Bezem

Lid

Bekijk profiel Bekijk hun activiteit

Items
21
Registratiedatum
16 juli 2011
Laatst bezocht
29 juli 2012

Inhoudstype

Alle activiteit

Profielen

Forums

Store

Product Reviews

Alles dat geplaatst werd door Bezem

Trage laptop

Bezem reageerde op Bezem's topic in Archief Bestrijding malware & virussen

Bedankt voor de snelle reactie. Hier onder de logs. Malwarebytes Anti-Malware (-evaluatieversie-) 1.62.0.1300 www.malwarebytes.org Databaseversie: v2012.07.29.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Ron :: RON-PC [administrator] Realtime bescherming: Ingeschakeld 29-7-2012 22:11:02 mbam-log-2012-07-29 (22-11-02).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 210666 Verstreken tijd: 3 minuut/minuten, 35 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:17:30, on 29-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dll O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3125798767-2742949549-1257160518-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3125798767-2742949549-1257160518-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Product - 2012/07/17 04:50:59 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 15469 bytes
- 29 juli 2012
- 3 antwoorden
Trage laptop

Bezem plaatste een topic in Archief Bestrijding malware & virussen

Ik heb een paar weken oude laptop. Er hebben wat mensen achter gezeten. Nu merk ik dat als ik ingelogd hebt, mijn laptop trager op start dan voorheen. Ook internet explorer doet trager opstarten. Zou men onderstaand HT logje kunnen bestuderen en bekijken wat er eventueel aan mankeert? Alvast mijn dank! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:04:46, on 29-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=111805&tt=3012_8&babsrc=HP_ss&mntrId=909c10a400000000000094dbc99d9e6a R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll R3 - URLSearchHook: (no name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.29.1\bh\BabylonToolbar.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.29.1\BabylonToolbarTlbr.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3125798767-2742949549-1257160518-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3125798767-2742949549-1257160518-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Product - 2012/07/17 04:50:59 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 16438 bytes
- 29 juli 2012
- 3 antwoorden
gloednieuwe laptop loopt vast

Bezem reageerde op Bezem's topic in Archief Windows Algemeen

Ik heb dit weekend ook op het forum van de spelintwikkelaar gekeken en deze raag gesteld. Zij adviseerde dat ik een spelinstelling uit moest schakelen en dat dit probleem reeds bekend was en dat ze daar nog geen oplossing voor gevonden hadden. Dat gedaan en spel draait nu soepel. Sowieso bedankt voor de hulp etc helemaal top!
- 31 oktober 2011
- 20 antwoorden
gloednieuwe laptop loopt vast

Bezem reageerde op Bezem's topic in Archief Windows Algemeen

combofix log: ComboFix 11-10-19.06 - Ron 28-10-2011 17:39:10.3.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8103.6000 [GMT 2:00] Gestart vanuit: c:\users\Ron\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Ron\Desktop\CFScript.txt..txt AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92} SP: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . - VERMINDERDE FUNCTIONALITEIT MODUS - . FILE :: "c:\windows\system32\acovcnt.exe" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\acovcnt.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-28 to 2011-10-28 )))))))))))))))))))))))))))))) . . 2011-10-28 15:40 . 2011-10-28 15:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-10-28 15:40 . 2011-10-28 15:40 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-10-28 15:30 . 2011-10-28 15:30 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C5E1841-EC1B-4A4B-BDB7-E7F6171BB38D}\offreg.dll 2011-10-28 15:30 . 2011-10-18 00:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C5E1841-EC1B-4A4B-BDB7-E7F6171BB38D}\mpengine.dll 2011-10-24 19:08 . 2010-06-02 02:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll 2011-10-24 19:08 . 2010-06-02 02:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll 2011-10-24 19:08 . 2010-06-02 02:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll 2011-10-24 19:08 . 2010-06-02 02:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll 2011-10-24 16:17 . 2011-10-24 18:26 -------- d-----w- c:\program files (x86)\Common Files\Steam 2011-10-24 16:17 . 2011-10-28 15:27 -------- d-----w- c:\program files (x86)\Steam 2011-10-24 15:26 . 2011-10-24 15:18 105744 ----a-w- c:\windows\system32\drivers\tmtdi.sys 2011-10-24 15:26 . 2011-10-24 15:18 91920 ----a-w- c:\windows\system32\drivers\tmactmon.sys 2011-10-24 15:26 . 2011-10-24 15:18 70928 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys 2011-10-24 15:26 . 2011-10-24 15:18 167696 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2011-10-24 15:24 . 2011-10-24 15:24 -------- d-----w- c:\program files\Trend Micro 2011-10-24 15:17 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-10-24 15:13 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys 2011-10-24 15:13 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll 2011-10-24 15:13 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax 2011-10-24 15:13 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll 2011-10-24 15:13 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax 2011-10-24 15:13 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll 2011-10-24 15:13 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll 2011-10-24 15:13 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll 2011-10-24 15:13 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll 2011-10-24 12:19 . 2011-10-24 12:19 -------- d-----w- c:\users\Ron\AppData\Roaming\Malwarebytes 2011-10-24 12:19 . 2011-10-24 12:19 -------- d-----w- c:\programdata\Malwarebytes 2011-10-24 12:19 . 2011-10-24 15:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-10-22 17:41 . 2011-10-22 17:41 -------- d--h--w- c:\programdata\.syncID 2011-10-22 17:41 . 2011-10-22 17:41 -------- d--h--w- c:\programdata\.Syncables 2011-10-21 10:50 . 2011-10-21 10:50 -------- d-----w- c:\users\Ron\AppData\Local\Chromium 2011-10-21 10:43 . 2011-10-21 10:43 -------- d-----w- c:\users\Ron\AppData\Roaming\Sports Interactive 2011-10-21 10:43 . 2011-10-21 10:43 -------- d-----w- c:\users\Ron\AppData\Local\Sports Interactive 2011-10-15 14:06 . 2011-10-15 14:06 -------- d-----w- c:\users\Ron\AppData\Local\Apple Computer 2011-10-15 14:06 . 2011-10-15 14:35 -------- d-----w- c:\users\Ron\AppData\Roaming\Apple Computer 2011-10-15 14:06 . 2011-10-24 15:04 -------- d-----w- c:\program files\iPod 2011-10-15 14:06 . 2011-10-24 15:02 -------- d-----w- c:\programdata\Apple Computer 2011-10-15 14:06 . 2011-10-15 14:06 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2011-10-15 14:05 . 2011-10-15 14:05 -------- d-----w- c:\users\Ron\AppData\Local\Apple 2011-10-15 14:05 . 2011-10-24 15:03 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-10-15 14:05 . 2011-10-24 15:04 -------- d-----w- c:\program files\Bonjour 2011-10-15 14:05 . 2011-10-24 15:03 -------- d-----w- c:\program files (x86)\Bonjour 2011-10-15 14:05 . 2011-10-15 14:06 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-10-15 14:05 . 2011-10-15 14:05 -------- d-----w- c:\programdata\Apple 2011-10-02 16:37 . 2011-10-24 14:24 -------- d-----w- c:\users\Ron\AppData\Local\Axialis 2011-10-02 12:17 . 2011-10-02 12:17 -------- d-----w- c:\users\Ron\AppData\Local\PunkBuster 2011-09-30 13:57 . 2011-09-30 13:57 -------- d-----w- c:\users\Ron\AppData\Roaming\NVIDIA 2011-09-30 13:57 . 2011-09-30 13:57 -------- d-----w- c:\users\Ron\AppData\Roaming\CyberLink . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-24 15:25 . 2011-09-10 15:52 56 ----a-w- c:\windows\system32\SupportTool.exe.bat 2011-09-10 17:52 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-09-09 19:05 . 2011-09-09 19:05 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-08-18 20:08 . 2011-08-18 20:08 80512 ----a-w- c:\windows\ASUS_N3_Series Uninstaller.exe 2011-08-18 20:08 . 2011-08-18 20:08 3058304 ----a-w- c:\windows\AsScrPro.exe 2011-08-18 20:06 . 2011-08-18 20:06 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll 2011-08-18 20:06 . 2011-08-18 20:06 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll 2011-08-18 20:06 . 2011-08-18 20:06 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll . . ((((((((((((((((((((((((((((( SnapShot_2011-10-27_13.36.24 ))))))))))))))))))))))))))))))))))))))))) . + 2011-02-18 20:13 . 2011-10-27 16:08 49540 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-10-28 15:28 39322 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:10 . 2011-10-27 13:04 39322 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-09-10 16:59 . 2011-10-28 15:28 9738 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2318003957-1018503916-3544864865-1001_UserData.bin + 2011-10-28 15:26 . 2011-10-28 15:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-10-27 13:02 . 2011-10-27 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-10-27 13:02 . 2011-10-27 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-10-28 15:26 . 2011-10-28 15:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-09-09 18:32 . 2011-10-27 17:05 264748 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin - 2009-07-14 05:01 . 2011-10-27 08:36 390676 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2011-10-27 18:05 390676 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-09-09 17:28 . 2011-10-27 18:05 6525416 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2318003957-1018503916-3544864865-1001-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256] "Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-10-24 1242448] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992] "ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032] "ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400] "FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-04-08 43008] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536] "VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-04-08 45448] "RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336] "BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-12 75048] "UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504] "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] . c:\users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-13 549040] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "midi2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 CLKMSVC10_38F51D56;CyberLink Product - 2011/08/18 13:07;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-12 241648] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664] R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x] R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x] R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x] R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x] R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024] S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552] S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-27 2009704] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928] S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-03-26 91464] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [x] S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - CLKMDRV10_38F51D56 . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4c231ad9-db81-11e0-986c-806e6f6e6963}] \shell\AutoRun\command - G:\SETUP.EXE . Inhoud van de 'Gedeelde Taken' map . 2011-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33] . 2011-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-10-13 2168424] "AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536] "AthBtTray"="c:\program files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096] "ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-10-24 204048] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-05 1300672] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://asus.msn.com mStart Page = hxxp://asus.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-10-28 17:42:35 ComboFix-quarantined-files.txt 2011-10-28 15:42 ComboFix2.txt 2011-10-27 13:37 ComboFix3.txt 2011-10-26 16:02 ComboFix4.txt 2011-10-24 14:49 ComboFix5.txt 2011-10-28 15:38 . Pre-Run: 147.604.725.760 bytes beschikbaar Post-Run: 147.213.926.400 bytes beschikbaar . - - End Of File - - 1DF443B793E673282BF231EF3391B6C3
- 28 oktober 2011
- 20 antwoorden
gloednieuwe laptop loopt vast

