Ga naar inhoud

rsca1973

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    113

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door rsca1973

  1. rsca1973
    De pc heeft gisteravond de ganse avond gedraaid en is niet uitgevallen. Als ik wel de temperatuur ga lezen met Speccy, dan geeft hij nog altijd een 80° of meer bij het moederbord. Hoe moet ik dat gaan nakijken in mijn BIOS. Ben daar nog nooit naartoe geweest omdat ze me altijd hebben gezegd dat ik daar moest uitblijven.
  2. rsca1973
    Een vriend van mij heeft er ook eens naar gekeken en heeft hem nog eens beter uitgestoft. Hij zei dat ik ook eens onder de ventilator moest blazen want dat daar nog veel stof zat. Maar ik heb dus gedaan zoals je gevraagd hebt. Hier dus de printscreen: In ieder geval heb ik hem nooit overklokt.
  3. rsca1973
    Hierbij de link zoals gevraagd: http://speccy.piriform.com/results/qM6rV8Q0d0Acpmz3lNGP8KP
  4. rsca1973
    Heb de pc volledig ontstoft met een speciale spuitbus. Dus ik vrees dat het daaraan niet zal liggen. Zal vanavond doen wat je gevraagd hebt. Ik wou hem deze avond al naar de pc-winkel brengen om hem laten na te kijken maar zal eerst wachten tot jij er jouw oordeel over hebt gegeven.
  5. rsca1973
    Sedert een tijdje gebeurd het dat mijn pc zomaar uitvalt. Ik kan hem daarna terug opstarten maar het is natuurlijk enorm vervelend. Ik denk dat het te maken heeft met de temperatuur en heb daarom speedfan gedownload. Zelf zie ik wel dat de temperaturen te hoog zijn maar heb geen verstand over hoe en waarom. Daarom hier wat er staat bij speedfan: GPU: 40C Temp1: 44C Temp2: 94C Temp 3: 128C HD0: 39C Temp1: 87C Core: 43C Ambient: 0C Kan mij iemand vertellen wat er mis is? Kan het de koeling zijn? Volgens mij kan het in ieder geval niet de videokaart zijn want deze is onlangs vernieuwd.
  6. rsca1973
    Heb alles gedaan zoals je hebt omschreven. Ziet er allemaal terug oké uit. Hier mag dus een slotje op!
  7. rsca1973
    Heb de pc gisteren een paar uur laten opstaan en krijg geen melding meer van "conhost.exe". kape, hartelijke dank voor de snelle service!!!!!!
  8. rsca1973
    Sorry, had erover gekeken. Hier dus het logje: 2011/08/31 20:04:26.0640 0960 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57 2011/08/31 20:04:26.0718 0960 ================================================================================ 2011/08/31 20:04:26.0718 0960 SystemInfo: 2011/08/31 20:04:26.0718 0960 2011/08/31 20:04:26.0718 0960 OS Version: 5.1.2600 ServicePack: 3.0 2011/08/31 20:04:26.0718 0960 Product type: Workstation 2011/08/31 20:04:26.0718 0960 ComputerName: VANESSA 2011/08/31 20:04:26.0718 0960 UserName: Andy 2011/08/31 20:04:26.0718 0960 Windows directory: C:\WINDOWS 2011/08/31 20:04:26.0718 0960 System windows directory: C:\WINDOWS 2011/08/31 20:04:26.0718 0960 Processor architecture: Intel x86 2011/08/31 20:04:26.0718 0960 Number of processors: 2 2011/08/31 20:04:26.0718 0960 Page size: 0x1000 2011/08/31 20:04:26.0718 0960 Boot type: Normal boot 2011/08/31 20:04:26.0718 0960 ================================================================================ 2011/08/31 20:04:29.0093 0960 Initialize success 2011/08/31 20:04:41.0843 2068 ================================================================================ 2011/08/31 20:04:41.0843 2068 Scan started 2011/08/31 20:04:41.0843 2068 Mode: Manual; 2011/08/31 20:04:41.0843 2068 ================================================================================ 2011/08/31 20:04:42.0859 2068 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/08/31 20:04:42.0921 2068 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys 2011/08/31 20:04:43.0000 2068 ACSSCR (b6a0f723a54884e77fce0f69083f90c9) C:\WINDOWS\system32\DRIVERS\a38usb.sys 2011/08/31 20:04:43.0109 2068 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/08/31 20:04:43.0156 2068 AegisP (8d155386b3b032ea7513e19f8c8f80a7) C:\WINDOWS\system32\DRIVERS\AegisP.sys 2011/08/31 20:04:43.0203 2068 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys 2011/08/31 20:04:43.0250 2068 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys 2011/08/31 20:04:43.0390 2068 AgereSoftModem (052343cd49c8da20c48958cfe73c7d44) C:\WINDOWS\system32\DRIVERS\AGRSM.sys 2011/08/31 20:04:43.0609 2068 AnyDVD (7684252281cfb197ac4c38b33ac5b2a6) C:\WINDOWS\system32\Drivers\AnyDVD.sys 2011/08/31 20:04:43.0687 2068 APL531 (1fc8a7e5c3aed31f00940c6ab2fd9b49) C:\WINDOWS\system32\Drivers\ov550i.sys 2011/08/31 20:04:43.0781 2068 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2011/08/31 20:04:43.0906 2068 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/08/31 20:04:43.0953 2068 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/08/31 20:04:43.0984 2068 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/08/31 20:04:44.0031 2068 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/08/31 20:04:44.0109 2068 AVGIDSDriver (c403e7f715bb0a851a9dfae16ec4ae42) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys 2011/08/31 20:04:44.0156 2068 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys 2011/08/31 20:04:44.0187 2068 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys 2011/08/31 20:04:44.0218 2068 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys 2011/08/31 20:04:44.0281 2068 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys 2011/08/31 20:04:44.0375 2068 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 2011/08/31 20:04:44.0390 2068 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys 2011/08/31 20:04:44.0515 2068 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys 2011/08/31 20:04:44.0671 2068 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/08/31 20:04:44.0875 2068 BlueletAudio (59b6f5acc898d123f0cda4f5afe5cc16) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys 2011/08/31 20:04:44.0984 2068 BT (9da8abc4885aff4793d4aa420e40bb12) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys 2011/08/31 20:04:45.0062 2068 Btcsrusb (ee481fdd7e7a3c162d479fedd35f3041) C:\WINDOWS\system32\Drivers\btcusb.sys 2011/08/31 20:04:45.0140 2068 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys 2011/08/31 20:04:45.0234 2068 BTHidEnum (083ad7f6ff500d0a93c0bea2cf298c93) C:\WINDOWS\system32\DRIVERS\vbtenum.sys 2011/08/31 20:04:45.0328 2068 BTHidMgr (ba7d9de78de8de7f9099217edeb55caf) C:\WINDOWS\system32\Drivers\BTHidMgr.sys 2011/08/31 20:04:45.0375 2068 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys 2011/08/31 20:04:45.0453 2068 BTHPORT (29ff6a865782d0f5b8e7fa1ffab4182b) C:\WINDOWS\system32\Drivers\BTHport.sys 2011/08/31 20:04:45.0515 2068 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys 2011/08/31 20:04:45.0562 2068 Cap7134 (fdfe848c821f0666c4507a11717146c2) C:\WINDOWS\system32\DRIVERS\Cap7134.sys 2011/08/31 20:04:45.0656 2068 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/08/31 20:04:45.0687 2068 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2011/08/31 20:04:45.0796 2068 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/08/31 20:04:45.0843 2068 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/08/31 20:04:45.0906 2068 cdrbsdrv (9008ad94f28360a2f1409592bfc7acf7) C:\WINDOWS\system32\drivers\cdrbsdrv.sys 2011/08/31 20:04:45.0953 2068 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/08/31 20:04:46.0093 2068 cmudax (53c90d77476edd52b3abafca8d5d01db) C:\WINDOWS\system32\drivers\cmudax.sys 2011/08/31 20:04:46.0343 2068 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/08/31 20:04:46.0406 2068 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 2011/08/31 20:04:46.0468 2068 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys 2011/08/31 20:04:46.0515 2068 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/08/31 20:04:46.0578 2068 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/08/31 20:04:46.0640 2068 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/08/31 20:04:46.0718 2068 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys 2011/08/31 20:04:46.0875 2068 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/08/31 20:04:46.0984 2068 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 2011/08/31 20:04:47.0093 2068 FETNDISB (29063004926b225c417e7147822f5866) C:\WINDOWS\system32\DRIVERS\fetnd5b.sys 2011/08/31 20:04:47.0203 2068 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 2011/08/31 20:04:47.0296 2068 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 2011/08/31 20:04:47.0406 2068 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2011/08/31 20:04:47.0484 2068 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/08/31 20:04:47.0625 2068 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/08/31 20:04:47.0750 2068 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 2011/08/31 20:04:47.0890 2068 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/08/31 20:04:48.0015 2068 HdAudAddService (160b24fd894e79e71c983ea403a6e6e7) C:\WINDOWS\system32\drivers\HdAudio.sys 2011/08/31 20:04:48.0171 2068 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2011/08/31 20:04:48.0312 2068 HidBth (d8cc702bb02ad520c3379e7ecb009ae1) C:\WINDOWS\system32\DRIVERS\hidbth.sys 2011/08/31 20:04:48.0406 2068 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/08/31 20:04:48.0546 2068 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 