Archief - Verkenner start voortdurend opnieuw op

Beste Hijackthis-specialisten. Bij deze post ik onderstaand logje uit wanhoop omdat ik een vervelend probleem met mijn 3 weken oude laptop maar niet opgelost krijg. Het is namelijk zo dat windows verkenner steeds crasht/heropstart bv. wanneer ik bepaalde mappen of bestanden open. Het is me echter niet volledig duidelijk wanneer wel en wanneer niet.

Ik heb zelf al enkele pogingen ondernomen om het probleem op te lossen:
-scan met Mc Afee (was de vooringestalleerde virusscanner, nu vervangen door AVG)
-Scan met AVG
-Scan met Spybot
-Scan met Malwarebytes


...allemaal zonder resultaat

Vervolgens heb ik gegoogled en 'oplossingen' gevonden zoals SFC /SCANNOW en systeemherstel. Beiden heb ik uitgevoerd eveneens zonder succes. Vandaar dus nu deze nieuwe poging.

Ik kan er nog bij vertellen dat de eerste dagen dat ik mijn laptop had problemen heb gehad met een virus (vanwege zwakke Mc Afee bescherming) dat de homepage van firefox had overgenomen (claro-search). Via syteemherstel is dit ondertussen wel verholpen, maar mogelijk hangt het probleem hiermee samen.

Kan iemand mij hiermee helpen?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:34:19, on 4/12/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Q:\140066.nld\Office14\EXCELC.EXE
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
Q:\140066.nld\Office14\OffSpon.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\program files (x86)\avira\antivir desktop\ipmGui.exe
C:\Users\Dries\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to the VAIO portal
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to the VAIO portal
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
F2 - REGystem.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Online Backup Service (MOBK649backup) - Unknown owner - C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14080 bytes

Hallo, we gaan de volgende tool inzetten. zoek.exe ®by smeenk.




De scan kan een tijdje duren omdat je hele schijf afgezocht wordt naar recent geplaatste bestanden.

"zoek.exe" gebruiken:

• Schakel je antivirus- en antispywareprogramma's uit, zoek.exe wordt tijdens het downloaden of tijdens het gebruik soms als trojan aangezien.
  (hier of hier) kan je lezen hoe je dat doet.
• Download daarna zoek.exe naar het bureaublad.
• Start de tool middels dubbelklik op "zoek.exe".
• Vervolgens zal er na een tijdje een venster geopend worden.
• Met je muis selecteer je nu de volgende keuze "Combined fix"(rechts onderaan)
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
  Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  
  
  Code:

  skipstartpage-iedefaults;
  MOBK649backup;s
  emptyclsid;
  emptyjava;
  emptyflash;
  emptyiecache;
  emptytemp;
  filesrcm;
  startupall;
  emptyIEcache;
  emptyFFcache;
  iedefaults;http://www.google.com

• Sluit nu eerst alle overige nog openstaande programmavensters!
• Klik daarna op de knop "Run script".
• Wacht nu geduldig af tot er een logje opent(dit kan na een herstart zijn)
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
• Post nu de inhoud van het geopende logje in het volgende bericht.

Zoek.exe Version 3.0.0.4 Updated 03-December-2012
Tool run by Dries on wo 05/12/2012 at 20:17:24,23.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2596478539-1987348851-2133571912-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MOBK649backup deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MOBK649backup deleted successfully