Bezem reageerde op Bezem's topic in Archief Windows Algemeen

Combofix log: ComboFix 11-10-19.06 - Ron 27-10-2011 15:34:50.2.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8103.6116 [GMT 2:00] Gestart vanuit: c:\users\Ron\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Ron\Desktop\CFScript.txt AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92} SP: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . - VERMINDERDE FUNCTIONALITEIT MODUS - . FILE :: "c:\windows\KMService.exe" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\KMService.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-27 to 2011-10-27 )))))))))))))))))))))))))))))) . . 2011-10-27 13:36 . 2011-10-27 13:36 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-10-27 13:36 . 2011-10-27 13:36 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-10-27 13:04 . 2011-10-27 13:04 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D413555-5439-4C49-A3B7-54FA12C8BA77}\offreg.dll 2011-10-26 16:26 . 2011-10-27 13:02 45056 ----a-w- c:\windows\system32\acovcnt.exe 2011-10-26 15:34 . 2011-10-18 00:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D413555-5439-4C49-A3B7-54FA12C8BA77}\mpengine.dll 2011-10-24 19:08 . 2010-06-02 02:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll 2011-10-24 19:08 . 2010-06-02 02:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll 2011-10-24 19:08 . 2010-06-02 02:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll 2011-10-24 19:08 . 2010-06-02 02:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll 2011-10-24 16:17 . 2011-10-24 18:26 -------- d-----w- c:\program files (x86)\Common Files\Steam 2011-10-24 16:17 . 2011-10-27 13:04 -------- d-----w- c:\program files (x86)\Steam 2011-10-24 15:26 . 2011-10-24 15:18 105744 ----a-w- c:\windows\system32\drivers\tmtdi.sys 2011-10-24 15:26 . 2011-10-24 15:18 91920 ----a-w- c:\windows\system32\drivers\tmactmon.sys 2011-10-24 15:26 . 2011-10-24 15:18 70928 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys 2011-10-24 15:26 . 2011-10-24 15:18 167696 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2011-10-24 15:24 . 2011-10-24 15:24 -------- d-----w- c:\program files\Trend Micro 2011-10-24 15:17 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-10-24 15:13 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys 2011-10-24 15:13 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll 2011-10-24 15:13 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax 2011-10-24 15:13 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll 2011-10-24 15:13 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax 2011-10-24 15:13 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll 2011-10-24 15:13 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll 2011-10-24 15:13 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll 2011-10-24 15:13 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll 2011-10-24 12:19 . 2011-10-24 12:19 -------- d-----w- c:\users\Ron\AppData\Roaming\Malwarebytes 2011-10-24 12:19 . 2011-10-24 12:19 -------- d-----w- c:\programdata\Malwarebytes 2011-10-24 12:19 . 2011-10-24 15:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-10-22 17:41 . 2011-10-22 17:41 -------- d--h--w- c:\programdata\.syncID 2011-10-22 17:41 . 2011-10-22 17:41 -------- d--h--w- c:\programdata\.Syncables 2011-10-21 10:50 . 2011-10-21 10:50 -------- d-----w- c:\users\Ron\AppData\Local\Chromium 2011-10-21 10:43 . 2011-10-21 10:43 -------- d-----w- c:\users\Ron\AppData\Roaming\Sports Interactive 2011-10-21 10:43 . 2011-10-21 10:43 -------- d-----w- c:\users\Ron\AppData\Local\Sports Interactive 2011-10-15 14:06 . 2011-10-15 14:06 -------- d-----w- c:\users\Ron\AppData\Local\Apple Computer 2011-10-15 14:06 . 2011-10-15 14:35 -------- d-----w- c:\users\Ron\AppData\Roaming\Apple Computer 2011-10-15 14:06 . 2011-10-24 15:04 -------- d-----w- c:\program files\iPod 2011-10-15 14:06 . 2011-10-24 15:02 -------- d-----w- c:\programdata\Apple Computer 2011-10-15 14:06 . 2011-10-15 14:06 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2011-10-15 14:05 . 2011-10-15 14:05 -------- d-----w- c:\users\Ron\AppData\Local\Apple 2011-10-15 14:05 . 2011-10-24 15:03 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-10-15 14:05 . 2011-10-24 15:04 -------- d-----w- c:\program files\Bonjour 2011-10-15 14:05 . 2011-10-24 15:03 -------- d-----w- c:\program files (x86)\Bonjour 2011-10-15 14:05 . 2011-10-15 14:06 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-10-15 14:05 . 2011-10-15 14:05 -------- d-----w- c:\programdata\Apple 2011-10-02 16:37 . 2011-10-24 14:24 -------- d-----w- c:\users\Ron\AppData\Local\Axialis 2011-10-02 12:17 . 2011-10-02 12:17 -------- d-----w- c:\users\Ron\AppData\Local\PunkBuster 2011-09-30 13:57 . 2011-09-30 13:57 -------- d-----w- c:\users\Ron\AppData\Roaming\NVIDIA 2011-09-30 13:57 . 2011-09-30 13:57 -------- d-----w- c:\users\Ron\AppData\Roaming\CyberLink . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-24 15:25 . 2011-09-10 15:52 56 ----a-w- c:\windows\system32\SupportTool.exe.bat 2011-09-10 17:52 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-09-09 19:05 . 2011-09-09 19:05 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-08-18 20:08 . 2011-08-18 20:08 80512 ----a-w- c:\windows\ASUS_N3_Series Uninstaller.exe 2011-08-18 20:08 . 2011-08-18 20:08 3058304 ----a-w- c:\windows\AsScrPro.exe 2011-08-18 20:06 . 2011-08-18 20:06 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll 2011-08-18 20:06 . 2011-08-18 20:06 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll 2011-08-18 20:06 . 2011-08-18 20:06 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-10-26_16.01.38 ))))))))))))))))))))))))))))))))))))))))) . + 2011-02-18 20:13 . 2011-10-27 13:04 49500 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-10-27 13:04 39322 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-07-14 04:46 . 2011-10-27 13:09 91888 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2011-10-24 19:26 . 2011-10-24 19:26 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll + 2011-10-26 20:06 . 2011-10-26 20:06 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll - 2011-10-24 19:26 . 2011-10-24 19:26 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll + 2011-10-26 20:06 . 2011-10-26 20:06 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll + 2011-10-26 20:06 . 2011-10-26 20:06 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll - 2011-10-24 19:26 . 2011-10-24 19:26 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll + 2011-10-26 20:06 . 2011-10-26 20:06 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll - 2011-10-24 19:25 . 2011-10-24 19:25 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll - 2011-10-24 19:26 . 2011-10-24 19:26 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2011-10-26 20:06 . 2011-10-26 20:06 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2011-10-26 20:06 . 2011-10-26 20:06 33144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll - 2011-10-24 19:25 . 2011-10-24 19:25 33144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll - 2011-10-24 19:25 . 2011-10-24 19:25 93576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.Design.dll + 2011-10-26 20:06 . 2011-10-26 20:06 93576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.Design.dll + 2011-10-26 20:06 . 2011-10-26 20:06 24944 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Abstractions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Abstractions.dll - 2011-10-24 19:25 . 2011-10-24 19:25 24944 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Abstractions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Abstractions.dll + 2011-10-26 20:06 . 2011-10-26 20:06 28024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.WasHosting\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll - 2011-10-24 19:26 . 2011-10-24 19:26 28024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.WasHosting\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll + 2011-10-26 20:06 . 2011-10-26 20:06 12168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.ServiceMoniker40\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.ServiceMoniker40.dll - 2011-10-24 19:26 . 2011-10-24 19:26 12168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.ServiceMoniker40\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.ServiceMoniker40.dll + 2011-10-26 20:06 . 2011-10-26 20:06 98152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Caching\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Caching.dll - 2011-10-24 19:25 . 2011-10-24 19:25 98152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Caching\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Caching.dll - 2011-10-24 19:25 . 2011-10-24 19:25 86888 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2011-10-26 20:06 . 2011-10-26 20:06 86888 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2011-10-26 20:06 . 2011-10-26 20:06 21880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Workflow.Compiler.exe - 2011-10-24 19:26 . 2011-10-24 19:26 21880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Workflow.Compiler.exe + 2011-10-26 20:06 . 2011-10-26 20:06 40304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\v4.0_2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll - 2011-10-24 19:25 . 2011-10-24 19:25 40304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\v4.0_2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll + 2011-10-26 20:06 . 2011-10-26 20:06 67968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Conversion.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v4.0.dll - 2011-10-24 19:25 . 2011-10-24 19:25 67968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Conversion.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v4.0.dll + 2011-10-26 17:22 . 2011-10-26 17:22 25088 c:\windows\Installer\33b86f.msi + 2011-09-10 16:59 . 2011-10-27 13:04 9654 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2318003957-1018503916-3544864865-1001_UserData.bin + 2011-10-27 13:02 . 2011-10-27 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-10-26 15:28 . 2011-10-26 15:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-10-26 15:28 . 2011-10-26 15:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-10-27 13:02 . 2011-10-27 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-09-09 18:32 . 2011-10-26 16:50 264036 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin + 2011-02-19 04:40 . 2011-10-26 20:06 754618 c:\windows\system32\perfh013.dat - 2011-02-19 04:40 . 2011-10-24 19:26 754618 c:\windows\system32\perfh013.dat - 2009-07-14 02:36 . 2011-10-24 19:26 663424 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2011-10-26 20:06 663424 c:\windows\system32\perfh009.dat + 2011-02-19 04:40 . 2011-10-26 20:06 156042 c:\windows\system32\perfc013.dat - 2011-02-19 04:40 . 2011-10-24 19:26 156042 c:\windows\system32\perfc013.dat - 2009-07-14 02:36 . 2011-10-24 19:26 124696 c:\windows\system32\perfc009.dat + 2009-07-14 02:36 . 2011-10-26 20:06 124696 c:\windows\system32\perfc009.dat - 2009-07-14 05:01 . 2011-10-25 07:05 390676 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2011-10-27 08:36 390676 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-10-26 20:06 . 2011-10-26 20:06 431984 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll - 2011-10-24 19:26 . 2011-10-24 19:26 431984 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll - 2011-10-24 19:26 . 2011-10-24 19:26 511344 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Runtime\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll + 2011-10-26 20:06 . 2011-10-26 20:06 511344 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Runtime\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll - 2011-10-24 19:26 . 2011-10-24 19:26 826208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Mobile\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2011-10-26 20:06 . 2011-10-26 20:06 826208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Mobile\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2011-10-26 20:06 . 2011-10-26 20:06 321912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll - 2011-10-24 19:25 . 2011-10-24 19:25 321912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll + 2011-10-26 20:06 . 2011-10-26 20:06 137568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.dll - 2011-10-24 19:25 . 2011-10-24 19:25 137568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.dll - 2011-10-24 19:25 . 2011-10-24 19:25 132464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.Design.dll + 2011-10-26 20:06 . 2011-10-26 20:06 132464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.Design.dll + 2011-10-26 20:06 . 2011-10-26 20:06 237928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll - 2011-10-24 19:25 . 2011-10-24 19:25 237928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll - 2011-10-24 19:26 . 2011-10-24 19:26 326000 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll + 2011-10-26 20:06 . 2011-10-26 20:06 326000 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll - 2011-10-24 19:26 . 2011-10-24 19:26 175992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll + 2011-10-26 20:06 . 2011-10-26 20:06 175992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll + 2011-10-26 20:06 . 2011-10-26 20:06 683368 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.dll - 2011-10-24 19:25 . 2011-10-24 19:25 683368 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.dll + 2011-10-26 20:06 . 2011-10-26 20:06 178040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Design.dll - 2011-10-24 19:25 . 2011-10-24 19:25 178040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Design.dll - 2011-10-24 19:25 . 2011-10-24 19:25 810352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.Design.dll + 2011-10-26 20:06 . 2011-10-26 20:06 810352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.Design.dll + 2011-10-26 20:06 . 2011-10-26 20:06 587624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationBuildTasks\v4.0_4.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll - 2011-10-24 19:26 . 2011-10-24 19:26 587624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationBuildTasks\v4.0_4.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll - 2011-10-24 19:25 . 2011-10-24 19:25 220024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Utilities.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v4.0.dll + 2011-10-26 20:06 . 2011-10-26 20:06 220024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Utilities.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v4.0.dll - 2011-10-24 19:25 . 2011-10-24 19:25 107376 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2011-10-26 20:06 . 2011-10-26 20:06 107376 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2011-10-24 19:25 . 2011-10-24 19:25 714600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Engine\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2011-10-26 20:06 . 2011-10-26 20:06 714600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Engine\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2011-10-24 19:26 . 2011-10-24 19:26 498520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\AspNetMMCExt\v4.0_4.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2011-10-26 20:06 . 2011-10-26 20:06 498520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\AspNetMMCExt\v4.0_4.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2011-10-26 20:06 . 2011-10-26 20:06 512368 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2011-10-24 19:25 . 2011-10-24 19:25 512368 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2011-10-24 19:25 . 2011-10-24 19:25 495984 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2011-10-26 20:05 . 2011-10-26 20:05 495984 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2009-07-14 04:45 . 2011-10-27 05:40 7111262 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2009-07-14 04:45 . 2011-10-24 19:48 7111262 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2011-09-09 17:28 . 2011-10-27 08:36 6401498 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2318003957-1018503916-3544864865-1001-8192.dat + 2011-04-28 09:06 . 2011-04-28 09:06 1749880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.DataVisualization.dll + 2011-04-28 09:06 . 2011-04-28 09:06 1749880 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.DataVisualization.dll - 2011-10-24 19:26 . 2011-10-24 19:26 1587064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.ComponentModel\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll + 2011-10-26 20:06 . 2011-10-26 20:06 1587064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.ComponentModel\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll - 2011-10-24 19:26 . 2011-10-24 19:26 1070960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll + 2011-10-26 20:06 . 2011-10-26 20:06 1070960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll - 2011-10-24 19:25 . 2011-10-24 19:25 1862504 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll + 2011-10-26 20:06 . 2011-10-26 20:06 1862504 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll + 2011-10-26 20:06 . 2011-10-26 20:06 1749880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.dll - 2011-10-24 19:25 . 2011-10-24 19:25 5097816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2011-10-26 20:06 . 2011-10-26 20:06 5097816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2011-10-26 20:06 . 2011-10-26 20:06 1327968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.dll - 2011-10-24 19:25 . 2011-10-24 19:25 1327968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.dll - 2011-10-24 19:25 . 2011-10-24 19:25 1069936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Tasks.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v4.0.dll + 2011-10-26 20:06 . 2011-10-26 20:06 1069936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Tasks.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v4.0.dll - 2011-10-24 19:26 . 2011-10-24 19:26 5196112 c:\windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2011-10-26 20:06 . 2011-10-26 20:06 5196112 c:\windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2011-10-24 19:25 . 2011-10-24 19:25 5226832 c:\windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2011-10-26 20:06 . 2011-10-26 20:06 5226832 c:\windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2011-04-28 15:35 . 2011-04-28 15:35 1375744 c:\windows\Installer\c8f3fc.msp + 2011-09-09 17:28 . 2011-10-26 16:25 11601068 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2318003957-1018503916-3544864865-1001-4096.dat - 2011-09-09 17:28 . 2011-10-25 07:05 11601068 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2318003957-1018503916-3544864865-1001-4096.dat . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256] "Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-10-24 1242448] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992] "ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032] "ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400] "FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-04-08 43008] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536] "VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-04-08 45448] "RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336] "BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-12 75048] "UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504] "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] . c:\users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-13 549040] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "midi2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 CLKMSVC10_38F51D56;CyberLink Product - 2011/08/18 13:07;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-12 241648] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664] R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x] R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x] R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x] R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x] R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024] S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552] S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-27 2009704] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928] S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-03-26 91464] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [x] S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - CLKMDRV10_38F51D56 . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4c231ad9-db81-11e0-986c-806e6f6e6963}] \shell\AutoRun\command - G:\SETUP.EXE . Inhoud van de 'Gedeelde Taken' map . 2011-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33] . 2011-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-10-13 2168424] "AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536] "AthBtTray"="c:\program files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096] "ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-10-24 204048] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-05 1300672] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://asus.msn.com mStart Page = hxxp://asus.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-10-27 15:37:40 ComboFix-quarantined-files.txt 2011-10-27 13:37 ComboFix2.txt 2011-10-26 16:02 ComboFix3.txt 2011-10-24 14:49 ComboFix4.txt 2011-10-24 13:39 . Pre-Run: 146.540.548.096 bytes beschikbaar Post-Run: 146.293.575.680 bytes beschikbaar . - - End Of File - - 26975DF822BFE0323041B33AC66B54A4 HijackThis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:41:06, on 27-10-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe C:\ExpressGateUtil\VAWinAgent.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Ron\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe O4 - HKLM\..\Run: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-21-2318003957-1018503916-3544864865-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2318003957-1018503916-3544864865-1000\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2318003957-1018503916-3544864865-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: CyberLink Product - 2011/08/18 13:07:12 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Intel® Turbo Boost Technology Monitor (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13793 bytes
- 27 oktober 2011
- 20 antwoorden
gloednieuwe laptop loopt vast

