HijackThis logje (raar probleem)

**pro** · 28 januari 2012, 18:30

hey allen,
ik heb alvast al een logje geplaatst omdat ik wist dat men er naar ging vragen.
Het gaat namelijk over dit probleem : Telkens wanneer ik HiJackThis open en de scan wil laten lopen krijg ik deze melding te zien '' error 75 path file access error ''.
Ik heb na het zien van deze melding dus gewoon op ''ok'' geklikt, de scan laten doorvoeren en een logfile opgeslagen(degene die ik hieronder heb geplakt dus).

Ik heb tevens zelf al een paar handelingen gedaan, bv mijn systeem gescand met Mbam en Spybot s&d, de resulaten van deze scans waren positief (daarmee bedoel ik GEEN malware of Spyware gedetecteerd).
OOk liet ik een Online-scan uitvoeren van Trend Micro (Housecallà maar ook deze vond niks kwaadwilligs terug in mn systeem.

Ik weet me echter geen reed meer..

Mijn bestuursysteem is Windows Vista Ultimate (service pack 2)
Het is ook zo wanneer ik probeer zaken aan te vinken in HijackThis en ik doe ene fix dat de aangevinkte zaken terug in de log staan..(dus werkt HiJackThis niet)
Ik weet dat HijackThis moet gebruikt worden als administrator (bij Vista gebruikers) dus daar zit het probleem dus ook niet...

Logfile of HijackThis v1.99.1
Scan saved at 18:27:18, on 28-1-2012
Platform: Unknown Windows (WinNT 6.00.1906 SP2)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11e_Ac tiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\andy\Desktop\PC MAP\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispat...=%s&tbid=60446
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\s wg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [INTERNATIONAL] International
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/...?1327616808806
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Mvg
Pro

**Maxstar** · 29 januari 2012, 09:41

Hoi,

Dit is wel een hele antieken versie van HijackThis.

1. Download de
HijackThis
Installer naar je bureaublad.
Dubbelklik op HiJackThis.msi om de installatie te starten.

Dubbelklik
op het programma HijackThis en klik op de optie "Main Menu", en
kies voor Do a system scan and save a logfile. Plaats vervolgens
de inhoud van het log dat verschijnt in je volgende post.

Let
op!!! Windows Vista & 7 gebruikers dienen HijackThis
als administrator uit te voeren "Rechtermuisknop uitvoeren als",
indien dit via de snelkoppeling niet lukt voert u HijackThis als
administrator uit in de volgende directory (C:\Program Files\Trend
Micro\HiJackThis)

2. Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:
DDS - Bleeping Computer download.
DDS - Bleeping Computer download.
DDS - Infospyware.

DDS is een diagnosetool en maakt gebruik van scripts.

Schakel je beveiligings software uit voordat je DDS uitvoert!

Dubbelklik op DDS om de tool te starten.

DDS zal 2 logfiles openen:
* DDS.txt
* Attach.txt

Een scherm vraagt je om beide logjes op te slaan omdat de logjes weg zullen zijn als je ze sluit.
Sla de logjes op bijvoorbeeld op je bureaublad of een andere plaats waar je ze makkelijk terug vind.

Post het DDS.txt logje met je volgende antwoord. De Attach.txt post je alleen wanneer ik hier om vraag.

Plaats het logje van HijackThis en DDS in het volgende bericht.