==== Deleting Files \ Folders ======================

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\Web Search.xml" deleted
"C:\Users\Dries\AppData\Local\funmoods-speeddial_sf.crx" deleted
"C:\Users\Dries\AppData\Roaming\Mozilla\Firefox\Profiles\5k7tgctu.default\bProtector_extensions.sqlite" deleted
"C:\Users\Dries\AppData\Roaming\Mozilla\Firefox\Profiles\t7sgeum8.default-1353446392551\bProtector_extensions.sqlite" deleted
"C:\ProgramData\Browser Manager" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2012-11-21 19:07:40 127AA81343A7C6F665C22CB1293B0A90 67072 ----a-w- C:\Windows\splwow64.exe
====== C:\Users\Dries\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
2012-11-27 02:18:34 2AF2FDFAFEC52085F569AC1C88A4C1FA 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2012-11-27 02:18:34 00721F540637A42E694C42DDD7A2F002 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2012-11-27 02:18:33 E4966988D2BF90B7A5866401B830FA74 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2012-11-27 02:18:33 3503F9D68A11DAF4B3AC0270F85726CD 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll
2012-11-27 02:18:32 FC4EE980C3BD87D35816EC55007E00B5 1103872 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2012-11-27 02:18:32 70D02070AC871E388654C4622215D589 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2012-11-27 02:18:32 51E6B19ACFACDBB372003EE016287E82 231936 ----a-w- C:\Windows\SysWOW64\url.dll
2012-11-27 02:18:32 081F82EDB9B37A0FC60700C0DD96347D 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2012-11-27 02:18:31 708B31095F51A8170AA9D4DAF32A1A89 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2012-11-27 02:18:30 9CB0D2A9A77D91D9614355EE9FF00519 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll
2012-11-27 02:18:29 962C8A3AF8CA4ABF553E367368565335 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2012-11-27 02:18:28 58F9A2103EC5DF0F2D77851958AB0124 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll
2012-11-27 02:18:28 50D09C6DBD5D5E447B284116D1A26F62 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2012-11-27 02:18:28 3178C47DB9F1615E5334029607BD3459 1793024 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2012-11-27 02:18:27 8D1BB1E5A033E8817EF94A9047630165 12320768 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2012-11-27 02:18:25 A6B73FCB9496DB101F3066CAF5A7DA4B 9738240 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2012-11-27 02:02:54 B2DB6ABA2E292235749B80A9C3DFA867 159232 ----a-w- C:\Windows\SysWOW64\imagehlp.dll
2012-11-27 02:02:53 907281ED4AD35D41B29FFDC211EBAD80 5120 ----a-w- C:\Windows\SysWOW64\wmi.dll
2012-11-22 22:32:47 86F34E7288DA428E38E2D8C7E806A871 826880 ----a-w- C:\Windows\SysWOW64\rdpcore.dll
2012-11-22 06:51:57 60D21799A4AF4EDCE65FB98830E4B0C8 1159680 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2012-11-22 06:51:56 CA79539D3D4C0BA66F0F051A5EE5E923 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll
2012-11-22 06:51:56 96C0E38905CFD788313BE8E11DAE3F2F 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2012-11-27 02:34:49 51DFBD18A435BAEC1F71A692373ECE4F 9728 ----a-w- C:\Windows\Sysnative\Wdfres.dll
2012-11-27 02:29:55 85D6E8F735865B502D65D1D91A79E3F3 294912 ----a-w- C:\Windows\Sysnative\browserchoice.exe
2012-11-27 02:18:34 22ADC5B4DFEE3DF09F1424423B43B8A7 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2012-11-27 02:18:34 0B17E54A477B6EF742D2088D6E9BA5C5 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2012-11-27 02:18:32 FF8CD2FD4356FB411FB14C1EC117C668 237056 ----a-w- C:\Windows\Sysnative\url.dll
2012-11-27 02:18:32 E519FD2CE6D57062400537C95C3B17FD 1346048 ----a-w- C:\Windows\Sysnative\urlmon.dll
2012-11-27 02:18:32 DE35C7EEE60336A117F4E1E47695BC3A 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2012-11-27 02:18:32 AA03ACA22B693F20F0C6FDAA80DBFC8B 248320 ----a-w- C:\Windows\Sysnative\ieui.dll
2012-11-27 02:18:32 11103CC5A1A78E347BBDDAC564256D1A 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2012-11-27 02:18:31 F677FFFD0FF78CE64B2DBFB21BB268DB 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll
2012-11-27 02:18:31 641BE9D78EE70D3BD9A7AA40B9C14334 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2012-11-27 02:18:30 A19DB004D954BBC9C4EC125711E1D1C2 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll
2012-11-27 02:18:30 1485AF99450A5BDF1E06CF8A178B90D4 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2012-11-27 02:18:28 F83E66031901DC0DCCE30CBC4265A762 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll
2012-11-27 02:18:28 D25968D163EC487A50C8C6A91D4134B4 2144768 ----a-w- C:\Windows\Sysnative\iertutil.dll
2012-11-27 02:18:28 66A6C95E11193743FCD4C3A70972860B 816640 ----a-w- C:\Windows\Sysnative\jscript.dll
2012-11-27 02:18:26 6D4F838E72EEEB3D6FB16A5A45632560 17811968 ----a-w- C:\Windows\Sysnative\mshtml.dll