Bezem reageerde op Bezem's topic in Archief Windows Algemeen

Dat Crash Dump bestand staat in de map genaamd Crash Dumps. Dit is onderdeel van de data van het spel wat op de C schrijf staat geïnstalleerd. Ook moet je dit spel spelen via het programma Steam. Als ik HijackThis opstart krijg ik de volgende melding, waar je op ok kan klikken en dan pas gaat scannen: For some reason your system denied write acces to the Hosts file. If any hijacked domains are in this file, HijackThis may NOT able to fix this. If that happens, you need to edit the file yourself. To do this, click Start, Run and type: notepad C:\Windows\System32\drivers\etc\hosts and press Enter. Find the file(s) HijackThis reports and delete them. Save the file as 'hosts.' (with quotes), and reboot. For Vista: simply, exit HijackThis, right click on the HijackThis icon, choose 'Run as Administrator' Hier de Combofix log: ComboFix 11-10-19.06 - Ron 26-10-2011 18:00:10.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8103.5920 [GMT 2:00] Gestart vanuit: c:\users\Ron\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Ron\Desktop\CFScript.txt AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92} SP: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . - VERMINDERDE FUNCTIONALITEIT MODUS - . FILE :: "c:\windows\system32\acovcnt.exe" "c:\windows\SysWow64\srvany.exe" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\acovcnt.exe c:\windows\SysWow64\srvany.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-26 to 2011-10-26 )))))))))))))))))))))))))))))) . . 2011-10-26 16:01 . 2011-10-26 16:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-10-26 16:01 . 2011-10-26 16:01 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-10-26 15:34 . 2011-10-26 15:34 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D413555-5439-4C49-A3B7-54FA12C8BA77}\offreg.dll 2011-10-26 15:34 . 2011-10-18 00:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D413555-5439-4C49-A3B7-54FA12C8BA77}\mpengine.dll 2011-10-24 19:08 . 2010-06-02 02:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll 2011-10-24 19:08 . 2010-06-02 02:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll 2011-10-24 19:08 . 2010-06-02 02:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll 2011-10-24 19:08 . 2010-06-02 02:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll 2011-10-24 16:17 . 2011-10-24 18:26 -------- d-----w- c:\program files (x86)\Common Files\Steam 2011-10-24 16:17 . 2011-10-26 15:29 -------- d-----w- c:\program files (x86)\Steam 2011-10-24 15:26 . 2011-10-24 15:18 105744 ----a-w- c:\windows\system32\drivers\tmtdi.sys 2011-10-24 15:26 . 2011-10-24 15:18 91920 ----a-w- c:\windows\system32\drivers\tmactmon.sys 2011-10-24 15:26 . 2011-10-24 15:18 70928 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys 2011-10-24 15:26 . 2011-10-24 15:18 167696 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2011-10-24 15:24 . 2011-10-24 15:24 -------- d-----w- c:\program files\Trend Micro 2011-10-24 15:17 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-10-24 15:13 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys 2011-10-24 15:13 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll 2011-10-24 15:13 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax 2011-10-24 15:13 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll 2011-10-24 15:13 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax 2011-10-24 15:13 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll 2011-10-24 15:13 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll 2011-10-24 15:13 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll 2011-10-24 15:13 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll 2011-10-24 12:19 . 2011-10-24 12:19 -------- d-----w- c:\users\Ron\AppData\Roaming\Malwarebytes 2011-10-24 12:19 . 2011-10-24 12:19 -------- d-----w- c:\programdata\Malwarebytes 2011-10-24 12:19 . 2011-10-24 15:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-10-22 17:41 . 2011-10-22 17:41 -------- d--h--w- c:\programdata\.syncID 2011-10-22 17:41 . 2011-10-22 17:41 -------- d--h--w- c:\programdata\.Syncables 2011-10-21 10:50 . 2011-10-21 10:50 -------- d-----w- c:\users\Ron\AppData\Local\Chromium 2011-10-21 10:43 . 2011-10-21 10:43 -------- d-----w- c:\users\Ron\AppData\Roaming\Sports Interactive 2011-10-21 10:43 . 2011-10-21 10:43 -------- d-----w- c:\users\Ron\AppData\Local\Sports Interactive 2011-10-15 14:06 . 2011-10-15 14:06 -------- d-----w- c:\users\Ron\AppData\Local\Apple Computer 2011-10-15 14:06 . 2011-10-15 14:35 -------- d-----w- c:\users\Ron\AppData\Roaming\Apple Computer 2011-10-15 14:06 . 2011-10-24 15:04 -------- d-----w- c:\program files\iPod 2011-10-15 14:06 . 2011-10-24 15:02 -------- d-----w- c:\programdata\Apple Computer 2011-10-15 14:06 . 2011-10-15 14:06 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2011-10-15 14:05 . 2011-10-15 14:05 -------- d-----w- c:\users\Ron\AppData\Local\Apple 2011-10-15 14:05 . 2011-10-24 15:03 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-10-15 14:05 . 2011-10-24 15:04 -------- d-----w- c:\program files\Bonjour 2011-10-15 14:05 . 2011-10-24 15:03 -------- d-----w- c:\program files (x86)\Bonjour 2011-10-15 14:05 . 2011-10-15 14:06 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-10-15 14:05 . 2011-10-15 14:05 -------- d-----w- c:\programdata\Apple 2011-10-02 16:37 . 2011-10-24 14:24 -------- d-----w- c:\users\Ron\AppData\Local\Axialis 2011-10-02 12:17 . 2011-10-02 12:17 -------- d-----w- c:\users\Ron\AppData\Local\PunkBuster 2011-09-30 13:57 . 2011-09-30 13:57 -------- d-----w- c:\users\Ron\AppData\Roaming\NVIDIA 2011-09-30 13:57 . 2011-09-30 13:57 -------- d-----w- c:\users\Ron\AppData\Roaming\CyberLink . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-24 15:25 . 2011-09-10 15:52 56 ----a-w- c:\windows\system32\SupportTool.exe.bat 2011-09-10 17:52 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-09-09 19:05 . 2011-09-09 19:05 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-09-09 18:49 . 2011-09-09 18:51 151552 ----a-w- c:\windows\KMService.exe 2011-08-18 20:08 . 2011-08-18 20:08 80512 ----a-w- c:\windows\ASUS_N3_Series Uninstaller.exe 2011-08-18 20:08 . 2011-08-18 20:08 3058304 ----a-w- c:\windows\AsScrPro.exe 2011-08-18 20:06 . 2011-08-18 20:06 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll 2011-08-18 20:06 . 2011-08-18 20:06 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll 2011-08-18 20:06 . 2011-08-18 20:06 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256] "Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-10-24 1242448] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992] "ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032] "ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400] "FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-04-08 43008] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536] "VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-04-08 45448] "RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336] "BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-12 75048] "UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504] "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] . c:\users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-13 549040] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "midi2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 CLKMSVC10_38F51D56;CyberLink Product - 2011/08/18 13:07;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-12 241648] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664] R2 KMService;KMService;c:\windows\system32\srvany.exe [x] R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x] R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x] R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x] R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x] R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024] S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x] S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552] S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-27 2009704] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928] S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-03-26 91464] S3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [x] S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - CLKMDRV10_38F51D56 . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4c231ad9-db81-11e0-986c-806e6f6e6963}] \shell\AutoRun\command - G:\SETUP.EXE . Inhoud van de 'Gedeelde Taken' map . 2011-10-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33] . 2011-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-10-13 2168424] "AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536] "AthBtTray"="c:\program files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096] "ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-10-24 204048] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-05 1300672] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://asus.msn.com mStart Page = hxxp://asus.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-10-26 18:02:58 ComboFix-quarantined-files.txt 2011-10-26 16:02 ComboFix2.txt 2011-10-24 14:49 ComboFix3.txt 2011-10-24 13:39 . Pre-Run: 147.512.147.968 bytes beschikbaar Post-Run: 147.138.473.984 bytes beschikbaar . - - End Of File - - 7A79C455D10961850129BAB6C516A7FC Hier de HijackThis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:32:16, on 26-10-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\ExpressGateUtil\VAWinAgent.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Ron\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe O4 - HKLM\..\Run: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: CyberLink Product - 2011/08/18 13:07:12 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Intel® Turbo Boost Technology Monitor (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14092 bytes
- 26 oktober 2011
- 20 antwoorden
gloednieuwe laptop loopt vast