Groet Maxstar

**pro** · 30 januari 2012, 10:32

Hey Maxstar,

Alvast bedankt voor je snelle respons...
Hierbij volgen de logs

DDS.txt log

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6001.18000
Run by andy at 10:24:20 on 2012-01-30
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.32.1033.18.1022.299 [GMT 1:00]
.
AV: PC Tools AntiVirus Free *Enabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: PC Tools AntiVirus Free *Enabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\msiexec.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.be/
uURLSearchHooks: PC Tools Browser Defender: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools\pc tools security\bdt\PCTBrowserDefender.dll
BHO: PC Tools Browser Defender BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\pc tools\pc tools security\bdt\PCTBrowserDefender.dll
TB: PC Tools Browser Defender: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools\pc tools security\bdt\PCTBrowserDefender.dll
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [ISTray] "c:\program files\pc tools\pc tools security\pctsGui.exe" /hideGUI
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
TCP: DhcpNameServer = 195.130.131.5 195.130.130.133
TCP: Interfaces\{ADD74B6C-C4D3-45EB-BEFF-8D6EFAB11A45} : DhcpNameServer = 195.130.131.5 195.130.130.133
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {7070D8E0-650A-46b3-B03C-9497582E6A74} - %SystemRoot%\system32\soundschemes.exe /AddRegistration
mASetup: {B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24} - %SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\andy\appdata\roaming\mozilla\firefox\prof iles\rbdxexah.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R0 amacpi;Microsoft Away Mode System;c:\windows\system32\drivers\null.sys [2008-7-17 4608]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2012-1-30 331880]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2012-1-30 342168]
R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2012-1-30 909728]
R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [2012-1-30 185560]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\pc tools\pc tools security\bdt\BDTUpdateService.exe [2012-1-30 546768]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-29 652872]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2012-1-30 2214504]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\pc tools\pc tools security\pctsAuxs.exe [2012-1-30 402336]
R2 sdCoreService;PC Tools Security Service;c:\program files\pc tools\pc tools security\pctsSvc.exe [2012-1-30 1117624]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2011-11-23 1510720]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\dr ivers\mbam.sys [2012-1-29 20464]
R3 ovt530;Webcam Deluxe;c:\windows\system32\drivers\ov530vid.sys [2012-1-29 161792]
R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\drivers\PCTBD.sys [2012-1-30 56840]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-11-9 10064]
.
=============== Created Last 30 ================
.
2012-01-30 09:22:37 -------- d-----w- c:\users\andy\appdata\local\Threat Expert
2012-01-30 09:17:22 56840 ----a-w- c:\windows\system32\drivers\PCTBD.sys
2012-01-30 09:17:21 767952 ----a-w- c:\windows\BDTSupport.dll
2012-01-30 09:17:21 2246608 ----a-w- c:\windows\PCTBDCore.dll
2012-01-30 09:17:21 1681360 ----a-w- c:\windows\PCTBDRes.dll
2012-01-30 09:17:21 149456 ----a-w- c:\windows\SGDetectionTool.dll
2012-01-30 09:16:07 253352 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2012-01-30 09:16:07 107864 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2012-01-30 09:15:57 17848 ----a-w- c:\windows\system32\drivers\pctBTFix.sys