2012-11-27 02:18:26 180A7380320AF73CCF7F7D8880CA2193 10925568 ----a-w- C:\Windows\Sysnative\ieframe.dll
2012-11-27 02:13:00 B20F051B03A966392364C83F009F7D17 84992 ----a-w- C:\Windows\Sysnative\WUDFSvc.dll
2012-11-27 02:13:00 B1DF2D87DC8BF6072699AC8301B37796 194048 ----a-w- C:\Windows\Sysnative\WUDFPlatform.dll
2012-11-27 02:12:59 F1617F1014D51987D517A4C37A7C733B 45056 ----a-w- C:\Windows\Sysnative\WUDFCoinstaller.dll
2012-11-27 02:12:59 8ABFE00F213F2571498F1B8FD7939A98 229888 ----a-w- C:\Windows\Sysnative\WUDFHost.exe
2012-11-27 02:12:59 25AE683DCB4AE7E6F1B193A0CB9DB35F 744448 ----a-w- C:\Windows\Sysnative\WUDFx.dll
2012-11-27 02:02:54 A1BE6A720D02E37F72E9CD89AE9CB3CF 81408 ----a-w- C:\Windows\Sysnative\imagehlp.dll
2012-11-27 02:02:53 C00DB14550E4BD49737F311C644E45FF 5120 ----a-w- C:\Windows\Sysnative\wmi.dll
2012-11-22 22:32:47 4474A8AEABD056DF636FD4FBEF49353B 1031680 ----a-w- C:\Windows\Sysnative\rdpcore.dll
2012-11-22 06:51:57 12EE6FE9268CEE6D90FDCCBF89236C65 1464320 ----a-w- C:\Windows\Sysnative\crypt32.dll
2012-11-22 06:51:56 9C01375BE382E834CC26D1B7EAF2C4FE 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll
2012-11-22 06:51:56 8792BAB371B4B1589E015B6FD1ED3B15 140288 ----a-w- C:\Windows\Sysnative\cryptnet.dll
====== C:\Windows\Sysnative\drivers =====
2012-12-03 21:24:34 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2012-11-27 02:34:53 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-11-27 02:34:49 AEA0A67275CFBA0E463E00C6E9A1DDAE 54376 ----a-w- C:\Windows\Sysnative\drivers\WdfLdr.sys
2012-11-27 02:34:49 442783E2CB0DA19873B7A63833FF4CB4 785512 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
2012-11-27 02:13:00 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys
2012-11-27 02:13:00 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys
2012-11-27 02:12:59 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2012-11-27 02:02:54 6BD9295CC032DD3077C671FCCF579A7B 23408 ----a-w- C:\Windows\Sysnative\drivers\fs_rec.sys
2012-11-23 23:14:48 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_09_00.Wdf
2012-11-22 22:32:46 51C5ECEB1CDEE2468A1748BE550CFBC8 23552 ----a-w- C:\Windows\Sysnative\drivers\tdtcp.sys
2012-11-21 19:15:50 37608401DFDB388CAF66917F6B2D6FB0 1914248 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2012-11-21 19:15:49 7942B7AC3FF598F8A1736D51ADAF04E8 376688 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
2012-11-21 19:15:46 910DD6694848872FD3B8F42BAF801D0A 288624 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2012-11-21 19:15:44 1B16D0BD9841794A6E0CDE0CEF744ABC 45568 ----a-w- C:\Windows\Sysnative\drivers\tcpipreg.sys
2012-11-21 19:13:03 9AC4F97C2D3E93367E2148EA940CD2CD 458704 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2012-11-21 19:13:02 97A7070AEA4C058B6418519E869A63B4 95600 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2012-11-21 19:13:02 26C43A7C2862447EC59DEDA188D1DA07 151920 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2012-11-21 19:12:55 E453ACF4E7D44E5530B5D5F2B9CA8563 1659760 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys
2012-11-21 19:10:06 760E38053BF56E501D562B70AD796B88 950128 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys
2012-11-21 19:10:00 0E01641D96889BDEB22DE12D30575B08 41472 ----a-w- C:\Windows\Sysnative\drivers\RNDISMP.sys
2012-11-21 19:09:39 E61608AA35E98999AF9AAEEEA6114B0A 210944 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys
2012-11-21 19:09:01 1C7857B62DE5994A75B054A9FD4C3825 498688 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
2012-11-21 19:08:58 E9766131EEADE40A27DC27D2D68FBA9C 75120 ----a-w- C:\Windows\Sysnative\drivers\partmgr.sys
2012-11-21 19:08:47 738D0E9272F59EB7A1449C3EC118E6C4 552960 ----a-w- C:\Windows\Sysnative\drivers\bthport.sys
2012-11-21 18:15:36 CD0E732347BF09717E0BDDC0C66699AB 27800 ----a-w- C:\Windows\Sysnative\drivers\avkmgr.sys
2012-11-21 18:15:36 58AEE8F9E26595ADEB6F008FBB0D6174 98888 ----a-w- C:\Windows\Sysnative\drivers\avgntflt.sys
2012-11-21 18:15:36 37D3D3D28B107BCBC1C0137FF31AE480 129216 ----a-w- C:\Windows\Sysnative\drivers\avipbb.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2012-11-27 19:41:06 -------- d-----w- C:\Program Files\Microsoft Office
======= C:\Program Files (x86) =====
2012-12-05 02:02:48 -------- d-----w- C:\Program Files (x86)\Common Files\Skype
2012-12-05 02:02:48 -------- d-----r- C:\Program Files (x86)\Skype
2012-11-30 20:36:13 -------- d-----w- C:\Program Files (x86)\mkv2vob
2012-11-30 20:35:24 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-11-27 19:41:07 -------- d-----w- C:\Program Files (x86)\Common Files\DESIGNER
2012-11-27 19:41:06 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-11-21 20:53:31 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-20 20:16:18 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2012-11-20 19:53:23 -------- d-----w- C:\Program Files (x86)\Avira