Bezem reageerde op Bezem's topic in Archief Windows Algemeen

Leek mij handig om onderstaande even te delen. Op de C schrijf, waar ik football manager 2012 geïnstalleerd heb, ben ik een map met crash dumps tegen gekomen. Als ik deze open zie ik een bestand, genaamd: FM 2012 v12.0.2.230123 (2011.10.24 03.27.19).dmp. Ik kan aannemen aan dat het spel telkens crasht? Heb ook gegoogeld maar dat leverde voor mij niet de oplossing voor mijn probleem. Ik heb inmiddels wel een systeemherstel gedaan omdat mijn antivirus nog steeds niet werkte. Dit had geen resultaat waarop ik hem opnieuw geïnstalleerd hebt en sinds dien werkt hij naar behoren. Ik heb meteen diverse scans uitgevoerd, waarop niks is aangetroffen. Ik heb het crash dump bestand ook in kladblok kunnen openen alleen deze is zo lang dat het niet handig lijkt om hem te posten, tenzij 1 van jullie het logje toch willen inzien ;-)
- 24 oktober 2011
- 20 antwoorden
gloednieuwe laptop loopt vast

Bezem reageerde op Bezem's topic in Archief Windows Algemeen

Hierbij de combofix log: ComboFix 11-10-24.02 - Ron 24-10-2011 15:33:58.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8103.5792 [GMT 2:00] Gestart vanuit: c:\users\Ron\Desktop\ComboFix.exe AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92} SP: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\FullRemove.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-24 to 2011-10-24 )))))))))))))))))))))))))))))) . . 2011-10-24 13:38 . 2011-10-24 13:38 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-10-24 13:38 . 2011-10-24 13:38 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-10-24 13:25 . 2011-10-24 13:25 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A8681E8B-F102-4305-9FB0-303A7C450649}\offreg.dll 2011-10-24 13:14 . 2011-10-24 13:14 -------- d-----w- c:\program files\CCleaner 2011-10-24 12:19 . 2011-10-24 12:19 -------- d-----w- c:\users\Ron\AppData\Roaming\Malwarebytes 2011-10-24 12:19 . 2011-10-24 12:19 -------- d-----w- c:\programdata\Malwarebytes 2011-10-24 12:19 . 2011-10-24 12:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-10-24 12:19 . 2011-08-31 15:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-10-24 09:54 . 2011-10-18 00:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A8681E8B-F102-4305-9FB0-303A7C450649}\mpengine.dll 2011-10-24 09:54 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-10-24 09:43 . 2011-10-24 09:43 -------- d-----w- c:\program files (x86)\SystemRequirementsLab 2011-10-22 17:41 . 2011-10-22 17:41 -------- d--h--w- c:\programdata\.syncID 2011-10-22 17:41 . 2011-10-22 17:41 -------- d--h--w- c:\programdata\.Syncables 2011-10-21 10:50 . 2011-10-21 10:50 -------- d-----w- c:\users\Ron\AppData\Local\Chromium 2011-10-21 10:43 . 2011-10-21 10:43 -------- d-----w- c:\users\Ron\AppData\Roaming\Sports Interactive 2011-10-21 10:43 . 2011-10-21 10:43 -------- d-----w- c:\users\Ron\AppData\Local\Sports Interactive 2011-10-21 10:20 . 2011-10-21 18:39 -------- d-----w- c:\program files (x86)\Common Files\Steam 2011-10-15 14:34 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys 2011-10-15 14:26 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll 2011-10-15 14:26 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax 2011-10-15 14:26 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll 2011-10-15 14:26 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax 2011-10-15 14:23 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll 2011-10-15 14:23 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll 2011-10-15 14:23 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll 2011-10-15 14:23 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll 2011-10-15 14:06 . 2011-10-15 14:06 -------- d-----w- c:\users\Ron\AppData\Local\Apple Computer 2011-10-15 14:06 . 2011-10-15 14:35 -------- d-----w- c:\users\Ron\AppData\Roaming\Apple Computer 2011-10-15 14:05 . 2011-10-15 14:05 -------- d-----w- c:\programdata\Apple 2011-10-02 16:37 . 2011-10-24 11:37 -------- d-----w- c:\users\Ron\AppData\Local\Axialis 2011-10-02 12:18 . 2011-10-02 15:00 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2011-10-02 12:17 . 2011-10-02 12:17 -------- d-----w- c:\users\Ron\AppData\Local\PunkBuster 2011-10-02 12:08 . 2011-10-02 15:00 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2011-10-02 12:07 . 2011-10-02 12:07 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2011-09-30 13:58 . 2011-09-30 13:58 -------- d-----w- c:\users\Public\CyberLink 2011-09-30 13:57 . 2011-09-30 13:57 -------- d-----w- c:\users\Ron\AppData\Roaming\NVIDIA 2011-09-30 13:57 . 2011-09-30 13:57 -------- d-----w- c:\users\Ron\AppData\Roaming\CyberLink 2011-09-26 11:32 . 2011-09-26 11:32 -------- d--h--w- c:\programdata\CanonBJ 2011-09-26 11:32 . 2009-07-14 01:40 84992 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNBPP4.DLL 2011-09-26 11:21 . 2011-09-26 11:21 -------- d--h--w- c:\programdata\CanonIJEPPEX2 2011-09-26 11:21 . 2011-09-26 11:21 -------- d--h--w- c:\programdata\CanonEPP 2011-09-26 11:12 . 2011-09-26 11:19 -------- d-----w- c:\program files\Canon 2011-09-26 11:08 . 2011-09-26 11:12 -------- d-----w- c:\program files (x86)\Canon . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-24 13:24 . 2011-08-18 20:02 45056 ----a-w- c:\windows\system32\acovcnt.exe 2011-09-10 17:52 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-09-10 15:52 . 2011-09-10 15:52 56 ----a-w- c:\windows\system32\SupportTool.exe.bat 2011-09-10 15:47 . 2011-09-10 15:53 105744 ----a-w- c:\windows\system32\drivers\tmtdi.sys 2011-09-10 15:47 . 2011-09-10 15:53 91920 ----a-w- c:\windows\system32\drivers\tmactmon.sys 2011-09-10 15:47 . 2011-09-10 15:53 70928 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys 2011-09-10 15:47 . 2011-09-10 15:53 167696 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2011-09-09 19:05 . 2011-09-09 19:05 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-09-09 18:49 . 2011-09-09 18:51 8192 ----a-w- c:\windows\SysWow64\srvany.exe 2011-08-31 18:08 . 2011-08-31 18:08 167704 ----a-w- c:\windows\system32\igfxtray.exe 2011-08-31 18:08 . 2011-08-31 18:08 510232 ----a-w- c:\windows\system32\igfxsrvc.exe 2011-08-31 18:08 . 2011-08-31 18:08 416024 ----a-w- c:\windows\system32\igfxpers.exe 2011-08-31 18:08 . 2011-08-31 18:08 239896 ----a-w- c:\windows\system32\igfxext.exe 2011-08-31 18:08 . 2011-08-31 18:08 392472 ----a-w- c:\windows\system32\hkcmd.exe 2011-08-31 18:08 . 2011-08-31 18:08 4378392 ----a-w- c:\windows\system32\GfxUI.exe 2011-08-31 18:08 . 2011-08-31 18:08 179992 ----a-w- c:\windows\system32\difx64.exe 2011-08-31 17:58 . 2011-08-31 17:58 90112 ----a-w- c:\windows\system32\igfxCoIn_v2509.dll 2011-08-31 17:53 . 2011-08-31 17:53 12306848 ----a-w- c:\windows\system32\drivers\igdkmd64.sys 2011-08-31 17:53 . 2011-08-31 17:53 8312320 ----a-w- c:\windows\system32\igdumd64.dll 2011-08-31 17:51 . 2011-08-31 17:51 216000 ----a-w- c:\windows\system32\igfcg600m.bin 2011-08-31 17:51 . 2011-08-31 17:51 75776 ----a-w- c:\windows\system32\igdde64.dll 2011-08-31 17:47 . 2011-03-25 23:12 6322688 ----a-w- c:\windows\SysWow64\igdumd32.dll 2011-08-31 17:46 . 2011-08-31 17:46 56832 ----a-w- c:\windows\SysWow64\igdde32.dll 2011-08-31 17:45 . 2011-03-25 23:08 581120 ----a-w- c:\windows\SysWow64\igdumdx32.dll 2011-08-31 17:42 . 2011-04-20 07:59 14598656 ----a-w- c:\windows\system32\igd10umd64.dll 2011-08-31 17:37 . 2011-03-25 23:02 12340224 ----a-w- c:\windows\SysWow64\igd10umd32.dll 2011-08-31 17:31 . 2011-08-31 17:31 18641408 ----a-w- c:\windows\system32\ig4icd64.dll 2011-08-31 17:26 . 2011-08-31 17:26 13903872 ----a-w- c:\windows\SysWow64\ig4icd32.dll 2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrrom.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrsky.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrhrv.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrtrk.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrslv.lrc 2011-08-31 17:22 . 2011-08-31 17:22 287232 ----a-w- c:\windows\system32\igfxresn.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrsve.lrc 2011-08-31 17:22 . 2011-08-31 17:22 285696 ----a-w- c:\windows\system32\igfxrtha.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrrus.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrptg.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrplk.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrptb.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrnor.lrc 2011-08-31 17:22 . 2011-08-31 17:22 283136 ----a-w- c:\windows\system32\igfxrkor.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrita.lrc 2011-08-31 17:22 . 2011-08-31 17:22 283648 ----a-w- c:\windows\system32\igfxrjpn.lrc 2011-08-31 17:22 . 2011-08-31 17:22 287232 ----a-w- c:\windows\system32\igfxrell.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrdeu.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrhun.lrc 2011-08-31 17:22 . 2011-08-31 17:22 285184 ----a-w- c:\windows\system32\igfxrheb.lrc 2011-08-31 17:22 . 2011-08-31 17:22 287232 ----a-w- c:\windows\system32\igfxrfra.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrnld.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrfin.lrc 2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrcsy.lrc 2011-08-31 17:22 . 2011-08-31 17:22 285696 ----a-w- c:\windows\system32\igfxrdan.lrc 2011-08-31 17:22 . 2011-08-31 17:22 282624 ----a-w- c:\windows\system32\igfxrcht.lrc 2011-08-31 17:22 . 2011-08-31 17:22 285184 ----a-w- c:\windows\system32\igfxrara.lrc 2011-08-31 17:22 . 2011-08-31 17:22 282624 ----a-w- c:\windows\system32\igfxrchs.lrc 2011-08-31 17:22 . 2011-08-31 17:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl 2011-08-31 17:21 . 2011-08-31 17:21 375808 ----a-w- c:\windows\system32\igfxpph.dll 2011-08-31 17:21 . 2011-08-31 17:21 378368 ----a-w- c:\windows\system32\igfxTMM.dll 2011-08-31 17:21 . 2011-08-31 17:21 28672 ----a-w- c:\windows\system32\igfxexps.dll 2011-08-31 17:21 . 2011-04-20 07:59 62464 ----a-w- c:\windows\system32\igfxsrvc.dll 2011-08-31 17:20 . 2011-04-20 07:59 110080 ----a-w- c:\windows\system32\hccutils.dll 2011-08-31 17:20 . 2011-08-31 17:20 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll 2011-08-31 17:20 . 2011-08-31 17:20 146432 ----a-w- c:\windows\system32\gfxSrvc.dll 2011-08-31 17:20 . 2011-08-31 17:20 390144 ----a-w- c:\windows\system32\igfxdev.dll 2011-08-31 17:20 . 2011-08-31 17:20 285696 ----a-w- c:\windows\system32\igfxrenu.lrc 2011-08-31 17:20 . 2011-08-31 17:20 142336 ----a-w- c:\windows\system32\igfxdo.dll 2011-08-31 17:20 . 2011-04-20 07:59 9014784 ----a-w- c:\windows\system32\igfxress.dll 2011-08-31 17:16 . 2011-08-31 17:16 24576 ----a-w- c:\windows\SysWow64\igfxexps32.dll 2011-08-31 17:15 . 2011-08-31 17:15 294400 ----a-w- c:\windows\SysWow64\igfxdv32.dll 2011-08-31 17:13 . 2011-08-31 17:13 98304 ----a-w- c:\windows\SysWow64\iglhcp32.dll 2011-08-31 17:13 . 2011-08-31 17:13 98304 ----a-w- c:\windows\system32\iglhcp64.dll 2011-08-31 17:13 . 2011-08-31 17:13 376832 ----a-w- c:\windows\SysWow64\iglhsip32.dll 2011-08-31 17:13 . 2011-08-31 17:13 376832 ----a-w- c:\windows\system32\iglhsip64.dll 2011-08-31 17:13 . 2011-08-31 17:13 162816 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll 2011-08-31 17:13 . 2011-08-31 17:13 140288 ----a-w- c:\windows\system32\igfxcmrt64.dll 2011-08-30 21:05 . 2011-08-30 21:05 96104 ----a-w- c:\windows\system32\dns-sd.exe 2011-08-30 21:05 . 2011-08-30 21:05 85864 ----a-w- c:\windows\system32\dnssd.dll 2011-08-30 21:05 . 2011-08-30 21:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll 2011-08-30 21:05 . 2011-08-30 21:05 212840 ----a-w- c:\windows\system32\dnssdX.dll 2011-08-30 21:05 . 2011-08-30 21:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe 2011-08-30 21:05 . 2011-08-30 21:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll 2011-08-30 21:05 . 2011-08-30 21:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll 2011-08-30 21:05 . 2011-08-30 21:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll 2011-08-18 20:08 . 2011-08-18 20:08 80512 ----a-w- c:\windows\ASUS_N3_Series Uninstaller.exe 2011-08-18 20:08 . 2011-08-18 20:08 3058304 ----a-w- c:\windows\AsScrPro.exe 2011-08-18 20:06 . 2011-08-18 20:06 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll 2011-08-18 20:06 . 2011-08-18 20:06 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll 2011-08-18 20:06 . 2011-08-18 20:06 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll 2011-08-02 15:38 . 2011-08-02 15:38 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys 2011-08-02 15:38 . 2011-08-02 15:38 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256] "Steam"="e:\program files (x86)\Steam\Steam.exe" [2011-10-21 1242448] "Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992] "ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472] "SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400] "FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-04-08 43008] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536] "VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-04-08 45448] "RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336] "BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-12 75048] "UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504] "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] . c:\users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "midi2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] R2 CLKMSVC10_38F51D56;CyberLink Product - 2011/08/18 13:07;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-12 241648] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664] R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x] R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x] R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x] R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x] R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024] S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552] S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-27 2009704] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928] S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-03-26 91464] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [x] S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - CLKMDRV10_38F51D56 . Inhoud van de 'Gedeelde Taken' map . 2011-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33] . 2011-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-10-13 2168424] "AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536] "AthBtTray"="c:\program files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-09-10 204048] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-09-10 1300672] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 2780776] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-31 167704] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 392472] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-31 416024] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://asus.msn.com mStart Page = hxxp://asus.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-10-24 15:39:40 ComboFix-quarantined-files.txt 2011-10-24 13:39 . Pre-Run: 148.492.689.408 bytes beschikbaar Post-Run: 148.119.048.192 bytes beschikbaar . - - End Of File - - AC6514D8C64DA8FA491C2783177622BC
- 24 oktober 2011
- 20 antwoorden
gloednieuwe laptop loopt vast