2011/08/31 20:04:48.0687 2068 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 2011/08/31 20:04:48.0828 2068 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 2011/08/31 20:04:48.0968 2068 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/08/31 20:04:49.0218 2068 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2011/08/31 20:04:49.0296 2068 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/08/31 20:04:49.0437 2068 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys 2011/08/31 20:04:49.0515 2068 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2011/08/31 20:04:49.0625 2068 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2011/08/31 20:04:49.0703 2068 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2011/08/31 20:04:49.0859 2068 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/08/31 20:04:49.0921 2068 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/08/31 20:04:49.0984 2068 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/08/31 20:04:50.0109 2068 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/08/31 20:04:50.0171 2068 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/08/31 20:04:50.0265 2068 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/08/31 20:04:50.0328 2068 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2011/08/31 20:04:50.0468 2068 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/08/31 20:04:50.0578 2068 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/08/31 20:04:50.0875 2068 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys 2011/08/31 20:04:50.0937 2068 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys 2011/08/31 20:04:51.0031 2068 MBAMProtector (eca00eed9ab95489007b0ef84c7149de) C:\WINDOWS\system32\drivers\mbam.sys 2011/08/31 20:04:51.0109 2068 mcdbus (5fb43fe50aee92b2b7b34cf2563db2ac) C:\WINDOWS\system32\DRIVERS\mcdbus.sys 2011/08/31 20:04:51.0250 2068 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/08/31 20:04:51.0390 2068 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 2011/08/31 20:04:51.0515 2068 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys 2011/08/31 20:04:51.0593 2068 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/08/31 20:04:51.0625 2068 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/08/31 20:04:51.0687 2068 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/08/31 20:04:52.0093 2068 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/08/31 20:04:52.0187 2068 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/08/31 20:04:52.0328 2068 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/08/31 20:04:52.0390 2068 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/08/31 20:04:52.0421 2068 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/08/31 20:04:52.0500 2068 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/08/31 20:04:52.0546 2068 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/08/31 20:04:52.0843 2068 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2011/08/31 20:04:53.0140 2068 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 2011/08/31 20:04:53.0531 2068 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2011/08/31 20:04:53.0968 2068 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2011/08/31 20:04:54.0265 2068 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2011/08/31 20:04:54.0500 2068 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/08/31 20:04:54.0718 2068 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/08/31 20:04:54.0781 2068 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/08/31 20:04:54.0828 2068 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/08/31 20:04:54.0890 2068 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/08/31 20:04:54.0921 2068 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/08/31 20:04:55.0031 2068 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2011/08/31 20:04:55.0093 2068 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\npf.sys 2011/08/31 20:04:55.0109 2068 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/08/31 20:04:55.0156 2068 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/08/31 20:04:55.0234 2068 NTSIM (4d3eb5a8021af05c7fe5f313443a533b) C:\WINDOWS\system32\ntsim.sys 2011/08/31 20:04:55.0406 2068 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/08/31 20:04:56.0203 2068 nv (8b2c874897ea498da012284e12f9db2b) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 2011/08/31 20:04:56.0625 2068 NVHDA (1fda0adfd0dd666ecb1cbf8436f81805) C:\WINDOWS\system32\drivers\nvhda32.sys 2011/08/31 20:04:56.0687 2068 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/08/31 20:04:56.0734 2068 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/08/31 20:04:56.0796 2068 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2011/08/31 20:04:56.0859 2068 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys 2011/08/31 20:04:56.0890 2068 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/08/31 20:04:56.0953 2068 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/08/31 20:04:57.0000 2068 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/08/31 20:04:57.0078 2068 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys 2011/08/31 20:04:57.0125 2068 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/08/31 20:04:57.0187 2068 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys 2011/08/31 20:04:57.0421 2068 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys 2011/08/31 20:04:57.0515 2068 PhTVTune (94e7f6107c70251059ae4d01b1d76124) C:\WINDOWS\system32\DRIVERS\PhTVTune.sys 2011/08/31 20:04:57.0593 2068 PID_0920 (2f81e367875c5d7d6f05454ba84d27a9) C:\WINDOWS\system32\DRIVERS\LV532AV.SYS 2011/08/31 20:04:57.0734 2068 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/08/31 20:04:57.0796 2068 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/08/31 20:04:57.0859 2068 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys 2011/08/31 20:04:58.0015 2068 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/08/31 20:04:58.0062 2068 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/08/31 20:04:58.0078 2068 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/08/31 20:04:58.0140 2068 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/08/31 20:04:58.0187 2068 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/08/31 20:04:58.0265 2068 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/08/31 20:04:58.0328 2068 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/08/31 20:04:58.0437 2068 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/08/31 20:04:58.0500 2068 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys 2011/08/31 20:04:58.0578 2068 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys 2011/08/31 20:04:58.0640 2068 RT2500USB (b2a5e9d580a61b57ad91fa64a4789aba) C:\WINDOWS\system32\DRIVERS\rt2500usb.sys 2011/08/31 20:04:58.0734 2068 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/08/31 20:04:58.0796 2068 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 2011/08/31 20:04:58.0828 2068 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys 2011/08/31 20:04:58.0890 2068 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2011/08/31 20:04:58.0968 2068 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2011/08/31 20:04:59.0031 2068 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/08/31 20:04:59.0125 2068 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\WINDOWS\system32\Drivers\sptd.sys 2011/08/31 20:04:59.0125 2068 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd 2011/08/31 20:04:59.0125 2068 sptd - detected LockedFile.Multi.Generic (1) 2011/08/31 20:04:59.0171 2068 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/08/31 20:04:59.0250 2068 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/08/31 20:04:59.0343 2068 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys 2011/08/31 20:04:59.0390 2068 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2011/08/31 20:04:59.0437 2068 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/08/31 20:04:59.0468 2068 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/08/31 20:04:59.0921 2068 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/08/31 20:05:00.0015 2068 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/08/31 20:05:00.0093 2068 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/08/31 20:05:00.0171 2068 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/08/31 20:05:00.0203 2068 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/08/31 20:05:00.0281 2068 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/08/31 20:05:00.0328 2068 UKBFLT (121b9eb8372f9309b12a2c698f655f84) C:\WINDOWS\system32\DRIVERS\UKBFLT.sys 2011/08/31 20:05:00.0453 2068 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2011/08/31 20:05:00.0531 2068 USBAAPL (c1ca131f4e3ed63d6bc89a35ffad4cda) C:\WINDOWS\system32\Drivers\usbaapl.sys 2011/08/31 20:05:00.0593 2068 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 2011/08/31 20:05:00.0828 2068 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/08/31 20:05:01.0031 2068 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/08/31 20:05:01.0093 2068 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/08/31 20:05:01.0140 2068 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2011/08/31 20:05:01.0187 2068 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2011/08/31 20:05:01.0218 2068 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/08/31 20:05:01.0250 2068 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2011/08/31 20:05:01.0343 2068 VComm (760b5a696e86284d7087f3079a398652) C:\WINDOWS\system32\DRIVERS\VComm.sys 2011/08/31 20:05:01.0390 2068 VcommMgr (8996c17e289f200934d8d13b2285dc08) C:\WINDOWS\system32\Drivers\VcommMgr.sys 2011/08/31 20:05:01.0437 2068 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/08/31 20:05:01.0500 2068 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/08/31 20:05:01.0562 2068 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/08/31 20:05:01.0734 2068 wbscr (67014473f902f3023f892c3a0950958a) C:\WINDOWS\system32\drivers\wbscr.sys 2011/08/31 20:05:02.0031 2068 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys 2011/08/31 20:05:02.0437 2068 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/08/31 20:05:02.0578 2068 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 2011/08/31 20:05:02.0875 2068 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2011/08/31 20:05:03.0156 2068 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2011/08/31 20:05:03.0406 2068 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2011/08/31 20:05:03.0750 2068 XUIF (93692d6b2fcbb63f517642048f5295fb) C:\WINDOWS\system32\Drivers\x10ufx2.sys 2011/08/31 20:05:03.0937 2068 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl 2011/08/31 20:05:04.0015 2068 MBR (0x1B8) (2a38a2f9deea228d8e1783700ed15448) \Device\Harddisk0\DR0 2011/08/31 20:05:04.0015 2068 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0) 2011/08/31 20:05:04.0046 2068 Boot (0x1200) (0cef16481a8ce9fbc23684a8bec70090) \Device\Harddisk0\DR0\Partition0 2011/08/31 20:05:04.0093 2068 Boot (0x1200) (6d0490efb1045b1c92570344d30adea1) \Device\Harddisk0\DR0\Partition1 2011/08/31 20:05:04.0125 2068 Boot (0x1200) (d50ad5d50ed679693711d907c3960baf) \Device\Harddisk0\DR0\Partition2 2011/08/31 20:05:04.0125 2068 ================================================================================ 2011/08/31 20:05:04.0125 2068 Scan finished 2011/08/31 20:05:04.0125 2068 ================================================================================ 2011/08/31 20:05:04.0156 0972 Detected object count: 2 2011/08/31 20:05:04.0156 0972 Actual detected object count: 2 2011/08/31 20:05:16.0718 0972 LockedFile.Multi.Generic(sptd) - User select action: Skip 2011/08/31 20:05:16.0750 0972 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot 2011/08/31 20:05:16.0750 0972 \Device\Harddisk0\DR0 - ok 2011/08/31 20:05:16.0750 0972 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure 2011/08/31 20:05:29.0625 2088 Deinitialize success
  9. rsca1973
    Hierbij de logfile van het del.bat bestand: Deleting files C:\WINDOWS\TEMP\conhost.exe not found Nu ga ik dus de rest uitvoeren. ---------- Post toegevoegd om 20:10 ---------- Vorige post was om 19:59 ---------- Heb dus de scan met tdsskiller uitgevoerd maar heb geen logje kunnen bekijken. Heb wel gezien dat er "1 threat" gevonden was maar moest daarna de pc opnieuw opstarten. Moet wel zeggen dat ik na het opstarten tot hiertoe geen melding meer gekregen heb van "conhost.exe". Dus ik wacht nog even af maar en hoop dat het verwijderd is. Ik hou jullie op de hoogte.
  10. rsca1973
    Slecht nieuws, na het opnieuw installeren van AVG kreeg ik nog voor het updaten terug de melding van conhost.exe. Is dus nog niet opgelost.
  11. rsca1973
    Lag toch aan de videokaart. Heb een tijdje geleden de nieuwste drivers van het internet gehaald en opnieuw geïnstalleerd en tot op heden geen enkel probleem meer. Is dus opgelost!
  12. rsca1973
    Ik zal vanavond bij mijn thuiskomst AVG opnieuw installeren want ik heb hem moeten verwijderen om combofix zijn werk te kunnen laten doen. Ik laat dus iets weten of er nog meldingen verschijnen!
  13. rsca1973
    Heb dus alles uitgevoerd zoals gevraagd. Hier dus het nieuwe logje: ComboFix 11-08-29.03 - Andy 29/08/2011 21:04:04.6.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1534.1044 [GMT 2:00] Gestart vanuit: c:\documents and settings\Andy\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Andy\Bureaublad\CFScript.txt . FILE :: "c:\windows\reset.exe" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Andy\Application Data\Eknu c:\documents and settings\Andy\Application Data\Kaewi . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_.EsetTrialReset . . (((((((((((((((((((( Bestanden Gemaakt van 2011-07-28 to 2011-08-29 )))))))))))))))))))))))))))))) . . 2071-07-25 08:13 . 2006-11-21 19:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe 2011-08-13 09:45 . 2011-08-20 06:21 -------- d-----w- c:\documents and settings\Andy\Downloads 2011-08-13 09:45 . 2011-08-13 09:45 -------- d-----w- c:\documents and settings\Andy\Local Settings\Application Data\Spotnet 2011-08-13 09:42 . 2011-08-13 09:42 7410 ----a-w- C:\cc_20110813_114228.reg 2011-08-13 09:42 . 2011-08-13 09:42 53150 ----a-w- C:\cc_20110813_114207.reg 2011-08-13 09:41 . 2011-08-29 19:00 -------- d--h--r- c:\documents and settings\Andy\Onlangs geopend 2011-08-10 09:34 . 2011-08-10 09:34 -------- d-----w- c:\documents and settings\Andy\Application Data\LEAPS 2011-08-10 09:25 . 2011-08-10 09:25 -------- d-----w- c:\documents and settings\Andy\Application Data\Pegasys Inc 2011-08-10 09:17 . 2011-08-10 09:16 59240 ----a-w- c:\windows\system32\GenSvcInst.exe 2011-08-10 09:17 . 2011-08-10 09:16 38944 ----a-w- c:\windows\system32\drivers\CDRBSDRV.SYS 2011-08-10 09:17 . 2011-08-10 09:16 139264 ----a-w- c:\windows\system32\bgsvcgen.exe 2011-08-10 09:17 . 2011-08-10 09:17 -------- d-----w- c:\program files\Pegasys Inc 2011-08-10 08:59 . 2011-08-10 08:59 -------- d-----w- C:\TMPGEnc-2.525.64.184-EN 2011-08-10 08:49 . 2011-08-13 09:29 -------- d-----w- C:\tmpgencoder 2011-08-10 06:42 . 2011-08-13 09:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Spotnet 2011-08-10 06:42 . 2011-08-10 06:42 -------- d-----w- c:\program files\Spotnet 2011-08-10 06:40 . 2011-08-10 06:40 8623805 ----a-w- C:\spotnet-DukeN-NL.exe 2011-08-10 06:18 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys 2011-08-10 06:17 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys 2011-08-09 14:29 . 2011-08-09 14:29 -------- d-----w- c:\program files\SlySoft 2011-08-09 14:27 . 2011-08-09 14:27 -------- d-----w- c:\program files\Elaborate Bytes 2011-08-04 18:23 . 2011-08-04 18:23 -------- d-----w- c:\program files\XviD 2011-08-04 18:22 . 2011-08-04 18:22 12341641 ----a-w- C:\AutoGordianKnot.2.55.Setup.exe 2011-08-04 15:42 . 2011-08-04 15:42 6872759 ----a-w- C:\K-Lite_Codec_Pack_750_Basic.exe 2011-08-04 15:02 . 2011-08-04 15:07 -------- d-----w- c:\program files\MPEGJOINER 2011-08-04 15:02 . 2011-08-04 15:02 464065 ----a-w- C:\MpegJoiner.exe 2011-08-04 13:47 . 2011-08-04 13:47 -------- d-----w- C:\MyJoinedFiles 2011-08-04 13:46 . 2011-08-13 09:34 -------- d-----w- c:\program files\AoA Video Joiner 2011-08-04 13:45 . 2011-08-04 13:46 8162547 ----a-w- C:\VideoJoiner.exe 2011-08-04 13:41 . 2001-08-22 10:00 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2011-08-04 13:40 . 2011-08-04 13:41 13060381 ----a-w- C:\AoneVideoJoiner.exe 2011-08-04 13:06 . 2011-08-04 13:10 -------- d-----w- c:\program files\Video Joiner 2011-08-04 12:51 . 2011-08-04 12:51 1160016 ----a-w- C:\wlsetup-web.exe 2011-08-04 12:49 . 2011-08-04 12:49 284920 ----a-w- C:\SoftonicDownloader_voor_windows-movie-maker.exe 2011-08-04 12:35 . 2011-08-04 12:35 367951 ----a-w- C:\Brothersoftdownloader_for_Windows_Movie_Maker.exe 2011-08-02 08:33 . 2011-08-02 08:33 -------- d-----w- c:\documents and settings\Andy\Application Data\NVIDIA . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-27 06:35 . 2011-05-14 06:14 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-08-10 08:59 . 2011-08-10 08:58 1750816 ----a-w- C:\TMPGEnc-2.525.64.184-EN.zip 2011-08-04 13:24 . 2011-08-04 13:24 514572 ----a-w- C:\InstCombiMovie.zip 2011-07-28 10:27 . 2011-07-28 10:27 121464 ----a-w- c:\windows\system32\drivers\AnyDVD.sys 2011-07-22 13:58 . 2011-07-22 13:58 910624 ----a-w- C:\jxpiinstall.exe 2011-07-21 18:23 . 2011-07-21 18:23 2188108 ----a-w- C:\GrabIt172b4(1).exe 2011-07-15 13:29 . 2004-10-06 06:21 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-13 17:51 . 2011-07-13 17:51 6108 ----a-w- C:\cc_20110713_195113.reg 2011-07-13 17:50 . 2011-07-13 17:50 72534 ----a-w- C:\cc_20110713_195043.reg 2011-07-09 06:30 . 2011-07-09 06:29 81709520 ----a-w- C:\275.33-desktop-winxp-32bit-english-whql.exe 2011-07-08 14:02 . 2004-10-06 06:21 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys 2011-07-06 17:52 . 2011-01-04 17:01 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-06 17:52 . 2011-01-04 17:01 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-24 14:10 . 2004-10-05 21:31 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2011-06-23 18:31 . 2004-10-06 06:22 916480 ----a-w- c:\windows\system32\wininet.dll 2011-06-23 18:31 . 2004-10-06 06:21 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-06-23 18:31 . 2004-10-06 06:21 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-06-23 12:05 . 2004-10-06 06:21 385024 ----a-w- c:\windows\system32\html.iec 2011-06-20 17:44 . 2004-10-06 06:22 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-06-06 11:35 . 2004-10-06 06:22 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-08-23 19:53 . 2011-05-06 16:57 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LVCOMS"="c:\program files\Common Files\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 135214] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272] "NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-10-08 180269] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-1-29 813584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Ralink Wireless Utility.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Ralink Wireless Utility.lnk backup=c:\windows\pss\Ralink Wireless Utility.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Andy^Menu Start^Programma's^Opstarten^Dropbox.lnk] path=c:\documents and settings\Andy\Menu Start\Programma's\Opstarten\Dropbox.lnk backup=c:\windows\pss\Dropbox.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^Andy^Menu Start^Programma's^Opstarten^Logitech-productregistratie.lnk] path=c:\documents and settings\Andy\Menu Start\Programma's\Opstarten\Logitech-productregistratie.lnk backup=c:\windows\pss\Logitech-productregistratie.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bluetooth Connection Assistant] LBTWIZ.EXE -silent [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] 2004-02-20 14:00 88363 ----a-w- c:\windows\AGRSMMSG.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service] 2010-03-18 09:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion] 2010-03-13 10:58 75048 ------w- c:\program files\CyberLink\Shared Files\brs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid] 2009-06-04 15:51 2056192 ----a-w- c:\program files\Belgium Identity Card\beid35gui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] 2008-04-14 17:03 110592 ----a-w- c:\windows\system32\bthprops.cpl . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey] 2004-02-24 12:05 508416 ----a-w- c:\windows\mHotkey.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] 2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ledpointer] 2004-02-03 15:15 5794816 ----a-w- c:\windows\CNYHKey.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2011-07-06 17:52 449584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2011-05-25 06:09 13895272 ----a-w- c:\windows\system32\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2011-05-25 06:09 111208 ----a-w- c:\windows\system32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2011-05-04 22:02 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2008-11-04 09:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10] 2010-02-02 22:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkoppeling naar eigenschappenvenster voor High Definition Audio] 2004-03-17 14:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2004-10-08 17:02 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector] 2003-11-19 11:03 45056 ------w- c:\program files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\monitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] 2008-03-01 05:10 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2006-11-02 21:53 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "gusvc"=3 (0x3) "Creative Service for CDROM Access"=2 (0x2) "CA_LIC_SRVR"=3 (0x3) "CA_LIC_CLNT"=3 (0x3) "BlueSoleil Hid Service"=2 (0x2) "ose"=3 (0x3) "NOD32FiXTemDono"=2 (0x2) "Nero BackItUp Scheduler 4.0"=2 (0x2) "iPod Service"=3 (0x3) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%WinDir%\\system32\\fxsclnt.exe"= "%ProgramFiles%\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "d:\\Documenten\\Mijn ontvangen bestanden\\utorrent.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Documents and Settings\\Andy\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"= . R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14/01/2009 19:51 697328] R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/05 20:37];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [13/03/2010 12:58 87536] R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [19/09/2002 20:29 53248] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/01/2011 19:01 366640] R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [18/02/2010 14:01 462632] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20/10/2009 20:19 50704] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [9/07/2011 8:31 2214504] R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [6/10/2004 1:38 1272000] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/01/2011 19:01 22712] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [21/06/2011 9:46 119528] R3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [13/03/2011 18:14 152576] R3 wbscr;Winbond Smartcard Reader for I/O;c:\windows\system32\drivers\wbscr.sys [6/10/2004 2:27 19928] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2010 18:12 136176] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 19:14 33536] S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2010 18:12 136176] S3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [23/10/2004 14:49 24704] S3 UKBFLT;UKBFLT;c:\windows\system32\drivers\UKBFLT.sys [24/10/2004 12:28 11672] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504] S4 CA_LIC_CLNT;CA License Client;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [19/09/2002 20:27 77824] S4 CA_LIC_SRVR;CA License Server;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [19/09/2002 20:41 77824] . Inhoud van de 'Gedeelde Taken' map . 2011-08-29 c:\windows\Tasks\Andy Local Autobackup 5 4.job - c:\program files\Nero\Nero 10\Nero BackItUp\NBCore.exe [2010-02-22 14:17] . 2010-10-05 c:\windows\Tasks\Andy NBAgent 5 4.job - c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-02-22 14:17] . 2011-08-18 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . 2011-08-29 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20] . 2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-24 16:11] . 2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-24 16:11] . 2011-08-12 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] . 2011-08-29 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] . 2011-04-02 c:\windows\Tasks\wavepadShakeIcon.job - c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2011-03-30 16:13] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nieuwsblad.be/index.html uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: Converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Open using &Advanced JPEG Compressor - c:\program files\Advanced JPEG Compressor\ajcieex.htm IE: Toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html TCP: DhcpNameServer = 195.130.130.130 195.130.131.130 DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.3/GarminAxControl.CAB DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - hxxp://www3.snapfish.be/SnapfishActivia3.cab DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab FF - ProfilePath - c:\documents and settings\Andy\Application Data\Mozilla\Firefox\Profiles\tcath2ai.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.nieuwsblad.be/index.html?ref=0911 FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-08-29 21:24 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Windows 5.1.2600 Disk: WDC_WD2500JD-00HBB0 rev.08.02D08 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17 . device: opened successfully user: MBR read successfully error: Read Een apparaat dat op het systeem is aangesloten, werkt niet. kernel: MBR read successfully detected disk devices: detected hooks: \Driver\atapi DriverStartIo -> 0x8A8FD31B user & kernel MBR OK . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,c6,fc,cd,82,96,6f,45,80,50,f5,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,c6,fc,cd,82,96,6f,45,80,50,f5,\ . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(540) c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll c:\windows\system32\gpkcsp.dll c:\windows\system32\gpkrsrc.dll . - - - - - - - > 'explorer.exe'(2600) c:\program files\Logitech\SetPoint\lgscroll.dll c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Logitech\Bluetooth\LBTServ.exe c:\windows\System32\SCardSvr.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\windows\system32\bgsvcgen.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\CDBurnerXP\NMSAccessU.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\HPZipm12.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Windows Media Player\WMPNetwk.exe c:\windows\system32\RunDLL32.exe c:\windows\system32\wscntfy.exe c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE c:\program files\Windows Live\Contacts\wlcomm.exe c:\windows\TEMP\conhost.exe . ************************************************************************** . Voltooingstijd: 2011-08-29 21:32:44 - machine werd herstart ComboFix-quarantined-files.txt 2011-08-29 19:32 ComboFix2.txt 2011-08-29 17:52 ComboFix3.txt 2011-07-10 10:03 . Pre-Run: 8.878.538.752 bytes beschikbaar Post-Run: 8.852.639.744 bytes beschikbaar . Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 71E6440CBCC69A3F92AD1D63753B86A3
  14. rsca1973
    Heb deze mappen niet zelf aangemaakt. Mag ik toch uitvoeren wat je hierboven zegt of moet ik eerst iets anders doen?
  15. rsca1973
    Combofix heeft zijn werk gedaan, hier dus het logje: ComboFix 11-08-29.03 - Andy 29/08/2011 19:24:19.5.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1534.1082 [GMT 2:00] Gestart vanuit: c:\documents and settings\Andy\Bureaublad\ComboFix.exe . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\iun6002.exe . ---- Voorgaande Run ------- . c:\documents and settings\Andy\Application Data\i74wa3x7e.tmp c:\documents and settings\Andy\WINDOWS . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_SSHNAS -------\Legacy_SSHNAS . . (((((((((((((((((((( Bestanden Gemaakt van 2011-07-28 to 2011-08-29 )))))))))))))))))))))))))))))) . . 2071-07-25 08:13 . 2006-11-21 19:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe 2011-08-18 17:45 . 2011-08-18 20:05 -------- d-----w- c:\documents and settings\Andy\Application Data\Kaewi 2011-08-18 17:45 . 2011-08-18 17:58 -------- d-----w- c:\documents and settings\Andy\Application Data\Eknu 2011-08-13 09:45 . 2011-08-20 06:21 -------- d-----w- c:\documents and settings\Andy\Downloads 2011-08-13 09:45 . 2011-08-13 09:45 -------- d-----w- c:\documents and settings\Andy\Local Settings\Application Data\Spotnet 2011-08-13 09:42 . 2011-08-13 09:42 7410 ----a-w- C:\cc_20110813_114228.reg 2011-08-13 09:42 . 2011-08-13 09:42 53150 ----a-w- C:\cc_20110813_114207.reg 2011-08-13 09:41 . 2011-08-28 07:58 -------- d--h--r- c:\documents and settings\Andy\Onlangs geopend 2011-08-10 09:34 . 2011-08-10 09:34 -------- d-----w- c:\documents and settings\Andy\Application Data\LEAPS 2011-08-10 09:25 . 2011-08-10 09:25 -------- d-----w- c:\documents and settings\Andy\Application Data\Pegasys Inc 2011-08-10 09:17 . 2011-08-10 09:16 59240 ----a-w- c:\windows\system32\GenSvcInst.exe 2011-08-10 09:17 . 2011-08-10 09:16 38944 ----a-w- c:\windows\system32\drivers\CDRBSDRV.SYS 2011-08-10 09:17 . 2011-08-10 09:16 139264 ----a-w- c:\windows\system32\bgsvcgen.exe 2011-08-10 09:17 . 2011-08-10 09:17 -------- d-----w- c:\program files\Pegasys Inc 2011-08-10 08:59 . 2011-08-10 08:59 -------- d-----w- C:\TMPGEnc-2.525.64.184-EN 2011-08-10 08:49 . 2011-08-13 09:29 -------- d-----w- C:\tmpgencoder 2011-08-10 06:42 . 2011-08-13 09:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Spotnet 2011-08-10 06:42 . 2011-08-10 06:42 -------- d-----w- c:\program files\Spotnet 2011-08-10 06:40 . 2011-08-10 06:40 8623805 ----a-w- C:\spotnet-DukeN-NL.exe 2011-08-10 06:18 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys 2011-08-10 06:17 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys 2011-08-09 14:29 . 2011-08-09 14:29 -------- d-----w- c:\program files\SlySoft 2011-08-09 14:27 . 2011-08-09 14:27 -------- d-----w- c:\program files\Elaborate Bytes 2011-08-04 18:23 . 2011-08-04 18:23 -------- d-----w- c:\program files\XviD 2011-08-04 18:22 . 2011-08-04 18:22 12341641 ----a-w- C:\AutoGordianKnot.2.55.Setup.exe 2011-08-04 15:42 . 2011-08-04 15:42 6872759 ----a-w- C:\K-Lite_Codec_Pack_750_Basic.exe 2011-08-04 15:02 . 2011-08-04 15:07 -------- d-----w- c:\program files\MPEGJOINER 2011-08-04 15:02 . 2011-08-04 15:02 464065 ----a-w- C:\MpegJoiner.exe 2011-08-04 13:47 . 2011-08-04 13:47 -------- d-----w- C:\MyJoinedFiles 2011-08-04 13:46 . 2011-08-13 09:34 -------- d-----w- c:\program files\AoA Video Joiner 2011-08-04 13:45 . 2011-08-04 13:46 8162547 ----a-w- C:\VideoJoiner.exe 2011-08-04 13:41 . 2001-08-22 10:00 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2011-08-04 13:40 . 2011-08-04 13:41 13060381 ----a-w- C:\AoneVideoJoiner.exe 2011-08-04 13:06 . 2011-08-04 13:10 -------- d-----w- c:\program files\Video Joiner 2011-08-04 12:51 . 2011-08-04 12:51 1160016 ----a-w- C:\wlsetup-web.exe 2011-08-04 12:49 . 2011-08-04 12:49 284920 ----a-w- C:\SoftonicDownloader_voor_windows-movie-maker.exe 2011-08-04 12:35 . 2011-08-04 12:35 367951 ----a-w- C:\Brothersoftdownloader_for_Windows_Movie_Maker.exe 2011-08-02 08:33 . 2011-08-02 08:33 -------- d-----w- c:\documents and settings\Andy\Application Data\NVIDIA . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-27 06:35 . 2011-05-14 06:14 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-08-10 08:59 . 2011-08-10 08:58 1750816 ----a-w- C:\TMPGEnc-2.525.64.184-EN.zip 2011-08-04 13:24 . 2011-08-04 13:24 514572 ----a-w- C:\InstCombiMovie.zip 2011-07-28 10:27 . 2011-07-28 10:27 121464 ----a-w- c:\windows\system32\drivers\AnyDVD.sys 2011-07-22 13:58 . 2011-07-22 13:58 910624 ----a-w- C:\jxpiinstall.exe 2011-07-21 18:23 . 2011-07-21 18:23 2188108 ----a-w- C:\GrabIt172b4(1).exe 2011-07-15 13:29 . 2004-10-06 06:21 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-13 17:51 . 2011-07-13 17:51 6108 ----a-w- C:\cc_20110713_195113.reg 2011-07-13 17:50 . 2011-07-13 17:50 72534 ----a-w- C:\cc_20110713_195043.reg 2011-07-09 06:30 . 2011-07-09 06:29 81709520 ----a-w- C:\275.33-desktop-winxp-32bit-english-whql.exe 2011-07-08 14:02 . 2004-10-06 06:21 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys 2011-07-06 17:52 . 2011-01-04 17:01 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-06 17:52 . 2011-01-04 17:01 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-24 14:10 . 2004-10-05 21:31 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2011-06-23 18:31 . 2004-10-06 06:22 916480 ----a-w- c:\windows\system32\wininet.dll 2011-06-23 18:31 . 2004-10-06 06:21 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-06-23 18:31 . 2004-10-06 06:21 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-06-23 12:05 . 2004-10-06 06:21 385024 ----a-w- c:\windows\system32\html.iec 2011-06-20 17:44 . 2004-10-06 06:22 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-06-06 11:35 . 2004-10-06 06:22 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-08-23 19:53 . 2011-05-06 16:57 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LVCOMS"="c:\program files\Common Files\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 135214] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272] "NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-10-08 180269] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-1-29 813584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Ralink Wireless Utility.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Ralink Wireless Utility.lnk backup=c:\windows\pss\Ralink Wireless Utility.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Andy^Menu Start^Programma's^Opstarten^Dropbox.lnk] path=c:\documents and settings\Andy\Menu Start\Programma's\Opstarten\Dropbox.lnk backup=c:\windows\pss\Dropbox.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^Andy^Menu Start^Programma's^Opstarten^Logitech-productregistratie.lnk] path=c:\documents and settings\Andy\Menu Start\Programma's\Opstarten\Logitech-productregistratie.lnk backup=c:\windows\pss\Logitech-productregistratie.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bluetooth Connection Assistant] LBTWIZ.EXE -silent [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] 2004-02-20 14:00 88363 ----a-w- c:\windows\AGRSMMSG.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service] 2010-03-18 09:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion] 2010-03-13 10:58 75048 ------w- c:\program files\CyberLink\Shared Files\brs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid] 2009-06-04 15:51 2056192 ----a-w- c:\program files\Belgium Identity Card\beid35gui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] 2008-04-14 17:03 110592 ----a-w- c:\windows\system32\bthprops.cpl . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey] 2004-02-24 12:05 508416 ----a-w- c:\windows\mHotkey.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] 2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ledpointer] 2004-02-03 15:15 5794816 ----a-w- c:\windows\CNYHKey.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2011-07-06 17:52 449584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2011-05-25 06:09 13895272 ----a-w- c:\windows\system32\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2011-05-25 06:09 111208 ----a-w- c:\windows\system32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2011-05-04 22:02 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2008-11-04 09:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10] 2010-02-02 22:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkoppeling naar eigenschappenvenster voor High Definition Audio] 2004-03-17 14:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2004-10-08 17:02 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector] 2003-11-19 11:03 45056 ------w- c:\program files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\monitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] 2008-03-01 05:10 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2006-11-02 21:53 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "gusvc"=3 (0x3) "Creative Service for CDROM Access"=2 (0x2) "CA_LIC_SRVR"=3 (0x3) "CA_LIC_CLNT"=3 (0x3) "BlueSoleil Hid Service"=2 (0x2) "ose"=3 (0x3) "NOD32FiXTemDono"=2 (0x2) "Nero BackItUp Scheduler 4.0"=2 (0x2) "iPod Service"=3 (0x3) ".EsetTrialReset"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%WinDir%\\system32\\fxsclnt.exe"= "%ProgramFiles%\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "d:\\Documenten\\Mijn ontvangen bestanden\\utorrent.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Documents and Settings\\Andy\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"= . R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14/01/2009 19:51 697328] R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/05 20:37];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [13/03/2010 12:58 87536] R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [19/09/2002 20:29 53248] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/01/2011 19:01 366640] R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [18/02/2010 14:01 462632] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20/10/2009 20:19 50704] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [9/07/2011 8:31 2214504] R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [6/10/2004 1:38 1272000] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/01/2011 19:01 22712] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [21/06/2011 9:46 119528] R3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [13/03/2011 18:14 152576] R3 wbscr;Winbond Smartcard Reader for I/O;c:\windows\system32\drivers\wbscr.sys [6/10/2004 2:27 19928] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2010 18:12 136176] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 19:14 33536] S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2010 18:12 136176] S3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [23/10/2004 14:49 24704] S3 UKBFLT;UKBFLT;c:\windows\system32\drivers\UKBFLT.sys [24/10/2004 12:28 11672] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504] S4 .EsetTrialReset;Eset Trial Reset;c:\windows\reset.exe /s --> c:\windows\reset.exe [?] S4 CA_LIC_CLNT;CA License Client;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [19/09/2002 20:27 77824] S4 CA_LIC_SRVR;CA License Server;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [19/09/2002 20:41 77824] . Inhoud van de 'Gedeelde Taken' map . 2011-08-29 c:\windows\Tasks\Andy Local Autobackup 5 4.job - c:\program files\Nero\Nero 10\Nero BackItUp\NBCore.exe [2010-02-22 14:17] . 2010-10-05 c:\windows\Tasks\Andy NBAgent 5 4.job - c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-02-22 14:17] . 2011-08-18 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . 2011-08-28 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20] . 2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-24 16:11] . 2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-24 16:11] . 2011-08-12 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] . 2011-08-29 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] . 2011-04-02 c:\windows\Tasks\wavepadShakeIcon.job - c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2011-03-30 16:13] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nieuwsblad.be/index.html uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: Converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Open using &Advanced JPEG Compressor - c:\program files\Advanced JPEG Compressor\ajcieex.htm IE: Toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html TCP: DhcpNameServer = 195.130.130.130 195.130.131.130 DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.3/GarminAxControl.CAB DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - hxxp://www3.snapfish.be/SnapfishActivia3.cab DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab FF - ProfilePath - c:\documents and settings\Andy\Application Data\Mozilla\Firefox\Profiles\tcath2ai.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.nieuwsblad.be/index.html?ref=0911 FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-08-29 19:44 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Windows 5.1.2600 Disk: WDC_WD2500JD-00HBB0 rev.08.02D08 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17 . device: opened successfully user: MBR read successfully error: Read Een apparaat dat op het systeem is aangesloten, werkt niet. kernel: MBR read successfully detected disk devices: detected hooks: \Driver\atapi DriverStartIo -> 0x8A90231B user & kernel MBR OK . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,c6,fc,cd,82,96,6f,45,80,50,f5,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,c6,fc,cd,82,96,6f,45,80,50,f5,\ . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(540) c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll c:\windows\system32\gpkcsp.dll c:\windows\system32\gpkrsrc.dll . - - - - - - - > 'explorer.exe'(3240) c:\program files\Logitech\SetPoint\lgscroll.dll c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Logitech\Bluetooth\LBTServ.exe c:\windows\System32\SCardSvr.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\windows\system32\bgsvcgen.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\CDBurnerXP\NMSAccessU.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\HPZipm12.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Windows Media Player\WMPNetwk.exe c:\windows\system32\RunDLL32.exe c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE c:\windows\system32\wscntfy.exe c:\program files\Windows Live\Contacts\wlcomm.exe c:\windows\TEMP\conhost.exe . ************************************************************************** . Voltooingstijd: 2011-08-29 19:52:41 - machine werd herstart ComboFix-quarantined-files.txt 2011-08-29 17:52 ComboFix2.txt 2011-07-10 10:03 . Pre-Run: 8.972.013.568 bytes beschikbaar Post-Run: 8.858.890.240 bytes beschikbaar . Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 6F161F66C4794B09AEC146D838607673
  16. rsca1973
    Te vroeg victorie gekraaid. Na het opstarten van de pc krijg ik opnieuw dezelfde foutberichten. We gaan dus eens beginnen aan wat kape hierboven beschreven heeft.
  17. rsca1973
    Ik weet nu niet of het gedaan zal zijn, maar AVG heeft de detectie kunnen verwijderen. Krijg momenteel geen bedreigingen meer te zien en pc is terug duidelijk sneller. Wat denken jullie specialisten?
  18. rsca1973
    Deze morgen mijn pc opgestart en AVG heeft volgende bedreiging gedetecteerd: C:\WINDOWS\temp\conhost.exe Als ik deze wil herstellen of verwijderen krijg ik steeds de melding "actie mislukt". Kan mij iemand helpen aub. Ik post alvast een logje van hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:58:52, on 28/08/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG10\avgchsvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Nero\Update\NASvc.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\PROGRA~1\AVG\AVG10\avgrsx.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1109923195-152108676-1447638511-1009\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1109923195-152108676-1447638511-1009\..\RunOnce: [spchecker] "C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe" (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6.3/GarminAxControl.CAB O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - http://ua.foto.com/ImageUploader6.cab O16 - DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - http://www3.snapfish.be/SnapfishActivia3.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - http://www.new2.foto.com/ImageUploader5.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - SOURCENEXT - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 13404 bytes
  19. rsca1973
    Heb de map verwijderd. De snelheid ziet er precies terug goed uit. Heb vandaag wel nog niet veel op de pc gewerkt. Zal dit maar pas binnen een paar dagen kunnen zeggen maar op het eerste zicht is het goed. In ieder geval al bedankt voor de hulp!
  20. rsca1973
    ComboFix 11-07-10.01 - Andy 10/07/2011 11:42:20.3.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1534.1056 [GMT 2:00] Gestart vanuit: C:\ComboFix.exe . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Andy\Application Data\SystemRequirementsLab c:\documents and settings\Andy\Application Data\SystemRequirementsLab\SRLProxy_nvd_1.dll c:\documents and settings\Andy\Application Data\SystemRequirementsLab\SRLProxy_nvd_2.dll c:\documents and settings\Andy\Application Data\SystemRequirementsLab\SRLProxy_nvd_3.dll c:\documents and settings\Andy\Application Data\SystemRequirementsLab\SRLProxy_nvd_4.dll c:\windows\IsUn0413.exe c:\windows\system32\$winnt$.inf c:\windows\vb.ini . . (((((((((((((((((((( Bestanden Gemaakt van 2011-06-10 to 2011-07-10 )))))))))))))))))))))))))))))) . . 2071-07-25 08:13 . 2006-11-21 19:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe 2011-07-09 20:49 . 2011-07-09 20:49 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-07-09 20:49 . 2011-07-09 20:49 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-07-09 14:13 . 2011-07-10 06:48 -------- d-----w- C:\Vanessa 2011-07-09 06:31 . 2011-07-09 06:42 -------- d-----w- c:\documents and settings\UpdatusUser 2011-07-09 06:31 . 2011-07-09 06:31 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA 2011-07-09 06:31 . 2011-05-25 06:09 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll 2011-07-09 06:31 . 2011-07-09 06:31 273344 ----a-w- c:\windows\system32\nvdrsdb0.bin 2011-07-09 06:31 . 2011-07-09 06:31 1 ----a-w- c:\windows\system32\nvdrssel.bin 2011-07-09 06:31 . 2011-07-09 06:31 273344 ----a-w- c:\windows\system32\nvdrsdb1.bin 2011-07-09 06:31 . 2011-05-25 06:09 865896 ----a-w- c:\windows\system32\nvhdagenco322040.dll 2011-07-09 06:31 . 2011-05-25 06:09 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll 2011-07-09 06:31 . 2011-05-25 06:09 865896 ----a-w- c:\windows\system32\nvgenco322090.dll 2011-07-09 06:31 . 2011-05-25 06:09 61440 ----a-w- c:\windows\system32\OpenCL.dll 2011-07-09 06:31 . 2011-05-25 06:09 13004800 ----a-w- c:\windows\system32\nvcompiler.dll 2011-07-09 06:29 . 2011-07-09 06:30 81709520 ----a-w- C:\275.33-desktop-winxp-32bit-english-whql.exe 2011-07-08 19:16 . 2011-07-08 19:16 -------- d-----w- c:\program files\SystemRequirementsLab 2011-07-05 06:19 . 2011-07-05 06:19 -------- d-----w- C:\found.000 2011-06-21 07:47 . 2009-08-11 04:26 485920 ----a-w- c:\windows\system32\nvuhda.exe 2011-06-21 07:46 . 2011-05-25 06:09 26216 ----a-w- c:\windows\system32\nvhdap32.dll 2011-06-21 07:46 . 2011-05-25 06:09 119528 ----a-w- c:\windows\system32\drivers\nvhda32.sys 2011-06-21 07:46 . 2009-08-11 04:27 155648 ----a-r- c:\windows\system32\nvcohda.dll 2011-06-16 19:02 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-10 09:30 . 2011-04-22 19:21 4138713 ------r- C:\ComboFix.exe 2011-07-08 04:30 . 2011-05-14 06:14 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-29 07:11 . 2011-01-04 17:01 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-29 07:11 . 2011-01-04 17:01 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-27 16:04 . 2011-05-27 16:04 7008 ----a-w- C:\cc_20110527_180402.reg 2011-05-25 06:09 . 2009-08-17 01:04 54272 ----a-w- c:\windows\system32\nvwddi.dll 2011-05-25 06:09 . 2009-08-17 01:03 154728 ----a-w- c:\windows\system32\nvsvc32.exe 2011-05-25 06:09 . 2009-08-17 01:03 111208 ----a-w- c:\windows\system32\nvmctray.dll 2011-05-25 06:09 . 2009-08-17 01:03 13895272 ----a-w- c:\windows\system32\nvcpl.dll 2011-05-25 06:09 . 2009-08-17 01:03 145000 ----a-w- c:\windows\system32\nvcolor.exe 2011-05-25 06:09 . 2009-08-16 22:57 2808936 ----a-w- c:\windows\system32\nvcuvid.dll 2011-05-25 06:09 . 2009-08-16 22:57 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll 2011-05-25 06:09 . 2004-10-01 14:35 16068608 ----a-w- c:\windows\system32\nvoglnt.dll 2011-05-25 06:09 . 2009-08-16 22:57 5332992 ----a-w- c:\windows\system32\nvcuda.dll 2011-05-25 06:09 . 2009-08-16 22:57 2328576 ----a-w- c:\windows\system32\nvapi.dll 2011-05-25 06:09 . 2004-10-01 14:35 4198272 ----a-w- c:\windows\system32\nv4_disp.dll 2011-05-25 06:09 . 2004-10-01 14:35 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2011-05-02 15:31 . 2004-10-05 21:31 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 17:25 . 2004-10-06 06:22 151552 ----a-w- c:\windows\system32\schannel.dll 2011-04-29 16:19 . 2004-10-06 06:21 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-25 17:32 . 2011-04-25 17:32 3050664 ----a-w- C:\ccsetup305.exe 2011-04-25 16:05 . 2004-10-06 06:22 916480 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 16:05 . 2004-10-06 06:21 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-25 16:05 . 2004-10-06 06:21 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-04-25 12:01 . 2004-10-06 06:21 385024 ----a-w- c:\windows\system32\html.iec 2011-04-22 19:21 . 2011-04-22 19:21 1163104 ----a-w- C:\avg_remover_stf_x86_2011_1322.exe 2011-04-21 13:37 . 2004-10-06 06:21 105472 ----a-w- c:\windows\system32\drivers\mup.sys 2011-04-21 08:32 . 2011-04-21 08:32 388096 ----a-r- c:\documents and settings\Andy\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-04-21 08:30 . 2011-04-21 08:30 1402880 ----a-w- C:\HijackThis.msi 2011-04-11 16:18 . 2011-04-11 16:18 5497592 ----a-w- C:\avg_free_stb_all_2011_1321_cnet.exe 2011-07-09 20:49 . 2011-05-06 16:57 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LVCOMS"="c:\program files\Common Files\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 135214] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272] "NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-1-29 813584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Ralink Wireless Utility.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Ralink Wireless Utility.lnk backup=c:\windows\pss\Ralink Wireless Utility.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Andy^Menu Start^Programma's^Opstarten^Dropbox.lnk] path=c:\documents and settings\Andy\Menu Start\Programma's\Opstarten\Dropbox.lnk backup=c:\windows\pss\Dropbox.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^Andy^Menu Start^Programma's^Opstarten^Logitech-productregistratie.lnk] path=c:\documents and settings\Andy\Menu Start\Programma's\Opstarten\Logitech-productregistratie.lnk backup=c:\windows\pss\Logitech-productregistratie.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bluetooth Connection Assistant] LBTWIZ.EXE -silent [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] 2004-02-20 14:00 88363 ----a-w- c:\windows\AGRSMMSG.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service] 2010-03-18 09:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion] 2010-03-13 10:58 75048 ------w- c:\program files\CyberLink\Shared Files\brs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid] 2009-06-04 15:51 2056192 ----a-w- c:\program files\Belgium Identity Card\beid35gui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] 2008-04-14 17:03 110592 ----a-w- c:\windows\system32\bthprops.cpl . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey] 2004-02-24 12:05 508416 ----a-w- c:\windows\mHotkey.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] 2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ledpointer] 2004-02-03 15:15 5794816 ----a-w- c:\windows\CNYHKey.