2012-11-18 13:55:51 -------- d-----w- C:\Program Files (x86)\uTorrent
2012-11-12 21:16:21 -------- d-----w- C:\Program Files (x86)\DVDVideoSoft
2012-11-12 21:16:21 -------- d-----w- C:\Program Files (x86)\Common Files\DVDVideoSoft
======= C: =====
====== C:\Users\Dries\AppData\Roaming ======
2012-12-05 02:02:55 -------- d-----w- C:\users\Dries\AppData\Roaming\Skype
2012-11-27 19:42:02 -------- d-----w- C:\users\Dries\AppData\Local\SoftGrid Client
2012-11-27 19:42:01 -------- d-----w- C:\users\Dries\AppData\Roaming\SoftGrid Client
2012-11-27 19:40:27 -------- d-----w- C:\users\Dries\AppData\Roaming\TP
2012-11-21 20:40:24 -------- d-----w- C:\users\Dries\AppData\Local\ElevatedDiagnostics
2012-11-20 20:15:35 -------- d-----w- C:\users\Dries\AppData\Local\Programs
2012-11-20 20:01:03 -------- d-----w- C:\users\Dries\AppData\Local\Diagnostics
2012-11-20 19:59:37 -------- d-----w- C:\users\Dries\AppData\Roaming\Avira
2012-11-18 13:54:13 -------- d-----w- C:\users\Dries\AppData\Roaming\uTorrent
2012-11-16 23:57:13 -------- d-----w- C:\users\Dries\AppData\Local\Google
2012-11-12 21:16:46 -------- d-----w- C:\users\Dries\AppData\Roaming\DVDVideoSoftIEHelpers
2012-11-12 21:14:59 -------- d-----w- C:\users\Dries\AppData\Roaming\DVDVideoSoft
2012-11-12 20:51:14 -------- d-----w- C:\users\Dries\AppData\Local\Mozilla
2012-11-12 20:51:13 -------- d-----w- C:\users\Dries\AppData\Roaming\Mozilla
2012-11-12 18:53:34 -------- d-----w- C:\users\Dries\AppData\Roaming\Adobe
2012-11-12 18:51:40 -------- d-----w- C:\users\Dries\AppData\Roaming\ATI
2012-11-12 18:51:40 -------- d-----w- C:\users\Dries\AppData\Local\ATI
2012-11-12 18:50:52 -------- d-----w- C:\users\Dries\AppData\Roaming\Intel Corporation
2012-11-12 18:50:37 -------- d-----w- C:\users\Dries\AppData\Local\Adobe
2012-11-12 18:50:13 -------- d-----w- C:\users\Dries\AppData\Local\Sony Corporation
2012-11-12 18:49:26 -------- d-----w- C:\users\Dries\AppData\Roaming\Identities
2012-11-12 18:48:25 -------- d-----w- C:\users\Dries\AppData\Local\VirtualStore
2012-11-12 18:46:06 -------- d-----w- C:\users\Dries\AppData\Roaming\Sony Corporation
2012-11-12 18:45:14 F3DE9D46BAE5AA0EEC780863E161CF09 67632 ----a-w- C:\users\Dries\AppData\Local\GDIPFONTCACHEV1.DAT
2012-11-12 18:45:08 -------- d-----w- C:\users\Dries\AppData\Roaming\Intel
2012-11-12 18:45:06 -------- d-sh--we C:\users\Dries\AppData\Local\Temporary Internet Files
2012-11-12 18:45:06 -------- d-sh--we C:\users\Dries\AppData\Local\Geschiedenis
2012-11-12 18:45:06 -------- d-sh--we C:\users\Dries\AppData\Local\Application Data
2012-11-12 18:45:06 -------- d-s---w- C:\users\Dries\AppData\Roaming\Microsoft
2012-11-12 18:45:06 -------- d-----w- C:\users\Dries\AppData\Roaming\Media Center Programs
2012-11-12 18:45:06 -------- d-----w- C:\users\Dries\AppData\Local\Temp
2012-11-12 18:45:06 -------- d-----w- C:\users\Dries\AppData\Local\Microsoft
====== C:\Users\Dries ======
2012-11-27 21:53:12 -------- d-----w- C:\ProgramData\VirtualizedApplications
2012-11-20 20:16:31 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-11-20 19:53:23 -------- d-----w- C:\ProgramData\Avira
2012-11-12 20:51:01 -------- d-----w- C:\ProgramData\Mozilla
2012-11-12 18:49:37 -------- d-----r- C:\Users\Dries\Searches
2012-11-12 18:49:24 -------- d-----r- C:\Users\Dries\Contacts
2012-11-12 18:45:06 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Dries\ntuser.ini
2012-11-12 18:45:06 -------- d-sh--we C:\Users\Dries\Sjablonen
2012-11-12 18:45:06 -------- d-sh--we C:\Users\Dries\SendTo
2012-11-12 18:45:06 -------- d-sh--we C:\Users\Dries\Recent
2012-11-12 18:45:06 -------- d-sh--we C:\Users\Dries\Netwerkprinteromgeving
2012-11-12 18:45:06 -------- d-sh--we C:\Users\Dries\NetHood
2012-11-12 18:45:06 -------- d-sh--we C:\Users\Dries\Mijn documenten
2012-11-12 18:45:06 -------- d-sh--we C:\Users\Dries\Menu Start
2012-11-12 18:45:06 -------- d-sh--we C:\Users\Dries\Local Settings
2012-11-12 18:45:06 -------- d-sh--we C:\Users\Dries\Cookies
2012-11-12 18:45:06 -------- d-sh--we C:\Users\Dries\Application Data
2012-11-12 18:45:06 -------- d--h--w- C:\Users\Dries\AppData
2012-11-12 18:45:06 -------- d-----w- C:\Users\Dries\Roaming
2012-11-12 18:45:06 -------- d-----r- C:\Users\Dries\Videos
2012-11-12 18:45:06 -------- d-----r- C:\Users\Dries\Saved Games
2012-11-12 18:45:06 -------- d-----r- C:\Users\Dries\Pictures
2012-11-12 18:45:06 -------- d-----r- C:\Users\Dries\Music
2012-11-12 18:45:06 -------- d-----r- C:\Users\Dries\Links
2012-11-12 18:45:06 -------- d-----r- C:\Users\Dries\Favorites
2012-11-12 18:45:06 -------- d-----r- C:\Users\Dries\Downloads
2012-11-12 18:45:06 -------- d-----r- C:\Users\Dries\Documents
2012-11-12 18:45:06 -------- d-----r- C:\Users\Dries\Desktop