Bezem reageerde op Bezem's topic in Archief Windows Algemeen

@ kweezie wabbit beide scans heb ik uitgevoerd. rechts onderin waar je je geluid in kunt stellen, blijft het vlag icoontje met een rood kruisje. als ik daar met de muis opsta komt er 1 computerprobleem, dit betreft de micro titanum antivirus die is uitgeschakeld. Klik ik op inschakelen gebeurt en nog steeds niks, enig idee hoe ik mijn antivirus weer aan de praat kan krijgen? MBAM log: Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Databaseversie: 8010 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 24-10-2011 14:22:15 mbam-log-2011-10-24 (14-22-15).txt Scantype: Snelle scan Objecten gescand: 189836 Verstreken tijd: 1 minuut/minuten, 13 seconde(n) Geheugenprocessen geïnfecteerd: 1 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 1 Geheugenprocessen geïnfecteerd: c:\Windows\kmservice.exe (RiskWare.Tool.CK) -> 2340 -> Unloaded process successfully. Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\Windows\kmservice.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. hjiackthis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:29:58, on 24-10-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe E:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\syncables\syncables desktop\syncables.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\ExpressGateUtil\VAWinAgent.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe D:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_ActiveX.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Ron\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1066\TmIEPlg32.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe O4 - HKLM\..\Run: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "E:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2318003957-1018503916-3544864865-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2318003957-1018503916-3544864865-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1066\TmIEPlg32.dll O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Product - 2011/08/18 13:07:12 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Intel® Turbo Boost Technology Monitor (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16754 bytes @asus ik heb het opgezocht wat jij zojuist als tip meegaf. Ook nu kan ik die 2 bestandjres niet vinden. Wel heb ik andere Asus bestanden die aangevinkt zijn, ik weet niet of je de namen wilt hebben en/of ik die asus bestanden standaard uit moet vinken?
- 24 oktober 2011
- 20 antwoorden
gloednieuwe laptop loopt vast

Bezem reageerde op Bezem's topic in Archief Windows Algemeen

Asus bedankt! Ik volg jou aanwijzingen op. In de lijst waar jij het over hebt, komen Asus Smartlogon en ASUS liveupdate bij mij niet in voor. Ik wacht gespannen af wat de experts zullen aantreffen
- 24 oktober 2011
- 20 antwoorden
gloednieuwe laptop loopt vast