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2011-05-29 07:11 449584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2011-05-25 06:09 13895272 ----a-w- c:\windows\system32\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2011-05-25 06:09 111208 ----a-w- c:\windows\system32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2011-05-04 22:02 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2008-11-04 09:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10] 2010-02-02 22:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkoppeling naar eigenschappenvenster voor High Definition Audio] 2004-03-17 14:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2004-10-08 17:02 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector] 2003-11-19 11:03 45056 ------w- c:\program files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\monitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] 2008-03-01 05:10 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2006-11-02 21:53 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "gusvc"=3 (0x3) "Creative Service for CDROM Access"=2 (0x2) "CA_LIC_SRVR"=3 (0x3) "CA_LIC_CLNT"=3 (0x3) "BlueSoleil Hid Service"=2 (0x2) "ose"=3 (0x3) "NOD32FiXTemDono"=2 (0x2) "Nero BackItUp Scheduler 4.0"=2 (0x2) "iPod Service"=3 (0x3) ".EsetTrialReset"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%WinDir%\\system32\\fxsclnt.exe"= "%ProgramFiles%\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "d:\\Documenten\\Mijn ontvangen bestanden\\utorrent.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Documents and Settings\\Andy\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"= . R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14/01/2009 19:51 697328] R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/05 20:37];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [13/03/2010 12:58 87536] R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [19/09/2002 20:29 53248] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/01/2011 19:01 366640] R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [18/02/2010 14:01 462632] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20/10/2009 20:19 50704] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [9/07/2011 8:31 2214504] R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [6/10/2004 1:38 1272000] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/01/2011 19:01 22712] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [21/06/2011 9:46 119528] R3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [13/03/2011 18:14 152576] R3 wbscr;Winbond Smartcard Reader for I/O;c:\windows\system32\drivers\wbscr.sys [6/10/2004 2:27 19928] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2010 18:12 136176] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 19:14 33536] S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2010 18:12 136176] S3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [23/10/2004 14:49 24704] S3 UKBFLT;UKBFLT;c:\windows\system32\drivers\UKBFLT.sys [24/10/2004 12:28 11672] S4 .EsetTrialReset;Eset Trial Reset;c:\windows\reset.exe /s --> c:\windows\reset.exe [?] S4 CA_LIC_CLNT;CA License Client;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [19/09/2002 20:27 77824] S4 CA_LIC_SRVR;CA License Server;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [19/09/2002 20:41 77824] . Inhoud van de 'Gedeelde Taken' map . 2011-07-10 c:\windows\Tasks\Andy Local Autobackup 5 4.job - c:\program files\Nero\Nero 10\Nero BackItUp\NBCore.exe [2010-02-22 14:17] . 2010-10-05 c:\windows\Tasks\Andy NBAgent 5 4.job - c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-02-22 14:17] . 2011-06-23 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . 2011-07-10 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20] . 2011-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-24 16:11] . 2011-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-24 16:11] . 2011-04-14 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] . 2011-07-10 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] . 2011-04-02 c:\windows\Tasks\wavepadShakeIcon.job - c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2011-03-30 16:13] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nieuwsblad.be/index.html uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: Converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Open using &Advanced JPEG Compressor - c:\program files\Advanced JPEG Compressor\ajcieex.htm IE: Toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html TCP: DhcpNameServer = 195.130.130.130 195.130.131.130 DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.3/GarminAxControl.CAB DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - hxxp://www3.snapfish.be/SnapfishActivia3.cab FF - ProfilePath - c:\documents and settings\Andy\Application Data\Mozilla\Firefox\Profiles\tcath2ai.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.nieuwsblad.be/index.html?ref=0911 . - - - - ORPHANS VERWIJDERD - - - - . HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-07-10 11:56 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,c6,fc,cd,82,96,6f,45,80,50,f5,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,c6,fc,cd,82,96,6f,45,80,50,f5,\ . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(532) c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll c:\windows\system32\gpkcsp.dll c:\windows\system32\gpkrsrc.dll . Voltooingstijd: 2011-07-10 12:03:29 ComboFix-quarantined-files.txt 2011-07-10 10:03 . Pre-Run: 18.169.466.880 bytes beschikbaar Post-Run: 19.459.272.704 bytes beschikbaar . Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 769E7E9BA560F1E6A11C223E108CBE98
  21. rsca1973
    Heb dus mijn videokaart vervangen omdat deze stuk was. Het was dus niet enkel vuil dat het probleem veroorzaakte. Ik heb dus de nieuwe videokaart geïnstalleerd (Asus EN210) en de nodige drivers geïnstalleerd (zelfs de laatste versie gedownload via nvidia). Maar nu heb ik een volgend probleem. De computer kan vandaag normaal opstarten, morgen ook maar als ik hem dan bv. de volgende dag opstart, dan krijg ik terug geen beeld op mijn scherm. Wanneer ik dan mijn videokaart er eens uithaal en opnieuw inplug, dan heb ik terug wel beeld. Ik kan me niet voorstellen dat dit normaal is. Sorry dat ik jullie terug moet lastig vallen (heb ook nog een ander topic lopen), maar misschien kunnen de kenners mij hier een uitleg geven voor dit eigenaardig probleem.
  22. rsca1973
    Er zijn geen kwaadaardige infecties gevonden. Dit is dus mijn logje: Malwarebytes' Anti-Malware 1.51.0.1200 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 7060 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 10/07/2011 8:18:21 mbam-log-2011-07-10 (08-18-21).txt Scantype: Snelle scan Objecten gescand: 193810 Verstreken tijd: 5 minuut/minuten, 13 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd)
  23. rsca1973
    Heb de indruk dat mijn pc terug trager werkt dan voordien. Daarom dat ik voor alle zekerheid toch nog eens een logje plaats zodat de specialisten kunnen nakijken of er al dan niet iets aan scheelt. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:36:16, on 7/07/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG10\avgchsvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\AVG\AVG10\avgtray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Nero\Update\NASvc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\PROGRA~1\AVG\AVG10\avgrsx.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Google\Update\Install\{2FA2FBA8-AFAD-4511-8E87-B667881C910E}\chrome_updater.exe C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\CR_64320.tmp\setup.exe C:\WINDOWS\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10q_Plugin.exe -update plugin O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6.3/GarminAxControl.CAB O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - http://ua.foto.com/ImageUploader6.cab O16 - DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - http://www3.snapfish.be/SnapfishActivia3.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - http://www.new2.foto.com/ImageUploader5.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 13212 bytes
  24. rsca1973
    Harde schijf was niet stuk. Heb er een specialist laten naar kijken en blijkbaar moet er iets fout geweest zijn in de bios. Vraag me niet juist wat want zoveel verstand heb ik er niet van. Dus kijk, hij werkt terug. Heb hem gevraagd hoe dit zou kunnen komen maar hij kon er niet direkt een antwoord op geven. Hij zei me wel dat hij dit probleem ook nog vorige week heeft gehad. Toeval of niet? Wie zal het zeggen. Heb wel precies de indruk dat hij trager werkt. Misschien toch maar even eens een logje plaatsen zodat de experten hier kunnen zeggen of er al dan niet iets mis is. Zal daarvoor een nieuw topic opstarten. Hier mag dus een slotje op.
  25. rsca1973
    Dit is natuurlijk geen goed nieuws! Ik hoop echt dat ik de data nog kan recupereren. Ga er zelf niet beginnen aan prutsen maar ga dit laten doen door iemand die er verstand van heeft! Toch bedankt voor de snelle reacties.
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.