18:23 1346048 —-a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 18:23 1392128 —-a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 18:23 1494528 —-a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 18:23 237056 —-a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 18:23 85504 —-a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 18:23 173056 —-a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 18:23 816640 —-a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 18:23 599040 —-a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 18:23 2144768 —-a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 18:23 729088 —-a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 18:23 96768 —-a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 18:23 2382848 —-a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 18:23 248320 —-a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 18:23 1800704 —-a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 18:23 1129472 —-a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 18:23 1427968 —-a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 18:23 142848 —-a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 18:23 420864 —-a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 18:23 2382848 —-a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 20:27 1913200 —-a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 20:28 950128 —-a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 20:27 376688 —-a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 20:27 288624 —-a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 09:12 . 2012-09-02 06:59 285328 —-a-w- c:\windows\system32\aswBoot.exe
2012-08-20 17:38 . 2012-10-10 07:58 44032 —-a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 12:28 . 2011-03-29 02:36 19720 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-08-02 17:58 . 2012-09-12 20:28 574464 —-a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 20:28 490496 —-a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe”
.
“ASUSPRP”=“c:\program files (x86)\ASUS\APRP\APRP.EXE”
“ASUSWebStorage”=“c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe”
“SonicMasterTray”=“c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe”
“ATKOSD2”=“c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe”
“ATKMEDIA”=“c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe”
“HControlUser”=“c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe”
“Wireless Console 3”=“c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe”
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe
.
“ConsentPromptBehaviorAdmin”= 0 (0x0)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableLUA”= 0 (0x0)
“EnableUIADesktopToggle”= 0 (0x0)
“PromptOnSecureDesktop”= 0 (0x0)
.
“LoadAppInit_DLLs”=1 (0x1)
.
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
@=“”
.
@=“Service”
.
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
S2 MBAMScheduler;MBAMScheduler;d:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
S2 MBAMService;MBAMService;d:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys
S3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys
.
.
— Andere Services/Drivers In Geheugen —
.
*NewlyCreated* - WS2IFSL
.
Inhoud van de ‘Gedeelde Taken’ map
.
2012-10-24 c:\windows\Tasks\AutoKMS.job
- c:\autokms\AutoKMS.exe
.
2012-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
2012-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
.
——— X64 Entries ———–
.
.
@=“{6D4133E5-0742-4ADC-8A8C-9303440F7190}”
2011-05-25 07:09 227840 —-a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
@=“{64174815-8D98-4CE6-8646-4C039977D808}”
2011-05-25 07:09 227840 —-a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
“IgfxTray”=“c:\windows\system32\igfxtray.exe”
“HotKeysCmds”=“c:\windows\system32\hkcmd.exe”
“SynTPEnh”=“c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe”
“AmIcoSinglun64”=“c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe”
“SynAsusAcpi”=“c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe”
“RtHDVBg”=“c:\program files\Realtek\Audio\HDA\RAVBg64.exe”
“BCSSync”=“c:\program files\Microsoft Office\Office14\BCSSync.exe”
“MSC”=“c:\program files\Microsoft Security Client\msseces.exe”
.
——- Bijkomende Scan ——-
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.nl/
mStart Page = hxxp://asus.msn.com
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
BHO-{11111111-1111-1111-1111-110011441179} - c:\program files (x86)\Giant Savings\Giant Savings.dll
Toolbar-Locked - (no file)
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe
.
.
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx”
“ThreadingModel”=“Apartment”
.
@=“0”
.
@=“ShockwaveFlash.ShockwaveFlash.10”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“ShockwaveFlash.ShockwaveFlash”
.
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx”
“ThreadingModel”=“Apartment”
.
@=“FlashFactory.FlashFactory.1”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“FlashFactory.FlashFactory”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker4”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-10-24 17:13:27
ComboFix-quarantined-files.txt 2012-10-24 15:13
ComboFix2.txt 2012-10-24 11:21
.
Pre-Run: 142.900.326.400 bytes beschikbaar
Post-Run: 142.872.424.448 bytes beschikbaar
.
- - End Of File - - A1B4F14EB625FD4569A67E02A41EEE4C
Ben

24-10-2012 17:41

Hallo,
Laten we eerst de laptop doen en daarna de vaste pc (tu)
Dus dit was de laptop uitslag?
Hier dus probleem opgelost?
Gr.Ben
Antivirusprikbord.nl
mar

24-10-2012 22:23

Hoi
Ja de laptop is opgelost
nu de pc
alvast bedankt
gr mar
Ben

24-10-2012 22:33

Hallo,
Verwijder Combofix.
Ga naar Start.
Kopieer en plak: Combofix /Uninstall in de startzoekbalk.
Druk ENTER en bevestig met OK.
Als het goed is krijg je dan een melding dat Combofix verwijderd werd.
Leeg je prullenbak en verwijder al je oude herstelpunten.
Plaats hierna een HijackThis logje van je pc.(waar we nu verder mee gaan)
Gr.Ben
Antivirusprikbord.nl
mar

25-10-2012 17:28

Hoi
Dit log is van de pc.
Geeft nog steeds tuergopt program not found-skipping autocheck aan bij het opstarten.
gr mar
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:25:55, on 25-10-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Trend Micro\Hijackthis\HijackThis.exe
C:\Windows\SysWOW64\cmd.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe” -launchedbylogin
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun
O4 - HKCU\..\Run: “C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”
O4 - HKCU\..\Run: “C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe”
O4 - HKCU\..\Run: “C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKUS\S-1-5-21-1848488349-641486460-2212997090-1003\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-1848488349-641486460-2212997090-1003\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 11640 bytes

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

tuergopt program not found-skipping autocheck

Ben

mar

Ben

mar

mar

mar

Ben

mar

Ben

mar