Bezem reageerde op Bezem's topic in Archief Windows Algemeen

Beste allen, Allereerst bedankt voor de reactie's! Uiteraard is het nooit goedom een pc te resetten, maar ik zou geen andere oplossing kunnen bedenken als hij helemaal vastloopt. Als di er wel zijn hoor ik het graag De laptop die ik heb is de volgende: Asus N75SF-V2G-TZ064V i7-2630,8/1TB,17.3",GT555M Het spel waar het hierbij om draait heet: Football manager 2012. Beide programma's heb ik uitgevoerd, hier het overzichtje van can you run: Minimum [TABLE=class: AnalysisTable] [TR=class: a-row AnalysisRow] [TD=class: AnalysisIcon] [/TD] [TD=class: AnalysisColumn] [TABLE=class: DetailTable] [TR=class: DetailRow] [TD=class: DetailGroupName]CPU [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle] Minimum: Intel Pentium 4, Intel Core, AMD Athlon [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle YouHaveText]You Have: Intel® Core i7-2630QM CPU @ 2.00GHz [/TD] [/TR] [/TABLE] [/TD] [TD=class: AnalysisColumnArrow] [/TD] [TD=class: pass itemResultColumn]PASS [/TD] [/TR] [TR=class: a-row AnalysisRow] [TD=colspan: 4][/TD] [/TR] [TR=class: b-row AnalysisRow] [TD=class: AnalysisIcon] [/TD] [TD=class: AnalysisColumn] [TABLE=class: DetailTable] [TR=class: DetailRow] [TD=class: DetailGroupName]CPU Speed [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle] Minimum: XP - 1.4 GHz or Faster, Vista/W7 - 2.0 GHz or Faster. [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle YouHaveText]You Have: 2.0 GHz Performance Rated at: 22.8 GHz [/TD] [/TR] [/TABLE] [/TD] [TD=class: AnalysisColumnArrow] [/TD] [TD=class: pass itemResultColumn]PASS [/TD] [/TR] [TR=class: b-row AnalysisRow] [TD=colspan: 4][/TD] [/TR] [TR=class: a-row AnalysisRow] [TD=class: AnalysisIcon] [/TD] [TD=class: AnalysisColumn] [TABLE=class: DetailTable] [TR=class: DetailRow] [TD=class: DetailGroupName]RAM [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle] Minimum: XP - 512 MB RAM, Vista/W7 - 1.0 GB RAM [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle YouHaveText]You Have: 7.9 GB [/TD] [/TR] [/TABLE] [/TD] [TD=class: AnalysisColumnArrow] [/TD] [TD=class: pass itemResultColumn]PASS [/TD] [/TR] [TR=class: a-row AnalysisRow] [TD=colspan: 4][/TD] [/TR] [TR=class: b-row AnalysisRow] [TD=class: AnalysisIcon] [/TD] [TD=class: AnalysisColumn] [TABLE=class: DetailTable] [TR=class: DetailRow] [TD=class: DetailGroupName]OS [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle] Minimum: Windows XP / Vista / Windows 7 [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle YouHaveText]You Have: Microsoft Windows 7 Home Premium Edition Service Pack 1 (build 7601), 64-bit [/TD] [/TR] [/TABLE] [/TD] [TD=class: AnalysisColumnArrow] [/TD] [TD=class: pass itemResultColumn]PASS [/TD] [/TR] [TR=class: b-row AnalysisRow] [TD=colspan: 4][/TD] [/TR] [TR=class: a-row AnalysisRow] [TD=class: AnalysisIcon] [/TD] [TD=class: AnalysisColumn] [TABLE=class: DetailTable] [TR=class: DetailRow] [TD=class: DetailGroupName]Video Card [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle] Minimum: 128 MB Supported Chipsets - NVIDIA GeForce FX 5900 Ultra or greater; ATI Radeon 9800 or greater; Intel 82915G/82910GL or greater [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle YouHaveText]You Have: GeForce GT 540M [/TD] [/TR] [/TABLE] [/TD] [TD=class: AnalysisColumnArrow] [/TD] [TD=class: pass itemResultColumn]PASS [/TD] [/TR] [TR=class: a-row AnalysisRow] [TD=colspan: 4] [TABLE] [TR=class: DetailRow DetailHeaderRow] [TD=class: DetailFeatureHeader, colspan: 4]Features: Minimum attributes of your Video Card [/TD] [/TR] [TR=class: DetailRow] [TD=class: DetailFeatureSub, colspan: 4] [TABLE=class: SubDetailTable] [TR] [/TR] [TR=class: SubDetailRow] [TD] [/TD] [TD] Video RAM [/TD] [TD] 128 MB [/TD] [TD=class: YouHaveText] 4.0 GB [/TD] [/TR] [TR=class: SubDetailRow] [TD] [/TD] [TD] Pixel Shader version [/TD] [TD] 2.0 [/TD] [TD=class: YouHaveText] 5.0 [/TD] [/TR] [/TABLE] [/TD] [/TR] [/TABLE] [/TD] [/TR] [TR=class: b-row AnalysisRow] [TD=class: AnalysisIcon] [/TD] [TD=class: AnalysisColumn] [TABLE=class: DetailTable] [TR=class: DetailRow] [TD=class: DetailGroupName]Sound Card [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle] Minimum: Yes [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle YouHaveText]You Have: Microsoft Streaming Kwaliteitsbeheer Proxy [/TD] [/TR] [/TABLE] [/TD] [TD=class: AnalysisColumnArrow] [/TD] [TD=class: pass itemResultColumn]PASS [/TD] [/TR] [TR=class: b-row AnalysisRow] [TD=colspan: 4][/TD] [/TR] [TR=class: a-row AnalysisRow] [TD=class: AnalysisIcon] [/TD] [TD=class: AnalysisColumn] [TABLE=class: DetailTable] [TR=class: DetailRow] [TD=class: DetailGroupName]Free Disk Space [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle] Minimum: 2 GB [/TD] [/TR] [TR=class: DetailRowPad] [TD=class: DetailTitle YouHaveText]You Have: 229.0 GB [/TD] [/TR] [/TABLE] [/TD] [TD=class: AnalysisColumnArrow] [/TD] [TD=class: pass itemResultColumn]PASS [/TD] [/TR] [/TABLE] En hierbij de resultaat van hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:41:56, on 24-10-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe E:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\syncables\syncables desktop\syncables.exe C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\ExpressGateUtil\VAWinAgent.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe D:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FNOGFQ1F\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1066\TmIEPlg32.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe O4 - HKLM\..\Run: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "E:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2318003957-1018503916-3544864865-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2318003957-1018503916-3544864865-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe O4 - Global Startup: FancyStart daemon.lnk = ? O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1066\TmIEPlg32.dll O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Product - 2011/08/18 13:07:12 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Intel® Turbo Boost Technology Monitor (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16951 bytes Benoemingswaardig om te melden: ik krijg voor het eerst, rechts onderin bij de tijd, 2 computerproblemen melding. Een oplossing zoeken voor Steam. Inschakelen van trend mirco (antivirus), als ik op het laatste genoemde inschakelen klik schakelt hij vreemd genoeg niet in.
- 24 oktober 2011
- 20 antwoorden
gloednieuwe laptop loopt vast

Bezem plaatste een topic in Archief Windows Algemeen

Beste allen, Ik heb een gloednieuwe laptop van 2 maanden oud. Deze heb ik van alle actuele drivers voorzien. Ook heb ik als aanbeveling titanum antivirus erop gezet, dit werkt overigens zonder enige problemen. Afgelopen vrijdag heb ik een spel gekocht (wat die dag uitkwam) en kon ik deze zonder probleem spelen. Nu echter, loopt dit spel telkens vast. Ik moet elke keer mijn laptop resetten (paar seconden lang aan/uit knop iongedrukt houden en dit ook weer doen om hem vervolgens op te starten) Ik heb geen utilitie prgramma op mijn laptop die problemen opspoort en reapareert, dit omdat ik geen enkel idee heb wat het beste programma is. Zou iemand mij alsjeblieft willen helpen met dit irritante probleem, ik heb het internet al afgestruind maar op het gebied van dit spel ben ik bovenstaand probleem nog niet tegengekomen. Alvast bedankt!!
- 24 oktober 2011
- 20 antwoorden
w32.blasterwom

Bezem reageerde op Bezem's topic in Archief Bestrijding malware & virussen

Ook dat heb ik geprobeerd, kan geen andere achtergrond kiezen, je ziet de plaatjes niet laden, alleen transparanten blauwe vakjes als het ware.
- 6 augustus 2011
- 16 antwoorden
w32.blasterwom

Bezem reageerde op Bezem's topic in Archief Bestrijding malware & virussen

Uitgevoerd en er zijn aantal problemen gefixed door CCleaner, alleen achtergrond is nog steeds zwart, zijn die bestandenpictogramma nog onzichtbaar en de .sqm bestanden staan nog op de C schrijf. Daarnaast merk ik nu net op dat de C schrijf op 2 gig na ineens vol is geraakt.
- 26 juli 2011
- 16 antwoorden
w32.blasterwom

Bezem reageerde op Bezem's topic in Archief Bestrijding malware & virussen

Beste, Unhide opgestart bovenstaande melding gekregen, alleen probleem doet zich nog steeds voor. Misshien dat ik vanavond nog reageer anders duurt het weer een poosje, vanaf morgen 10 dagen op vakantie.
- 26 juli 2011
- 16 antwoorden
w32.blasterwom

