stoetel1
-
Items
69 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door stoetel1
-
stegisoft, bedankt voor je hulp heb de driver zelf niet kunnen vinden, maar had 3 van deze servers gekocht (afgeschreven bij een bedrijf na 7-8 jaar dienst). Nu bleek de andere al voor gëinstalleerd met xp, heb de HD gecloond naar die andere HD toe met behulp van de gratis versie van HDClone. Deze was er uurtje zoet mee, daarna HD weer in oorspronkelijke PC gestoken en nu kan ik met dezelfde installatie werken. Niet de oplossing waar ik in het begin aan dacht maar doet het perfect, toch super bedankt voor de moeite.
-
Helaas, de chipset driver zelf had ik al geinstalleerd zonder problemen dat nu opnieuw gedaan. (chipset 1e pagina) Met die pagina had ik zelf ook geprobeerd dat brengt me bij; [TABLE=class: main_table] [TR] [TD=class: header_cell]Product Detected [/TD] [TD]Intel® 6, 5, 4, 3, 900 Series Chipsets [/TD] [/TR] [TR] [TD=class: header_cell]Current Version Installed [/TD] [TD]7.0.0.1019 [/TD] [/TR] [TR] [TD=colspan: 3]This version is valid. [/TD] [/TR] [/TABLE] Dus gezocht bij downloads voor deze; Intel® 6, 5, 4, 3, 900 Series Chipsets, vind je perfect driver van maar opnieuw weigert deze te installeren.
-
Hallo, Ik heb hier een HP 'xw4300 workstation', omdat hij niet langer als server gebruikt zal worden heb ik hem geformateerd en er windows XP (32-bit)opgezet, Nu heb ik zonder veel problemen alle drivers gevonden behalve die van de USB (Intel 82801GB USB universal Host controller). Heb al die van op de HP website voor chipset geprobeerd maar die krijgt het niet aan de praat, teveens de drivers van intel geprobeerd die ik met het zoekresultaat '82801GB' kreeg maar deze kan ik zelf niet installeren. Intussen ook DriverTuner geprobeerd deze vond ook een driver van intel maar helaas kon ik die ook niet installeren. Iemand advies waar ik nog zou kunnen zoeken of beschouw ik dit als hopeloos ? Alvast Bedankt, Mathias
-
Heb me verder hier op gebaseerd om al wat te testen; Mijn computer gaat aan en start op maar er komt geen beeld Bij deze situatie is het ook belangrijk om apparaten en onderdelen uit te sluiten omdat er meerdere veroorzakers kunnen zijn. Allereerst is het handig om uit te sluiten dat de monitor zelf niet de veroorzaker is door even een andere monitor te proberen. Werkt die ook niet, dan ligt het probleem bij de computer zelf (gedaan). geeft het systeem pieptonen, zoek dan via internet of in de handleiding op wat het probleem kan zijn. (geen bieptonen meer) Probeer of een BIOS-reset werkt. (gedaan) Wanneer dat niet het geval is, probeer je een andere geheugenmodule (wel opletten dat je een module gebruikt die ondersteund wordt door het moederbord). (geen compatibele module in huis) Werkt dat niet, test de PC met een andere netvoeding. (gedaan) Werkt het dan nog niet, dan zou je kunnen proberen een simpele PCI/AGP videokaart te gebruiken om te testen. Hebben de bovenstaande suggesties geen effect gehad, probeer dan een andere processor; heeft dat zelfs geen zin, dan ligt het waarschijnlijk aan het moederbord. ( niet in huis ) bron; FAQ: Mijn pc geeft geen beeld meer
-
Beetje late reactie kan niet zomaar altijd pc opensmijten in de woonkamer, maar heb je advies opgevolgd, kaartlezer (intern) losgemaakt, HD, DVD-lezer/brander & de batterij had ik eerder al vervangen. Kreeg geen enkel biep signaal meer ook niet van zodra ik de HD weer instak met daaropvolgend DVD-lezer & kaartlezer. Maar krijg ook geen beeld meer, gebeurd gewoon niets meer op het scherm, blijft in slaapstand staan, kan ik veronderstellen dat de videokaart kapot is denk je ? (videokaart zit normaal wel goed in want ventilator die erop gevestigd is draait rond.)
-
Hey allemaal, Mijn PC start de laatste dagen niet meer op, wel krijg ik enkele beep codes. Ik lijk niet meteen te vinden welk soort BIOS ik heb maar mijn pc zelf is een Medion met een MSI ms 7646 (v.1) moederbord. eerst kreeg ik 2 beeps wat me deed vermoeden dat er een ram latje aan was, deze 1 per 1 vervangen maar de fout blijft dus of beide zou al moeten kapot zijn of het moederbord is kaduk.. Daarna veranderde het naar 2 beeps en 1 lange beep, wat dan als ik me niet vergis wijst op de videokaart.. Deze eruit gehaald en dan kreeg ik 11 beep codes wat als ik niet mis ben Cache Memory error is, en daarna nog eens die 2 beeps met die lange erachter. Ligt het aan mij of is echt alles kapot aan die pc
-
Ook deze wil niet werken..
-
Ik ga de opstartschijf proberen en laat zeker iets weten.
-
Bij deze ik krijg de windows vista van men tante niet meer opgestart, de opstart CD's zijn bij een echtscheiding helaas 'verloren' gegaan om het zo uit te drukken. Verder heb ik ook de veilige modus ak geprobeerd en blijkt hij daar vast te lopen op avgidseh.sys. Later dacht ik om hem te herinstalleren en heb dit geprobeerd voor windows XP maar dan krijg ik een bleu screen of dead met pci.sys Ik gok dat dit een nieuwe HD wordt ?
-
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
De pc is weg, hij gaf totaal geen beeld niet meer heb grafische kaart ook nog vervangen maar helaas, ze laten hem nu binnen doen bij een ICT-zaak als ik de uitslag weet laat ik het nog wel weten.. Toch HEEL erg bedankt voor alle moeite -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
Het is inderdaad opnieuw een snelle teleursteling het zwart scherm bij opstart is al terug. -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
Ik vond geen bewerkfunctie dus mijn excuses voor de extra post maar naar de heropstart starte alles naar mijn verbazing perfect op en kreeg ik ook volgende log; [OK] De file bevat geen enkele ongeoorloofde invoer. File : C:\Users\Bram\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. File : C:\Users\Femke\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. File : C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [101601 octets] - [07/12/2012 10:13:05] AdwCleaner[s2].txt - [2960 octets] - [11/12/2012 08:54:49] AdwCleaner[s3].txt - [2061 octets] - [11/12/2012 16:51:31] ########## EOF - C:\AdwCleaner[s3].txt - [2121 octets] ########## Ik hoop uiteraard dat het nu wel zo blijft, en als dit alle stappen zouden zijn zou ik graag horen waar jullie zulke zaken allemaal leren ? Lijkt me als informatica-student wel intressant. -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
~~~ Folders Successfully deleted: [Folder] "C:\Users\VanHoegaerden\AppData\Roaming\systweak" ~~~ FireFox Successfully deleted the following from C:\Users\VanHoegaerden\AppData\Roaming\mozilla\firefox\profiles\cx6oiidf.default\prefs.js user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !impor user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*"); user_pref("extensions.wrc.SearchRules.baidu.com.style", ".WRCN {display:none} .result .f .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}"); user_pref("extensions.wrc.SearchRules.baidu.com.url", "^http\\:\\/\\/www\\.baidu\\.com\\/.*"); user_pref("extensions.wrc.SearchRules.excite.com.style", ".WRCN {display:none} .searchResult .resultTitlePane .WRCN {display:inline !important; background: url(\"IMAGE\") righ user_pref("extensions.wrc.SearchRules.excite.com.url", "^http\\\\:\\\\/\\\\/msxml\\\\.excite\\\\.com\\\\/search\\\\/.*"); ~~~ Chrome Successfully deleted: [Folder] C:\Users\VanHoegaerden\appdata\local\Google\Chrome\User Data\Default\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\pmlghpafmmnmmkjdhacccolfgnkiboco ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on di 11/12/2012 at 22:29:02,80 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
Helaas geen log-file dan.. -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
Als ik het niet mis heb komt het logje pas na de heropstart ? Ik heb hem nu ook opnieuw uitgevoerd maar deze blijft tijfens het heropstarten nog steeds vastlopen in een zwart scherm.. -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
Avg is gewist en CCleaner was al geïnstalleerd maar heb ik opnieuw uitgevoerd. -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
Hij start op zonder problemen, kan.er enkel niks mee doen.maar voorlopig draait hij maar op 2gig Ram dus ga vanavond mijn Ram nog eens insteken om te testen -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
Emsisoft Emergency Kit - Versie 3.0 Laatste Update: 9/12/2012 21:00:41 Scaninstellingen: Scantype: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\, D:\ Detecteer riskware: Uit Scan archieven: Aan ADS Scan: Aan Bestandsextensiefilter: Uit Geavanceerde cache: Aan Directe schijftoegang: Uit Scan gestart: 9/12/2012 21:40:47 C:\Program Files (x86)\GameSpy Arcade Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\AddIns Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\cstrike Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\cstrike\frontline Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\halflife Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\halflife\action Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\halflife\cstrike Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\halflife\firearms Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\halflife\frontline Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\halflife\gearbox Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\halflife\tfc Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2 Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\aq2 Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\battle Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\chaosdm Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\duel Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\freeze Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\gloom Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\gxmod Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\holywars Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\jail Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\kots Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\lfiredm Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\lithium2 Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\LMCTF Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\pball Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\q2comp Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\QPong Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\ra2 Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\requiem Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\sconfig Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\tourney Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\wf Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake2\wod Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3 Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3\alliance Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3\beryllium Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3\excessive Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3\instagib Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3\jailbreak Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3\matchmod Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3\osp Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3\q3comp Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3\q3f Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3\q3ut2 Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3\requiem Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3\rocketarena3 Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\quake3\wfa Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes\Arena Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes\ch Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes\CTF Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes\CTFb Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes\CTFplus Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes\DD Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes\DM Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes\Duel Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes\Fr Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes\MT Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes\Open Cal Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes\RPG Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\tribes\TAC Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\ut Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\ut\Excessive Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\ut\RocketArena Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Custom\ut\Swat Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Images Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Images\portraits Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Profiles Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Profiles\(default) Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_common Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_demospy Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_fplanet Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_gnews Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_gspyder Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_news Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_support Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Skins Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Sounds Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Sounds\(default) Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Sounds\classic Ontdekt: Trace.File.GameSpy Arcade (A) C:\Users\Bram\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade Ontdekt: Trace.File.GameSpy Arcade (A) C:\Users\Femke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord Ontdekt: Trace.File.BitLord 1.1 (A) C:\Program Files (x86)\GameSpy Arcade\4dca9208.dat Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\banner.html Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\dat.bmp Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\def_banner.gif Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\def_banner.html Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\def_bannerbg.jpg Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\def_loading.gif Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\def_logo.jpg Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\def_news.html Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\fpupdate.exe Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\GameSpy Arcade - Debug.lnk Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\GameSpy Arcade Help.url Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\GameSpy Arcade Website.url Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\GameSpy Arcade.lnk Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\GameSpy.com Gaming's Homepage.url Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\GSAPak.exe Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\gslan.dll Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\gsws.dll Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\INSTALL.LOG Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\pw32.dll Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\readme.html Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Register GameSpy Arcade.url Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_news\rsrc.dir Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_news\service_tab.psd Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_news\service_tab+.tga Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_support\rsrc.dir Ontdekt: Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_support\service_tab.psd Ontdekt: Trace.File.GameSpy Arcade (A) C:\Users\Femke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord\BitLord.lnk Ontdekt: Trace.File.BitLord 1.1 (A) C:\Users\Femke\Desktop\BitLord.lnk Ontdekt: Trace.File.BitLord 1.1 (A) Value: HKEY_CLASSES_ROOT\CLSID\{0AF8185C-26D7-4607-A005-7D586B750C38}\INPROCSERVER32 -> ThreadingModel Ontdekt: Trace.Registry.Blubster (A) Value: HKEY_CLASSES_ROOT\CLSID\{5BF31631-3D94-4267-B6F4-0CE18B008928}\INPROCSERVER32 -> ThreadingModel Ontdekt: Trace.Registry.Blubster (A) Value: HKEY_CLASSES_ROOT\CLSID\{D322CFB6-5195-4EDA-87CA-6D624CCF2751}\INPROCSERVER32 -> ThreadingModel Ontdekt: Trace.Registry.Blubster (A) Value: HKEY_CLASSES_ROOT\CLSID\{EFC25C6F-1A04-43FD-AB25-0F3ED89E050A}\INPROCSERVER32 -> ThreadingModel Ontdekt: Trace.Registry.Blubster (A) Value: hkey_users\s-1-5-21-2331812033-2990843805-3734672519-1004\software\gamespy\gamespy arcade -> InstDir Ontdekt: Trace.Registry.GameSpy Arcade (A) Value: hkey_users\s-1-5-21-2331812033-2990843805-3734672519-1006\software\gamespy\gamespy arcade -> InstDir Ontdekt: Trace.Registry.GameSpy Arcade (A) Value: hkey_users\s-1-5-21-2331812033-2990843805-3734672519-1007\software\gamespy\gamespy arcade -> InstDir Ontdekt: Trace.Registry.GameSpy Arcade (A) Key: hkey_users\s-1-5-21-2331812033-2990843805-3734672519-1007\software\microsoft\windows\currentversion\ext\stats\{963b125b-8b21-49a2-a3a8-e37092276531} Ontdekt: Trace.Registry.GetStyles (A) Key: hkey_users\s-1-5-21-2331812033-2990843805-3734672519-1007\software\microsoft\windows\currentversion\ext\stats\{963b125b-8b21-49a2-a3a8-e37092276531}\iexplore Ontdekt: Trace.Registry.GetStyles (A) Gescand 512305 Gevonden 124 Scan geëindigd: 9/12/2012 22:47:04 Scantijd: 1:06:17 Key: hkey_users\s-1-5-21-2331812033-2990843805-3734672519-1007\software\microsoft\windows\currentversion\ext\stats\{963b125b-8b21-49a2-a3a8-e37092276531} Verwijderd Trace.Registry.GetStyles (A) Key: hkey_users\s-1-5-21-2331812033-2990843805-3734672519-1007\software\microsoft\windows\currentversion\ext\stats\{963b125b-8b21-49a2-a3a8-e37092276531}\iexplore Verwijderd Trace.Registry.GetStyles (A) Value: hkey_users\s-1-5-21-2331812033-2990843805-3734672519-1004\software\gamespy\gamespy arcade -> InstDir Verwijderd Trace.Registry.GameSpy Arcade (A) Value: hkey_users\s-1-5-21-2331812033-2990843805-3734672519-1006\software\gamespy\gamespy arcade -> InstDir Verwijderd Trace.Registry.GameSpy Arcade (A) Value: hkey_users\s-1-5-21-2331812033-2990843805-3734672519-1007\software\gamespy\gamespy arcade -> InstDir Verwijderd Trace.Registry.GameSpy Arcade (A) Value: HKEY_CLASSES_ROOT\CLSID\{0AF8185C-26D7-4607-A005-7D586B750C38}\INPROCSERVER32 -> ThreadingModel Verwijderd Trace.Registry.Blubster (A) Value: HKEY_CLASSES_ROOT\CLSID\{5BF31631-3D94-4267-B6F4-0CE18B008928}\INPROCSERVER32 -> ThreadingModel Verwijderd Trace.Registry.Blubster (A) Value: HKEY_CLASSES_ROOT\CLSID\{D322CFB6-5195-4EDA-87CA-6D624CCF2751}\INPROCSERVER32 -> ThreadingModel Verwijderd Trace.Registry.Blubster (A) Value: HKEY_CLASSES_ROOT\CLSID\{EFC25C6F-1A04-43FD-AB25-0F3ED89E050A}\INPROCSERVER32 -> ThreadingModel Verwijderd Trace.Registry.Blubster (A) C:\Users\Femke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord Verwijderd Trace.File.BitLord 1.1 (A) C:\Users\Femke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord\BitLord.lnk Verwijderd Trace.File.BitLord 1.1 (A) C:\Users\Femke\Desktop\BitLord.lnk Verwijderd Trace.File.BitLord 1.1 (A) C:\Program Files (x86)\GameSpy Arcade Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\4dca9208.dat Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\banner.html Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\dat.bmp Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\def_banner.gif Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\def_banner.html Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\def_bannerbg.jpg Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\def_loading.gif Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\def_logo.jpg Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\def_news.html Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\fpupdate.exe Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\GameSpy Arcade - Debug.lnk Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\GameSpy Arcade Help.url Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\GameSpy Arcade Website.url Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\GameSpy Arcade.lnk Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\GameSpy.com Gaming's Homepage.url Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\GSAPak.exe Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\gslan.dll Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\gsws.dll Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\INSTALL.LOG Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\pw32.dll Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\readme.html Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Register GameSpy Arcade.url Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_news\rsrc.dir Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_news\service_tab.psd Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_news\service_tab+.tga Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_support\rsrc.dir Verwijderd Trace.File.GameSpy Arcade (A) C:\Program Files (x86)\GameSpy Arcade\Services\_support\service_tab.psd Verwijderd Trace.File.GameSpy Arcade (A) Verwijderd 41 -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
Nadat ik dit deed draaide hij weer supergoed maar iets later is het probleem er gewoon opnieuw. Blijf dus bij opstarten weer in zwart scherm hangen.. Het lijkt wel alsof de virus 'gewist' wordt en iets later weer opnieuw opflakerd. -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
ComboFix 12-12-07.01 - VanHoegaerden 08/12/2012 23:34:43.1.4 - x64 NETWORK Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3063.2144 [GMT 1:00] Gestart vanuit: c:\users\VanHoegaerden\Desktop\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\dsgsdgdsgdsgw.pad C:\test.txt c:\users\VanHoegaerden\AppData\Local\Microsoft\Windows\Temporary Internet Files\10.00.0.344_to_10.00.5.58_cum.exe c:\users\VanHoegaerden\Documents\pptCC30.tmp c:\windows\IsUn0413.exe c:\windows\SysWow64\UNWISE.EXE . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-08 to 2012-12-08 )))))))))))))))))))))))))))))) . . 2012-12-09 06:46 . 2012-12-09 07:07 -------- d-----w- C:\Boot 2012-12-08 22:40 . 2012-12-08 22:40 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp 2012-12-08 22:40 . 2012-12-08 22:40 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-08 22:40 . 2012-12-08 22:40 -------- d-----w- c:\users\Bram\AppData\Local\temp 2012-12-08 22:40 . 2012-12-08 22:40 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2012-12-08 22:40 . 2012-12-08 22:40 -------- d-----w- c:\users\Sara\AppData\Local\temp 2012-12-08 22:40 . 2012-12-08 22:40 -------- d-----w- c:\users\Femke\AppData\Local\temp 2012-12-08 17:41 . 2012-12-08 17:41 -------- d-----w- C:\Local Disk D_12820121742 2012-12-08 15:22 . 2012-12-08 15:22 -------- d-----w- c:\users\Bram\AppData\Roaming\Malwarebytes 2012-12-07 21:47 . 2012-12-07 21:47 -------- d-----w- c:\users\Femke\AppData\Roaming\Malwarebytes 2012-12-07 14:52 . 2012-12-07 14:52 -------- d-----w- c:\program files\Hitman Pro 3.5 2012-12-07 14:52 . 2012-12-07 14:52 -------- d-----w- c:\programdata\Hitman Pro 2012-12-07 14:52 . 2012-12-07 14:52 -------- d-----w- c:\program files\HitmanPro 2012-12-07 07:57 . 2012-12-07 07:57 -------- d-----w- c:\users\VanHoegaerden\AppData\Roaming\Malwarebytes 2012-12-07 07:57 . 2012-12-07 07:57 -------- d-----w- c:\programdata\Malwarebytes 2012-12-07 07:57 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-07 07:57 . 2012-12-07 07:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-12-06 22:55 . 2012-12-06 22:55 -------- d-----w- c:\users\Femke\AppData\Roaming\Python-Eggs 2012-12-06 22:55 . 2012-12-06 22:55 -------- d-----w- c:\users\Femke\AppData\Roaming\BitLord 2012-12-06 22:54 . 2012-12-06 22:54 -------- d-----w- c:\program files (x86)\BitLord 2 2012-12-06 17:04 . 2012-12-06 17:04 -------- d-----w- c:\program files\WinRAR 2012-12-06 16:39 . 2012-12-06 16:39 -------- d-----w- c:\windows\system32\temp 2012-12-06 16:39 . 2012-12-06 16:39 -------- d-----w- c:\programdata\PassMark 2012-12-06 16:39 . 2012-12-06 16:39 -------- d-----w- c:\program files\BurnInTest 2012-12-05 14:29 . 2012-12-05 14:29 -------- d-----w- C:\found.000 2012-12-04 23:00 . 2012-12-04 23:00 -------- d-----w- c:\users\Bram\AppData\Roaming\BitTorrent 2012-12-04 19:53 . 2012-12-04 19:53 -------- d-----w- c:\program files\CCleaner 2012-12-02 12:04 . 2012-12-02 12:04 -------- d-----w- C:\Downloads 2012-12-02 12:03 . 2012-12-02 12:26 -------- d-----w- c:\users\Femke\AppData\Roaming\BitComet 2012-12-02 11:58 . 2012-12-05 19:12 -------- d-----w- c:\users\Femke\AppData\Roaming\BitTorrent 2012-12-02 11:51 . 2012-12-05 19:12 -------- d-----w- c:\users\Femke\AppData\Roaming\uTorrent 2012-11-29 10:18 . 2012-11-29 10:18 -------- d-----w- c:\program files (x86)\Tomb Raider - Legend 2012-11-24 07:31 . 2012-11-24 07:31 -------- d-----w- c:\users\Bram\AppData\Roaming\TeamViewer 2012-11-19 18:37 . 2012-11-19 18:37 -------- d-----w- c:\users\Sara\AppData\Roaming\TeamViewer 2012-11-18 08:56 . 2012-12-08 22:30 -------- d-----w- c:\users\UpdatusUser 2012-11-18 08:55 . 2012-10-10 20:24 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll 2012-11-18 08:54 . 2012-11-18 08:54 -------- d-----w- c:\programdata\NVIDIA Corporation 2012-11-17 20:41 . 2012-11-17 20:41 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services 2012-11-17 20:40 . 2012-11-17 20:40 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework 2012-11-17 20:34 . 2012-11-17 20:34 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2012-11-17 20:33 . 2012-11-17 20:33 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2012-11-17 20:28 . 2009-02-24 17:35 255552 ----a-w- c:\windows\SysWow64\drivers\mcdbus.sys 2012-11-17 20:28 . 2009-02-24 17:35 255552 ----a-w- c:\windows\system32\drivers\mcdbus.sys 2012-11-17 20:28 . 2012-11-17 20:29 -------- d-----w- c:\program files (x86)\MagicDisc 2012-11-17 20:24 . 2012-11-17 20:25 -------- d-----w- c:\program files (x86)\MagicISO 2012-11-17 13:33 . 2012-11-17 13:33 -------- d-----w- c:\users\Sara\AppData\Local\CRE 2012-11-16 20:41 . 2012-07-26 07:49 2560 ----a-w- c:\windows\system32\drivers\nl-NL\wdf01000.sys.mui 2012-11-16 20:41 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-16 20:41 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-16 20:41 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-16 20:31 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-11-16 20:31 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-11-16 20:31 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-11-16 20:31 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-11-16 20:31 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2012-11-16 20:31 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2012-11-16 20:31 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2012-11-16 17:11 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-11-16 17:11 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-11-16 17:11 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll 2012-11-16 17:11 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll 2012-11-16 17:10 . 2012-10-18 18:25 3149824 ----a-w- c:\windows\system32\win32k.sys 2012-11-16 17:10 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll 2012-11-16 17:10 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll 2012-11-16 17:04 . 2012-10-03 17:56 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-11-16 17:04 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll 2012-11-16 17:04 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll 2012-11-16 17:04 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll 2012-11-16 17:04 . 2012-10-03 17:42 569344 ----a-w- c:\windows\system32\iphlpsvc.dll 2012-11-16 17:04 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll 2012-11-16 17:04 . 2012-10-03 16:42 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll 2012-11-16 17:03 . 2012-01-13 07:12 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll 2012-11-16 17:03 . 2012-10-03 16:07 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-11-16 17:03 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll 2012-11-16 17:03 . 2012-10-03 17:44 18944 ----a-w- c:\windows\system32\netevent.dll 2012-11-16 17:03 . 2012-10-03 16:42 18944 ----a-w- c:\windows\SysWow64\netevent.dll 2012-11-11 10:52 . 2012-11-11 10:52 -------- d-----w- c:\users\Femke\AppData\Roaming\AVG2013 2012-11-11 10:52 . 2012-12-02 19:14 -------- d-----w- c:\users\Femke\AppData\Local\Avg2013 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-08 15:59 . 2012-04-07 08:27 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-12-08 15:59 . 2011-12-01 17:31 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-12-07 21:18 . 2010-12-24 16:37 23112 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2012-11-16 11:54 . 2010-01-19 13:50 66395536 ----a-w- c:\windows\system32\MRT.exe 2012-11-05 16:43 . 2010-03-20 11:38 88008 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2012-11-05 16:43 . 2010-03-20 11:38 35240 ----a-w- c:\windows\system32\LMIport.dll 2012-11-05 16:43 . 2010-03-20 11:38 83880 ----a-w- c:\windows\system32\LMIinit.dll 2012-10-30 17:18 . 2012-10-30 17:18 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-10-30 17:18 . 2011-04-13 13:09 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-10-23 11:18 . 2012-10-30 17:17 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-10-23 11:18 . 2012-03-12 16:39 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-10-23 11:18 . 2012-03-12 16:39 364096 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-10-23 11:18 . 2012-03-12 16:39 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-10-23 11:18 . 2012-03-12 16:10 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-10-23 11:17 . 2012-03-12 16:09 41224 ----a-w- c:\windows\avastSS.scr 2012-10-23 11:17 . 2012-03-12 16:09 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-10-23 11:17 . 2012-03-12 16:10 285328 ----a-w- c:\windows\system32\aswBoot.exe 2012-10-22 12:02 . 2012-10-22 12:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys 2012-10-16 08:38 . 2012-11-28 09:58 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-11-28 09:58 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-11-28 09:58 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-15 17:59 . 2012-10-30 17:17 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-10-15 02:48 . 2012-10-15 02:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys 2012-10-10 20:23 . 2012-10-10 20:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-10-10 20:23 . 2012-10-10 20:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-10-10 20:23 . 2012-10-10 20:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-10 20:23 . 2012-10-10 20:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll 2012-10-10 20:23 . 2012-10-10 20:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-10-10 20:23 . 2012-10-10 20:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-10 20:23 . 2012-10-10 20:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-10 20:23 . 2012-10-10 20:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll 2012-10-10 20:23 . 2012-10-10 20:23 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-10-10 20:23 . 2012-10-10 20:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-10 20:23 . 2012-10-10 20:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-10-10 20:23 . 2012-10-10 20:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-10 20:23 . 2012-10-10 20:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-10-10 20:22 . 2012-10-10 20:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-10 20:22 . 2012-10-10 20:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll 2012-10-10 20:22 . 2012-10-10 20:22 1760104 ----a-w- c:\windows\system32\nvdispco64.dll 2012-10-10 20:22 . 2012-10-10 20:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-10 20:22 . 2012-10-10 20:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-10 20:22 . 2012-10-10 20:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-10-10 20:22 . 2012-10-10 20:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-10 20:22 . 2012-10-10 20:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-10-07 17:01 . 2010-11-01 15:27 848 --sha-w- c:\programdata\KGyGaAvL.sys 2012-10-05 02:32 . 2012-10-05 02:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys 2012-10-02 19:51 . 2010-07-09 14:27 3293544 ----a-w- c:\windows\system32\nvsvc64.dll 2012-10-02 19:51 . 2010-07-09 14:27 6200680 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 19:50 . 2010-07-09 14:27 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:50 . 2010-07-09 14:27 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:50 . 2009-09-27 17:22 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:50 . 2009-09-27 17:22 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-10-02 02:30 . 2012-10-02 02:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys 2012-09-27 10:53 . 2012-08-24 10:04 17512 ----a-w- c:\windows\system32\Ai2V.sys 2012-09-27 10:53 . 2012-08-24 10:04 129640 ----a-w- c:\windows\system32\Ai2Mdd.dll 2012-09-27 10:53 . 2012-08-24 10:04 12904 ----a-w- c:\windows\system32\drivers\Ai2Chroniker.sys 2012-09-27 10:53 . 2012-08-24 10:04 11880 ----a-w- c:\windows\system32\drivers\Ai2Mmpd.sys 2012-09-21 02:46 . 2012-09-21 02:46 200032 ----a-w- c:\windows\system32\drivers\avgtdia.sys 2012-09-21 02:46 . 2012-09-21 02:46 225120 ----a-w- c:\windows\system32\drivers\avgloga.sys 2012-09-14 19:19 . 2012-10-10 12:16 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:28 . 2012-10-10 12:16 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-09-14 02:05 . 2012-09-14 02:05 40800 ----a-w- c:\windows\system32\drivers\avgrkx64.sys 2012-09-10 13:35 . 2012-08-24 10:04 185696 ----a-w- c:\windows\SysWow64\Ai2XOR.dll 2012-09-10 13:35 . 2012-08-24 10:04 63840 ----a-w- c:\windows\SysWow64\Ai2d91.dll 2012-09-10 13:35 . 2010-11-03 13:27 21344 ----a-w- c:\windows\SysWow64\Ai2Ldr.dll 2012-09-10 13:16 . 2012-08-24 10:04 7680 ----a-w- c:\windows\SysWow64\drivers\Ai2sXP.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ZoomText"="c:\program files (x86)\ZoomText 10\ZT.exe" [2012-09-10 5051744] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Corel Photo Downloader"="c:\program files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2008-08-08 532808] "Corel File Shell Monitor"="c:\program files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2008-08-08 16712] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-23 4297136] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-06 3143800] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "EaseUS EPM tray"="c:\program files (x86)\EaseUS\EaseUS Partition Master 9.1.1 Home Edition\bin\EpmNews.exe" [2012-11-29 2086984] . c:\users\VanHoegaerden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ LimeWire On Startup.lnk - c:\users\VanHoegaerden\Desktop\LimeWire\LimeWire.exe [N/A] MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2012-11-17 576000] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2013\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys] @="" . R1 Ai2Chroniker;Ai2Chroniker;c:\windows\system32\DRIVERS\Ai2Chroniker.sys [2012-09-27 12904] R1 aswSnx;aswSnx; [x] R1 aswSP;aswSP; [x] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464] R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696] R2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys [2006-12-13 65024] R2 aswFsBlk;aswFsBlk; [x] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-23 71600] R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392] R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x] R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-11-05 375728] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2008-08-11 15928] R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824] R2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 2848168] R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-11-04 2320920] R2 ZoomText Helper Service;ZoomText Helper Service;c:\program files (x86)\ZoomText 10\ZoomTextHelperService.exe [2012-09-10 17248] R3 Ai2Mmpd;Ai2Mmpd;c:\windows\system32\DRIVERS\Ai2Mmpd.sys [2012-09-27 11880] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 36328] R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184] R3 DIRECTIO37;DIRECTIO37;c:\program files\BurnInTest\DirectIo64.sys [2012-08-13 25704] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096] R3 FXDrv32;FXDrv32;E:\FXDrv64.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928] R3 SCLx64;SCL010 Contactless Reader;c:\windows\system32\DRIVERS\SCLx64.sys [2011-01-11 69248] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-29 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680] . . Inhoud van de 'Gedeelde Taken' map . 2012-12-08 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 15:59] . 2012-11-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2331812033-2990843805-3734672519-1005Core.job - c:\users\Femke\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-10 08:00] . 2012-12-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2331812033-2990843805-3734672519-1005UA.job - c:\users\Femke\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-10 08:00] . 2012-12-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-30 17:17] . 2012-12-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-30 17:17] . 2012-12-07 c:\windows\Tasks\Hitman Pro 3.5 Boot Task.job - c:\program files\Hitman Pro 3.5\HitmanPro35_x64.exe [2012-12-07 16:33] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-23 11:17 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-03 9642528] "LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2008-08-11 57928] "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 2114376] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\VanHoegaerden\AppData\Roaming\Mozilla\Firefox\Profiles\cx6oiidf.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - Google FF - ExtSQL: 2012-10-30 18:18; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} . - - - - ORPHANS VERWIJDERD - - - - . Wow6432Node-HKCU-Run-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) AddRemove-Hardlock Device Drivers - c:\windows\system32\UNWISE.EXE . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-12-08 23:42:36 ComboFix-quarantined-files.txt 2012-12-08 22:42 . Pre-Run: 772.090.966.016 bytes beschikbaar Post-Run: 773.099.716.608 bytes beschikbaar . - - End Of File - - B0D588253AE7FA50E186976B52300FB0 -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
Hijackthis; Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:18:36, on 8/12/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Safe mode with network support Running processes: C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Bram\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -update plugin O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2331812033-2990843805-3734672519-1003\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background (User 'VanHoegaerden') O4 - HKUS\S-1-5-21-2331812033-2990843805-3734672519-1003\..\RunOnce: [Report] C:\AdwCleaner[s1].txt (User 'VanHoegaerden') O4 - HKUS\S-1-5-21-2331812033-2990843805-3734672519-1005\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background (User 'Femke') O4 - HKUS\S-1-5-21-2331812033-2990843805-3734672519-1007\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background (User 'Sara') O4 - HKUS\S-1-5-21-2331812033-2990843805-3734672519-1007\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -update plugin (User 'Sara') O4 - S-1-5-21-2331812033-2990843805-3734672519-1003 Startup: LimeWire On Startup.lnk = VanHoegaerden\Desktop\LimeWire\LimeWire.exe (User 'VanHoegaerden') O4 - S-1-5-21-2331812033-2990843805-3734672519-1003 Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (User 'VanHoegaerden') O4 - S-1-5-21-2331812033-2990843805-3734672519-1003 User Startup: LimeWire On Startup.lnk = VanHoegaerden\Desktop\LimeWire\LimeWire.exe (User 'VanHoegaerden') O4 - S-1-5-21-2331812033-2990843805-3734672519-1003 User Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (User 'VanHoegaerden') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Bram\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldnl-be.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZoomText Helper Service - Ai Squared - C:\Program Files (x86)\ZoomText 10\ZoomTextHelperService.exe -- End of file - 15854 bytes MBAM; Malwarebytes Anti-Malware (Trial) 1.65.1.1000 Malwarebytes : Free anti-malware download Database version: v2012.12.07.04 Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking) Internet Explorer 9.0.8112.16421 Bram :: VANHOEG_PC [administrator] Protection: Disabled 8/12/2012 16:22:34 mbam-log-2012-12-08 (16-22-34).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 336694 Time elapsed: 5 minute(s), 55 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 6 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Quarantined and deleted successfully. Registry Values Detected: 1 HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Hijack.Shell.Gen) -> Data: explorer.exe,C:\Users\Bram\AppData\Roaming\dwm.exe -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:24:40, on 7/12/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Safe mode with network support Running processes: C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file) R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file) F3 - REG:win.ini: load=C:\Users\Bram\AppData\Local\Temp\csrss.exe F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Bram\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2331812033-2990843805-3734672519-1003\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background (User 'VanHoegaerden') O4 - HKUS\S-1-5-21-2331812033-2990843805-3734672519-1003\..\RunOnce: [Report] C:\AdwCleaner[s1].txt (User 'VanHoegaerden') O4 - HKUS\S-1-5-21-2331812033-2990843805-3734672519-1005\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background (User 'Femke') O4 - HKUS\S-1-5-21-2331812033-2990843805-3734672519-1007\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background (User 'Sara') O4 - HKUS\S-1-5-21-2331812033-2990843805-3734672519-1007\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -update plugin (User 'Sara') O4 - S-1-5-21-2331812033-2990843805-3734672519-1003 Startup: LimeWire On Startup.lnk = VanHoegaerden\Desktop\LimeWire\LimeWire.exe (User 'VanHoegaerden') O4 - S-1-5-21-2331812033-2990843805-3734672519-1003 Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (User 'VanHoegaerden') O4 - S-1-5-21-2331812033-2990843805-3734672519-1003 User Startup: LimeWire On Startup.lnk = VanHoegaerden\Desktop\LimeWire\LimeWire.exe (User 'VanHoegaerden') O4 - S-1-5-21-2331812033-2990843805-3734672519-1003 User Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (User 'VanHoegaerden') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Bram\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bram\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.3.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldnl-be.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZoomText Helper Service - Ai Squared - C:\Program Files (x86)\ZoomText 10\ZoomTextHelperService.exe -- End of file - 16373 bytes -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
Veilige modus is geen enkel probleem. Momenteel blijft hij hangen in het inlogscherm (welkom) -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
De pc blijft momenteel op zwart scherm staan na het heropstarten (pijltje wel zichtbaar) en ook het gebruikersaccount is al gekozen. Is dit MBAM die nog zijn werk doet ? -
PC draait enkel goed in veilige modus
stoetel1 reageerde op stoetel1's topic in Archief Bestrijding malware & virussen
De pc zelf werkt al veel beter, wat ik ook nog wou vragen was van de C-partitie is 80G van de 100G in beslag genomen ik zou deze eventueel met partitionmagic vergroten ? Hijack; Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:56:40, on 7/12/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Normal Running processes: C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\Femke\AppData\Local\Facebook\Update\FacebookUpdate.exe C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\MagicDisc\MagicDisc.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Users\VanHoegaerden\Downloads\mbam-setup-1.65.1.1000.exe C:\Users\VANHOE~1\AppData\Local\Temp\is-JQNCQ.tmp\mbam-setup-1.65.1.1000.tmp C:\Users\VanHoegaerden\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [ZoomText] "C:\Program Files (x86)\ZoomText 10\ZT.exe" /AUTOSTART O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2331812033-2990843805-3734672519-1005\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background (User 'Femke') O4 - HKUS\S-1-5-21-2331812033-2990843805-3734672519-1010\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2331812033-2990843805-3734672519-1010\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: LimeWire On Startup.lnk = VanHoegaerden\Desktop\LimeWire\LimeWire.exe O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.3.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldnl-be.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZoomText Helper Service - Ai Squared - C:\Program Files (x86)\ZoomText 10\ZoomTextHelperService.exe -- End of file - 15693 bytes Malwarebytes; Realtime bescherming: Ingeschakeld 7/12/2012 8:59:05 mbam-log-2012-12-07 (08-59-05).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 339384 Verstreken tijd: 12 minuut/minuten, 53 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 10 HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 8 C:\Program Files (x86)\BrowserCompanion (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Bram\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Bram\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Bram\AppData\LocalLow\Funmoods (PUP.FunMoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Bram\AppData\LocalLow\Funmoods\Funmoods (PUP.FunMoods) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 54 C:\Users\Femke\Downloads\partition magic setup.exe (PUP.AdBundle) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\Downloads\VideoConverterSetup.exe (Adware.InstallCore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Bram\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Femke\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\VanHoegaerden\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Bram\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Femke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\VanHoegaerden\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Bram\AppData\Local\funmoods.crx (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Femke\AppData\Local\funmoods.crx (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Bram\Local Settings\Application Data\funmoods.crx (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Femke\Local Settings\Application Data\funmoods.crx (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\lsass.exe (Trojan.Delf) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Bram\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\logo.ico (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll_1 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\fix2.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\2176e6370c9d067a8c00c1052cda9d82 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\2176e6370c9d067a8c00c1052cda9d82_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\28d9054bd8218d735953cdde5accebbe (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\28d9054bd8218d735953cdde5accebbe_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\445454961d7ab27432dab4e62071a6a2 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\445454961d7ab27432dab4e62071a6a2_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\656bf02a99a3ba2fbf237f6152b7f3de (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\656bf02a99a3ba2fbf237f6152b7f3de_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\a0f8a37816528739c529259c2c955ee1 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\a0f8a37816528739c529259c2c955ee1_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\aaff3303cdd7526dcb9cd1bc7f49fa7a (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\aaff3303cdd7526dcb9cd1bc7f49fa7a_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\e9c5ecc3f9d7fa1291240700c8da0728 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\e9c5ecc3f9d7fa1291240700c8da0728_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sara\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
