rsca1973
-
Items
113 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door rsca1973
-
-
Een vriend van mij heeft er ook eens naar gekeken en heeft hem nog eens beter uitgestoft. Hij zei dat ik ook eens onder de ventilator moest blazen want dat daar nog veel stof zat.
Maar ik heb dus gedaan zoals je gevraagd hebt. Hier dus de printscreen:
In ieder geval heb ik hem nooit overklokt.
-
Hierbij de link zoals gevraagd:
-
Heb de pc volledig ontstoft met een speciale spuitbus. Dus ik vrees dat het daaraan niet zal liggen. Zal vanavond doen wat je gevraagd hebt.
Ik wou hem deze avond al naar de pc-winkel brengen om hem laten na te kijken maar zal eerst wachten tot jij er jouw oordeel over hebt gegeven.
-
Sedert een tijdje gebeurd het dat mijn pc zomaar uitvalt. Ik kan hem daarna terug opstarten maar het is natuurlijk enorm vervelend.
Ik denk dat het te maken heeft met de temperatuur en heb daarom speedfan gedownload. Zelf zie ik wel dat de temperaturen te hoog zijn maar heb geen verstand over hoe en waarom.
Daarom hier wat er staat bij speedfan:
GPU: 40C
Temp1: 44C
Temp2: 94C
Temp 3: 128C
HD0: 39C
Temp1: 87C
Core: 43C
Ambient: 0C
Kan mij iemand vertellen wat er mis is? Kan het de koeling zijn?
Volgens mij kan het in ieder geval niet de videokaart zijn want deze is onlangs vernieuwd.
-
Heb alles gedaan zoals je hebt omschreven. Ziet er allemaal terug oké uit.
Hier mag dus een slotje op!
-
Heb de pc gisteren een paar uur laten opstaan en krijg geen melding meer van "conhost.exe".
kape, hartelijke dank voor de snelle service!!!!!!
-
Sorry, had erover gekeken.
Hier dus het logje:
2011/08/31 20:04:26.0640 0960 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/31 20:04:26.0718 0960 ================================================================================
2011/08/31 20:04:26.0718 0960 SystemInfo:
2011/08/31 20:04:26.0718 0960
2011/08/31 20:04:26.0718 0960 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/31 20:04:26.0718 0960 Product type: Workstation
2011/08/31 20:04:26.0718 0960 ComputerName: VANESSA
2011/08/31 20:04:26.0718 0960 UserName: Andy
2011/08/31 20:04:26.0718 0960 Windows directory: C:\WINDOWS
2011/08/31 20:04:26.0718 0960 System windows directory: C:\WINDOWS
2011/08/31 20:04:26.0718 0960 Processor architecture: Intel x86
2011/08/31 20:04:26.0718 0960 Number of processors: 2
2011/08/31 20:04:26.0718 0960 Page size: 0x1000
2011/08/31 20:04:26.0718 0960 Boot type: Normal boot
2011/08/31 20:04:26.0718 0960 ================================================================================
2011/08/31 20:04:29.0093 0960 Initialize success
2011/08/31 20:04:41.0843 2068 ================================================================================
2011/08/31 20:04:41.0843 2068 Scan started
2011/08/31 20:04:41.0843 2068 Mode: Manual;
2011/08/31 20:04:41.0843 2068 ================================================================================
2011/08/31 20:04:42.0859 2068 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/31 20:04:42.0921 2068 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/08/31 20:04:43.0000 2068 ACSSCR (b6a0f723a54884e77fce0f69083f90c9) C:\WINDOWS\system32\DRIVERS\a38usb.sys
2011/08/31 20:04:43.0109 2068 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/31 20:04:43.0156 2068 AegisP (8d155386b3b032ea7513e19f8c8f80a7) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/08/31 20:04:43.0203 2068 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
2011/08/31 20:04:43.0250 2068 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/31 20:04:43.0390 2068 AgereSoftModem (052343cd49c8da20c48958cfe73c7d44) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/08/31 20:04:43.0609 2068 AnyDVD (7684252281cfb197ac4c38b33ac5b2a6) C:\WINDOWS\system32\Drivers\AnyDVD.sys
2011/08/31 20:04:43.0687 2068 APL531 (1fc8a7e5c3aed31f00940c6ab2fd9b49) C:\WINDOWS\system32\Drivers\ov550i.sys
2011/08/31 20:04:43.0781 2068 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/08/31 20:04:43.0906 2068 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/31 20:04:43.0953 2068 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/31 20:04:43.0984 2068 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/31 20:04:44.0031 2068 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/31 20:04:44.0109 2068 AVGIDSDriver (c403e7f715bb0a851a9dfae16ec4ae42) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
2011/08/31 20:04:44.0156 2068 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
2011/08/31 20:04:44.0187 2068 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
2011/08/31 20:04:44.0218 2068 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
2011/08/31 20:04:44.0281 2068 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
2011/08/31 20:04:44.0375 2068 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
2011/08/31 20:04:44.0390 2068 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
2011/08/31 20:04:44.0515 2068 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
2011/08/31 20:04:44.0671 2068 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/31 20:04:44.0875 2068 BlueletAudio (59b6f5acc898d123f0cda4f5afe5cc16) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
2011/08/31 20:04:44.0984 2068 BT (9da8abc4885aff4793d4aa420e40bb12) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
2011/08/31 20:04:45.0062 2068 Btcsrusb (ee481fdd7e7a3c162d479fedd35f3041) C:\WINDOWS\system32\Drivers\btcusb.sys
2011/08/31 20:04:45.0140 2068 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2011/08/31 20:04:45.0234 2068 BTHidEnum (083ad7f6ff500d0a93c0bea2cf298c93) C:\WINDOWS\system32\DRIVERS\vbtenum.sys
2011/08/31 20:04:45.0328 2068 BTHidMgr (ba7d9de78de8de7f9099217edeb55caf) C:\WINDOWS\system32\Drivers\BTHidMgr.sys
2011/08/31 20:04:45.0375 2068 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2011/08/31 20:04:45.0453 2068 BTHPORT (29ff6a865782d0f5b8e7fa1ffab4182b) C:\WINDOWS\system32\Drivers\BTHport.sys
2011/08/31 20:04:45.0515 2068 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2011/08/31 20:04:45.0562 2068 Cap7134 (fdfe848c821f0666c4507a11717146c2) C:\WINDOWS\system32\DRIVERS\Cap7134.sys
2011/08/31 20:04:45.0656 2068 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/31 20:04:45.0687 2068 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/08/31 20:04:45.0796 2068 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/31 20:04:45.0843 2068 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/31 20:04:45.0906 2068 cdrbsdrv (9008ad94f28360a2f1409592bfc7acf7) C:\WINDOWS\system32\drivers\cdrbsdrv.sys
2011/08/31 20:04:45.0953 2068 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/31 20:04:46.0093 2068 cmudax (53c90d77476edd52b3abafca8d5d01db) C:\WINDOWS\system32\drivers\cmudax.sys
2011/08/31 20:04:46.0343 2068 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/31 20:04:46.0406 2068 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/31 20:04:46.0468 2068 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/31 20:04:46.0515 2068 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/31 20:04:46.0578 2068 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/31 20:04:46.0640 2068 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/31 20:04:46.0718 2068 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
2011/08/31 20:04:46.0875 2068 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/31 20:04:46.0984 2068 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/08/31 20:04:47.0093 2068 FETNDISB (29063004926b225c417e7147822f5866) C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
2011/08/31 20:04:47.0203 2068 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/31 20:04:47.0296 2068 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/08/31 20:04:47.0406 2068 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/31 20:04:47.0484 2068 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/31 20:04:47.0625 2068 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/31 20:04:47.0750 2068 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/08/31 20:04:47.0890 2068 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/31 20:04:48.0015 2068 HdAudAddService (160b24fd894e79e71c983ea403a6e6e7) C:\WINDOWS\system32\drivers\HdAudio.sys
2011/08/31 20:04:48.0171 2068 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/31 20:04:48.0312 2068 HidBth (d8cc702bb02ad520c3379e7ecb009ae1) C:\WINDOWS\system32\DRIVERS\hidbth.sys
2011/08/31 20:04:48.0406 2068 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/31 20:04:48.0546 2068 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/08/31 20:04:48.0687 2068 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/08/31 20:04:48.0828 2068 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/08/31 20:04:48.0968 2068 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/31 20:04:49.0218 2068 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/31 20:04:49.0296 2068 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/31 20:04:49.0437 2068 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/08/31 20:04:49.0515 2068 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/08/31 20:04:49.0625 2068 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/31 20:04:49.0703 2068 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/31 20:04:49.0859 2068 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/31 20:04:49.0921 2068 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/31 20:04:49.0984 2068 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/31 20:04:50.0109 2068 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/31 20:04:50.0171 2068 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/31 20:04:50.0265 2068 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/31 20:04:50.0328 2068 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/31 20:04:50.0468 2068 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/31 20:04:50.0578 2068 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/31 20:04:50.0875 2068 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2011/08/31 20:04:50.0937 2068 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2011/08/31 20:04:51.0031 2068 MBAMProtector (eca00eed9ab95489007b0ef84c7149de) C:\WINDOWS\system32\drivers\mbam.sys
2011/08/31 20:04:51.0109 2068 mcdbus (5fb43fe50aee92b2b7b34cf2563db2ac) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
2011/08/31 20:04:51.0250 2068 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/31 20:04:51.0390 2068 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/31 20:04:51.0515 2068 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2011/08/31 20:04:51.0593 2068 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/31 20:04:51.0625 2068 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/31 20:04:51.0687 2068 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/31 20:04:52.0093 2068 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/31 20:04:52.0187 2068 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/31 20:04:52.0328 2068 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/31 20:04:52.0390 2068 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/31 20:04:52.0421 2068 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/31 20:04:52.0500 2068 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/31 20:04:52.0546 2068 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/31 20:04:52.0843 2068 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/08/31 20:04:53.0140 2068 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/31 20:04:53.0531 2068 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/08/31 20:04:53.0968 2068 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/31 20:04:54.0265 2068 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/08/31 20:04:54.0500 2068 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/31 20:04:54.0718 2068 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/31 20:04:54.0781 2068 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/31 20:04:54.0828 2068 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/31 20:04:54.0890 2068 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/31 20:04:54.0921 2068 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/31 20:04:55.0031 2068 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/08/31 20:04:55.0093 2068 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\npf.sys
2011/08/31 20:04:55.0109 2068 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/31 20:04:55.0156 2068 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/31 20:04:55.0234 2068 NTSIM (4d3eb5a8021af05c7fe5f313443a533b) C:\WINDOWS\system32\ntsim.sys
2011/08/31 20:04:55.0406 2068 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/31 20:04:56.0203 2068 nv (8b2c874897ea498da012284e12f9db2b) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/08/31 20:04:56.0625 2068 NVHDA (1fda0adfd0dd666ecb1cbf8436f81805) C:\WINDOWS\system32\drivers\nvhda32.sys
2011/08/31 20:04:56.0687 2068 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/31 20:04:56.0734 2068 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/31 20:04:56.0796 2068 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/08/31 20:04:56.0859 2068 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/08/31 20:04:56.0890 2068 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/31 20:04:56.0953 2068 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/31 20:04:57.0000 2068 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/31 20:04:57.0078 2068 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/31 20:04:57.0125 2068 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/31 20:04:57.0187 2068 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
2011/08/31 20:04:57.0421 2068 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
2011/08/31 20:04:57.0515 2068 PhTVTune (94e7f6107c70251059ae4d01b1d76124) C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
2011/08/31 20:04:57.0593 2068 PID_0920 (2f81e367875c5d7d6f05454ba84d27a9) C:\WINDOWS\system32\DRIVERS\LV532AV.SYS
2011/08/31 20:04:57.0734 2068 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/31 20:04:57.0796 2068 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/31 20:04:57.0859 2068 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
2011/08/31 20:04:58.0015 2068 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/31 20:04:58.0062 2068 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/31 20:04:58.0078 2068 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/31 20:04:58.0140 2068 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/31 20:04:58.0187 2068 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/31 20:04:58.0265 2068 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/31 20:04:58.0328 2068 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/31 20:04:58.0437 2068 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/31 20:04:58.0500 2068 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2011/08/31 20:04:58.0578 2068 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/08/31 20:04:58.0640 2068 RT2500USB (b2a5e9d580a61b57ad91fa64a4789aba) C:\WINDOWS\system32\DRIVERS\rt2500usb.sys
2011/08/31 20:04:58.0734 2068 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/31 20:04:58.0796 2068 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/08/31 20:04:58.0828 2068 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/08/31 20:04:58.0890 2068 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/31 20:04:58.0968 2068 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/08/31 20:04:59.0031 2068 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/31 20:04:59.0125 2068 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\WINDOWS\system32\Drivers\sptd.sys
2011/08/31 20:04:59.0125 2068 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd
2011/08/31 20:04:59.0125 2068 sptd - detected LockedFile.Multi.Generic (1)
2011/08/31 20:04:59.0171 2068 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/31 20:04:59.0250 2068 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/31 20:04:59.0343 2068 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
2011/08/31 20:04:59.0390 2068 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/08/31 20:04:59.0437 2068 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/31 20:04:59.0468 2068 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/31 20:04:59.0921 2068 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/31 20:05:00.0015 2068 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/31 20:05:00.0093 2068 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/31 20:05:00.0171 2068 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/31 20:05:00.0203 2068 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/31 20:05:00.0281 2068 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/31 20:05:00.0328 2068 UKBFLT (121b9eb8372f9309b12a2c698f655f84) C:\WINDOWS\system32\DRIVERS\UKBFLT.sys
2011/08/31 20:05:00.0453 2068 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/31 20:05:00.0531 2068 USBAAPL (c1ca131f4e3ed63d6bc89a35ffad4cda) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/08/31 20:05:00.0593 2068 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/08/31 20:05:00.0828 2068 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/31 20:05:01.0031 2068 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/31 20:05:01.0093 2068 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/31 20:05:01.0140 2068 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/08/31 20:05:01.0187 2068 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/31 20:05:01.0218 2068 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/31 20:05:01.0250 2068 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/31 20:05:01.0343 2068 VComm (760b5a696e86284d7087f3079a398652) C:\WINDOWS\system32\DRIVERS\VComm.sys
2011/08/31 20:05:01.0390 2068 VcommMgr (8996c17e289f200934d8d13b2285dc08) C:\WINDOWS\system32\Drivers\VcommMgr.sys
2011/08/31 20:05:01.0437 2068 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/31 20:05:01.0500 2068 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/31 20:05:01.0562 2068 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/31 20:05:01.0734 2068 wbscr (67014473f902f3023f892c3a0950958a) C:\WINDOWS\system32\drivers\wbscr.sys
2011/08/31 20:05:02.0031 2068 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/08/31 20:05:02.0437 2068 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/31 20:05:02.0578 2068 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/08/31 20:05:02.0875 2068 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/08/31 20:05:03.0156 2068 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/31 20:05:03.0406 2068 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/31 20:05:03.0750 2068 XUIF (93692d6b2fcbb63f517642048f5295fb) C:\WINDOWS\system32\Drivers\x10ufx2.sys
2011/08/31 20:05:03.0937 2068 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
2011/08/31 20:05:04.0015 2068 MBR (0x1B8) (2a38a2f9deea228d8e1783700ed15448) \Device\Harddisk0\DR0
2011/08/31 20:05:04.0015 2068 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/08/31 20:05:04.0046 2068 Boot (0x1200) (0cef16481a8ce9fbc23684a8bec70090) \Device\Harddisk0\DR0\Partition0
2011/08/31 20:05:04.0093 2068 Boot (0x1200) (6d0490efb1045b1c92570344d30adea1) \Device\Harddisk0\DR0\Partition1
2011/08/31 20:05:04.0125 2068 Boot (0x1200) (d50ad5d50ed679693711d907c3960baf) \Device\Harddisk0\DR0\Partition2
2011/08/31 20:05:04.0125 2068 ================================================================================
2011/08/31 20:05:04.0125 2068 Scan finished
2011/08/31 20:05:04.0125 2068 ================================================================================
2011/08/31 20:05:04.0156 0972 Detected object count: 2
2011/08/31 20:05:04.0156 0972 Actual detected object count: 2
2011/08/31 20:05:16.0718 0972 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/08/31 20:05:16.0750 0972 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/08/31 20:05:16.0750 0972 \Device\Harddisk0\DR0 - ok
2011/08/31 20:05:16.0750 0972 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
2011/08/31 20:05:29.0625 2088 Deinitialize success
-
Hierbij de logfile van het del.bat bestand:
Deleting files
C:\WINDOWS\TEMP\conhost.exe not found
Nu ga ik dus de rest uitvoeren.
---------- Post toegevoegd om 20:10 ---------- Vorige post was om 19:59 ----------
Heb dus de scan met tdsskiller uitgevoerd maar heb geen logje kunnen bekijken. Heb wel gezien dat er "1 threat" gevonden was maar moest daarna de pc opnieuw opstarten.
Moet wel zeggen dat ik na het opstarten tot hiertoe geen melding meer gekregen heb van "conhost.exe".
Dus ik wacht nog even af maar en hoop dat het verwijderd is.
Ik hou jullie op de hoogte.
-
Slecht nieuws, na het opnieuw installeren van AVG kreeg ik nog voor het updaten terug de melding van conhost.exe. Is dus nog niet opgelost.
-
Lag toch aan de videokaart. Heb een tijdje geleden de nieuwste drivers van het internet gehaald en opnieuw geïnstalleerd en tot op heden geen enkel probleem meer. Is dus opgelost!
-
Ik zal vanavond bij mijn thuiskomst AVG opnieuw installeren want ik heb hem moeten verwijderen om combofix zijn werk te kunnen laten doen. Ik laat dus iets weten of er nog meldingen verschijnen!
-
Heb dus alles uitgevoerd zoals gevraagd. Hier dus het nieuwe logje:
ComboFix 11-08-29.03 - Andy 29/08/2011 21:04:04.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1534.1044 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Andy\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\Andy\Bureaublad\CFScript.txt
.
FILE ::
"c:\windows\reset.exe"
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Andy\Application Data\Eknu
c:\documents and settings\Andy\Application Data\Kaewi
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_.EsetTrialReset
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-07-28 to 2011-08-29 ))))))))))))))))))))))))))))))
.
.
2071-07-25 08:13 . 2006-11-21 19:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe
2011-08-13 09:45 . 2011-08-20 06:21 -------- d-----w- c:\documents and settings\Andy\Downloads
2011-08-13 09:45 . 2011-08-13 09:45 -------- d-----w- c:\documents and settings\Andy\Local Settings\Application Data\Spotnet
2011-08-13 09:42 . 2011-08-13 09:42 7410 ----a-w- C:\cc_20110813_114228.reg
2011-08-13 09:42 . 2011-08-13 09:42 53150 ----a-w- C:\cc_20110813_114207.reg
2011-08-13 09:41 . 2011-08-29 19:00 -------- d--h--r- c:\documents and settings\Andy\Onlangs geopend
2011-08-10 09:34 . 2011-08-10 09:34 -------- d-----w- c:\documents and settings\Andy\Application Data\LEAPS
2011-08-10 09:25 . 2011-08-10 09:25 -------- d-----w- c:\documents and settings\Andy\Application Data\Pegasys Inc
2011-08-10 09:17 . 2011-08-10 09:16 59240 ----a-w- c:\windows\system32\GenSvcInst.exe
2011-08-10 09:17 . 2011-08-10 09:16 38944 ----a-w- c:\windows\system32\drivers\CDRBSDRV.SYS
2011-08-10 09:17 . 2011-08-10 09:16 139264 ----a-w- c:\windows\system32\bgsvcgen.exe
2011-08-10 09:17 . 2011-08-10 09:17 -------- d-----w- c:\program files\Pegasys Inc
2011-08-10 08:59 . 2011-08-10 08:59 -------- d-----w- C:\TMPGEnc-2.525.64.184-EN
2011-08-10 08:49 . 2011-08-13 09:29 -------- d-----w- C:\tmpgencoder
2011-08-10 06:42 . 2011-08-13 09:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Spotnet
2011-08-10 06:42 . 2011-08-10 06:42 -------- d-----w- c:\program files\Spotnet
2011-08-10 06:40 . 2011-08-10 06:40 8623805 ----a-w- C:\spotnet-DukeN-NL.exe
2011-08-10 06:18 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 06:17 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-09 14:29 . 2011-08-09 14:29 -------- d-----w- c:\program files\SlySoft
2011-08-09 14:27 . 2011-08-09 14:27 -------- d-----w- c:\program files\Elaborate Bytes
2011-08-04 18:23 . 2011-08-04 18:23 -------- d-----w- c:\program files\XviD
2011-08-04 18:22 . 2011-08-04 18:22 12341641 ----a-w- C:\AutoGordianKnot.2.55.Setup.exe
2011-08-04 15:42 . 2011-08-04 15:42 6872759 ----a-w- C:\K-Lite_Codec_Pack_750_Basic.exe
2011-08-04 15:02 . 2011-08-04 15:07 -------- d-----w- c:\program files\MPEGJOINER
2011-08-04 15:02 . 2011-08-04 15:02 464065 ----a-w- C:\MpegJoiner.exe
2011-08-04 13:47 . 2011-08-04 13:47 -------- d-----w- C:\MyJoinedFiles
2011-08-04 13:46 . 2011-08-13 09:34 -------- d-----w- c:\program files\AoA Video Joiner
2011-08-04 13:45 . 2011-08-04 13:46 8162547 ----a-w- C:\VideoJoiner.exe
2011-08-04 13:41 . 2001-08-22 10:00 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-08-04 13:40 . 2011-08-04 13:41 13060381 ----a-w- C:\AoneVideoJoiner.exe
2011-08-04 13:06 . 2011-08-04 13:10 -------- d-----w- c:\program files\Video Joiner
2011-08-04 12:51 . 2011-08-04 12:51 1160016 ----a-w- C:\wlsetup-web.exe
2011-08-04 12:49 . 2011-08-04 12:49 284920 ----a-w- C:\SoftonicDownloader_voor_windows-movie-maker.exe
2011-08-04 12:35 . 2011-08-04 12:35 367951 ----a-w- C:\Brothersoftdownloader_for_Windows_Movie_Maker.exe
2011-08-02 08:33 . 2011-08-02 08:33 -------- d-----w- c:\documents and settings\Andy\Application Data\NVIDIA
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-27 06:35 . 2011-05-14 06:14 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-10 08:59 . 2011-08-10 08:58 1750816 ----a-w- C:\TMPGEnc-2.525.64.184-EN.zip
2011-08-04 13:24 . 2011-08-04 13:24 514572 ----a-w- C:\InstCombiMovie.zip
2011-07-28 10:27 . 2011-07-28 10:27 121464 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2011-07-22 13:58 . 2011-07-22 13:58 910624 ----a-w- C:\jxpiinstall.exe
2011-07-21 18:23 . 2011-07-21 18:23 2188108 ----a-w- C:\GrabIt172b4(1).exe
2011-07-15 13:29 . 2004-10-06 06:21 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-13 17:51 . 2011-07-13 17:51 6108 ----a-w- C:\cc_20110713_195113.reg
2011-07-13 17:50 . 2011-07-13 17:50 72534 ----a-w- C:\cc_20110713_195043.reg
2011-07-09 06:30 . 2011-07-09 06:29 81709520 ----a-w- C:\275.33-desktop-winxp-32bit-english-whql.exe
2011-07-08 14:02 . 2004-10-06 06:21 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-06 17:52 . 2011-01-04 17:01 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 17:52 . 2011-01-04 17:01 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-24 14:10 . 2004-10-05 21:31 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2004-10-06 06:22 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2004-10-06 06:21 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2004-10-06 06:21 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-10-06 06:21 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-10-06 06:22 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2004-10-06 06:22 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-08-23 19:53 . 2011-05-06 16:57 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 135214]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-10-08 180269]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-1-29 813584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Ralink Wireless Utility.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Ralink Wireless Utility.lnk
backup=c:\windows\pss\Ralink Wireless Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Andy^Menu Start^Programma's^Opstarten^Dropbox.lnk]
path=c:\documents and settings\Andy\Menu Start\Programma's\Opstarten\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Andy^Menu Start^Programma's^Opstarten^Logitech-productregistratie.lnk]
path=c:\documents and settings\Andy\Menu Start\Programma's\Opstarten\Logitech-productregistratie.lnk
backup=c:\windows\pss\Logitech-productregistratie.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bluetooth Connection Assistant]
LBTWIZ.EXE -silent [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2004-02-20 14:00 88363 ----a-w- c:\windows\AGRSMMSG.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-03-18 09:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2010-03-13 10:58 75048 ------w- c:\program files\CyberLink\Shared Files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid]
2009-06-04 15:51 2056192 ----a-w- c:\program files\Belgium Identity Card\beid35gui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 17:03 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2004-02-24 12:05 508416 ----a-w- c:\windows\mHotkey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ledpointer]
2004-02-03 15:15 5794816 ----a-w- c:\windows\CNYHKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-07-06 17:52 449584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-05-25 06:09 13895272 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-05-25 06:09 111208 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-05-04 22:02 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 09:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
2010-02-02 22:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkoppeling naar eigenschappenvenster voor High Definition Audio]
2004-03-17 14:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2004-10-08 17:02 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector]
2003-11-19 11:03 45056 ------w- c:\program files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2008-03-01 05:10 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-02 21:53 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)
"Creative Service for CDROM Access"=2 (0x2)
"CA_LIC_SRVR"=3 (0x3)
"CA_LIC_CLNT"=3 (0x3)
"BlueSoleil Hid Service"=2 (0x2)
"ose"=3 (0x3)
"NOD32FiXTemDono"=2 (0x2)
"Nero BackItUp Scheduler 4.0"=2 (0x2)
"iPod Service"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%WinDir%\\system32\\fxsclnt.exe"=
"%ProgramFiles%\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"d:\\Documenten\\Mijn ontvangen bestanden\\utorrent.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Documents and Settings\\Andy\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14/01/2009 19:51 697328]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/05 20:37];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [13/03/2010 12:58 87536]
R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [19/09/2002 20:29 53248]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/01/2011 19:01 366640]
R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [18/02/2010 14:01 462632]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20/10/2009 20:19 50704]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [9/07/2011 8:31 2214504]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [6/10/2004 1:38 1272000]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/01/2011 19:01 22712]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [21/06/2011 9:46 119528]
R3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [13/03/2011 18:14 152576]
R3 wbscr;Winbond Smartcard Reader for I/O;c:\windows\system32\drivers\wbscr.sys [6/10/2004 2:27 19928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2010 18:12 136176]
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 19:14 33536]
S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2010 18:12 136176]
S3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [23/10/2004 14:49 24704]
S3 UKBFLT;UKBFLT;c:\windows\system32\drivers\UKBFLT.sys [24/10/2004 12:28 11672]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504]
S4 CA_LIC_CLNT;CA License Client;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [19/09/2002 20:27 77824]
S4 CA_LIC_SRVR;CA License Server;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [19/09/2002 20:41 77824]
.
Inhoud van de 'Gedeelde Taken' map
.
2011-08-29 c:\windows\Tasks\Andy Local Autobackup 5 4.job
- c:\program files\Nero\Nero 10\Nero BackItUp\NBCore.exe [2010-02-22 14:17]
.
2010-10-05 c:\windows\Tasks\Andy NBAgent 5 4.job
- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-02-22 14:17]
.
2011-08-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-08-29 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-24 16:11]
.
2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-24 16:11]
.
2011-08-12 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
.
2011-08-29 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
.
2011-04-02 c:\windows\Tasks\wavepadShakeIcon.job
- c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2011-03-30 16:13]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.nieuwsblad.be/index.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Open using &Advanced JPEG Compressor - c:\program files\Advanced JPEG Compressor\ajcieex.htm
IE: Toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 195.130.130.130 195.130.131.130
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.3/GarminAxControl.CAB
DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab
DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - hxxp://www3.snapfish.be/SnapfishActivia3.cab
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
FF - ProfilePath - c:\documents and settings\Andy\Application Data\Mozilla\Firefox\Profiles\tcath2ai.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.nieuwsblad.be/index.html?ref=0911
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-08-29 21:24
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover
Windows 5.1.2600 Disk: WDC_WD2500JD-00HBB0 rev.08.02D08 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
.
device: opened successfully
user: MBR read successfully
error: Read Een apparaat dat op het systeem is aangesloten, werkt niet.
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x8A8FD31B
user & kernel MBR OK
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,c6,fc,cd,82,96,6f,45,80,50,f5,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,c6,fc,cd,82,96,6f,45,80,50,f5,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(540)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll
c:\windows\system32\gpkcsp.dll
c:\windows\system32\gpkrsrc.dll
.
- - - - - - - > 'explorer.exe'(2600)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Common Files\Logitech\Bluetooth\LBTServ.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\system32\bgsvcgen.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\RunDLL32.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\Windows Live\Contacts\wlcomm.exe
c:\windows\TEMP\conhost.exe
.
**************************************************************************
.
Voltooingstijd: 2011-08-29 21:32:44 - machine werd herstart
ComboFix-quarantined-files.txt 2011-08-29 19:32
ComboFix2.txt 2011-08-29 17:52
ComboFix3.txt 2011-07-10 10:03
.
Pre-Run: 8.878.538.752 bytes beschikbaar
Post-Run: 8.852.639.744 bytes beschikbaar
.
Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 71E6440CBCC69A3F92AD1D63753B86A3
-
Heb deze mappen niet zelf aangemaakt. Mag ik toch uitvoeren wat je hierboven zegt of moet ik eerst iets anders doen?
-
Combofix heeft zijn werk gedaan, hier dus het logje:
ComboFix 11-08-29.03 - Andy 29/08/2011 19:24:19.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1534.1082 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Andy\Bureaublad\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
.
---- Voorgaande Run -------
.
c:\documents and settings\Andy\Application Data\i74wa3x7e.tmp
c:\documents and settings\Andy\WINDOWS
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSHNAS
-------\Legacy_SSHNAS
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-07-28 to 2011-08-29 ))))))))))))))))))))))))))))))
.
.
2071-07-25 08:13 . 2006-11-21 19:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe
2011-08-18 17:45 . 2011-08-18 20:05 -------- d-----w- c:\documents and settings\Andy\Application Data\Kaewi
2011-08-18 17:45 . 2011-08-18 17:58 -------- d-----w- c:\documents and settings\Andy\Application Data\Eknu
2011-08-13 09:45 . 2011-08-20 06:21 -------- d-----w- c:\documents and settings\Andy\Downloads
2011-08-13 09:45 . 2011-08-13 09:45 -------- d-----w- c:\documents and settings\Andy\Local Settings\Application Data\Spotnet
2011-08-13 09:42 . 2011-08-13 09:42 7410 ----a-w- C:\cc_20110813_114228.reg
2011-08-13 09:42 . 2011-08-13 09:42 53150 ----a-w- C:\cc_20110813_114207.reg
2011-08-13 09:41 . 2011-08-28 07:58 -------- d--h--r- c:\documents and settings\Andy\Onlangs geopend
2011-08-10 09:34 . 2011-08-10 09:34 -------- d-----w- c:\documents and settings\Andy\Application Data\LEAPS
2011-08-10 09:25 . 2011-08-10 09:25 -------- d-----w- c:\documents and settings\Andy\Application Data\Pegasys Inc
2011-08-10 09:17 . 2011-08-10 09:16 59240 ----a-w- c:\windows\system32\GenSvcInst.exe
2011-08-10 09:17 . 2011-08-10 09:16 38944 ----a-w- c:\windows\system32\drivers\CDRBSDRV.SYS
2011-08-10 09:17 . 2011-08-10 09:16 139264 ----a-w- c:\windows\system32\bgsvcgen.exe
2011-08-10 09:17 . 2011-08-10 09:17 -------- d-----w- c:\program files\Pegasys Inc
2011-08-10 08:59 . 2011-08-10 08:59 -------- d-----w- C:\TMPGEnc-2.525.64.184-EN
2011-08-10 08:49 . 2011-08-13 09:29 -------- d-----w- C:\tmpgencoder
2011-08-10 06:42 . 2011-08-13 09:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Spotnet
2011-08-10 06:42 . 2011-08-10 06:42 -------- d-----w- c:\program files\Spotnet
2011-08-10 06:40 . 2011-08-10 06:40 8623805 ----a-w- C:\spotnet-DukeN-NL.exe
2011-08-10 06:18 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 06:17 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-09 14:29 . 2011-08-09 14:29 -------- d-----w- c:\program files\SlySoft
2011-08-09 14:27 . 2011-08-09 14:27 -------- d-----w- c:\program files\Elaborate Bytes
2011-08-04 18:23 . 2011-08-04 18:23 -------- d-----w- c:\program files\XviD
2011-08-04 18:22 . 2011-08-04 18:22 12341641 ----a-w- C:\AutoGordianKnot.2.55.Setup.exe
2011-08-04 15:42 . 2011-08-04 15:42 6872759 ----a-w- C:\K-Lite_Codec_Pack_750_Basic.exe
2011-08-04 15:02 . 2011-08-04 15:07 -------- d-----w- c:\program files\MPEGJOINER
2011-08-04 15:02 . 2011-08-04 15:02 464065 ----a-w- C:\MpegJoiner.exe
2011-08-04 13:47 . 2011-08-04 13:47 -------- d-----w- C:\MyJoinedFiles
2011-08-04 13:46 . 2011-08-13 09:34 -------- d-----w- c:\program files\AoA Video Joiner
2011-08-04 13:45 . 2011-08-04 13:46 8162547 ----a-w- C:\VideoJoiner.exe
2011-08-04 13:41 . 2001-08-22 10:00 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-08-04 13:40 . 2011-08-04 13:41 13060381 ----a-w- C:\AoneVideoJoiner.exe
2011-08-04 13:06 . 2011-08-04 13:10 -------- d-----w- c:\program files\Video Joiner
2011-08-04 12:51 . 2011-08-04 12:51 1160016 ----a-w- C:\wlsetup-web.exe
2011-08-04 12:49 . 2011-08-04 12:49 284920 ----a-w- C:\SoftonicDownloader_voor_windows-movie-maker.exe
2011-08-04 12:35 . 2011-08-04 12:35 367951 ----a-w- C:\Brothersoftdownloader_for_Windows_Movie_Maker.exe
2011-08-02 08:33 . 2011-08-02 08:33 -------- d-----w- c:\documents and settings\Andy\Application Data\NVIDIA
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-27 06:35 . 2011-05-14 06:14 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-10 08:59 . 2011-08-10 08:58 1750816 ----a-w- C:\TMPGEnc-2.525.64.184-EN.zip
2011-08-04 13:24 . 2011-08-04 13:24 514572 ----a-w- C:\InstCombiMovie.zip
2011-07-28 10:27 . 2011-07-28 10:27 121464 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2011-07-22 13:58 . 2011-07-22 13:58 910624 ----a-w- C:\jxpiinstall.exe
2011-07-21 18:23 . 2011-07-21 18:23 2188108 ----a-w- C:\GrabIt172b4(1).exe
2011-07-15 13:29 . 2004-10-06 06:21 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-13 17:51 . 2011-07-13 17:51 6108 ----a-w- C:\cc_20110713_195113.reg
2011-07-13 17:50 . 2011-07-13 17:50 72534 ----a-w- C:\cc_20110713_195043.reg
2011-07-09 06:30 . 2011-07-09 06:29 81709520 ----a-w- C:\275.33-desktop-winxp-32bit-english-whql.exe
2011-07-08 14:02 . 2004-10-06 06:21 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-06 17:52 . 2011-01-04 17:01 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 17:52 . 2011-01-04 17:01 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-24 14:10 . 2004-10-05 21:31 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2004-10-06 06:22 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2004-10-06 06:21 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2004-10-06 06:21 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-10-06 06:21 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-10-06 06:22 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2004-10-06 06:22 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-08-23 19:53 . 2011-05-06 16:57 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 135214]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-10-08 180269]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-1-29 813584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Ralink Wireless Utility.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Ralink Wireless Utility.lnk
backup=c:\windows\pss\Ralink Wireless Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Andy^Menu Start^Programma's^Opstarten^Dropbox.lnk]
path=c:\documents and settings\Andy\Menu Start\Programma's\Opstarten\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Andy^Menu Start^Programma's^Opstarten^Logitech-productregistratie.lnk]
path=c:\documents and settings\Andy\Menu Start\Programma's\Opstarten\Logitech-productregistratie.lnk
backup=c:\windows\pss\Logitech-productregistratie.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bluetooth Connection Assistant]
LBTWIZ.EXE -silent [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2004-02-20 14:00 88363 ----a-w- c:\windows\AGRSMMSG.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-03-18 09:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2010-03-13 10:58 75048 ------w- c:\program files\CyberLink\Shared Files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid]
2009-06-04 15:51 2056192 ----a-w- c:\program files\Belgium Identity Card\beid35gui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 17:03 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2004-02-24 12:05 508416 ----a-w- c:\windows\mHotkey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ledpointer]
2004-02-03 15:15 5794816 ----a-w- c:\windows\CNYHKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-07-06 17:52 449584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-05-25 06:09 13895272 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-05-25 06:09 111208 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-05-04 22:02 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 09:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
2010-02-02 22:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkoppeling naar eigenschappenvenster voor High Definition Audio]
2004-03-17 14:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2004-10-08 17:02 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector]
2003-11-19 11:03 45056 ------w- c:\program files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2008-03-01 05:10 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-02 21:53 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)
"Creative Service for CDROM Access"=2 (0x2)
"CA_LIC_SRVR"=3 (0x3)
"CA_LIC_CLNT"=3 (0x3)
"BlueSoleil Hid Service"=2 (0x2)
"ose"=3 (0x3)
"NOD32FiXTemDono"=2 (0x2)
"Nero BackItUp Scheduler 4.0"=2 (0x2)
"iPod Service"=3 (0x3)
".EsetTrialReset"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%WinDir%\\system32\\fxsclnt.exe"=
"%ProgramFiles%\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"d:\\Documenten\\Mijn ontvangen bestanden\\utorrent.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Documents and Settings\\Andy\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14/01/2009 19:51 697328]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/05 20:37];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [13/03/2010 12:58 87536]
R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [19/09/2002 20:29 53248]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/01/2011 19:01 366640]
R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [18/02/2010 14:01 462632]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20/10/2009 20:19 50704]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [9/07/2011 8:31 2214504]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [6/10/2004 1:38 1272000]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/01/2011 19:01 22712]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [21/06/2011 9:46 119528]
R3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [13/03/2011 18:14 152576]
R3 wbscr;Winbond Smartcard Reader for I/O;c:\windows\system32\drivers\wbscr.sys [6/10/2004 2:27 19928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2010 18:12 136176]
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 19:14 33536]
S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2010 18:12 136176]
S3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [23/10/2004 14:49 24704]
S3 UKBFLT;UKBFLT;c:\windows\system32\drivers\UKBFLT.sys [24/10/2004 12:28 11672]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504]
S4 .EsetTrialReset;Eset Trial Reset;c:\windows\reset.exe /s --> c:\windows\reset.exe [?]
S4 CA_LIC_CLNT;CA License Client;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [19/09/2002 20:27 77824]
S4 CA_LIC_SRVR;CA License Server;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [19/09/2002 20:41 77824]
.
Inhoud van de 'Gedeelde Taken' map
.
2011-08-29 c:\windows\Tasks\Andy Local Autobackup 5 4.job
- c:\program files\Nero\Nero 10\Nero BackItUp\NBCore.exe [2010-02-22 14:17]
.
2010-10-05 c:\windows\Tasks\Andy NBAgent 5 4.job
- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-02-22 14:17]
.
2011-08-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-08-28 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-24 16:11]
.
2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-24 16:11]
.
2011-08-12 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
.
2011-08-29 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
.
2011-04-02 c:\windows\Tasks\wavepadShakeIcon.job
- c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2011-03-30 16:13]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.nieuwsblad.be/index.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Open using &Advanced JPEG Compressor - c:\program files\Advanced JPEG Compressor\ajcieex.htm
IE: Toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 195.130.130.130 195.130.131.130
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.3/GarminAxControl.CAB
DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab
DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - hxxp://www3.snapfish.be/SnapfishActivia3.cab
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
FF - ProfilePath - c:\documents and settings\Andy\Application Data\Mozilla\Firefox\Profiles\tcath2ai.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.nieuwsblad.be/index.html?ref=0911
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-08-29 19:44
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover
Windows 5.1.2600 Disk: WDC_WD2500JD-00HBB0 rev.08.02D08 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
.
device: opened successfully
user: MBR read successfully
error: Read Een apparaat dat op het systeem is aangesloten, werkt niet.
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x8A90231B
user & kernel MBR OK
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,c6,fc,cd,82,96,6f,45,80,50,f5,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,c6,fc,cd,82,96,6f,45,80,50,f5,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(540)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll
c:\windows\system32\gpkcsp.dll
c:\windows\system32\gpkrsrc.dll
.
- - - - - - - > 'explorer.exe'(3240)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Common Files\Logitech\Bluetooth\LBTServ.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\system32\bgsvcgen.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\RunDLL32.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\windows\system32\wscntfy.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
c:\windows\TEMP\conhost.exe
.
**************************************************************************
.
Voltooingstijd: 2011-08-29 19:52:41 - machine werd herstart
ComboFix-quarantined-files.txt 2011-08-29 17:52
ComboFix2.txt 2011-07-10 10:03
.
Pre-Run: 8.972.013.568 bytes beschikbaar
Post-Run: 8.858.890.240 bytes beschikbaar
.
Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 6F161F66C4794B09AEC146D838607673
-
Te vroeg victorie gekraaid. Na het opstarten van de pc krijg ik opnieuw dezelfde foutberichten. We gaan dus eens beginnen aan wat kape hierboven beschreven heeft.
-
Ik weet nu niet of het gedaan zal zijn, maar AVG heeft de detectie kunnen verwijderen. Krijg momenteel geen bedreigingen meer te zien en pc is terug duidelijk sneller. Wat denken jullie specialisten?
-
Deze morgen mijn pc opgestart en AVG heeft volgende bedreiging gedetecteerd:
C:\WINDOWS\temp\conhost.exe
Als ik deze wil herstellen of verwijderen krijg ik steeds de melding "actie mislukt".
Kan mij iemand helpen aub.
Ik post alvast een logje van hijackthis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:58:52, on 28/08/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1109923195-152108676-1447638511-1009\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1109923195-152108676-1447638511-1009\..\RunOnce: [spchecker] "C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6.3/GarminAxControl.CAB
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - http://ua.foto.com/ImageUploader6.cab
O16 - DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - http://www3.snapfish.be/SnapfishActivia3.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - http://www.new2.foto.com/ImageUploader5.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - SOURCENEXT - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
--
End of file - 13404 bytes
-
Heb de map verwijderd. De snelheid ziet er precies terug goed uit. Heb vandaag wel nog niet veel op de pc gewerkt. Zal dit maar pas binnen een paar dagen kunnen zeggen maar op het eerste zicht is het goed. In ieder geval al bedankt voor de hulp!
-
ComboFix 11-07-10.01 - Andy 10/07/2011 11:42:20.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1534.1056 [GMT 2:00]
Gestart vanuit: C:\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Andy\Application Data\SystemRequirementsLab
c:\documents and settings\Andy\Application Data\SystemRequirementsLab\SRLProxy_nvd_1.dll
c:\documents and settings\Andy\Application Data\SystemRequirementsLab\SRLProxy_nvd_2.dll
c:\documents and settings\Andy\Application Data\SystemRequirementsLab\SRLProxy_nvd_3.dll
c:\documents and settings\Andy\Application Data\SystemRequirementsLab\SRLProxy_nvd_4.dll
c:\windows\IsUn0413.exe
c:\windows\system32\$winnt$.inf
c:\windows\vb.ini
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-06-10 to 2011-07-10 ))))))))))))))))))))))))))))))
.
.
2071-07-25 08:13 . 2006-11-21 19:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe
2011-07-09 20:49 . 2011-07-09 20:49 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-07-09 20:49 . 2011-07-09 20:49 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-07-09 14:13 . 2011-07-10 06:48 -------- d-----w- C:\Vanessa
2011-07-09 06:31 . 2011-07-09 06:42 -------- d-----w- c:\documents and settings\UpdatusUser
2011-07-09 06:31 . 2011-07-09 06:31 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA
2011-07-09 06:31 . 2011-05-25 06:09 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-07-09 06:31 . 2011-07-09 06:31 273344 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-07-09 06:31 . 2011-07-09 06:31 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-07-09 06:31 . 2011-07-09 06:31 273344 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-07-09 06:31 . 2011-05-25 06:09 865896 ----a-w- c:\windows\system32\nvhdagenco322040.dll
2011-07-09 06:31 . 2011-05-25 06:09 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-07-09 06:31 . 2011-05-25 06:09 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-07-09 06:31 . 2011-05-25 06:09 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-07-09 06:31 . 2011-05-25 06:09 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-07-09 06:29 . 2011-07-09 06:30 81709520 ----a-w- C:\275.33-desktop-winxp-32bit-english-whql.exe
2011-07-08 19:16 . 2011-07-08 19:16 -------- d-----w- c:\program files\SystemRequirementsLab
2011-07-05 06:19 . 2011-07-05 06:19 -------- d-----w- C:\found.000
2011-06-21 07:47 . 2009-08-11 04:26 485920 ----a-w- c:\windows\system32\nvuhda.exe
2011-06-21 07:46 . 2011-05-25 06:09 26216 ----a-w- c:\windows\system32\nvhdap32.dll
2011-06-21 07:46 . 2011-05-25 06:09 119528 ----a-w- c:\windows\system32\drivers\nvhda32.sys
2011-06-21 07:46 . 2009-08-11 04:27 155648 ----a-r- c:\windows\system32\nvcohda.dll
2011-06-16 19:02 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-10 09:30 . 2011-04-22 19:21 4138713 ------r- C:\ComboFix.exe
2011-07-08 04:30 . 2011-05-14 06:14 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-29 07:11 . 2011-01-04 17:01 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2011-01-04 17:01 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-27 16:04 . 2011-05-27 16:04 7008 ----a-w- C:\cc_20110527_180402.reg
2011-05-25 06:09 . 2009-08-17 01:04 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 06:09 . 2009-08-17 01:03 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 06:09 . 2009-08-17 01:03 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 06:09 . 2009-08-17 01:03 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 06:09 . 2009-08-17 01:03 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 06:09 . 2009-08-16 22:57 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 06:09 . 2009-08-16 22:57 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 06:09 . 2004-10-01 14:35 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 06:09 . 2009-08-16 22:57 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 06:09 . 2009-08-16 22:57 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 06:09 . 2004-10-01 14:35 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 06:09 . 2004-10-01 14:35 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-02 15:31 . 2004-10-05 21:31 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2004-10-06 06:22 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2004-10-06 06:21 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 17:32 . 2011-04-25 17:32 3050664 ----a-w- C:\ccsetup305.exe
2011-04-25 16:05 . 2004-10-06 06:22 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:05 . 2004-10-06 06:21 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:05 . 2004-10-06 06:21 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2004-10-06 06:21 385024 ----a-w- c:\windows\system32\html.iec
2011-04-22 19:21 . 2011-04-22 19:21 1163104 ----a-w- C:\avg_remover_stf_x86_2011_1322.exe
2011-04-21 13:37 . 2004-10-06 06:21 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-04-21 08:32 . 2011-04-21 08:32 388096 ----a-r- c:\documents and settings\Andy\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-04-21 08:30 . 2011-04-21 08:30 1402880 ----a-w- C:\HijackThis.msi
2011-04-11 16:18 . 2011-04-11 16:18 5497592 ----a-w- C:\avg_free_stb_all_2011_1321_cnet.exe
2011-07-09 20:49 . 2011-05-06 16:57 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Andy\Application Data\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 135214]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-1-29 813584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Ralink Wireless Utility.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Ralink Wireless Utility.lnk
backup=c:\windows\pss\Ralink Wireless Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Andy^Menu Start^Programma's^Opstarten^Dropbox.lnk]
path=c:\documents and settings\Andy\Menu Start\Programma's\Opstarten\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Andy^Menu Start^Programma's^Opstarten^Logitech-productregistratie.lnk]
path=c:\documents and settings\Andy\Menu Start\Programma's\Opstarten\Logitech-productregistratie.lnk
backup=c:\windows\pss\Logitech-productregistratie.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bluetooth Connection Assistant]
LBTWIZ.EXE -silent [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2004-02-20 14:00 88363 ----a-w- c:\windows\AGRSMMSG.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-03-18 09:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2010-03-13 10:58 75048 ------w- c:\program files\CyberLink\Shared Files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid]
2009-06-04 15:51 2056192 ----a-w- c:\program files\Belgium Identity Card\beid35gui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 17:03 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2004-02-24 12:05 508416 ----a-w- c:\windows\mHotkey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ledpointer]
2004-02-03 15:15 5794816 ----a-w- c:\windows\CNYHKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-05-29 07:11 449584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-05-25 06:09 13895272 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-05-25 06:09 111208 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-05-04 22:02 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 09:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
2010-02-02 22:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkoppeling naar eigenschappenvenster voor High Definition Audio]
2004-03-17 14:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2004-10-08 17:02 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector]
2003-11-19 11:03 45056 ------w- c:\program files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2008-03-01 05:10 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-02 21:53 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)
"Creative Service for CDROM Access"=2 (0x2)
"CA_LIC_SRVR"=3 (0x3)
"CA_LIC_CLNT"=3 (0x3)
"BlueSoleil Hid Service"=2 (0x2)
"ose"=3 (0x3)
"NOD32FiXTemDono"=2 (0x2)
"Nero BackItUp Scheduler 4.0"=2 (0x2)
"iPod Service"=3 (0x3)
".EsetTrialReset"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%WinDir%\\system32\\fxsclnt.exe"=
"%ProgramFiles%\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"d:\\Documenten\\Mijn ontvangen bestanden\\utorrent.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Documents and Settings\\Andy\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14/01/2009 19:51 697328]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/05 20:37];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [13/03/2010 12:58 87536]
R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [19/09/2002 20:29 53248]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/01/2011 19:01 366640]
R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [18/02/2010 14:01 462632]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20/10/2009 20:19 50704]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [9/07/2011 8:31 2214504]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [6/10/2004 1:38 1272000]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/01/2011 19:01 22712]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [21/06/2011 9:46 119528]
R3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [13/03/2011 18:14 152576]
R3 wbscr;Winbond Smartcard Reader for I/O;c:\windows\system32\drivers\wbscr.sys [6/10/2004 2:27 19928]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2010 18:12 136176]
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 19:14 33536]
S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2010 18:12 136176]
S3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [23/10/2004 14:49 24704]
S3 UKBFLT;UKBFLT;c:\windows\system32\drivers\UKBFLT.sys [24/10/2004 12:28 11672]
S4 .EsetTrialReset;Eset Trial Reset;c:\windows\reset.exe /s --> c:\windows\reset.exe [?]
S4 CA_LIC_CLNT;CA License Client;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [19/09/2002 20:27 77824]
S4 CA_LIC_SRVR;CA License Server;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [19/09/2002 20:41 77824]
.
Inhoud van de 'Gedeelde Taken' map
.
2011-07-10 c:\windows\Tasks\Andy Local Autobackup 5 4.job
- c:\program files\Nero\Nero 10\Nero BackItUp\NBCore.exe [2010-02-22 14:17]
.
2010-10-05 c:\windows\Tasks\Andy NBAgent 5 4.job
- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-02-22 14:17]
.
2011-06-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-07-10 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
2011-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-24 16:11]
.
2011-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-24 16:11]
.
2011-04-14 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
.
2011-07-10 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
.
2011-04-02 c:\windows\Tasks\wavepadShakeIcon.job
- c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2011-03-30 16:13]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.nieuwsblad.be/index.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Open using &Advanced JPEG Compressor - c:\program files\Advanced JPEG Compressor\ajcieex.htm
IE: Toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 195.130.130.130 195.130.131.130
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.3/GarminAxControl.CAB
DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab
DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - hxxp://www3.snapfish.be/SnapfishActivia3.cab
FF - ProfilePath - c:\documents and settings\Andy\Application Data\Mozilla\Firefox\Profiles\tcath2ai.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.nieuwsblad.be/index.html?ref=0911
.
- - - - ORPHANS VERWIJDERD - - - -
.
HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-07-10 11:56
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,c6,fc,cd,82,96,6f,45,80,50,f5,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,c6,fc,cd,82,96,6f,45,80,50,f5,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(532)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll
c:\windows\system32\gpkcsp.dll
c:\windows\system32\gpkrsrc.dll
.
Voltooingstijd: 2011-07-10 12:03:29
ComboFix-quarantined-files.txt 2011-07-10 10:03
.
Pre-Run: 18.169.466.880 bytes beschikbaar
Post-Run: 19.459.272.704 bytes beschikbaar
.
Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 769E7E9BA560F1E6A11C223E108CBE98
-
Heb dus mijn videokaart vervangen omdat deze stuk was. Het was dus niet enkel vuil dat het probleem veroorzaakte. Ik heb dus de nieuwe videokaart geïnstalleerd (Asus EN210) en de nodige drivers geïnstalleerd (zelfs de laatste versie gedownload via nvidia). Maar nu heb ik een volgend probleem. De computer kan vandaag normaal opstarten, morgen ook maar als ik hem dan bv. de volgende dag opstart, dan krijg ik terug geen beeld op mijn scherm. Wanneer ik dan mijn videokaart er eens uithaal en opnieuw inplug, dan heb ik terug wel beeld. Ik kan me niet voorstellen dat dit normaal is.
Sorry dat ik jullie terug moet lastig vallen (heb ook nog een ander topic lopen), maar misschien kunnen de kenners mij hier een uitleg geven voor dit eigenaardig probleem.
-
Er zijn geen kwaadaardige infecties gevonden.
Dit is dus mijn logje:
Malwarebytes' Anti-Malware 1.51.0.1200
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Databaseversie: 7060
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
10/07/2011 8:18:21
mbam-log-2011-07-10 (08-18-21).txt
Scantype: Snelle scan
Objecten gescand: 193810
Verstreken tijd: 5 minuut/minuten, 13 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
-
Heb de indruk dat mijn pc terug trager werkt dan voordien. Daarom dat ik voor alle zekerheid toch nog eens een logje plaats zodat de specialisten kunnen nakijken of er al dan niet iets aan scheelt.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:36:16, on 7/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Google\Update\Install\{2FA2FBA8-AFAD-4511-8E87-B667881C910E}\chrome_updater.exe
C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\CR_64320.tmp\setup.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10q_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6.3/GarminAxControl.CAB
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - http://ua.foto.com/ImageUploader6.cab
O16 - DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - http://www3.snapfish.be/SnapfishActivia3.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - http://www.new2.foto.com/ImageUploader5.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
--
End of file - 13212 bytes
-
Harde schijf was niet stuk. Heb er een specialist laten naar kijken en blijkbaar moet er iets fout geweest zijn in de bios. Vraag me niet juist wat want zoveel verstand heb ik er niet van. Dus kijk, hij werkt terug. Heb hem gevraagd hoe dit zou kunnen komen maar hij kon er niet direkt een antwoord op geven. Hij zei me wel dat hij dit probleem ook nog vorige week heeft gehad. Toeval of niet? Wie zal het zeggen. Heb wel precies de indruk dat hij trager werkt. Misschien toch maar even eens een logje plaatsen zodat de experten hier kunnen zeggen of er al dan niet iets mis is. Zal daarvoor een nieuw topic opstarten. Hier mag dus een slotje op.
-
Dit is natuurlijk geen goed nieuws! Ik hoop echt dat ik de data nog kan recupereren. Ga er zelf niet beginnen aan prutsen maar ga dit laten doen door iemand die er verstand van heeft! Toch bedankt voor de snelle reacties.
PC valt spontaan uit
in Archief Hardware algemeen
Geplaatst:
De pc heeft gisteravond de ganse avond gedraaid en is niet uitgevallen. Als ik wel de temperatuur ga lezen met Speccy, dan geeft hij nog altijd een 80° of meer bij het moederbord.
Hoe moet ik dat gaan nakijken in mijn BIOS. Ben daar nog nooit naartoe geweest omdat ze me altijd hebben gezegd dat ik daar moest uitblijven.