Bezem reageerde op Bezem's topic in Archief Bestrijding malware & virussen

ComboFix 11-07-22.02 - Ron 22-07-2011 19:40:26.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3326.1873 [GMT 2:00] Gestart vanuit: c:\users\Ron\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Ron\Desktop\CFScript.txt AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} FW: Trend Micro Firewall Booster *Enabled* {49A8346C-6900-54B6-B1B3-5F678736DDE9} SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\program files\Bandoo\Bandoo.exe" "c:\windows\system32\bandoolmx.dll" "c:\windows\system32\ConduitEngine.tmp" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Bandoo c:\program files\Bandoo\Bandoo.exe c:\program files\Bandoo\BandooGo.exe c:\program files\Bandoo\BandooUI.exe c:\program files\Bandoo\BndCore.exe c:\program files\Bandoo\BndHook.dll c:\program files\Bandoo\CrashRpt.dll c:\program files\Bandoo\ExtensionsManager.exe c:\program files\Bandoo\FFSettings.exe c:\program files\Bandoo\FlashAnimator.dll c:\program files\Bandoo\GIFAnimator.dll c:\program files\Bandoo\INSTALL.LOG c:\program files\Bandoo\InstallerHelper.dll c:\program files\Bandoo\libungif4.dll c:\program files\Bandoo\license.rtf c:\program files\Bandoo\Plugins.ini c:\program files\Bandoo\Plugins\IE\ieplugin.dll c:\program files\Bandoo\Plugins\IE\Resources\bandoo.js c:\program files\Bandoo\Plugins\IE\Resources\HTML\blank.html c:\program files\Bandoo\Plugins\IE\Resources\HTML\error.html c:\program files\Bandoo\Plugins\MSN\msnplugin.dll c:\program files\Bandoo\Plugins\MSN\Resources\HTML\blank.html c:\program files\Bandoo\Plugins\MSN\Resources\HTML\error.html c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\BandooToolbar.xml c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1001.dat c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1002.dat c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1003.dat c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1004.dat c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1005.dat c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1006.dat c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1011.dat c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1012.dat c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1013.dat c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1014.dat c:\program files\Bandoo\Plugins\Yahoo\Resources\HTML\blank.html c:\program files\Bandoo\Plugins\Yahoo\Resources\HTML\error.html c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\BandooToolbar.xml c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\BandooToolbarV9.xml c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1001.dat c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1002.dat c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1003.dat c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1004.dat c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1005.dat c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1006.dat c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1051.dat c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1052.dat c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1053.dat c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1054.dat c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1055.dat c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1056.dat c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1057.dat c:\program files\Bandoo\Plugins\Yahoo\YahooPlugin.dll c:\program files\Bandoo\PreUninstall.exe c:\program files\Bandoo\Resources.dll c:\program files\Bandoo\Resources\BandooMessages.xml c:\program files\Bandoo\Resources\downloading.gif c:\program files\Bandoo\Resources\nudge0.wav c:\program files\Bandoo\Resources\nudge1.wav c:\program files\Bandoo\Resources\nudge2.wav c:\program files\Bandoo\Resources\nudge3.wav c:\program files\Bandoo\Resources\nudge4.wav c:\program files\Bandoo\Resources\nudge5.wav c:\program files\Bandoo\UNWISE.EXE c:\program files\Conduit c:\program files\Conduit\Community Alerts\Alert.dll c:\program files\uTorrentBar_NL c:\program files\uTorrentBar_NL\GottenAppsContextMenu.xml c:\program files\uTorrentBar_NL\ldrtbuTor.dll c:\program files\uTorrentBar_NL\OtherAppsContextMenu.xml c:\program files\uTorrentBar_NL\prxtbuTor.dll c:\program files\uTorrentBar_NL\SharedAppsContextMenu.xml c:\program files\uTorrentBar_NL\tbuTor.dll c:\program files\uTorrentBar_NL\toolbar.cfg c:\program files\uTorrentBar_NL\ToolbarContextMenu.xml c:\program files\uTorrentBar_NL\uninstall.exe c:\program files\uTorrentBar_NL\uTorrentBar_NLToolbarHelper.exe c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820} c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.dat c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.exe c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.lnk c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.msi c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.par c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.res c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\instance.dat c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\mia.lib c:\programdata\Bandoo c:\programdata\Bandoo\config.xml c:\programdata\Bandoo\CrashReportInfo.xml c:\programdata\Bandoo\MostlyUsed.xml c:\programdata\Bandoo\Repository\65765.dat c:\programdata\Bandoo\Repository\65766.xml c:\programdata\Bandoo\Repository\70145.dat c:\programdata\Bandoo\Repository\70146.xml c:\programdata\Bandoo\WPSubsystems.xml c:\users\Ron\AppData\Local\Conduit c:\users\Ron\AppData\Local\Conduit\CT2865317\uTorrentBar_NLAutoUpdateHelper.exe c:\users\Ron\AppData\Local\Ilivid Player c:\users\Ron\AppData\Local\Ilivid Player\script.qscript c:\users\Ron\AppData\Roaming\Bandoo c:\windows\system32\bandoolmx.dll c:\windows\system32\ConduitEngine.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2011-06-22 to 2011-07-22 )))))))))))))))))))))))))))))) . . 2011-07-22 17:57 . 2011-07-22 17:57 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-07-22 17:15 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6B2802B4-AD91-45AE-BB22-25B021B4720E}\mpengine.dll 2011-07-20 00:38 . 2011-07-20 00:38 -------- d-----w- c:\programdata\boost_interprocess 2011-07-20 00:38 . 2011-07-20 00:39 -------- d-----w- c:\program files\Windows iLivid Toolbar 2011-07-20 00:38 . 2011-07-20 00:38 -------- d-----w- c:\users\Ron\AppData\Local\PackageAware 2011-07-20 00:23 . 2011-07-20 00:26 -------- d-----w- c:\programdata\Spotnet 2011-07-20 00:23 . 2011-07-20 00:23 -------- d-----w- c:\program files\Spotnet 2011-07-17 19:58 . 2011-07-17 19:58 -------- d-----w- c:\users\Ron\AppData\Roaming\Malwarebytes 2011-07-17 19:58 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-17 19:58 . 2011-07-17 19:58 -------- d-----w- c:\programdata\Malwarebytes 2011-07-17 19:58 . 2011-07-17 19:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-07-17 19:58 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-17 18:56 . 2011-07-17 18:56 388096 ----a-r- c:\users\Ron\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-07-16 15:30 . 2011-07-16 15:30 -------- d-----w- C:\temp 2011-07-16 15:14 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys 2011-07-16 15:01 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll 2011-07-16 15:01 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll 2011-07-15 20:25 . 2011-07-15 20:25 -------- d-----w- C:\extensions 2011-07-15 20:25 . 2011-07-20 00:28 -------- d-----w- c:\program files\ConduitEngine 2011-07-15 20:19 . 2011-07-20 08:18 -------- d-----w- c:\users\Ron\AppData\Roaming\uTorrent 2011-07-15 20:19 . 2011-07-15 20:19 -------- d-----w- c:\users\Ron\AppData\Local\uTorrent 2011-07-01 18:17 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-24 17:14 . 2009-10-02 17:19 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-05-02 17:16 . 2011-06-18 12:15 739328 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 13:25 . 2011-06-18 12:16 146432 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-04-29 13:25 . 2011-06-18 12:16 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-04-29 13:24 . 2011-06-18 12:15 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-29 13:24 . 2011-06-18 12:15 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-29 13:24 . 2011-06-18 12:15 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-06 39408] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 202024] "Steam"="e:\programs\Steam\Steam.exe" [2010-11-17 1242448] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Ai Nap"="c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 1426432] "CPU Power Monitor"="c:\program files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-16 626176] "Cpu Level Up help"="c:\program files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 880640] "RCSystem"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2006-11-22 57344] "AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2006-11-22 57344] "CTHelper"="CTHELPER.EXE" [2007-10-25 19456] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2008-04-14 380928] "VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2008-08-06 233576] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-06-15 47408] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-14 30192] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13683232] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 92704] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-02-17 1111568] "CTxfiHlp"="CTXFIHLP.EXE" [2008-07-11 19968] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 116752] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584] "OE"="c:\program files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe" [2010-12-20 238928] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CtxfiReg"="CTXFIREG.exe" [2008-07-11 43520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-03-15 183560] R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2008-11-06 79360] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2008-11-06 79360] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-14 30192] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2007-03-07 32256] R4 iaNvStor;Intel® Turbo Memory Technology NAND Controller;c:\windows\system32\drivers\ianvstor.sys [2006-04-24 210432] R4 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-05-30 36608] R4 ioatdma;Intel® QuickData Technology Device;c:\windows\system32\drivers\ioatdma.sys [2008-01-18 36480] R4 stex;stex;c:\windows\system32\drivers\stex.sys [2006-08-22 18944] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;c:\windows\system32\DRIVERS\tmlwf.sys [2010-12-20 143952] S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640] S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2008-12-11 3575808] S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-12-20 64080] S2 tmwfp;Trend Micro WFP Callout Driver;c:\windows\system32\DRIVERS\tmwfp.sys [2010-12-20 284752] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2011-07-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-946351660-546763968-3580765103-1003Core.job - c:\users\Ron\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 19:46] . 2011-07-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-946351660-546763968-3580765103-1003UA.job - c:\users\Ron\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 19:46] . . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-Bandoo - c:\program files\Bandoo\PreUninstall.exe AddRemove-iLivid - c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.exe AddRemove-uTorrentBar_NL Toolbar - c:\program files\uTorrentBar_NL\uninstall.exe AddRemove-{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406} - c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.exe . . . ************************************************************************** scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run CTxfiHlp = CTXFIHLP.EXE? . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-946351660-546763968-3580765103-1003\Software\G*e*n*i*e*"!\FM Genie Scout 10] "GameDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010\\games" "ShortlistDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010\\shortlists" "ScreenshotsDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010" "SaveDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010\\" "LangDB"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010\\shortlists" "LastSaveGame"="" "Language"="English" "LoadLangDB"=dword:00000000 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000001 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="Steklo Black" "LastUpdateCheck"=dword:00009dc8 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000001 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000074 "UniqueID"="35-EA80-E0CF" "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "Currency"=dword:00000056 . [HKEY_USERS\S-1-5-21-946351660-546763968-3580765103-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE] "GameDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009\\games" "ShortlistDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009\\shortlists" "ScreenshotsDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009" "SaveDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009\\" "LangDB"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009\\shortlists" "Language"="English" "LoadLangDB"=dword:00000000 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000001 "MinCondition"=dword:00000050 "SkinName"="FM 2009" "LastUpdateCheck"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000001 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000067 "UniqueID"="35-EA80-E0CF" "Currency"=dword:00000056 "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "LastSaveGame"="" "GraphStep"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(3380) c:\program files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEHook.dll c:\windows\System32\ctagent.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Creative\Shared Files\CTAudSvc.exe c:\windows\system32\rundll32.exe c:\program files\Trend Micro\AMSP\coreServiceShell.exe c:\program files\ASUS\AASP\1.00.46\aaCenter.exe c:\program files\Trend Micro\AMSP\coreFrameworkHost.exe c:\program files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\System32\ASDR.exe c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\program files\Microsoft\BingBar\SeaPort.EXE c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\WUDFHost.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\conime.exe c:\windows\System32\rundll32.exe c:\windows\System32\Ctxfihlp.exe c:\program files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe c:\windows\SYSTEM32\CTXFISPI.EXE c:\program files\Common Files\Nero\Lib\NMIndexingService.exe c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe c:\program files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe c:\program files\Creative\ShareDLL\CADI\NotiMan.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\ehome\ehmsas.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Common Files\Steam\SteamService.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Voltooingstijd: 2011-07-22 20:05:31 - machine werd herstart ComboFix-quarantined-files.txt 2011-07-22 18:05 ComboFix2.txt 2011-07-21 09:16 . Pre-Run: 15.912.755.200 bytes beschikbaar Post-Run: 15.761.354.752 bytes beschikbaar . - - End Of File - - 6BA7161BA12BCAF254A4F1CC39652B3D Nadat combofix klaar was pc opnieuw herstart, daarbij viel op dat mijn bureaublad zwart blijft, ook na selecteren van nieuw bureablad. Tevens zie ik op de C en E schrijven geen pictogrammen van de bestanden en mappen, alleen de bestandnamen, de pictogramma laden als het ware niet in.
- 22 juli 2011
- 16 antwoorden
w32.blasterwom