2012-01-30 09:15:53 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2012-01-30 09:15:45 -------- d-----w- c:\program files\PC Tools
2012-01-30 08:10:15 388096 ----a-r- c:\users\andy\appdata\roaming\microsoft\installer\ {45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-01-30 08:10:14 -------- d-----w- c:\program files\Trend Micro
2012-01-30 06:06:10 0 ----a-w- c:\windows\system32\w32apiw.dll
2012-01-30 06:06:08 -------- d-----w- c:\users\andy\appdata\roaming\nCleaner
2012-01-30 06:05:59 -------- d-----w- c:\program files\NKProds
2012-01-30 05:38:23 909728 ----a-w- c:\windows\system32\drivers\pctEFA.sys
2012-01-30 05:38:23 342168 ----a-w- c:\windows\system32\drivers\pctDS.sys
2012-01-30 05:38:21 331880 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2012-01-30 05:38:21 162584 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2012-01-30 05:38:20 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-01-30 05:38:20 -------- d-----w- c:\program files\common files\PC Tools
2012-01-30 05:31:07 -------- d-----w- c:\users\andy\appdata\roaming\TestApp
2012-01-30 05:31:07 -------- d-----w- c:\programdata\PC Tools
2012-01-30 05:00:31 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2012-01-30 04:59:48 2048 ----a-w- c:\program files\microsoft games\tinker\SparkResource.dll
2012-01-30 04:59:43 333312 ----a-w- c:\program files\microsoft games\tinker\SparkGDF.dll
2012-01-30 04:59:43 1307136 ----a-w- c:\program files\microsoft games\tinker\Tinker.exe
2012-01-30 04:59:21 4152184 ----a-w- c:\windows\system32\wgaer_m.exe
2012-01-30 04:53:21 96760 ----a-w- c:\windows\system32\dfshim.dll
2012-01-30 04:53:19 282112 ----a-w- c:\windows\system32\mscoree.dll
2012-01-30 04:53:18 41984 ----a-w- c:\windows\system32\netfxperf.dll
2012-01-30 04:53:04 158720 ----a-w- c:\windows\system32\mscorier.dll
2012-01-30 04:52:58 83968 ----a-w- c:\windows\system32\mscories.dll
2012-01-30 03:58:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2012-01-30 03:58:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2012-01-30 03:58:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
2012-01-30 03:58:43 2868224 ----a-w- c:\windows\system32\mf.dll
2012-01-30 03:54:01 1399296 ----a-w- c:\windows\system32\msxml6.dll
2012-01-30 03:53:45 72704 ----a-w- c:\windows\system32\fontsub.dll
2012-01-30 03:53:45 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-01-30 03:53:45 292864 ----a-w- c:\windows\system32\atmfd.dll
2012-01-30 03:38:18 -------- d-----w- c:\program files\BitLocker
2012-01-30 03:38:09 -------- d-----w- c:\windows\nl-NL
2012-01-30 03:38:08 -------- d-----w- c:\windows\system32\nl
2012-01-30 03:38:08 -------- d-----w- c:\windows\system32\0413
2012-01-30 03:38:01 -------- d-----w- c:\windows\system32\drivers\umdf\nl-NL
2012-01-30 03:38:01 -------- d-----w- c:\windows\system32\drivers\nl-NL
2012-01-30 03:38:00 -------- d-----w- c:\windows\system32\wbem\nl-NL
2012-01-30 03:11:08 66664 ----a-w- c:\windows\system32\nvshext.dll
2012-01-30 03:11:08 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2012-01-30 03:11:06 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2012-01-30 03:09:35 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-01-30 03:06:12 -------- d-----w- c:\program files\NVIDIA Corporation
2012-01-30 03:01:23 -------- d-----w- c:\windows\system32\RTCOM
2012-01-30 03:01:23 -------- d-----w- c:\program files\Realtek
2012-01-30 02:49:25 248448 ----a-w- c:\windows\system32\PROUnstl.exe
2012-01-30 02:13:38 80896 ----a-w- c:\windows\system32\MSNP.ax
2012-01-30 02:13:38 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2012-01-30 02:13:36 293376 ----a-w- c:\windows\system32\psisdecd.dll
2012-01-30 02:13:35 217088 ----a-w- c:\windows\system32\psisrndr.ax