====== C: exe-files ==
2012-12-05 06:23:06 8C7336950F1E69CDFD811CBBD9CF00A2 115168 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe
2012-12-05 06:23:04 3A260D5FC5C0C5B9A83DFAED9B84B98D 270816 ----a-w- C:\Users\Dries\AppData\Local\Temp\MozUpdater\updater.exe
2012-12-04 21:33:14 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Users\Dries\Downloads\HijackThis.exe
2012-11-30 20:36:14 EB2A33853BEBE123FF0179136B776A54 29184 ----a-r- C:\Users\Dries\AppData\Roaming\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe
2012-11-30 20:35:18 2AE1B20347E58892783D9BF84529FF62 8895488 ----a-w- C:\Users\Dries\Downloads\mkv2vob249.exe
2012-11-29 20:54:04 6BF3B6A60100F0FD9CD07DAEF998B257 3177840 ----a-w- C:\Users\Dries\Downloads\MCPR.exe
=== C: other files ==
2012-12-05 02:01:40 7C44FB1FACFA87B6D3923F2C1D224B36 375296 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\System.Windows.Browser.ni.dll
2012-12-05 02:01:39 1CD3B64B823CDD046B722ECD7466364D 1598976 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\System.ServiceModel.ni.dll
2012-12-05 02:01:37 E3869E9F7269092BCCAB763BF11DF074 4495872 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\System.Windows.ni.dll
2012-12-05 02:01:34 566DBA2FE8170A8D176F971852F06148 138240 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\System.ServiceModel.Web.ni.dll
2012-12-05 02:01:33 2629DC958829E3F65311DCBA27F54C49 1186816 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.ni.dll
2012-12-05 02:01:32 4FA01A564BEB7F5BE93DAFD7BDA38AF8 844288 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\System.Xml.ni.dll
2012-12-05 02:01:31 8D8DFE06B338A07BF5A86777F8AA69F0 2365440 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\System.Core.ni.dll
2012-12-05 02:01:31 00EB7907A1AA6E216C4BDB1E2D218E29 655360 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\System.Net.ni.dll
2012-12-05 02:01:29 849F43C85BA57434E15BB031D7157C1A 665088 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\System.ni.dll
2012-12-05 02:01:28 D9DF23E664DBFA1BC9666195AE6A2208 6185984 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\mscorlib.ni.dll