Bezem reageerde op Bezem's topic in Archief Bestrijding malware & virussen

ComboFix 11-07-21.01 - Ron 21-07-2011 10:43:15.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3326.1726 [GMT 2:00] Gestart vanuit: c:\users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BBRGGUEF\ComboFix.exe AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} FW: Trend Micro Firewall Booster *Enabled* {49A8346C-6900-54B6-B1B3-5F678736DDE9} SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\drivers\ntfs.sys . . . is geïnfecteerd!! . . (((((((((((((((((((( Bestanden Gemaakt van 2011-06-21 to 2011-07-21 )))))))))))))))))))))))))))))) . . 2011-07-21 09:06 . 2011-07-21 09:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-07-20 09:02 . 2011-07-20 09:02 -------- d-----w- c:\users\Ron\AppData\Roaming\Bandoo 2011-07-20 00:40 . 2011-07-20 00:40 -------- d-----w- c:\programdata\Bandoo 2011-07-20 00:40 . 2011-07-20 00:40 -------- d-----w- c:\program files\Bandoo 2011-07-20 00:40 . 2011-07-20 00:40 -------- d-----w- c:\users\Ron\AppData\Local\Ilivid Player 2011-07-20 00:40 . 2011-05-25 14:55 1524112 ----a-w- c:\windows\system32\bandoolmx.dll 2011-07-20 00:39 . 2011-07-20 00:39 -------- dc-h--w- c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820} 2011-07-20 00:38 . 2011-07-20 00:38 -------- d-----w- c:\programdata\boost_interprocess 2011-07-20 00:38 . 2011-07-20 00:39 -------- d-----w- c:\program files\Windows iLivid Toolbar 2011-07-20 00:38 . 2011-07-20 00:38 -------- d-----w- c:\users\Ron\AppData\Local\PackageAware 2011-07-20 00:28 . 2011-07-20 00:28 -------- d-----w- c:\program files\Conduit 2011-07-20 00:28 . 2011-07-20 00:28 0 ----a-w- c:\windows\system32\ConduitEngine.tmp 2011-07-20 00:28 . 2011-07-20 00:28 -------- d-----w- c:\users\Ron\AppData\Local\Conduit 2011-07-20 00:23 . 2011-07-20 00:26 -------- d-----w- c:\programdata\Spotnet 2011-07-20 00:23 . 2011-07-20 00:23 -------- d-----w- c:\program files\Spotnet 2011-07-19 13:04 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F946C78C-0C0A-47D2-A7B6-157485F7EF14}\mpengine.dll 2011-07-17 19:58 . 2011-07-17 19:58 -------- d-----w- c:\users\Ron\AppData\Roaming\Malwarebytes 2011-07-17 19:58 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-17 19:58 . 2011-07-17 19:58 -------- d-----w- c:\programdata\Malwarebytes 2011-07-17 19:58 . 2011-07-17 19:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-07-17 19:58 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-17 18:56 . 2011-07-17 18:56 388096 ----a-r- c:\users\Ron\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-07-16 15:30 . 2011-07-16 15:30 -------- d-----w- C:\temp 2011-07-16 15:14 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys 2011-07-16 15:01 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll 2011-07-16 15:01 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll 2011-07-15 20:25 . 2011-07-15 20:25 -------- d-----w- C:\extensions 2011-07-15 20:25 . 2011-07-20 00:28 -------- d-----w- c:\program files\uTorrentBar_NL 2011-07-15 20:19 . 2011-07-20 08:18 -------- d-----w- c:\users\Ron\AppData\Roaming\uTorrent 2011-07-15 20:19 . 2011-07-15 20:19 -------- d-----w- c:\users\Ron\AppData\Local\uTorrent 2011-07-01 18:17 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-24 17:14 . 2009-10-02 17:19 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-05-02 17:16 . 2011-06-18 12:15 739328 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 13:25 . 2011-06-18 12:16 146432 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-04-29 13:25 . 2011-06-18 12:16 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-04-29 13:24 . 2011-06-18 12:15 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-29 13:24 . 2011-06-18 12:15 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-29 13:24 . 2011-06-18 12:15 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{87775fdb-6972-41f9-ae51-8326e38cb206}"= "c:\program files\uTorrentBar_NL\prxtbuTor.dll" [2011-03-28 176936] . [HKEY_CLASSES_ROOT\clsid\{87775fdb-6972-41f9-ae51-8326e38cb206}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2011-03-28 16:22 176936 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206}] 2011-03-28 16:22 176936 ----a-w- c:\program files\uTorrentBar_NL\prxtbuTor.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{87775fdb-6972-41f9-ae51-8326e38cb206}"= "c:\program files\uTorrentBar_NL\prxtbuTor.dll" [2011-03-28 176936] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-03-28 176936] . [HKEY_CLASSES_ROOT\clsid\{87775fdb-6972-41f9-ae51-8326e38cb206}] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-06 39408] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 202024] "Steam"="e:\programs\Steam\Steam.exe" [2010-11-17 1242448] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Ai Nap"="c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 1426432] "CPU Power Monitor"="c:\program files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-16 626176] "Cpu Level Up help"="c:\program files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 880640] "RCSystem"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2006-11-22 57344] "AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2006-11-22 57344] "CTHelper"="CTHELPER.EXE" [2007-10-25 19456] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2008-04-14 380928] "VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2008-08-06 233576] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-06-15 47408] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-14 30192] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13683232] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 92704] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-02-17 1111568] "CTxfiHlp"="CTXFIHLP.EXE" [2008-07-11 19968] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 116752] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584] "OE"="c:\program files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe" [2010-12-20 238928] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CtxfiReg"="CTXFIREG.exe" [2008-07-11 43520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\WI371A~1\Datamngr\datamngr.dll c:\progra~1\WI371A~1\Datamngr\IEBHO.dll c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll c:\progra~1\Bandoo\BndHook.dll . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-03-15 183560] R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2008-11-06 79360] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2008-11-06 79360] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-14 30192] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2007-03-07 32256] R4 iaNvStor;Intel® Turbo Memory Technology NAND Controller;c:\windows\system32\drivers\ianvstor.sys [2006-04-24 210432] R4 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-05-30 36608] R4 ioatdma;Intel® QuickData Technology Device;c:\windows\system32\drivers\ioatdma.sys [2008-01-18 36480] R4 stex;stex;c:\windows\system32\drivers\stex.sys [2006-08-22 18944] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;c:\windows\system32\DRIVERS\tmlwf.sys [2010-12-20 143952] S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640] S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2008-12-11 3575808] S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-12-20 64080] S2 tmwfp;Trend Micro WFP Callout Driver;c:\windows\system32\DRIVERS\tmwfp.sys [2010-12-20 284752] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2011-07-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-946351660-546763968-3580765103-1003Core.job - c:\users\Ron\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 19:46] . 2011-07-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-946351660-546763968-3580765103-1003UA.job - c:\users\Ron\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 19:46] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.searchqu.com/406 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-07-21 11:11 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run CTxfiHlp = CTXFIHLP.EXE? . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-946351660-546763968-3580765103-1003\Software\G*e*n*i*e*"!\FM Genie Scout 10] "GameDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010\\games" "ShortlistDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010\\shortlists" "ScreenshotsDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010" "SaveDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010\\" "LangDB"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010\\shortlists" "LastSaveGame"="" "Language"="English" "LoadLangDB"=dword:00000000 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000001 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="Steklo Black" "LastUpdateCheck"=dword:00009dc8 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000001 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000074 "UniqueID"="35-EA80-E0CF" "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "Currency"=dword:00000056 . [HKEY_USERS\S-1-5-21-946351660-546763968-3580765103-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE] "GameDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009\\games" "ShortlistDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009\\shortlists" "ScreenshotsDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009" "SaveDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009\\" "LangDB"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009\\shortlists" "Language"="English" "LoadLangDB"=dword:00000000 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000001 "MinCondition"=dword:00000050 "SkinName"="FM 2009" "LastUpdateCheck"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000001 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000067 "UniqueID"="35-EA80-E0CF" "Currency"=dword:00000056 "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "LastSaveGame"="" "GraphStep"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(1680) c:\program files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEHook.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Creative\Shared Files\CTAudSvc.exe c:\windows\system32\rundll32.exe c:\program files\Trend Micro\AMSP\coreServiceShell.exe c:\program files\ASUS\AASP\1.00.46\aaCenter.exe c:\program files\Trend Micro\AMSP\coreFrameworkHost.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\System32\ASDR.exe c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\program files\Microsoft\BingBar\SeaPort.EXE c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\WUDFHost.exe c:\progra~1\Bandoo\Bandoo.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\conime.exe c:\windows\System32\rundll32.exe c:\program files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe c:\windows\SYSTEM32\CTXFISPI.EXE c:\program files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Common Files\Nero\Lib\NMIndexingService.exe c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe c:\windows\ehome\ehmsas.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Common Files\Steam\SteamService.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Voltooingstijd: 2011-07-21 11:16:53 - machine werd herstart ComboFix-quarantined-files.txt 2011-07-21 09:16 . Pre-Run: 14.558.568.448 bytes beschikbaar Post-Run: 14.465.282.048 bytes beschikbaar . - - End Of File - - 6AA3ADEC7ED22C3EBB3D33694AD1A1F6 Bestandsnamen van de .sqm zijn: sqmdata00.sqm, sqmdata01.sqm, sqmdata02.sqm, sqmdata03.sqm, sqmdata04.sqm, sqmdata05.sqm, sqmdata06.sqm en een bestandnaam genoemd TMPatch. Ook zie ik een paar submappen die mij niet bekend voorkomen.
- 21 juli 2011
- 16 antwoorden
w32.blasterwom

Bezem reageerde op Bezem's topic in Archief Bestrijding malware & virussen

Bovenstaande melding binnen gekregen, alle mappen/bestanden weer reeds zichtbaar! Nu zie ik ook veel subdocumenten die ik nog nooit eerder heb gezien, daarnaast zie ik ook .sqm documenten, maar wat dat inhoudt? Ook merk ik wel dat met name het aanzetten mijn pc vastloopt als het eenmaal opgestart is, taakbeheer activeren niks meer doet het. Na reset werkt hij wel weer gewoon super, kan dit nog een nasleep van het virus zijn?
- 19 juli 2011
- 16 antwoorden
w32.blasterwom

Bezem reageerde op Bezem's topic in Archief Bestrijding malware & virussen

Wederom dank voor de snelle reactie! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:24:49, on 17-7-2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\ASUS\AASP\1.00.46\aaCenter.exe C:\Windows\Explorer.EXE C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\Windows\System32\CtHelper.exe C:\Program Files\ASUS\GamerOSD\GamerOSD.exe C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe C:\Windows\System32\Ctxfihlp.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe E:\programs\Steam\steam.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\SYSTEM32\CTXFISPI.EXE C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hyves R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.informatique.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXE O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL "" O4 - HKLM\..\Run: [OE] "C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe" O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [steam] "E:\Programs\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Ron\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldnl-nl.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASDR - Unknown owner - C:\Windows\System32\ASDR.exe O23 - Service: ATK Fast User Switch Service (ATKFUSService) - ASUSTeK COMPUTER INC. - C:\Windows\system32\ATKFUSService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 13391 bytes Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Databaseversie: 7176 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 17-7-2011 22:08:34 mbam-log-2011-07-17 (22-08-34).txt Scantype: Snelle scan Objecten gescand: 173172 Verstreken tijd: 8 minuut/minuten, 43 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Alleen blijft mijn probleem bestaan dat op mijn C schrijf bij users, mijn word documenten verdwenen zijn en op de E schrijf zegt mijn pc dat deze map leeg is, terwijl bij eigenschappen duidelijk staat dat er data opstaat. Ik denk persoonlijk dat dit komt omdat ik een systeemherstel gedaan heb toen ik dat virus had, kan dat toevallig kloppen?
- 17 juli 2011
- 16 antwoorden
w32.blasterwom

Bezem reageerde op Bezem's topic in Archief Bestrijding malware & virussen

Bedankt voor de snelle reactie! Hieronder het raportje van Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:10:46, on 17-7-2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\AASP\1.00.46\aaCenter.exe C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\Windows\System32\CtHelper.exe C:\Program Files\ASUS\GamerOSD\GamerOSD.exe C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe C:\Windows\System32\Ctxfihlp.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe E:\programs\Steam\steam.exe C:\Windows\SYSTEM32\CTXFISPI.EXE C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe C:\Program Files\Microsoft\BingBar\BingBar.exe C:\Program Files\Microsoft\BingBar\BingApp.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hyves R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com Nederland - De andere zoekmachine R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.informatique.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXE O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL "" O4 - HKLM\..\Run: [OE] "C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe" O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [steam] "E:\Programs\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Ron\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldnl-nl.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASDR - Unknown owner - C:\Windows\System32\ASDR.exe O23 - Service: ATK Fast User Switch Service (ATKFUSService) - ASUSTeK COMPUTER INC. - C:\Windows\system32\ATKFUSService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 13483 bytes
- 17 juli 2011
- 16 antwoorden
w32.blasterwom

Bezem plaatste een topic in Archief Bestrijding malware & virussen

Best pc gebruikers, Ik heb het volgende probleem. Ik ben slachtoffer geworden van het virus w32.blasterworm. Dit komt omdat ik enige tijd niet in staat was om mijn antivirusprogramma genaamd trend micro titanium te updaten. Nadat ik dit virus binnen heb gehad, heb ik mij als noodgreep aangewend tot systeemherstel. Nadat dit uitgevoerd was, werkte alles weer optimaal en heb ik mijn antivirusprogramma gelijk upgedate. Ook verschillende scans uitgevoerd en cccleaner uitgevoerd. Voor de rest niks aangetroffen. Het enige probleem wat ik over hou is als volgt. Als ik deze computer open en op mijn c schrijf bij mijn eigen user, zijn mijn documenten ga kijken zie ik dat mijn documenten verdwenen zijn. Als ik mijn E schrijf open staat er dat deze map leeg is, terwijl bij eigenschappen je duidelijk ziet dat er data op deze schrijf staat. Het rare is dan ook als ik op start klik, in het balkje zoekresultaten mijn bestandnamen (die op de E schrijf staan) en documenten zoek, mijn computer ze gewoon vindt en kan openen. Hierop heb ik ook een schrijfcontrole laten plaatsvinden op alle schrijven, waarbij dit geen resultaat opleverde. Voor de volledige info ik heb het besturingssysteem windows vista wat ook up to date is. Hoe kan ik deze data's weer zichtbaar maken? alvast bedankt voor de hulp!
- 16 juli 2011
- 16 antwoorden

Inloggen

Bezem

Items

Registratiedatum

Laatst bezocht

Inhoudstype

Profielen

Forums

Store

Alles dat geplaatst werd door Bezem

Trage laptop

Trage laptop

gloednieuwe laptop loopt vast

gloednieuwe laptop loopt vast

gloednieuwe laptop loopt vast

gloednieuwe laptop loopt vast

gloednieuwe laptop loopt vast

gloednieuwe laptop loopt vast

gloednieuwe laptop loopt vast

gloednieuwe laptop loopt vast

gloednieuwe laptop loopt vast

gloednieuwe laptop loopt vast

w32.blasterwom

w32.blasterwom

w32.blasterwom

w32.blasterwom

w32.blasterwom

w32.blasterwom

w32.blasterwom

w32.blasterwom

w32.blasterwom

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie