Ga naar inhoud

Stilste

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    69

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Stilste

  1. Stilste
    ik heb ze allemaal verwijderd. hoe de computer nu doet, na het verwijderen weet ik nog niet zo goed, maar als ik de computer opnieuw opstart krijg ik nu eerst een zwart scherm met witte tekst. dat blijft enkele seconden staan en er staat iets over recoveryconsole ofzo. het CPU is nu wel een stuk lager. gisteren liep hij nog wel meerdere keren vast, dat was voordat ik die bestandjes verwijderd had. hij loopt tot nu toe echter alleen nog vast als firefox open staat en het lijkt dat hij dat ook alleen doet bij bepaalde websites. taakbeheer ziet er netjes uit nu. schiet af en toe even omhoog, maar blijft verder tussen de 0 en 10% hangen. en MsMpEng.exe zie ik niet meer steeds veel CPU gebruiken. het is wel een grootgebruiker van het geheugen. in ieder geval vergeleken met wat er verder loopt nu.
  2. Stilste
    ik heb Found.000 t/m FOUND030. bedoeld je dat ik die allemaal moet weggooien?
  3. Stilste
    bij deze mijn nieuwe logje: ComboFix 12-01-13.05 - Andre 14-01-2012 16:53:23.2.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.430 [GMT 1:00] Gestart vanuit: c:\documents and settings\Andre\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Andre\Bureaublad\CFScript.txt.txt AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . FILE :: "c:\documents and settings\Andre\Local Settings\Application Data\BIT12.tmp" "c:\windows\system32\drivers\ojddtl.sys" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\FOUND.030 c:\found.030\FILE0000.CHK c:\found.030\FILE0001.CHK . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_MPKSL0094BC82 -------\Legacy_MPKSL04E76432 -------\Legacy_MPKSL06873A5C -------\Legacy_MPKSL09C6DFA7 -------\Legacy_MPKSL0B15C8D9 -------\Legacy_MPKSL10FED5FD -------\Legacy_MPKSL13AC65F5 -------\Legacy_MPKSL1477E8F1 -------\Legacy_MPKSL1AC94E99 -------\Legacy_MPKSL29ADACB2 -------\Legacy_MPKSL2A2B07FB -------\Legacy_MPKSL33BA61DF -------\Legacy_MPKSL41CC1B22 -------\Legacy_MPKSL4AD2084B -------\Legacy_MPKSL4D033B75 -------\Legacy_MPKSL5367B813 -------\Legacy_MPKSL5AE15F13 -------\Legacy_MPKSL5DC52109 -------\Legacy_MPKSL5E9E962E -------\Legacy_MPKSL5FEBDA57 -------\Legacy_MPKSL67F9F463 -------\Legacy_MPKSL6800F251 -------\Legacy_MPKSL7F2BE814 -------\Legacy_MPKSL96FA3423 -------\Legacy_MPKSL9F11B47C -------\Legacy_MPKSL9FB3E33D -------\Legacy_MPKSLA6146225 -------\Legacy_MPKSLACDA6667 -------\Legacy_MPKSLB5605F26 -------\Legacy_MPKSLB682949E -------\Legacy_MPKSLBABDE6B7 -------\Legacy_MPKSLBF4695C0 -------\Legacy_MPKSLC0A1D097 -------\Legacy_MPKSLC5158823 -------\Legacy_MPKSLCBC9D5A6 -------\Legacy_MPKSLD064A4D0 -------\Legacy_MPKSLD06C79B2 -------\Legacy_MPKSLD2702395 -------\Legacy_MPKSLD4B2A5C3 -------\Legacy_MPKSLDC479C11 -------\Legacy_MPKSLE3AA683D -------\Legacy_MPKSLE41698F4 -------\Legacy_MPKSLE7A0DC9A -------\Legacy_MPKSLFA76ECB2 -------\Legacy_P2A4MIW.SYS -------\Service_MpKsl0094bc82 -------\Service_MpKsl04e76432 -------\Service_MpKsl06873a5c -------\Service_MpKsl09c6dfa7 -------\Service_MpKsl0b15c8d9 -------\Service_MpKsl10fed5fd -------\Service_MpKsl13ac65f5 -------\Service_MpKsl1477e8f1 -------\Service_MpKsl1ac94e99 -------\Service_MpKsl29adacb2 -------\Service_MpKsl2a2b07fb -------\Service_MpKsl32aded72 -------\Service_MpKsl33ba61df -------\Service_MpKsl3c286d8f -------\Service_MpKsl41cc1b22 -------\Service_MpKsl4ad2084b -------\Service_MpKsl4d033b75 -------\Service_MpKsl5367b813 -------\Service_MpKsl598a9d50 -------\Service_MpKsl5ae15f13 -------\Service_MpKsl5dc52109 -------\Service_MpKsl5e9e962e -------\Service_MpKsl5febda57 -------\Service_MpKsl67f9f463 -------\Service_MpKsl6800f251 -------\Service_MpKsl7f2be814 -------\Service_MpKsl94b2e61f -------\Service_MpKsl96fa3423 -------\Service_MpKsl9ee409ad -------\Service_MpKsl9f11b47c -------\Service_MpKsl9fb3e33d -------\Service_MpKsla6146225 -------\Service_MpKslacda6667 -------\Service_MpKslb5605f26 -------\Service_MpKslb682949e -------\Service_MpKslbabde6b7 -------\Service_MpKslbf4695c0 -------\Service_MpKslc0a1d097 -------\Service_MpKslc5158823 -------\Service_MpKslcbc9d5a6 -------\Service_MpKsld064a4d0 -------\Service_MpKsld06c79b2 -------\Service_MpKsld2702395 -------\Service_MpKsld4b2a5c3 -------\Service_MpKsldc479c11 -------\Service_MpKsle3aa683d -------\Service_MpKsle41698f4 -------\Service_MpKsle7a0dc9a -------\Service_MpKslfa76ecb2 -------\Service_onbbbelh -------\Service_p2a4miw.sys . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-14 to 2012-01-14 )))))))))))))))))))))))))))))) . . 2012-01-14 16:14 . 2012-01-14 16:14 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF894ECF-209B-4C95-8B47-7B35241F4981}\offreg.dll 2012-01-14 16:13 . 2012-01-14 16:13 -------- d-----w- C:\FOUND.030 2012-01-14 11:43 . 2011-11-21 10:47 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF894ECF-209B-4C95-8B47-7B35241F4981}\mpengine.dll 2012-01-14 08:15 . 2012-01-14 08:15 -------- d--h--r- c:\documents and settings\Andre\Onlangs geopend 2012-01-12 16:16 . 2012-01-12 16:16 -------- d-----w- c:\documents and settings\Andre\Application Data\Friday's games 2012-01-12 14:44 . 2012-01-12 14:44 0 ---ha-w- c:\documents and settings\Andre\Local Settings\Application Data\BIT12.tmp 2012-01-11 15:28 . 2012-01-11 15:28 388096 ----a-r- c:\documents and settings\Andre\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-11 15:28 . 2012-01-11 15:28 -------- d-----w- c:\program files\Trend Micro 2012-01-11 15:13 . 2012-01-11 15:13 -------- d-----w- c:\program files\Speccy 2012-01-08 09:15 . 2012-01-08 09:15 -------- d-----w- c:\documents and settings\Andre\Application Data\Gogii 2012-01-07 11:27 . 2001-08-17 19:12 91294 ----a-w- c:\windows\system32\dllcache\skfpwin.sys 2012-01-07 11:27 . 2001-09-06 19:53 95146 ----a-w- c:\windows\system32\dllcache\sk98xwin.sys 2012-01-07 11:27 . 2001-09-06 20:26 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll 2012-01-07 11:27 . 2001-08-17 19:50 50432 ----a-w- c:\windows\system32\dllcache\sisv.sys 2012-01-07 11:27 . 2004-08-03 21:31 32768 ----a-w- c:\windows\system32\dllcache\sisnic.sys 2012-01-07 11:27 . 2001-09-06 20:27 238592 ----a-w- c:\windows\system32\dllcache\sisgrv.dll 2012-01-07 11:27 . 2001-08-17 19:50 104064 ----a-w- c:\windows\system32\dllcache\sisgrp.sys 2012-01-07 11:27 . 2001-09-06 20:26 150144 ----a-w- c:\windows\system32\dllcache\sis6306v.dll 2012-01-07 11:27 . 2001-08-17 19:50 68608 ----a-w- c:\windows\system32\dllcache\sis6306p.sys 2012-01-07 11:27 . 2001-09-06 20:26 252032 ----a-w- c:\windows\system32\dllcache\sis300iv.dll 2012-01-07 11:27 . 2001-08-17 19:50 101760 ----a-w- c:\windows\system32\dllcache\sis300ip.sys 2012-01-07 11:26 . 2001-09-06 19:49 161760 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys 2012-01-07 11:26 . 2001-07-21 21:29 18400 ----a-w- c:\windows\system32\dllcache\sgsmld.sys 2012-01-07 11:26 . 2001-08-17 19:51 98080 ----a-w- c:\windows\system32\dllcache\sgiulnt5.sys 2012-01-07 11:26 . 2001-09-06 20:26 386560 ----a-w- c:\windows\system32\dllcache\sgiul50.dll 2012-01-07 11:26 . 2001-08-17 19:19 36480 ----a-w- c:\windows\system32\dllcache\sfmanm.sys 2012-01-07 11:26 . 2001-09-06 19:47 6912 ----a-w- c:\windows\system32\dllcache\serscan.sys 2012-01-07 11:26 . 2001-09-06 19:47 18176 ----a-w- c:\windows\system32\dllcache\sermouse.sys 2012-01-07 11:26 . 2001-09-06 20:27 26112 ----a-w- c:\windows\system32\dllcache\EXCH_seos.dll 2012-01-07 11:25 . 2001-08-17 20:53 6912 ----a-w- c:\windows\system32\dllcache\seaddsmc.sys 2012-01-07 11:25 . 2008-04-13 19:45 11520 ----a-w- c:\windows\system32\dllcache\scsiscan.sys 2012-01-07 11:25 . 2001-08-17 20:52 11648 ----a-w- c:\windows\system32\dllcache\scsiprnt.sys 2012-01-07 11:25 . 2001-09-06 20:27 57856 ----a-w- c:\windows\system32\dllcache\EXCH_scripto.dll 2012-01-07 11:25 . 2001-09-06 19:44 17536 ----a-w- c:\windows\system32\dllcache\scr111.sys 2012-01-07 11:25 . 2001-09-06 19:44 16768 ----a-w- c:\windows\system32\dllcache\scmstcs.sys 2012-01-07 11:25 . 2001-08-17 20:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys 2012-01-07 11:25 . 2001-09-06 19:42 23936 ----a-w- c:\windows\system32\dllcache\sccmn50m.sys 2012-01-07 11:25 . 2008-04-13 19:40 43904 ----a-w- c:\windows\system32\dllcache\sbp2port.sys 2012-01-07 11:25 . 2001-09-06 20:27 495616 ----a-w- c:\windows\system32\dllcache\sblfx.dll 2012-01-07 11:25 . 2001-08-17 19:50 75392 ----a-w- c:\windows\system32\dllcache\s3savmxm.sys 2012-01-07 11:23 . 2004-08-03 21:31 20992 ----a-w- c:\windows\system32\dllcache\rtl8139.sys 2012-01-07 11:23 . 2001-08-17 19:12 19017 ----a-w- c:\windows\system32\dllcache\rtl8029.sys 2012-01-07 11:23 . 2001-08-17 19:19 30720 ----a-w- c:\windows\system32\dllcache\rthwcls.sys 2012-01-07 11:23 . 2001-09-06 20:27 10240 ----a-w- c:\windows\system32\dllcache\rsmgrstr.dll 2012-01-07 11:23 . 2001-08-17 19:19 3840 ----a-w- c:\windows\system32\dllcache\rpfun.sys 2012-01-07 11:23 . 2008-04-14 17:34 79360 ----a-w- c:\windows\system32\dllcache\rocket.sys 2012-01-07 11:23 . 2001-08-17 19:12 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys 2012-01-07 11:23 . 2001-09-06 20:27 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll 2012-01-07 11:23 . 