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"Dolby Home Theater v4"="C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe -autostart"
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"ISBMgr.exe"="C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"PMBVolumeWatcher"="c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [21/11/2012 18:51]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://vaioportal.sony.eu"
"Default_Page_URL"="http://vaioportal.sony.eu"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://vaioportal.sony.eu"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKCU\*\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
HKCU\*\SearchScopes\{ED968DE2-CC94-42CB-96E9-9C7CE88487E0} eBay Url="http://rover.ebay.com/rover/1/1553-42507-16445-59/4?mpre=http://shop.benl.ebay.be/?oemInLn=ieSrch-Q212&_nkw={searchTerms}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\Dries\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dries\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Dries\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dries\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\users\Dries\AppData\Local\Mozilla\Firefox\Profiles\rilemds5.default\Cache emptied successfully
C:\users\Dries\AppData\Local\Mozilla\Firefox\Profiles\t7sgeum8.default-1353446392551\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Dries\AppData\Local\Temp successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

Download ComboFix van één van deze locaties:

Link 1
Link 2


* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.





1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

* (hier of hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

ComboFix 12-12-04.01 - Dries 06/12/2012 22:41:59.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3991.2912 [GMT 1:00]
Gestart vanuit: c:\users\Dries\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-11-06 to 2012-12-06 ))))))))))))))))))))))))))))))
.
.
2012-12-06 21:46 . 2012-12-06 21:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-05 19:22 . 2012-11-01 21:55 24064 ----a-w- c:\windows\zoek-delete.exe
2012-12-05 02:02 . 2012-12-05 02:02 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-12-05 02:02 . 2012-12-05 02:02 -------- d-----r- c:\program files (x86)\Skype
2012-12-04 21:22 . 2012-12-04 21:22 -------- d-----r- C:\MSOCache
2012-11-30 20:36 . 2012-11-30 20:36 -------- d-----w- c:\program files (x86)\mkv2vob
2012-11-30 20:35 . 2012-11-30 20:35 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-11-27 21:53 . 2012-11-29 20:43 -------- d-----w- c:\programdata\VirtualizedApplications
2012-11-27 19:41 . 2012-12-05 02:03 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2012-11-27 19:41 . 2012-11-27 19:41 -------- d-----w- c:\program files\Microsoft Office
2012-11-27 03:07 . 2012-11-27 03:07 -------- d-----w- c:\windows\SysWow64\Wat
2012-11-27 03:07 . 2012-11-27 03:07 -------- d-----w- c:\windows\system32\Wat
2012-11-27 02:34 . 2012-07-26 07:49 2560 ----a-w- c:\windows\system32\drivers\nl-NL\wdf01000.sys.mui
2012-11-27 02:34 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-27 02:34 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-27 02:34 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-27 02:29 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-11-27 02:13 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-27 02:13 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-27 02:13 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-27 02:13 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-27 02:12 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-27 02:12 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-27 02:12 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-27 02:02 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-11-27 02:02 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-11-27 02:02 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-11-27 02:02 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-11-27 02:02 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-11-22 22:32 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-11-22 22:32 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-11-22 22:32 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-11-22 06:51 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-11-22 06:51 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-11-22 06:51 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-11-22 06:51 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-11-22 06:51 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-11-22 06:51 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-11-21 20:53 . 2012-12-05 19:28 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-11-21 19:14 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-11-21 19:14 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-11-21 19:14 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-11-21 19:14 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-21 19:14 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-21 19:13 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-11-21 19:13 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll
2012-11-21 19:13 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
2012-11-21 19:13 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-21 19:13 . 2012-06-02 05:45 340992 ----a-w- c:\windows\system32\schannel.dll
2012-11-21 19:13 . 2012-06-02 05:48 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-11-21 19:13 . 2012-06-02 05:48 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-21 19:13 . 2012-06-02 05:44 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-21 19:13 . 2012-06-02 04:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-11-21 19:13 . 2012-06-02 04:40 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-11-21 19:13 . 2012-06-02 04:39 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-11-21 19:13 . 2012-06-02 04:34 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-11-21 19:11 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-11-21 19:10 . 2012-08-20 18:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-21 19:09 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-11-21 19:09 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-11-21 19:09 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-11-21 19:09 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-11-21 19:09 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-11-21 19:09 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-11-21 19:09 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-11-21 19:07 . 2012-06-06 06:02 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-11-21 19:07 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2012-11-21 19:07 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-11-21 19:07 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-11-21 19:07 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-11-21 19:07 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-11-21 18:15 . 2012-11-07 15:03 98888 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-11-21 18:15 . 2012-11-07 15:03 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-11-21 18:15 . 2012-09-24 07:58 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-11-20 23:03 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-11-20 23:03 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-11-20 23:03 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-11-20 23:03 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-11-20 23:02 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-11-20 23:02 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-11-20 23:02 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-11-20 23:02 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-11-20 23:02 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-11-20 20:16 . 2012-11-20 20:36 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-11-20 20:16 . 2012-11-20 22:57 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2012-11-20 19:53 . 2012-11-20 19:53 -------- d-----w- c:\programdata\Avira
2012-11-20 19:53 . 2012-11-20 19:53 -------- d-----w- c:\program files (x86)\Avira
2012-11-18 13:55 . 2012-11-25 19:46 -------- d-----w- c:\program files (x86)\uTorrent
2012-11-18 13:37 . 2012-11-18 13:37 -------- d-----w- c:\programdata\Malwarebytes
2012-11-12 21:16 . 2012-11-20 22:53 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2012-11-12 21:16 . 2012-11-12 21:16 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2012-11-12 18:47 . 2012-11-21 06:17 -------- d-----w- c:\windows\SysWow64\VAIO Startup Setting Tool
2012-11-12 18:45 . 2012-11-12 18:45 -------- d--h--w- c:\windows\msdownld.tmp
2012-11-12 18:45 . 2012-11-21 06:17 -------- d-----w- c:\users\Dries
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-21 17:51 . 2012-06-29 13:58 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-21 17:51 . 2012-06-29 13:58 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-12 18:45 . 2011-03-28 17:36 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-10-16 08:38 . 2012-11-27 21:38 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-27 21:38 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-27 21:38 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-05-02 500736]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-23 291608]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-03 343168]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-09-20 60552]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-02-21 693608]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-11-27 384800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-26 34200]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-01-06 138392]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-01-06 74904]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-12-21 382720]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-08-26 101600]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-27 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys [2012-03-19 31872]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-23 16152]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-03-19 235520]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-11-27 85280]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-19 1014096]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-19 1104208]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-11 135952]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-23 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-23 161560]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-02-21 473960]
S2 rimssne;rimssne;c:\windows\system32\DRIVERS\rimssne64.sys [2012-02-24 102912]
S2 risdsnxc;risdsnxc;c:\windows\system32\DRIVERS\risdsnxc64.sys [2012-02-23 104448]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-11-30 260768]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-23 363800]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2012-01-10 535688]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2012-01-15 978056]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-19 1304912]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-12-13 94720]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-12-13 747008]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-14 60416]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-03-19 331264]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2012-03-19 14652768]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-23 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-23 787736]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-26 25496]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-27 676968]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2012-01-16 14336]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2012-01-20 54432]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2012-12-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-29 17:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK649]
@="{7d7a9cff-a4c1-f2b8-7421-c722f7eac08a}"
[HKEY_CLASSES_ROOT\CLSID\{7d7a9cff-a4c1-f2b8-7421-c722f7eac08a}]
2011-04-18 21:00 4734264 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK6492]
@="{658e5c17-2ba4-ed79-d884-37ebe15e7b9b}"
[HKEY_CLASSES_ROOT\CLSID\{658e5c17-2ba4-ed79-d884-37ebe15e7b9b}]
2011-04-18 21:00 4734264 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK6493]
@="{22f1b264-d4dd-ef46-08eb-3eb0c80441ba}"
[HKEY_CLASSES_ROOT\CLSID\{22f1b264-d4dd-ef46-08eb-3eb0c80441ba}]
2011-04-18 21:00 4734264 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-27 1158248]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-27 1158248]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-19 11406608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 440600]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://vaioportal.sony.eu
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 195.130.131.4 195.130.130.132
FF - ProfilePath - c:\users\Dries\AppData\Roaming\Mozilla\Firefox\Profiles\rilemds5.default\
FF - prefs.js: browser.startup.homepage - google.be
FF - ExtSQL: 2012-11-21 21:54; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Dries\AppData\Roaming\Mozilla\Firefox\Profiles\rilemds5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - ORPHANS VERWIJDERD - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-McAfeeWrapperApplication - c:\program files (x86)\McAfeeMOBK\WrapperTrayIcon.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-12-06 22:47:53
ComboFix-quarantined-files.txt 2012-12-06 21:47
.
Pre-Run: 550.197.153.792 bytes beschikbaar
Post-Run: 549.819.437.056 bytes beschikbaar
.
- - End Of File - - A57D40B0D45060A65A7477B5EDDBDD0C

Ok en hoe gaat het nu ?

Het probleem is helaas nog niet verholpen.
In ieder geval al wel bedankt voor de moeite!

Misschien is er een conflict tussen uw beveiligingssoftware? In je logs zie ik dat je alleen Avira permanent hebt opstaan? Zijn er nog andere scanners die je manueel opent?

Ik had ooit hetzelfde probleem toen ik 2 virus/malwarescanners op mijn pc had staan. Ik had toen ene verwijderd en toen was het probleem weg.

Ik heb er verschillende geïnstalleerd en terug verwijderd, dat wel . De standaarscanneer was MC Afee en die heb ik ook verwijderd. Kan Avira conflicteren met de gewone windows firewall ofzo?

Neen, volgens mij niet, want ik heb hier ook Avira + Windows Firewall tegelijk opstaan en nog geen problemen gehad.

Misschien eens CCleaner laten lopen om uw verwijdere programma's helemaal op te ruimen? Geen idee of dat kan helpen.

Download Windows Repair (all in one) van deze site: Windows Repair (All In One)
Installeer het programma.
Start het programma.
Windows 7 en Vista gebruikers rechtsklik -> uitvoeren als Administrator.
Ga naar stap 3 en ga ermee akkoord dat SFC (System File Check) gestart wordt.

Daarna ga je naar Start Repairs en klik op start.
Selecteer de volgende items en klik op restart system when finished.

Heb deze tool uitgevoerd zoals gezegd. Ik dacht eerst dat het probleem was verholpen, maar daarnet crashte de verkenner toch opnieuw, helaas

Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
Download AdwCleaner by Xplode naar het bureaublad.

• Sluit alle openstaande vensters.
• Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
• Voor XP: Gewoon dubbelklikken op AdwCleaner.
• Klik vervolgens op Verwijderen.
• Klik bij AdwCleaner &#8211; Information op OK
• Klik bij AdwCleaner &#8211; Restart Required op OK

Dat tijdens de aktie de snelkoppelingen verdwijnen, is normaal.
Nadat de PC opnieuw is opgestart, opent een logfile.
Post aansluitend de inhoud van dit log in je volgende bericht.

# AdwCleaner v2.100 - Verslag gemaakt op 11/12/2012 om 23:10:50
# Geactualiseerd op 09/12/2012 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : Dries - DRIES-VAIO
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Dries\Desktop\adwcleaner.exe
# Optie [Verwijderen]


***** [Diensten] *****


***** [Files / Mappen] *****


***** [Register] *****

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

***** [Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v17.0.1 (nl)

Profielnaam : default
File : C:\Users\Dries\AppData\Roaming\Mozilla\Firefox\Profiles\rilemds5.default\prefs.js

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[S1].txt - [896 octets] - [11/12/2012 23:10:50]

########## EOF - C:\AdwCleaner[S1].txt - [955 octets] ##########

Ik vermoed dat het nog hetzelfde zal zijn ?

Inderdaad. wil dit zeggen dat het niet om malware gaat?

Download de 32 of 64 bit versie van HitmanPro via één van de onderstaande links naar het bureaublad.

• 32 Bit - http://files.surfright.nl/HitmanPro36.exe
• 64 Bit - http://dl.surfright.nl/HitmanPro36_x64.exe
• Dubbelklik op "HitmanPro36.exe" en klik op "volgende"
• Vink de optie "Ik accepteer de voorwaarden van de gebruikersovereenkomst aan" en klik op "Volgende"
• Sluit nu het programma.
  
• Open hitmanpro36 opnieuw
• Onderin zie je nu naast 'nu kopen' ook de knop instellingen, klik daarop.
• Daarna klik je op de knop 'licentie' hier kan je voor 30 dagen gebruik maken van de gratis licentie.
• Klik op "Activeer gratis licentie". Nu komt de melding "Het product is succesvol geactiveerd."
• Klik nu op annuleren om weer in het beginscherm te komen.
• Klik op volgende. Selecteer de optie "Nee, ik wil deze computer slechts eenmalig controleren" en klik op "Volgende".
  De scan zal nu gestart worden, doe verder niets op de computer totdat de scan gereed is.
• Als de scan klaar is klik je op "volgende"
• Klik onderin het scherm op "Save log" of "Logbestand opslaan" en sla deze op bijvoorbeeld het bureaublad op.
  Post dit logje.

Gaat het beter nu?

Helaas niet. Ik denk dat we stilaan kunnen uitsluiten dat het om een virus gaat of vergis ik me?