2012-01-30 02:13:27 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2012-01-30 02:13:23 6557240 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{8665263b-3019-4e21-bcda-a5f9a704ec8b}\mpengine.dll
2012-01-30 02:13:22 236576 ------w- c:\windows\system32\MpSigStub.exe
2012-01-30 02:01:03 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2012-01-30 01:58:01 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-01-30 01:53:17 1171848 ----a-w- c:\windows\system32\SecureKeyBackupCPL.dll
2012-01-30 01:49:48 675152 ----a-w- c:\windows\system32\gpprefcl.dll
2012-01-30 01:48:33 1496912 ----a-w- c:\program files\microsoft games\holdem\HoldEm.exe
2012-01-30 01:33:29 40960 ----a-w- c:\program files\common files\microsoft shared\ink\nl\Microsoft.Ink.Resources.dll
2012-01-30 01:32:22 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\nl-nl\LMPRTPRC.DLL.mui
2012-01-30 01:13:50 24064 ----a-w- c:\windows\system32\nshhttp.dll
2012-01-30 01:13:49 411136 ----a-w- c:\windows\system32\drivers\http.sys
2012-01-30 01:13:49 31232 ----a-w- c:\windows\system32\httpapi.dll
2012-01-29 22:12:39 -------- d-----w- c:\users\andy\appdata\roaming\GlarySoft
2012-01-29 22:03:44 -------- d-----w- c:\program files\Glary Utilities
2012-01-29 19:46:52 -------- d-----w- c:\users\andy\appdata\roaming\Malwarebytes
2012-01-29 19:35:46 -------- d-----w- c:\programdata\Malwarebytes
2012-01-29 19:35:45 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-29 19:35:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-29 19:21:15 -------- d-----w- c:\windows\Panther
2012-01-29 19:21:02 -------- d-sh--w- C:\Boot
2012-01-29 19:20:27 -------- d-----w- c:\windows\system32\OEM
2012-01-29 17:40:36 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2012-01-29 17:40:32 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2012-01-29 17:40:12 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2012-01-29 16:36:52 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2012-01-29 16:36:49 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2012-01-29 16:34:05 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2012-01-29 16:34:05 511488 ----a-w- c:\windows\system32\RMActivate.exe
2012-01-29 16:34:04 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2012-01-29 16:34:04 472064 ----a-w- c:\windows\system32\secproc.dll
2012-01-29 16:34:04 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2012-01-29 16:34:04 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2012-01-29 16:34:02 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2012-01-29 16:34:02 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2012-01-29 16:34:01 329216 ----a-w- c:\windows\system32\msdrm.dll
2012-01-29 16:21:58 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-01-29 16:21:58 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-01-29 16:21:58 1205080 ----a-w- c:\windows\system32\ntdll.dll
2012-01-29 16:04:16 310784 ----a-w- c:\windows\system32\unregmp2.exe
2012-01-29 16:04:16 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2012-01-29 16:04:15 7680 ----a-w- c:\windows\system32\spwmp.dll
2012-01-29 16:04:15 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2012-01-29 16:04:15 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2012-01-29 16:04:15 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2012-01-29 16:04:14 4096 ----a-w- c:\windows\system32\msdxm.ocx
2012-01-29 16:04:14 4096 ----a-w- c:\windows\system32\dxmasf.dll
2012-01-29 16:04:13 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2012-01-29 16:02:26 988216 ----a-w- c:\windows\system32\winload.exe
2012-01-29 16:02:26 927288 ----a-w- c:\windows\system32\winresume.exe
2012-01-29 16:02:26 615992 ----a-w- c:\windows\system32\ci.dll
2012-01-29 16:02:26 19000 ----a-w- c:\windows\system32\kd1394.dll
2012-01-29 16:02:24 6656 ----a-w- c:\windows\system32\kbd106n.dll
2012-01-29 16:02:24 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2012-01-29 16:02:24 40960 ----a-w- c:\windows\system32\srclient.dll
2012-01-29 16:02:24 378368 ----a-w- c:\windows\system32\srcore.dll
2012-01-29 16:02:24 318464 ----a-w- c:\windows\system32\rstrui.exe
2012-01-29 16:02:24 14848 ----a-w- c:\windows\system32\srdelayed.exe
2012-01-29 16:00:14 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2012-01-29 16:00:13 94720 ----a-w- c:\windows\system32\logagent.exe
2012-01-29 15:55:01 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2012-01-29 15:55:01 409600 ----a-w- c:\windows\system32\odbc32.dll
2012-01-29 15:55:00 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2012-01-29 15:55:00 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2012-01-29 15:55:00 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2012-01-29 15:55:00 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2012-01-29 15:54:45 513024 ----a-w- c:\windows\system32\wlansvc.dll
2012-01-29 15:54:45 302592 ----a-w- c:\windows\system32\wlansec.dll
2012-01-29 15:54:45 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2012-01-29 15:54:44 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2012-01-29 15:54:22 213504 ----a-w- c:\windows\system32\msv1_0.dll
2012-01-29 15:54:22 175104 ----a-w- c:\windows\system32\wdigest.dll
2012-01-29 15:54:22 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-29 15:54:21 9728 ----a-w- c:\windows\system32\lsass.exe
2012-01-29 15:54:21 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-29 15:54:21 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-29 15:54:17 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2012-01-29 15:54:17 1315840 ----a-w- c:\windows\system32\ole32.dll
2012-01-29 15:53:42 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2012-01-29 15:53:41 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2012-01-29 15:53:41 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2012-01-29 15:53:37 269312 ----a-w- c:\windows\system32\es.dll
2012-01-29 15:53:09 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2012-01-29 15:53:08 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2012-01-29 15:51:30 2042368 ----a-w- c:\windows\system32\win32k.sys
2012-01-29 15:51:00 563200 ----a-w- c:\windows\system32\oleaut32.dll
2012-01-29 15:50:52 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-01-29 15:50:27 90112 ----a-w- c:\windows\system32\wshext.dll
2012-01-29 15:50:27 180224 ----a-w- c:\windows\system32\scrobj.dll
2012-01-29 15:50:27 172032 ----a-w- c:\windows\system32\scrrun.dll
2012-01-29 15:50:27 155648 ----a-w- c:\windows\system32\wscript.exe
2012-01-29 15:50:27 135168 ----a-w- c:\windows\system32\wshom.ocx
2012-01-29 15:50:27 135168 ----a-w- c:\windows\system32\cscript.exe
2012-01-29 15:50:18 430080 ----a-w- c:\windows\system32\vbscript.dll
2012-01-29 15:49:52 1136640 ----a-w- c:\windows\system32\mfc42.dll
2012-01-29 15:49:51 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2012-01-29 15:49:49 10240 ----a-w- c:\windows\system32\dciman32.dll
2012-01-29 15:49:18 501760 ----a-w- c:\windows\system32\usp10.dll
2012-01-29 15:49:11 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-01-29 15:49:11 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-01-29 15:47:37 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2012-01-29 15:46:25 36352 ----a-w- c:\windows\system32\rtutils.dll
2012-01-29 15:41:48 866816 ----a-w- c:\windows\system32\wmpmde.dll
2012-01-29 15:41:46 81920 ----a-w- c:\windows\system32\consent.exe
2012-01-29 15:41:44 160256 ----a-w- c:\windows\system32\wkssvc.dll
2012-01-29 15:36:36 2927104 ----a-w- c:\windows\explorer.exe
2012-01-29 15:35:58 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2012-01-29 15:35:58 38912 ----a-w- c:\windows\system32\xolehlp.dll
2012-01-29 15:34:52 1169408 ----a-w- c:\windows\system32\sdclt.exe
2012-01-29 15:34:50 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2012-01-29 15:34:50 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2012-01-29 15:34:49 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2012-01-29 15:34:35 157184 ----a-w- c:\windows\system32\t2embed.dll
2012-01-29 15:34:04 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2012-01-29 15:34:03 81920 ----a-w- c:\windows\system32\iccvid.dll
2012-01-29 15:34:01 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2012-01-29 15:33:51 1645568 ----a-w- c:\windows\system32\connect.dll
2012-01-29 15:33:29 2067456 ----a-w- c:\windows\system32\mstscax.dll
2012-01-29 15:33:28 677888 ----a-w- c:\windows\system32\mstsc.exe
2012-01-29 15:33:10 296960 ----a-w- c:\windows\system32\gdi32.dll
2012-01-29 15:33:07 531968 ----a-w- c:\windows\system32\comctl32.dll
2012-01-29 15:31:58 49152 ----a-w- c:\windows\system32\csrsrv.dll
2012-01-29 15:31:58 375808 ----a-w- c:\windows\system32\winsrv.dll
2012-01-29 15:31:56 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2012-01-29 13:23:35 -------- d-----w- c:\programdata\Avira
2012-01-29 13:16:17 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2012-01-29 13:13:22 245408 ----a-w- c:\windows\system32\unicows.dll
2012-01-29 13:13:21 212480 ----a-w- c:\windows\PCDLIB32.DLL
2012-01-29 13:13:21 -------- d-----w- c:\program files\Hercules
2012-01-29 13:11:05 61440 ------w- c:\windows\ov530dib.dll
2012-01-29 13:11:05 40960 ------w- c:\windows\system32\ov530ext.dll
2012-01-29 13:11:05 25177 ------w- c:\windows\system32\drivers\ov530cmd.sys
2012-01-29 13:11:05 18972 ------w- c:\windows\system32\ov530ext.ax
2012-01-29 13:11:05 16440 ------w- c:\windows\system32\ov530usd.dll
2012-01-29 13:11:05 161792 ------w- c:\windows\system32\drivers\ov530vid.sys
2012-01-29 13:11:05 -------- d-----w- c:\windows\OvtCam
2012-01-29 13:10:45 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2012-01-29 13:10:45 32768 ------w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2012-01-29 13:10:45 225280 ------w- c:\program files\common files\installshield\iscript\iscript.dll
2012-01-29 13:10:45 176128 ------w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2012-01-29 12:54:44 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2012-01-29 12:54:44 21312 ----a-w- c:\windows\system32\authuitu.dll
2012-01-29 12:54:11 -------- d-----w- c:\users\andy\appdata\roaming\TuneUp Software
2012-01-29 12:53:56 -------- d-----w- c:\program files\TuneUp Utilities 2012
2012-01-29 12:53:20 -------- d-----w- c:\programdata\TuneUp Software
2012-01-29 12:53:18 -------- d-sh--w- c:\windows\Installer
2012-01-29 12:53:11 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-01-29 12:21:36 -------- d-----w- c:\users\andy\appdata\roaming\SUPERAntiSpyware.com
2012-01-29 12:21:10 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-01-29 12:21:10 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-29 11:34:31 -------- d-----w- c:\program files\Wise Registry Cleaner
2012-01-29 11:22:19 -------- d-----w- c:\users\andy\appdata\local\Innovative Solutions
2012-01-29 11:22:06 -------- d-----w- c:\program files\common files\Innovative Solutions
2012-01-29 11:22:05 -------- d-----w- c:\programdata\Innovative Solutions
2012-01-29 11:22:03 -------- d-----w- c:\program files\Innovative Solutions
2012-01-29 10:44:46 171520 ----a-w- c:\windows\system32\wintrust.dll
2012-01-29 10:44:45 98304 ----a-w- c:\windows\system32\cabview.dll
2012-01-29 10:40:15 -------- d-----w- c:\users\andy\appdata\local\Mozilla
2012-01-29 10:36:45 164352 ----a-w- c:\windows\system32\unrar.dll
2012-01-29 10:33:15 2421760 ----a-w- c:\windows\system32\wucltux.dll
2012-01-29 10:33:00 87552 ----a-w- c:\windows\system32\wudriver.dll
2012-01-29 10:32:54 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-01-29 10:32:54 171608 ----a-w- c:\windows\system32\wuwebv.dll
2012-01-29 10:26:05 768544 ----a-w- c:\windows\system32\nvcplui.exe
2012-01-29 10:26:05 442368 ----a-w- c:\windows\system32\nvuninst.exe
2012-01-29 10:26:05 420384 ----a-w- c:\windows\system32\nvcpl.cpl
2012-01-29 10:26:05 313888 ----a-w- c:\windows\system32\nvexpbar.dll
.
==================== Find3M ====================
.
2012-01-30 01:35:58 3072 ----a-w- c:\windows\system32\drivers\nl-nl\wdf01000.sys.mui
2012-01-30 01:33:25 3072 ----a-w- c:\windows\system32\drivers\nl-nl\qwavedrv.sys.mui
2012-01-30 01:33:06 3584 ----a-w- c:\windows\system32\drivers\nl-nl\hidbth.sys.mui
2012-01-30 01:33:04 11264 ----a-w- c:\windows\system32\drivers\nl-nl\ltmdmnt.sys.mui
2012-01-30 01:32:53 3584 ----a-w- c:\windows\system32\drivers\nl-nl\ati2mpad.sys.mui
2012-01-30 01:32:53 3072 ----a-w- c:\windows\system32\drivers\nl-nl\srv.sys.mui
2012-01-30 01:32:52 73728 ----a-w- c:\windows\system32\drivers\nl-nl\ntfs.sys.mui
2012-01-30 01:32:23 4608 ----a-w- c:\windows\system32\drivers\nl-nl\ntrigdigi.sys.mui
2012-01-30 01:32:11 6656 ----a-w- c:\windows\system32\drivers\umdf\nl-nl\WpdMtpDr.dll.mui
2012-01-30 01:32:10 4096 ----a-w- c:\windows\system32\drivers\nl-nl\parport.sys.mui
2012-01-30 01:32:10 3584 ----a-w- c:\windows\system32\drivers\nl-nl\parvdm.sys.mui
2012-01-30 01:32:10 11776 ----a-w- c:\windows\system32\drivers\nl-nl\serial.sys.mui
2012-01-30 01:32:05 3584 ----a-w- c:\windows\system32\drivers\nl-nl\RNDISMP.sys.mui
2012-01-30 01:32:00 12288 ----a-w- c:\windows\system32\drivers\nl-nl\ohci1394.sys.mui
2012-01-30 01:30:58 6656 ----a-w- c:\windows\system32\drivers\nl-nl\IPMIDrv.sys.mui
2012-01-30 01:30:54 5120 ----a-w- c:\windows\system32\drivers\nl-nl\pcmcia.sys.mui
2012-01-30 01:30:53 3584 ----a-w- c:\windows\system32\drivers\nl-nl\pacer.sys.mui
2012-01-30 01:30:42 4608 ----a-w- c:\windows\system32\drivers\nl-nl\msdsm.sys.mui
2012-01-30 01:30:38 11264 ----a-w- c:\windows\system32\drivers\nl-nl\BrSerId.sys.mui
2012-01-30 01:30:27 3072 ----a-w- c:\windows\system32\drivers\nl-nl\serscan.sys.mui
2012-01-30 01:30:26 4096 ----a-w- c:\windows\system32\drivers\nl-nl\modem.sys.mui
2012-01-30 01:30:26 4096 ----a-w- c:\windows\system32\drivers\nl-nl\ipnat.sys.mui
2012-01-30 01:30:20 9216 ----a-w- c:\windows\system32\drivers\nl-nl\afd.sys.mui
2012-01-30 01:30:19 8192 ----a-w- c:\windows\system32\drivers\nl-nl\bthport.sys.mui
2012-01-30 01:30:19 6656 ----a-w- c:\windows\system32\drivers\nl-nl\yk60x86.sys.mui
.
============= FINISH: 10:25:54,02 ===============

HijackThis log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:30:24, on 30/01/2012
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18639)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Defender - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O3 - Toolbar: PC Tools Browser Defender - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
--
End of file - 3800 bytes

Zoals je al kunt zien heb ik mn pc geformateerd en staat ie terug op SP1..ik moet hem dus nodig updaten... het probleem werd erger en erger dat ik wel genoodzaakt was over te gaan op formateren....
Ik apprecieer uw hulp , maar aangezien ik mn pc nodig heb kon ik niet wachten tot er een oplossing kwam...
Mijn exusses dus...

**Maxstar** · 30 januari 2012, 10:59

Hoi,

De logjes zien er prima uit, en aangezien je de PC hebt geformatteerd hoeven we niet verder te zoeken naar malware gerelateerde problemen.

Groet Maxstar