2001-09-06 20:27 23040 ----a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe 2012-01-07 11:23 . 2004-08-04 13:00 14848 ----a-w- c:\windows\system32\dllcache\register.exe 2012-01-07 11:22 . 2001-09-06 19:29 715210 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys 2012-01-07 11:22 . 2001-09-06 19:29 899594 ----a-w- c:\windows\system32\dllcache\r2mdkxga.sys 2012-01-07 11:22 . 2001-09-06 20:27 41984 ----a-w- c:\windows\system32\dllcache\qvusd.dll 2012-01-07 11:22 . 2001-08-17 20:53 3328 ----a-w- c:\windows\system32\dllcache\qv2kux.sys 2012-01-07 11:22 . 2004-08-04 13:00 16896 ----a-w- c:\windows\system32\dllcache\quser.exe 2012-01-07 11:22 . 2004-08-04 13:00 9728 ----a-w- c:\windows\system32\dllcache\query.exe 2012-01-07 11:22 . 2001-08-17 20:52 49024 ----a-w- c:\windows\system32\dllcache\ql1280.sys 2012-01-07 11:22 . 2001-08-17 20:52 40448 ----a-w- c:\windows\system32\dllcache\ql1240.sys 2012-01-07 11:22 . 2001-08-17 20:52 45312 ----a-w- c:\windows\system32\dllcache\ql12160.sys 2012-01-07 11:20 . 2001-08-17 20:53 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys 2012-01-07 11:20 . 2004-08-04 13:00 131584 ----a-w- c:\windows\system32\dllcache\pmxviceo.dll 2012-01-07 11:20 . 2004-08-04 13:00 6144 ----a-w- c:\windows\system32\dllcache\pmxgl.dll 2012-01-07 11:20 . 2004-08-04 13:00 11264 ----a-w- c:\windows\system32\dllcache\pmxmcro.dll 2012-01-07 11:20 . 2001-09-06 20:27 121344 ----a-w- c:\windows\system32\dllcache\phvfwext.dll 2012-01-07 11:20 . 2001-08-17 21:07 19840 ----a-w- c:\windows\system32\dllcache\philtune.sys 2012-01-07 11:20 . 2001-08-17 21:04 92416 ----a-w- c:\windows\system32\dllcache\phildec.sys 2012-01-07 11:20 . 2001-08-17 21:04 173696 ----a-w- c:\windows\system32\dllcache\philcam2.sys 2012-01-07 11:20 . 2001-08-17 21:04 75776 ----a-w- c:\windows\system32\dllcache\philcam1.sys 2012-01-07 11:20 . 2001-09-06 20:27 16896 ----a-w- c:\windows\system32\dllcache\philcam1.dll 2012-01-07 11:20 . 2008-04-14 18:01 259328 ----a-w- c:\windows\system32\dllcache\perm3dd.dll 2012-01-07 11:18 . 2001-09-06 20:27 42496 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll 2012-01-07 11:17 . 2001-08-17 19:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys 2012-01-07 11:17 . 2001-08-17 19:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys 2012-01-07 11:17 . 2001-09-06 20:26 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll 2012-01-07 11:17 . 2001-08-17 19:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys 2012-01-07 11:17 . 2001-09-06 20:27 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll 2012-01-07 11:17 . 2001-09-06 18:49 9472 ----a-w- c:\windows\system32\dllcache\ntapm.sys 2012-01-07 11:17 . 2001-08-17 20:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys 2012-01-07 11:17 . 2008-04-13 19:54 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys 2012-01-07 11:16 . 2001-08-17 19:20 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys 2012-01-07 11:16 . 2001-08-17 19:20 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys 2012-01-07 11:16 . 2001-08-17 19:12 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys 2012-01-07 11:16 . 2004-08-03 23:57 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys 2012-01-07 11:16 . 2001-09-06 18:39 66334 ----a-w- c:\windows\system32\dllcache\netflx3.sys 2012-01-07 11:16 . 2001-08-17 19:50 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys 2012-01-07 11:16 . 2001-09-06 20:26 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll 2012-01-07 11:16 . 2001-08-17 20:49 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys 2012-01-07 11:16 . 2008-04-13 19:46 10880 ----a-w- c:\windows\system32\dllcache\ndisip.sys 2012-01-07 11:14 . 2004-08-04 13:00 229439 ----a-w- c:\windows\system32\dllcache\multibox.dll 2012-01-07 11:14 . 2001-08-17 19:50 103296 ----a-w- c:\windows\system32\dllcache\mtxvideo.sys 2012-01-07 11:14 . 2008-04-13 19:39 5504 ----a-w- c:\windows\system32\dllcache\mstee.sys 2012-01-07 11:14 . 2008-04-13 19:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys 2012-01-07 11:14 . 2001-08-17 20:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys 2012-01-07 11:13 . 2001-08-17 21:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys 2012-01-07 11:13 . 2004-08-04 13:00 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll 2012-01-07 11:13 . 2001-08-17 21:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys 2012-01-07 11:13 . 2001-08-17 20:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys 2012-01-07 11:13 . 2008-04-13 19:46 51200 ----a-w- c:\windows\system32\dllcache\msdv.sys 2012-01-07 11:13 . 2001-08-17 20:52 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys 2012-01-07 11:12 . 2008-04-13 19:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys 2012-01-07 11:12 . 2001-08-17 20:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys 2012-01-07 11:12 . 2001-08-17 20:52 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys 2012-01-07 11:12 . 2004-08-04 13:00 34816 ----a-w- c:\windows\system32\dllcache\migisol.exe 2012-01-07 11:12 . 2001-09-06 17:59 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys 2012-01-07 11:12 . 2001-09-06 20:26 235648 ----a-w- c:\windows\system32\dllcache\mgaud.dll 2012-01-07 11:12 . 2004-08-04 13:00 92416 ----a-w- c:\windows\system32\dllcache\mga.sys 2012-01-07 11:12 . 2004-08-04 13:00 92032 ----a-w- c:\windows\system32\dllcache\mga.dll 2012-01-07 11:12 . 2008-04-13 19:41 26112 ----a-w- c:\windows\system32\dllcache\memstpci.sys 2012-01-07 11:10 . 2004-08-03 23:58 607132 ----a-w- c:\windows\system32\dllcache\ltmdmnt.sys 2012-01-07 11:10 . 2001-09-06 17:39 728234 ----a-w- c:\windows\system32\dllcache\ltck000c.sys 2012-01-07 11:10 . 2001-08-17 20:53 4992 ----a-w- c:\windows\system32\dllcache\loop.sys 2012-01-07 11:10 . 2001-08-17 19:12 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys 2012-01-07 11:10 . 2001-08-17 19:12 20573 ----a-w- c:\windows\system32\dllcache\lne100.sys 2012-01-07 11:10 . 2001-08-17 19:11 25065 ----a-w- c:\windows\system32\dllcache\lmndis3.sys 2012-01-07 11:10 . 2001-09-06 17:35 15872 ----a-w- c:\windows\system32\dllcache\lit220p.sys 2012-01-07 11:10 . 2008-04-13 19:40 34688 ----a-w- c:\windows\system32\dllcache\lbrtfdc.sys 2012-01-07 11:10 . 2001-09-06 17:32 26922 ----a-w- c:\windows\system32\dllcache\lanepic5.sys 2012-01-07 11:10 . 2001-08-17 19:12 19016 ----a-w- c:\windows\system32\dllcache\ktc111.sys 2012-01-07 11:10 . 2001-09-06 20:26 37888 ----a-w- c:\windows\system32\dllcache\kousd.dll 2012-01-07 11:10 . 2004-08-04 13:00 70656 ----a-w- c:\windows\system32\dllcache\korwbrkr.dll 2012-01-07 11:08 . 2001-08-17 20:49 26624 ----a-w- c:\windows\system32\dllcache\irstusb.sys 2012-01-07 11:08 . 2001-08-17 20:49 23552 ----a-w- c:\windows\system32\dllcache\irmk7.sys 2012-01-07 11:08 . 2001-08-17 19:12 45632 ----a-w- c:\windows\system32\dllcache\ip5515.sys 2012-01-07 11:08 . 2001-09-06 20:26 90200 ----a-w- c:\windows\system32\dllcache\io8ports.dll 2012-01-07 11:08 . 2001-08-17 20:50 38784 ----a-w- c:\windows\system32\dllcache\io8.sys . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-08 07:25 . 2011-06-29 16:38 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2011-12-10 14:24 . 2011-12-11 11:58 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-01 12:12 . 2011-07-01 15:15 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-25 21:57 . 2004-10-26 10:46 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 14:40 . 2004-10-26 10:46 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-21 10:47 . 2011-06-27 09:39 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-11-20 06:12 . 2004-10-26 10:46 60928 ----a-w- c:\windows\system32\packager.exe 2011-11-15 13:29 . 2011-06-25 14:44 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-11-04 19:13 . 2004-10-26 10:46 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2007-04-25 08:45 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-04 19:13 . 2004-10-26 10:46 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 11:25 . 2004-10-26 10:46 385024 ----a-w- c:\windows\system32\html.iec 2011-11-03 15:29 . 2004-10-26 10:46 386560 ----a-w- c:\windows\system32\qdvd.dll 2011-11-03 15:29 . 2004-10-26 10:46 1296384 ----a-w- c:\windows\system32\quartz.dll 2011-11-01 16:07 . 2004-10-26 10:46 1288192 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:32 . 2004-10-26 10:46 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:50 . 2004-10-26 10:46 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 10:50 . 2004-08-03 23:58 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-19 21:16 . 2011-11-25 17:14 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2011-10-18 11:13 . 2004-10-26 10:46 186880 ----a-w- c:\windows\system32\encdec.dll 2009-09-23 16:43 . 2009-09-23 16:43 288560 ----a-w- c:\program files\utorrent.exe 2007-04-09 21:54 . 2007-05-25 20:56 9650176 ----a-w- c:\program files\Unique.dll 2011-11-10 05:44 . 2011-06-25 15:02 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-13 289072] "RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2011-11-07 67456] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408] "IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2011-09-29 4441944] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless] 2005-05-31 21:46 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk] backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Speed Launch.lnk . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ASUS ChkMail.lnk] backup=c:\windows\pss\ASUS ChkMail.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Cisco Systems VPN Client.lnk] backup=c:\windows\pss\Cisco Systems VPN Client.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Music Anywhere Settings.lnk] backup=c:\windows\pss\Logitech Music Anywhere Settings.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Secunia PSI Tray.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Secunia PSI Tray.lnk backup=c:\windows\pss\Secunia PSI Tray.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Andre^Menu Start^Programma's^Opstarten^Adobe Gamma.lnk] path=c:\documents and settings\Andre\Menu Start\Programma's\Opstarten\Adobe Gamma.lnk backup=c:\windows\pss\Adobe Gamma.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^Andre^Menu Start^Programma's^Opstarten^utorrent.lnk] backup=c:\windows\pss\utorrent.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher] 2011-09-07 14:53 40376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-06-06 11:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5] 2011-12-11 11:44 619352 ----a-w- c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update] 2003-09-19 11:54 172032 ----a-w- c:\program files\Asus\ASUS Live Update\ALU.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] 2005-08-30 20:05 344064 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-03-12 12:49 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 18:02 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EOUApp] 2005-05-31 21:50 356352 ----a-w- c:\program files\Intel\Wireless\Bin\EOUWiz.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControl] 2005-07-28 08:29 102400 ----a-w- c:\windows\ATK0100\HControl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD] 2007-03-12 17:53 1055792 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless] 2005-06-03 00:31 385024 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig] 2005-05-31 21:46 401408 ----a-w- c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2008-09-10 15:40 289576 ----a-w- D:\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2011-12-24 16:50 460872 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 18:03 1695232 ------w- c:\program files\Messenger\msmsgs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NB Probe] 2005-07-27 16:07 765952 ----a-w- c:\program files\Asus\NB Probe\NBProbe.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-09 17:53 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power_Gear] 2005-06-16 14:48 86016 ----a-w- c:\program files\Asus\Power4 Gear\BatteryLife.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2008-09-06 14:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster] 2011-11-07 08:26 67456 ----a-w- c:\program files\Uniblue\RegistryBooster\Launcher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2005-09-06 07:39 14850560 ------r- c:\windows\RTHDCPL.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc] 2007-03-12 17:54 1626160 ----a-w- c:\program files\Nero\Nero 7\InCD\NBHGui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-09-01 21:36 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2008-09-23 14:46 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC] 2006-12-06 16:59 4820992 ----a-w- c:\program files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2009-10-13 07:57 289072 ----a-w- c:\program files\uTorrent\uTorrent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console] 2005-07-22 13:36 57344 ----a-w- c:\program files\Asus\Wireless Console\wcourier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "PhotoshopElementsDeviceConnect"=2 (0x2) "ose"=3 (0x3) "InCDsrv"=2 (0x2) "CVPND"=3 (0x3) "AdobeActiveFileMonitor"=2 (0x2) "Adobe LM Service"=3 (0x3) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Messenger\\MSMSGS.EXE"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\DiskTrix\\UltimateDefrag\\UDefrag.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\WINDOWS\\System32\\dplaysvr.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "d:\\iTunes.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3587:TCP"= 3587:TCP:Windows Peer-to-Peer-groepering "3540:UDP"= 3540:UDP:PNRP (Peer Name Resolution Protocol) "5353:TCP"= 5353:TCP:Adobe CSI CS4 "3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server "3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server "51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server "51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) . R0 R592;R592;c:\windows\system32\drivers\R592.sys [15-10-2004 19:26 57088] R0 risdpntk;risdpntk;c:\windows\system32\drivers\risdpntk.sys [15-10-2004 19:26 27264] R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [6-9-2011 17:50 14776] R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [25-11-2011 17:32 494424] R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [7-8-2011 17:08 820568] R2 Iprip;RIP-listener;c:\windows\System32\svchost.exe -k netsvcs [26-10-2004 11:46 14336] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11-12-2011 12:59 652872] R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [19-4-2011 8:44 993848] R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [19-4-2011 8:44 399416] R3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [25-6-2011 15:41 20160] R3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [3-10-2011 16:49 239600] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11-12-2011 12:58 20464] R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [1-9-2010 10:30 15544] R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [3-10-2011 16:49 30368] R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [3-10-2011 16:49 16208] S1 MpKsl6f619427;MpKsl6f619427;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF894ECF-209B-4C95-8B47-7B35241F4981}\MpKsl6f619427.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF894ECF-209B-4C95-8B47-7B35241F4981}\MpKsl6f619427.sys [?] S1 MpKslc2905bf7;MpKslc2905bf7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF894ECF-209B-4C95-8B47-7B35241F4981}\MpKslc2905bf7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF894ECF-209B-4C95-8B47-7B35241F4981}\MpKslc2905bf7.sys [?] S1 snrvuqwz;snrvuqwz; [x] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29-12-2009 21:13 135664] S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15-8-2008 5:46 284016] S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?] S3 esgiguard;esgiguard; [x] S3 filtertdidriver;filtertdidriver;c:\windows\system32\drivers\ewfiltertdidriver.sys --> c:\windows\system32\drivers\ewfiltertdidriver.sys [?] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [29-12-2009 21:13 135664] S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?] S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [13-6-2011 22:09 267568] S3 Ql1wd_lm;Ql1wd_lm;c:\windows\system32\drivers\ipinip.sys [26-10-2004 11:46 20864] S3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?] S3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map . 2012-01-14 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-23 19:53] . 2012-01-14 c:\windows\Tasks\MpIdleTask.job - c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26] . 2012-01-14 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26] . 2012-01-14 c:\windows\Tasks\RegistryBooster.job - c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-12-11 08:26] . 2011-12-23 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . 2012-01-14 c:\windows\Tasks\User_Feed_Synchronization-{71673891-80D4-4E2D-B3CF-38391A22FE15}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 03:31] . 2012-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 20:13] . 2012-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 20:13] . 2012-01-14 c:\windows\Tasks\SmartDefrag_Startup.job - c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2011-08-07 09:35] . 2012-01-14 c:\windows\Tasks\ConfigExec.job - c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 21:09] . 2012-01-14 c:\windows\Tasks\DataUpload.job - c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 21:09] . . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = hxxp://www.asus.com/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - c:\documents and settings\Andre\Application Data\Mozilla\Firefox\Profiles\5ss3w2qh.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-14 17:16 Windows 5.1.2600 Service Pack 3 FAT NTAPI . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*] "OODEFRAG08.00.00.01WORKSTATION"="2978D6FA26A2180403FCA2509DDF555A027093B09872F3B586E1F26063344884863165A68E334C5173CFA691282368EDBCD4D80DF78CC9EC525A64C257DD4775C62DE4D1903C585871CE2852D1321E83B0C73CACB224F337AEC491B6419C9D1840082131A8DDF7094CAB350663554159C6AF2FDEF94670BE3DDB6B8A5C611A246FF12EAEBB1069477829A1D00725239F0D04E3A6E352BF2145EDA8BC46700EC5712D6168929AEEEA0DA0048FCE1216FA3453D33DE87A65F02E5DBF0302FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E6675D575E7D6A3B98085D575E7D6A3B98089DB7CE019D40AA5CC3D94E70D4318B3897CBEC77DE64E612F472D09248338C427D902BC25FCAB74B06270351A38E15B94C4CB3DC2A75997B7D8EB972C97E46BF136FCDB61FA4A0697BE552A45DF90D920C770E53E9BC7320D060BED2D30831DF21C5EA968E145FC10A7E197105856513846AC61A79C960578055B44E37825626BCF385F6118C3AA0EC63A8E43485BF71B5441999C47281E0725E6725D5E473F94F5A15101F44ADB6B10746CF1812F3C5712A395A514FA9605CF195B9A769FA27966287BB45B56518BDDFAAA7F2068E0F6045CD0AB2BEE2DA4D097313B80D905CA4F43BFBA52247BDC4EB83051902CDAD7F42ED7B1460E83A26A1A6DBA6138EADDF008474718BE60353A971A4F36AA5679C512AA4349AAD4E9ABCCB632680821201F72B6C713990A9489C88678168BE66DDA7839E65175449B361709BFDA02E6617536C5004364255D44C52D2D266F1B6B8FCF0288CC035C04E97971C88028667020B772F1751AD0F02C5CC0F8B165249F90F5A22A44A5E2E1C6EB89FB7F4B53AF99EF0BD309E3B422916686AE7E920F5C09DA0133DA98EF2A077BF858B1019668612EFD3E7750440F8D38953B21CD474826F93A4F6153B4FB4478ACF9DAE425606E980EDE96FD6BCF4158A614EA71BE105497A26898D8CE98678EB27186EF5DAAAB2232AF66DB6D0F2F4374B304CD3C165FA8E073E51DFCE15A72C533B322F26FAF94C4D621159789F14D06FE08E10F613D4FDDEF266456936F785C6599D1A4FCE5263C01642A91377968D4E7DB69ACBD1A96B679A16810E918DA692D99D19D255D2448D8CAB47674EA2158B38516B6DB8546C7DBB6E0BF22613B36DB7DE411090964066D5BD021C4B658472D52E35EEB5300B2570BE91B242B6C13283D35CC9D53B999C182AE33EE80DED6E306159C2851EC582E59D74CA0C28DEE0DFB2E728CEE309AA8BE824BD764E541034C2EF453E838DDEE0E2C61F7C1F079B8376943578373B2B7A35B36F9461B38D62EE45B1C6C749AA352DD2F3DFD32F293A5B49E1A5DFCFDCC68DB30B3C0076BED1C6D72B5AD853F54EDC95F55605BD" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1820) c:\windows\system32\Ati2evxx.dll c:\windows\system32\WRLogonNTF.dll c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll c:\program files\Intel\Wireless\Bin\LgNotify.dll . - - - - - - - > 'explorer.exe'(7816) c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\webcheck.dll c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Intel\Wireless\Bin\S24EvMon.exe c:\windows\system32\Ati2evxx.exe c:\progra~1\Intel\Wireless\Bin\1XConfig.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Intel\Wireless\Bin\OProtSvc.exe c:\program files\Uniblue\RegistryBooster\registrybooster.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\windows\system32\tcpsvcs.exe c:\windows\System32\snmp.exe c:\program files\ASUS\NB Probe\SPM\spmgr.exe c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe c:\windows\system32\wdfmgr.exe c:\program files\Hitman Pro\downloads\Webroot\Spy Sweeper\SpySweeper.exe c:\windows\system32\wscntfy.exe c:\program files\IObit\IObit Malware Fighter\IMFUpdater.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\system32\logon.scr . ************************************************************************** . Voltooingstijd: 2012-01-14 17:29:19 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-14 16:29 ComboFix2.txt 2012-01-14 11:39 . Pre-Run: 7.951.515.648 bytes beschikbaar Post-Run: 7.793.115.136 bytes beschikbaar . - - End Of File - - 4063C9055065167B932D9B84D9BCDB83
  4. Stilste
    hier is mijn lag van combofix ComboFix 12-01-13.05 - Andre 14-01-2012 11:59:51.1.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.409 [GMT 1:00] Gestart vanuit: c:\documents and settings\Andre\Bureaublad\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrator\WINDOWS c:\documents and settings\All Users\Application Data\ACD Systems\ACDSee\ImageDB.ddf c:\documents and settings\All Users\Application Data\log.txt c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\All Users\Application Data\TEMP\012BC84F.TMP c:\documents and settings\All Users\Application Data\TEMP\0785072C.TMP c:\documents and settings\All Users\Application Data\TEMP\0FB1B14D.TMP c:\documents and settings\All Users\Application Data\TEMP\14B2E0BD.TMP c:\documents and settings\All Users\Application Data\TEMP\16F24F2E.TMP c:\documents and settings\All Users\Application Data\TEMP\18DEBC51.TMP c:\documents and settings\All Users\Application Data\TEMP\20EB6823.TMP c:\documents and settings\All Users\Application Data\TEMP\26499772.TMP c:\documents and settings\All Users\Application Data\TEMP\2652902F.TMP c:\documents and settings\All Users\Application Data\TEMP\28BEC2EC.TMP c:\documents and settings\All Users\Application Data\TEMP\29B37860.TMP c:\documents and settings\All Users\Application Data\TEMP\2F8138B7.TMP c:\documents and settings\All Users\Application Data\TEMP\33B04540.TMP c:\documents and settings\All Users\Application Data\TEMP\35CEC035.TMP c:\documents and settings\All Users\Application Data\TEMP\38D2EA83.TMP c:\documents and settings\All Users\Application Data\TEMP\4149A170.TMP c:\documents and settings\All Users\Application Data\TEMP\474022C7.TMP c:\documents and settings\All Users\Application Data\TEMP\4C3D5A8B.TMP c:\documents and settings\All Users\Application Data\TEMP\65C4D44A.TMP c:\documents and settings\All Users\Application Data\TEMP\678F890D.TMP c:\documents and settings\All Users\Application Data\TEMP\6EE8565A.TMP c:\documents and settings\All Users\Application Data\TEMP\767A78E5.TMP c:\documents and settings\All Users\Application Data\TEMP\774C075A.TMP c:\documents and settings\All Users\Application Data\TEMP\80FE037D.TMP c:\documents and settings\All Users\Application Data\TEMP\92DB4653.TMP c:\documents and settings\All Users\Application Data\TEMP\AD2DB2F9.TMP c:\documents and settings\All Users\Application Data\TEMP\B3C7433B.TMP c:\documents and settings\All Users\Application Data\TEMP\B4258C5D.TMP c:\documents and settings\All Users\Application Data\TEMP\D026A5A4.TMP c:\documents and settings\All Users\Application Data\TEMP\D6B71B40.TMP c:\documents and settings\All Users\Application Data\TEMP\DBC3D477.TMP c:\documents and settings\All Users\Application Data\TEMP\DDD1277F.TMP c:\documents and settings\All Users\Application Data\TEMP\E0888117.TMP c:\documents and settings\All Users\Application Data\TEMP\EC3A9923.TMP c:\documents and settings\All Users\Application Data\TEMP\ED0B32CA.TMP c:\documents and settings\All Users\Application Data\TEMP\ED2D63E4.TMP c:\documents and settings\All Users\Application Data\TEMP\F26F5952.TMP c:\documents and settings\All Users\Application Data\TEMP\F5D01D7C.TMP c:\documents and settings\All Users\Application Data\TEMP\F610C203.TMP c:\documents and settings\All Users\Application Data\TEMP\F942EC78.TMP c:\documents and settings\All Users\Application Data\TEMP\FB4262DE.TMP c:\documents and settings\Andre\Application Data\Adobe\plugs c:\documents and settings\Andre\Application Data\Adobe\shed c:\documents and settings\Andre\Application Data\PriceGong c:\documents and settings\Andre\Application Data\PriceGong\Data\1.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\4489.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\a.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\b.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\c.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\d.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\e.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\f.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\g.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\h.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\i.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\j.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\k.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\l.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\m.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\mru.xml c:\documents and settings\Andre\Application Data\PriceGong\Data\n.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\o.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\p.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\q.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\r.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\s.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\t.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\u.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\v.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\w.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\wlu.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\x.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\y.txt c:\documents and settings\Andre\Application Data\PriceGong\Data\z.txt c:\documents and settings\Andre\WINDOWS c:\documents and settings\Default User\WINDOWS c:\windows\IsUn0413.exe c:\windows\iun6002.exe c:\windows\system32\config\systemprofile\WINDOWS c:\windows\system32\drivers\etc\hosts.ics c:\windows\system32\kernel1.exe c:\windows\system32\roboot.exe c:\windows\system32\SET4F.tmp c:\windows\WindowsUpdate.log D:\Setup.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-14 to 2012-01-14 )))))))))))))))))))))))))))))) . . 2012-01-14 11:28 . 2012-01-14 11:28 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A7AC5C2C-7F93-4002-8C1F-32A2E3F75164}\offreg.dll 2012-01-14 08:15 . 2012-01-14 08:15 -------- d--h--r- c:\documents and settings\Andre\Onlangs geopend 2012-01-12 16:16 . 2012-01-12 16:16 -------- d-----w- c:\documents and settings\Andre\Application Data\Friday's games 2012-01-12 14:44 . 2012-01-12 14:44 0 ---ha-w- c:\documents and settings\Andre\Local Settings\Application Data\BIT12.tmp 2012-01-11 15:28 . 2012-01-11 15:28 388096 ----a-r- c:\documents and settings\Andre\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-11 15:28 . 2012-01-11 15:28 -------- d-----w- c:\program files\Trend Micro 2012-01-11 15:13 . 2012-01-11 15:13 -------- d-----w- c:\program files\Speccy 2012-01-10 15:55 . 2012-01-10 15:55 -------- d-----w- C:\FOUND.030 2012-01-08 16:27 . 2011-11-21 10:47 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A7AC5C2C-7F93-4002-8C1F-32A2E3F75164}\mpengine.dll 2012-01-08 09:15 . 2012-01-08 09:15 -------- d-----w- c:\documents and settings\Andre\Application Data\Gogii 2012-01-07 11:28 . 2004-08-04 13:00 30208 ----a-w- c:\windows\system32\dllcache\sm87w.dll 2012-01-07 11:28 . 2004-08-04 13:00 30208 ----a-w- c:\windows\system32\dllcache\sm81w.dll 2012-01-07 11:28 . 2004-08-04 13:00 25088 ----a-w- c:\windows\system32\dllcache\sm59w.dll 2012-01-07 11:28 . 2008-04-13 19:46 11136 ----a-w- c:\windows\system32\dllcache\slip.sys 2012-01-07 11:27 . 2004-08-03 21:31 63547 ----a-w- c:\windows\system32\dllcache\sla30nd5.sys 2012-01-07 11:27 . 2001-08-17 19:12 91294 ----a-w- c:\windows\system32\dllcache\skfpwin.sys 2012-01-07 11:27 . 2001-09-06 19:53 95146 ----a-w- c:\windows\system32\dllcache\sk98xwin.sys 2012-01-07 11:27 . 2001-09-06 20:26 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll 2012-01-07 11:27 . 2001-08-17 19:50 50432 ----a-w- c:\windows\system32\dllcache\sisv.sys 2012-01-07 11:27 . 2004-08-03 21:31 32768 ----a-w- c:\windows\system32\dllcache\sisnic.sys 2012-01-07 11:27 . 2001-09-06 20:27 238592 ----a-w- c:\windows\system32\dllcache\sisgrv.dll 2012-01-07 11:27 . 2001-08-17 19:50 104064 ----a-w- c:\windows\system32\dllcache\sisgrp.sys 2012-01-07 11:27 . 2001-09-06 20:26 150144 ----a-w- c:\windows\system32\dllcache\sis6306v.dll 2012-01-07 11:27 . 2001-08-17 19:50 68608 ----a-w- c:\windows\system32\dllcache\sis6306p.sys 2012-01-07 11:27 . 2001-09-06 20:26 252032 ----a-w- c:\windows\system32\dllcache\sis300iv.dll 2012-01-07 11:27 . 2001-08-17 19:50 101760 ----a-w- c:\windows\system32\dllcache\sis300ip.sys 2012-01-07 11:26 . 2001-09-06 19:49 161760 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys 2012-01-07 11:26 . 2001-07-21 21:29 18400 ----a-w- c:\windows\system32\dllcache\sgsmld.sys 2012-01-07 11:26 . 2001-08-17 19:51 98080 ----a-w- c:\windows\system32\dllcache\sgiulnt5.sys 2012-01-07 11:26 . 2001-09-06 20:26 386560 ----a-w- c:\windows\system32\dllcache\sgiul50.dll 2012-01-07 11:26 . 2001-08-17 19:19 36480 ----a-w- c:\windows\system32\dllcache\sfmanm.sys 2012-01-07 11:26 . 2001-09-06 19:47 6912 ----a-w- c:\windows\system32\dllcache\serscan.sys 2012-01-07 11:26 . 2001-09-06 19:47 18176 ----a-w- c:\windows\system32\dllcache\sermouse.sys 2012-01-07 11:26 . 2001-09-06 20:27 26112 ----a-w- c:\windows\system32\dllcache\EXCH_seos.dll 2012-01-07 11:25 . 2001-08-17 20:53 6912 ----a-w- c:\windows\system32\dllcache\seaddsmc.sys 2012-01-07 11:25 . 2008-04-13 19:45 11520 ----a-w- c:\windows\system32\dllcache\scsiscan.sys 2012-01-07 11:25 . 2001-08-17 20:52 11648 ----a-w- c:\windows\system32\dllcache\scsiprnt.sys 2012-01-07 11:25 . 2001-09-06 20:27 57856 ----a-w- c:\windows\system32\dllcache\EXCH_scripto.dll 2012-01-07 11:25 . 2001-09-06 19:44 17536 ----a-w- c:\windows\system32\dllcache\scr111.sys 2012-01-07 11:25 . 2001-09-06 19:44 16768 ----a-w- c:\windows\system32\dllcache\scmstcs.sys 2012-01-07 11:25 . 2001-08-17 20:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys 2012-01-07 11:25 . 2001-09-06 19:42 23936 ----a-w- c:\windows\system32\dllcache\sccmn50m.sys 2012-01-07 11:25 . 2008-04-13 19:40 43904 ----a-w- c:\windows\system32\dllcache\sbp2port.sys 2012-01-07 11:25 . 2001-09-06 20:27 495616 ----a-w- c:\windows\system32\dllcache\sblfx.dll 2012-01-07 11:25 . 2001-08-17 19:50 75392 ----a-w- c:\windows\system32\dllcache\s3savmxm.sys 2012-01-07 11:23 . 2004-08-03 21:31 20992 ----a-w- c:\windows\system32\dllcache\rtl8139.sys 2012-01-07 11:23 . 2001-08-17 19:12 19017 ----a-w- c:\windows\system32\dllcache\rtl8029.sys 2012-01-07 11:23 . 2001-08-17 19:19 30720 ----a-w- c:\windows\system32\dllcache\rthwcls.sys 2012-01-07 11:23 . 2001-09-06 20:27 10240 ----a-w- c:\windows\system32\dllcache\rsmgrstr.dll 2012-01-07 11:23 . 2001-08-17 19:19 3840 ----a-w- c:\windows\system32\dllcache\rpfun.sys 2012-01-07 11:23 . 2008-04-14 17:34 79360 ----a-w- c:\windows\system32\dllcache\rocket.sys 2012-01-07 11:23 . 2001-08-17 19:12 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys 2012-01-07 11:23 . 2001-09-06 20:27 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll 2012-01-07 11:23 . 2001-09-06 20:27 23040 ----a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe 2012-01-07 11:23 . 2004-08-04 13:00 14848 ----a-w- c:\windows\system32\dllcache\register.exe 2012-01-07 11:22 . 2001-09-06 19:29 715210 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys 2012-01-07 11:22 . 2001-09-06 19:29 899594 ----a-w- c:\windows\system32\dllcache\r2mdkxga.sys 2012-01-07 11:22 . 2001-09-06 20:27 41984 ----a-w- c:\windows\system32\dllcache\qvusd.dll 2012-01-07 11:22 . 2001-08-17 20:53 3328 ----a-w- c:\windows\system32\dllcache\qv2kux.sys 2012-01-07 11:22 . 2004-08-04 13:00 16896 ----a-w- c:\windows\system32\dllcache\quser.exe 2012-01-07 11:22 . 2004-08-04 13:00 9728 ----a-w- c:\windows\system32\dllcache\query.exe 2012-01-07 11:22 . 2001-08-17 20:52 49024 ----a-w- c:\windows\system32\dllcache\ql1280.sys 2012-01-07 11:22 . 2001-08-17 20:52 40448 ----a-w- c:\windows\system32\dllcache\ql1240.sys 2012-01-07 11:22 . 2001-08-17 20:52 45312 ----a-w- c:\windows\system32\dllcache\ql12160.sys 2012-01-07 11:20 . 2001-08-17 20:53 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys 2012-01-07 11:20 . 2004-08-04 13:00 131584 ----a-w- c:\windows\system32\dllcache\pmxviceo.dll 2012-01-07 11:20 . 2004-08-04 13:00 6144 ----a-w- c:\windows\system32\dllcache\pmxgl.dll 2012-01-07 11:20 . 2004-08-04 13:00 11264 ----a-w- c:\windows\system32\dllcache\pmxmcro.dll 2012-01-07 11:20 . 2001-09-06 20:27 121344 ----a-w- c:\windows\system32\dllcache\phvfwext.dll 2012-01-07 11:20 . 2001-08-17 21:07 19840 ----a-w- c:\windows\system32\dllcache\philtune.sys 2012-01-07 11:20 . 2001-08-17 21:04 92416 ----a-w- c:\windows\system32\dllcache\phildec.sys 2012-01-07 11:20 . 2001-08-17 21:04 173696 ----a-w- c:\windows\system32\dllcache\philcam2.sys 2012-01-07 11:20 . 2001-08-17 21:04 75776 ----a-w- c:\windows\system32\dllcache\philcam1.sys 2012-01-07 11:20 . 2001-09-06 20:27 16896 ----a-w- c:\windows\system32\dllcache\philcam1.dll 2012-01-07 11:20 . 2008-04-14 18:01 259328 ----a-w- c:\windows\system32\dllcache\perm3dd.dll 2012-01-07 11:18 . 2001-09-06 20:27 42496 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll 2012-01-07 11:17 . 2001-08-17 19:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys 2012-01-07 11:17 . 2001-08-17 19:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys 2012-01-07 11:17 . 2001-09-06 20:26 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll 2012-01-07 11:17 . 2001-08-17 19:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys 2012-01-07 11:17 . 2001-09-06 20:27 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll 2012-01-07 11:17 . 2001-09-06 18:49 9472 ----a-w- c:\windows\system32\dllcache\ntapm.sys 2012-01-07 11:17 . 2001-08-17 20:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys 2012-01-07 11:17 . 2008-04-13 19:54 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys 2012-01-07 11:16 . 2001-08-17 19:20 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys 2012-01-07 11:16 . 2001-08-17 19:20 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys 2012-01-07 11:16 . 2001-08-17 19:12 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys 2012-01-07 11:16 . 2004-08-03 23:57 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys 2012-01-07 11:16 . 2001-09-06 18:39 66334 ----a-w- c:\windows\system32\dllcache\netflx3.sys 2012-01-07 11:16 . 2001-08-17 19:50 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys 2012-01-07 11:16 . 2001-09-06 20:26 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll 2012-01-07 11:16 . 2001-08-17 20:49 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys 2012-01-07 11:16 . 2008-04-13 19:46 10880 ----a-w- c:\windows\system32\dllcache\ndisip.sys 2012-01-07 11:14 . 2004-08-04 13:00 229439 ----a-w- c:\windows\system32\dllcache\multibox.dll 2012-01-07 11:14 . 2001-08-17 19:50 103296 ----a-w- c:\windows\system32\dllcache\mtxvideo.sys 2012-01-07 11:14 . 2008-04-13 19:39 5504 ----a-w- c:\windows\system32\dllcache\mstee.sys 2012-01-07 11:14 . 2008-04-13 19:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys 2012-01-07 11:14 . 2001-08-17 20:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys 2012-01-07 11:13 . 2001-08-17 21:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys 2012-01-07 11:13 . 2004-08-04 13:00 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll 2012-01-07 11:13 . 2001-08-17 21:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys 2012-01-07 11:13 . 2001-08-17 20:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys 2012-01-07 11:13 . 2008-04-13 19:46 51200 ----a-w- c:\windows\system32\dllcache\msdv.sys 2012-01-07 11:13 . 2001-08-17 20:52 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys 2012-01-07 11:12 . 2008-04-13 19:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys 2012-01-07 11:12 . 2001-08-17 20:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys 2012-01-07 11:12 . 2001-08-17 20:52 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys 2012-01-07 11:12 . 2004-08-04 13:00 34816 ----a-w- c:\windows\system32\dllcache\migisol.exe 2012-01-07 11:12 . 2001-09-06 17:59 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys 2012-01-07 11:12 . 2001-09-06 20:26 235648 ----a-w- c:\windows\system32\dllcache\mgaud.dll 2012-01-07 11:12 . 2004-08-04 13:00 92416 ----a-w- c:\windows\system32\dllcache\mga.sys 2012-01-07 11:12 . 2004-08-04 13:00 92032 ----a-w- c:\windows\system32\dllcache\mga.dll 2012-01-07 11:12 . 2008-04-13 19:41 26112 ----a-w- c:\windows\system32\dllcache\memstpci.sys 2012-01-07 11:10 . 2004-08-03 23:58 607132 ----a-w- c:\windows\system32\dllcache\ltmdmnt.sys 2012-01-07 11:10 . 2001-09-06 17:39 728234 ----a-w- c:\windows\system32\dllcache\ltck000c.sys 2012-01-07 11:10 . 2001-08-17 20:53 4992 ----a-w- c:\windows\system32\dllcache\loop.sys 2012-01-07 11:10 . 2001-08-17 19:12 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys 2012-01-07 11:10 . 2001-08-17 19:12 20573 ----a-w- c:\windows\system32\dllcache\lne100.sys 2012-01-07 11:10 . 2001-08-17 19:11 25065 ----a-w- c:\windows\system32\dllcache\lmndis3.sys 2012-01-07 11:10 . 2001-09-06 17:35 15872 ----a-w- c:\windows\system32\dllcache\lit220p.sys 2012-01-07 11:10 . 2008-04-13 19:40 34688 ----a-w- c:\windows\system32\dllcache\lbrtfdc.sys 2012-01-07 11:10 . 2001-09-06 17:32 26922 ----a-w- c:\windows\system32\dllcache\lanepic5.sys 2012-01-07 11:10 . 2001-08-17 19:12 19016 ----a-w- c:\windows\system32\dllcache\ktc111.sys 2012-01-07 11:10 . 2001-09-06 20:26 37888 ----a-w- c:\windows\system32\dllcache\kousd.dll 2012-01-07 11:10 . 2004-08-04 13:00 70656 ----a-w- c:\windows\system32\dllcache\korwbrkr.dll . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-08 07:25 . 2011-06-29 16:38 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2011-12-10 14:24 . 2011-12-11 11:58 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-01 12:12 . 2011-07-01 15:15 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-23 14:40 . 2004-10-26 10:46 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-21 10:47 . 2011-06-27 09:39 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-11-15 13:29 . 2011-06-25 14:44 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-11-04 19:13 . 2004-10-26 10:46 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2007-04-25 08:45 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-04 19:13 . 2004-10-26 10:46 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 11:25 . 2004-10-26 10:46 385024 ----a-w- c:\windows\system32\html.iec 2011-11-01 16:07 . 2004-10-26 10:46 1288192 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:32 . 2004-10-26 10:46 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:50 . 2004-10-26 10:46 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 10:50 . 2004-08-03 23:58 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-19 21:16 . 2011-11-25 17:14 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2011-10-18 11:13 . 2004-10-26 10:46 186880 ----a-w- c:\windows\system32\encdec.dll 2009-09-23 16:43 . 2009-09-23 16:43 288560 ----a-w- c:\program files\utorrent.exe 2007-04-09 21:54 . 2007-05-25 20:56 9650176 ----a-w- c:\program files\Unique.dll 2011-11-10 05:44 . 2011-06-25 15:02 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-13 289072] "RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2011-11-07 67456] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408] "IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2011-09-29 4441944] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless] 2005-05-31 21:46 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk] backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Speed Launch.lnk . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ASUS ChkMail.lnk] backup=c:\windows\pss\ASUS ChkMail.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Cisco Systems VPN Client.lnk] backup=c:\windows\pss\Cisco Systems VPN Client.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Music Anywhere Settings.lnk] backup=c:\windows\pss\Logitech Music Anywhere Settings.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Secunia PSI Tray.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Secunia PSI Tray.lnk backup=c:\windows\pss\Secunia PSI Tray.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Andre^Menu Start^Programma's^Opstarten^Adobe Gamma.lnk] path=c:\documents and settings\Andre\Menu Start\Programma's\Opstarten\Adobe Gamma.lnk backup=c:\windows\pss\Adobe Gamma.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^Andre^Menu Start^Programma's^Opstarten^utorrent.lnk] backup=c:\windows\pss\utorrent.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\µTorrent . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher] 2011-09-07 14:53 40376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-06-06 11:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5] 2011-12-11 11:44 619352 ----a-w- c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 05:43 69632 ------r- c:\windows\Alcmtr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update] 2003-09-19 11:54 172032 ----a-w- c:\program files\Asus\ASUS Live Update\ALU.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] 2005-08-30 20:05 344064 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-03-12 12:49 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 18:02 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EOUApp] 2005-05-31 21:50 356352 ----a-w- c:\program files\Intel\Wireless\Bin\EOUWiz.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControl] 2005-07-28 08:29 102400 ----a-w- c:\windows\ATK0100\HControl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD] 2007-03-12 17:53 1055792 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless] 2005-06-03 00:31 385024 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig] 2005-05-31 21:46 401408 ----a-w- c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2008-09-10 15:40 289576 ----a-w- D:\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2011-12-24 16:50 460872 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 18:03 1695232 ------w- c:\program files\Messenger\msmsgs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NB Probe] 2005-07-27 16:07 765952 ----a-w- c:\program files\Asus\NB Probe\NBProbe.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-09 17:53 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power_Gear] 2005-06-16 14:48 86016 ----a-w- c:\program files\Asus\Power4 Gear\BatteryLife.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2008-09-06 14:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster] 2011-11-07 08:26 67456 ----a-w- c:\program files\Uniblue\RegistryBooster\Launcher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2005-09-06 07:39 14850560 ------r- c:\windows\RTHDCPL.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc] 2007-03-12 17:54 1626160 ----a-w- c:\program files\Nero\Nero 7\InCD\NBHGui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-09-01 21:36 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2008-09-23 14:46 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC] 2006-12-06 16:59 4820992 ----a-w- c:\program files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2009-10-13 07:57 289072 ----a-w- c:\program files\uTorrent\uTorrent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console] 2005-07-22 13:36 57344 ----a-w- c:\program files\Asus\Wireless Console\wcourier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "PhotoshopElementsDeviceConnect"=2 (0x2) "ose"=3 (0x3) "InCDsrv"=2 (0x2) "CVPND"=3 (0x3) "AdobeActiveFileMonitor"=2 (0x2) "Adobe LM Service"=3 (0x3) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Messenger\\MSMSGS.EXE"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\DiskTrix\\UltimateDefrag\\UDefrag.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\WINDOWS\\System32\\dplaysvr.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "d:\\iTunes.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3587:TCP"= 3587:TCP:Windows Peer-to-Peer-groepering "3540:UDP"= 3540:UDP:PNRP (Peer Name Resolution Protocol) "5353:TCP"= 5353:TCP:Adobe CSI CS4 "3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server "3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server "51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server "51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) . R0 R592;R592;c:\windows\system32\drivers\R592.sys [15-10-2004 19:26 57088] R0 risdpntk;risdpntk;c:\windows\system32\drivers\risdpntk.sys [15-10-2004 19:26 27264] R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [6-9-2011 17:50 14776] R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [25-11-2011 17:32 494424] R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [7-8-2011 17:08 820568] R2 Iprip;RIP-listener;c:\windows\System32\svchost.exe -k netsvcs [26-10-2004 11:46 14336] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11-12-2011 12:59 652872] R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [19-4-2011 8:44 993848] R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [19-4-2011 8:44 399416] R3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [25-6-2011 15:41 20160] R3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [3-10-2011 16:49 239600] R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [13-6-2011 22:09 267568] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11-12-2011 12:58 20464] R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [1-9-2010 10:30 15544] R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [3-10-2011 16:49 30368] R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [3-10-2011 16:49 16208] S0 onbbbelh;onbbbelh;c:\windows\system32\drivers\ojddtl.sys --> c:\windows\system32\drivers\ojddtl.sys [?] S1 MpKsl0094bc82;MpKsl0094bc82; [x] S1 MpKsl04e76432;MpKsl04e76432; [x] S1 MpKsl06873a5c;MpKsl06873a5c; [x] S1 MpKsl09c6dfa7;MpKsl09c6dfa7; [x] S1 MpKsl0b15c8d9;MpKsl0b15c8d9; [x] S1 MpKsl10fed5fd;MpKsl10fed5fd; [x] S1 MpKsl13ac65f5;MpKsl13ac65f5; [x] S1 MpKsl1477e8f1;MpKsl1477e8f1; [x] S1 MpKsl1ac94e99;MpKsl1ac94e99; [x] S1 MpKsl29adacb2;MpKsl29adacb2; [x] S1 MpKsl2a2b07fb;MpKsl2a2b07fb; [x] S1 MpKsl32aded72;MpKsl32aded72; [x] S1 MpKsl33ba61df;MpKsl33ba61df; [x] S1 MpKsl3c286d8f;MpKsl3c286d8f; [x] S1 MpKsl41cc1b22;MpKsl41cc1b22; [x] S1 MpKsl4ad2084b;MpKsl4ad2084b; [x] S1 MpKsl4d033b75;MpKsl4d033b75; [x] S1 MpKsl5367b813;MpKsl5367b813; [x] S1 MpKsl598a9d50;MpKsl598a9d50; [x] S1 MpKsl5ae15f13;MpKsl5ae15f13; [x] S1 MpKsl5dc52109;MpKsl5dc52109; [x] S1 MpKsl5e9e962e;MpKsl5e9e962e; [x] S1 MpKsl5febda57;MpKsl5febda57; [x] S1 MpKsl67f9f463;MpKsl67f9f463; [x] S1 MpKsl6800f251;MpKsl6800f251; [x] S1 MpKsl7f2be814;MpKsl7f2be814; [x] S1 MpKsl94b2e61f;MpKsl94b2e61f; [x] S1 MpKsl96fa3423;MpKsl96fa3423; [x] S1 MpKsl9ee409ad;MpKsl9ee409ad; [x] S1 MpKsl9f11b47c;MpKsl9f11b47c; [x] S1 MpKsl9fb3e33d;MpKsl9fb3e33d; [x] S1 MpKsla6146225;MpKsla6146225; [x] S1 MpKslacda6667;MpKslacda6667; [x] S1 MpKslb5605f26;MpKslb5605f26; [x] S1 MpKslb682949e;MpKslb682949e; [x] S1 MpKslbabde6b7;MpKslbabde6b7; [x] S1 MpKslbf4695c0;MpKslbf4695c0; [x] S1 MpKslc0a1d097;MpKslc0a1d097; [x] S1 MpKslc5158823;MpKslc5158823; [x] S1 MpKslcbc9d5a6;MpKslcbc9d5a6; [x] S1 MpKsld064a4d0;MpKsld064a4d0; [x] S1 MpKsld06c79b2;MpKsld06c79b2; [x] S1 MpKsld2702395;MpKsld2702395; [x] S1 MpKsld4b2a5c3;MpKsld4b2a5c3; [x] S1 MpKsldc479c11;MpKsldc479c11; [x] S1 MpKsle3aa683d;MpKsle3aa683d; [x] S1 MpKsle41698f4;MpKsle41698f4; [x] S1 MpKsle7a0dc9a;MpKsle7a0dc9a; [x] S1 MpKslfa76ecb2;MpKslfa76ecb2; [x] S1 snrvuqwz;snrvuqwz; [x] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29-12-2009 21:13 135664] S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15-8-2008 5:46 284016] S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?] S3 esgiguard;esgiguard; [x] S3 filtertdidriver;filtertdidriver;c:\windows\system32\drivers\ewfiltertdidriver.sys --> c:\windows\system32\drivers\ewfiltertdidriver.sys [?] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [29-12-2009 21:13 135664] S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?] S3 p2a4miw.sys;p2a4miw.sys; [x] S3 Ql1wd_lm;Ql1wd_lm;c:\windows\system32\drivers\ipinip.sys [26-10-2004 11:46 20864] S3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?] S3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map . 2012-01-14 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-23 19:53] . 2012-01-14 c:\windows\Tasks\MpIdleTask.job - c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26] . 2012-01-14 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26] . 2012-01-14 c:\windows\Tasks\RegistryBooster.job - c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-12-11 08:26] . 2011-12-23 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . 2012-01-14 c:\windows\Tasks\User_Feed_Synchronization-{71673891-80D4-4E2D-B3CF-38391A22FE15}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 03:31] . 2012-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 20:13] . 2012-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 20:13] . 2012-01-14 c:\windows\Tasks\SmartDefrag_Startup.job - c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2011-08-07 09:35] . 2012-01-14 c:\windows\Tasks\ConfigExec.job - c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 21:09] . 2012-01-14 c:\windows\Tasks\DataUpload.job - c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 21:09] . . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = hxxp://www.asus.com/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - c:\documents and settings\Andre\Application Data\Mozilla\Firefox\Profiles\5ss3w2qh.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F} - (no file) MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe AddRemove-Ulead Photo Express 3.0 - c:\windows\IsUn0413.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-14 12:30 Windows 5.1.2600 Service Pack 3 FAT NTAPI . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*] "OODEFRAG08.00.00.01WORKSTATION"="2978D6FA26A2180403FCA2509DDF555A027093B09872F3B586E1F26063344884863165A68E334C5173CFA691282368EDBCD4D80DF78CC9EC525A64C257DD4775C62DE4D1903C585871CE2852D1321E83B0C73CACB224F337AEC491B6419C9D1840082131A8DDF7094CAB350663554159C6AF2FDEF94670BE3DDB6B8A5C611A246FF12EAEBB1069477829A1D00725239F0D04E3A6E352BF2145EDA8BC46700EC5712D6168929AEEEA0DA0048FCE1216FA3453D33DE87A65F02E5DBF0302FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E6675D575E7D6A3B98085D575E7D6A3B98089DB7CE019D40AA5CC3D94E70D4318B3897CBEC77DE64E612F472D09248338C427D902BC25FCAB74B06270351A38E15B94C4CB3DC2A75997B7D8EB972C97E46BF136FCDB61FA4A0697BE552A45DF90D920C770E53E9BC7320D060BED2D30831DF21C5EA968E145FC10A7E197105856513846AC61A79C960578055B44E37825626BCF385F6118C3AA0EC63A8E43485BF71B5441999C47281E0725E6725D5E473F94F5A15101F44ADB6B10746CF1812F3C5712A395A514FA9605CF195B9A769FA27966287BB45B56518BDDFAAA7F2068E0F6045CD0AB2BEE2DA4D097313B80D905CA4F43BFBA52247BDC4EB83051902CDAD7F42ED7B1460E83A26A1A6DBA6138EADDF008474718BE60353A971A4F36AA5679C512AA4349AAD4E9ABCCB632680821201F72B6C713990A9489C88678168BE66DDA7839E65175449B361709BFDA02E6617536C5004364255D44C52D2D266F1B6B8FCF0288CC035C04E97971C88028667020B772F1751AD0F02C5CC0F8B165249F90F5A22A44A5E2E1C6EB89FB7F4B53AF99EF0BD309E3B422916686AE7E920F5C09DA0133DA98EF2A077BF858B1019668612EFD3E7750440F8D38953B21CD474826F93A4F6153B4FB4478ACF9DAE425606E980EDE96FD6BCF4158A614EA71BE105497A26898D8CE98678EB27186EF5DAAAB2232AF66DB6D0F2F4374B304CD3C165FA8E073E51DFCE15A72C533B322F26FAF94C4D621159789F14D06FE08E10F613D4FDDEF266456936F785C6599D1A4FCE5263C01642A91377968D4E7DB69ACBD1A96B679A16810E918DA692D99D19D255D2448D8CAB47674EA2158B38516B6DB8546C7DBB6E0BF22613B36DB7DE411090964066D5BD021C4B658472D52E35EEB5300B2570BE91B242B6C13283D35CC9D53B999C182AE33EE80DED6E306159C2851EC582E59D74CA0C28DEE0DFB2E728CEE309AA8BE824BD764E541034C2EF453E838DDEE0E2C61F7C1F079B8376943578373B2B7A35B36F9461B38D62EE45B1C6C749AA352DD2F3DFD32F293A5B49E1A5DFCFDCC68DB30B3C0076BED1C6D72B5AD853F54EDC95F55605BD" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1820) c:\windows\system32\Ati2evxx.dll c:\windows\system32\WRLogonNTF.dll c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll c:\program files\Intel\Wireless\Bin\LgNotify.dll . - - - - - - - > 'explorer.exe'(3996) c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\webcheck.dll c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Intel\Wireless\Bin\S24EvMon.exe c:\windows\system32\Ati2evxx.exe c:\progra~1\Intel\Wireless\Bin\1XConfig.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Intel\Wireless\Bin\OProtSvc.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\windows\system32\tcpsvcs.exe c:\windows\System32\snmp.exe c:\program files\ASUS\NB Probe\SPM\spmgr.exe c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe c:\windows\system32\wdfmgr.exe c:\program files\Hitman Pro\downloads\Webroot\Spy Sweeper\SpySweeper.exe c:\windows\system32\wscntfy.exe c:\windows\system32\taskmgr.exe . ************************************************************************** . Voltooingstijd: 2012-01-14 12:39:11 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-14 11:39 . Pre-Run: 8.144.322.560 bytes beschikbaar Post-Run: 8.100.773.888 bytes beschikbaar . WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP" /noexecute=optin /fastdetect . - - End Of File - - 0043590A72365667CF0FE0C4C3E9BE92
  5. Stilste
    dit is het logje van de snalle scan van malware. Malwarebytes Anti-Malware (-evaluatieversie-) 1.60.0.1800 www.malwarebytes.org Databaseversie: v2012.01.08.02 Windows XP Service Pack 3 x86 FAT32 Internet Explorer 8.0.6001.18702 Andre :: ASUS [administrator] Realtime bescherming: Ingeschakeld 14-1-2012 10:52:37 mbam-log-2012-01-14 (10-52-37).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 193986 Verstreken tijd: 13 minuut/minuten, 29 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) ben nu nog eens een volledige scan aant proberen. eerst alleen de c, als dat lukt ook nog de d schijf.
  6. Stilste
    ik heb al twee keer de malware scan aangezet en steeds loopt de computer vast na 25/26 minuten. zal nu wel eerst een snelle scan proberen. als de computer vastloopt, dan doet de muis het trouwens nog wel. er gebeurd alleen verder niets meer.
  7. Stilste
    malwarebytes is nog aant scannen, maar hier alvast mijn nieuwe log nadat ik die dingen heb verwijderd. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:18:21, on 14-1-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Secunia\PSI\PSIA.exe C:\Program Files\Secunia\PSI\sua.exe C:\Program Files\IObit\IObit Malware Fighter\IMF.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Hitman Pro\downloads\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ASUSTeK Computer Inc. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Hitman Pro\downloads\Webroot\Spy Sweeper\SpySweeper.exe O24 - Desktop Component 0: (no name) - (no file) -- End of file - 10839 bytes
  8. Stilste
    oke, bedankt!
  9. Stilste
    weet iemand al iets?
  10. Stilste
    dat Speccy doet moeilijk. hij sluit steeds af, nog voordat de analyses gedaan zijn. daar heb ik dus nog geen uitkomst van. moet speccy misschien draaien als er ook verbinding met internet is, of maakt dat niet uit? wat wel grappig was, was dat het cpu naar onder de 10% ging toen ik dat speccy aanzetten. dat andere heb ik wel kunnen doen. hieronder de uitslag: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:30:14, on 11-1-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Secunia\PSI\PSIA.exe C:\Program Files\IObit\IObit Malware Fighter\IMF.exe C:\Program Files\Secunia\PSI\sua.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Hitman Pro\downloads\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2442941 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ASUSTeK Computer Inc. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: Soft-Search Toolbar - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files\Soft-Search\prxtbSof0.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: Soft-Search - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files\Soft-Search\prxtbSof0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O3 - Toolbar: Soft-Search Toolbar - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files\Soft-Search\prxtbSof0.dll O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - Winlogon Notify: winopn32 - winopn32.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Hitman Pro\downloads\Webroot\Spy Sweeper\SpySweeper.exe O24 - Desktop Component 0: (no name) - (no file) -- End of file - 11694 bytes wat moet ik nu doen?
  11. Stilste
    oke, bedankt! dan ga ik dat proberen als ik thuis ben. zodra ik meer weet laat ik het hier weten.
  12. Stilste
    ik ben nu op mijn werk, dus nu lukt dat niet. hoop dat het strax thuis lukt, hij doet namelijk helemaal moeilijk als ik ook nog internet probeer te openen. maar kan ik misschien die programma's via een andere pc downloaden en dan via een stick op mijn laptop zetten? dan heb ik al meer kans dat het gaat werken.
  13. Stilste
    Ik weet dat er hier vlak onder een topic is dat hier heel veel op lijkt. Ik dacht echter dat het handiger was om zelf een eigen topic te hebben. mocht dat niet juist zijn, dan hoor ik dat graag. sinds een paar weken is mijn laptop erg traag met opstarten en loopt vrij vaak/meestal na een paar minuten vast. het enige wat ik dan nog kan doen is hem uitdrukken. Vanaf het begin van het opstarten is het CPU gebruik erg hoog. Dat komt bijna alleen door MsMpeng.exe. ik heb hem gisteren een poos rustig laten staan en bij taakbeheer, processen was een heel duidelijk figuur te zien, dat zich steeds bleef herhalen. het gebruik gaat blijkbaar constant op de zelfde manier/tijn van laag naar hoog. en het maakt niet echt uit hoe lang hij aanstaat, hij blijft druk met dat betand. ik heb zowel CCleaner, de virusscanner (Microsoft Security Essentials) en malewarescanner (Malwarebytes' Anti-Malware) laten scannen en er werd nergens iets gevonden. wat kan/moet ik nu doen?
  14. Stilste
    we hebben gister de pc 2 keer geherinstalleerd, omdat hij na de eerste keer ook zo deed. de eerste keer is er een gewone en de tweede keer een snelle formattering uitgevoerd. volgens die vriend van mij hoefde er geen drivers geïnstalleerd worden, omdat die er al opstonden (ofzo). hij had wel voor de zekerheid de internetdrivers (geloof ik) op een stick gezet. volgens mij is er verder geen software geïnstalleerd, behalve firefox en een virusscanner. nu kan ik sowieso niets installeren, omdat de pc die niet opent. hoe moet ik die drivers dan direct na herinstallatie installeren? het blijkt nu dat de pc de dingen die hij zegt dat niet kunnen, soms toch kan. vooral als er een tijdje niet zoiets geprobeerd is. maar het is nog steeds niet handig.
  15. Stilste
    daar ben ik weer. ik weet niet helemaal of ik hiervoor een nieuwe discussie moet starten of niet, dus ga ik hier maar verder. ik heb gisteren met een vriend xp geherinstalleerd. maar de pc doet nog steeds raar. wel anders raar. ik kan nu bijna niets openen. direct na het installeren wel, maar nu niet meer. het is dat ik firefox aan had laten staan, anders had ik denk ik niet meer online gekund. explorer opent bijvoorbeeld niet, als ik een download wil openen doet ie het ook niet en ook windows update geeft een foutmelding. het is iedere keer dezelfde melding: toepassingsfout kan de toepassing niet juist initialiseren (0X8000003). (ik weet niet precies hoeveel nullen er stonden, maar zoiets als dit). weet iemand of en zo wat ik hieraan kan doen?
  16. Stilste
    Nou, dat klinkt bemoedigend! ;-) Vandaag of morgen komt een vriendin langs met een externe harde schijf, zodat ik daar mijn bestanden op kan zetten die ik wil bewaren. Dan maar eens proberen of herinstalleren wel werkt. Ik heb nu microsoft office erop staan, maar daar heb ik geen cd van. mijn ouders wel, maar die zie ik de komende weken niet denk ik. kan ik microsoft zelf vanaf mijn pc branden ofzo? ik heb zelf gezocht, maar kon niet vinden waar de setup ofzo bestanden staan.
  17. Stilste
    ik heb de hele kast van de pc onderzocht en kon (naar mijn eigen verbazing) nergens iets van een merk vinden. toen heb ik dat speccy gedownload en laten draaien en daar kwam wel wat uit, maar volgens mij wel erg weinig. hier is in ieder geval de link: http://speccy.piriform.com/results/xUML3h8tamloUzGKBhNFYXx
  18. Stilste
    [quote name= Zorg dat je de juiste drivers hebt voor moederbord (chipset), audio-, video- en netwerkkaarten voordat je aan de herinstallatie begint.[/quote] bedoel je hiermee dat ik voor de herinstallatie ff de namen enzo van mijn drivers moet noteren zodat ik na de installatie weet welke ik van het internet moet halen? waar vind ik deze info?
  19. Stilste
    ik wil niet drammerig over komen, maar ik kan nu bijna niets meer met mijn pc, aangezien ik nu alleen nog maar in de veilige modus kan werken. weet iemand wat ik nu het beste kan doen?
  20. Stilste
    ik heb het net opnieuw geprobeerd en bij de vraag of d de doelpartitie is n gedrukt en enter. toen kreeg ik c:\windows> daar heb ik fixmbr getypt. toen kreeg ik een waarschuwing dat het erop lijkt dat deze computer een niet standaard of ongeldige mbr heeft en dat fixmbr partitietabellen kan beschadigen. of ik zeker weet dat ik door wil gaan. ik heb daar j getypt. toen kreeg ik de mededeling dat de nieuwe mbr is geschreven met daaronder c:\windows> daar heb ik exit getypt. de pc ging toen opnieuw opstarten. heb snel de cd eruit gehaald. maar ik kreeg weer het blauwe scherm des doods. heb hem nu opgestart in velige modus met netwerkmogelijkheden. enig idee wat nu? ik zit erover na te denken om xp er maar gewoon opnieuw op de installeren, maar als het nog op een andere manier kan, graag.
  21. Stilste
    ik heb het geprobeerd, maar het is niet gelukt. ik ben alleen kwijt wat hij daarna deed en wat hij heeft gezegd. ik wil het zo nog eens proberen, maar had eerst nog een vraag. ik heb echter ergens op internet gelezen dat je bij de vraag uit mijn vorige bericht, van of d je doelpartitie is, dat dat c zou moeten zijn. is dat zo?
  22. Stilste
    sorry voor al die vragen, maar ik ben bang dat ik misschien iets helemaal verkeerd doe en de pc helemaal de vernieling in help. ik heb bij dat c:\windows>fixboot getypt dan zegt de pc dat de doelpartitie D is en vraagt of ik zeker weet dat ik een nieuwe opstartsector wil schrijven op partitie D. wat moet ik daar doen?
  23. Stilste
    daar ben ik weer. ik heb ondertussen de bios aangepast, kan de pc opstarten via de cd. volgens de hierboven genoemde instructies moest ik dan op f11 of f12 drukken. ik krijg dan een blauw scherm waarin bovenaan staat: 'windows setup' en onderaan worden bestanden geladen. daarna krijg ik een ander blauw scherm met drie opties druk enter voor installeren xp druk r voor herinstallatie/reparatie druk f3 om af te sluiten ik heb daar op de r gedrukt en kreeg een zwart scherm waarin iets stond over herstelconsole. hij vraagt daar voor welke windows installatie ik me wil aanmelden. ik kan daar 1 teken opgeven. daarboven staat 1. en dan winsdows. ik heb een 1 ingetypt en op enter gedrukt. dan vraagt hij om het administratorswachtwoord. die wist ik niet, dus heb gewoon maar op enter gedrukt. toen kreeg ik: c:\windows> en daar moest ik dan wat invullen. moet ik daar dat fixboot typen?
  24. Stilste
    zou je me kunnen uitleggen hoe ik in die bios moet komen en hoe ik dat moet veranderen?
  25. Stilste
    ik heb net 3 keer geprobeerd te doen wat je zei, maar ik kom niet op een scherm. ik heb eerst zowel op f11 als f12 gedrukt, daarna een keer alleen op f11 en daarna nog een keer alleen op f 12. maar er gebeurd niet, behalve dat de comp blijft opstarten tot het groen, rood zwarte scherm en weer overnieuw begint.
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.