Ga naar inhoud

casc

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    34

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door casc

  1. casc
    Nogmaals hartelijk dank voor de hulp Mvg
  2. casc
    Niets te vinden met zoekopdracht, het is nu al drie dagen zonder blauw scherm kan ik dat als oplost beschouwen Mvg
  3. casc
    We zijn nu 2 dagen verder en kan je melden dat ik nog geen blauw scherm heb gehad
  4. casc
    oke ik ga het zo goed mogelijk bijhouden wat er gebeurd bij een crash en hou je op de hoogte en alvast bedankt voor de hulp die je me al aangeboden hebt
  5. casc
    Ik heb het gedaan zoals je beschreven hebt en wat moet ik nu doen...afwachten!!! Mvg
  6. casc
    Sorry maar dat zegt me niet veel, komt me ook niet bekent voor maar heb nu folder defence verwijderd want had ergens op internet gelezen en die had ook een blauw scherm en naar het schijnt kwam het daar door, dus nu eventjes afwachten of het klopt
  7. casc
    Via zoekopdracht vind ik niets daarover, maar denk dat het dit kan zijn (folder defence) ben er wel niet zeker van, of is er een andere manier dat ik het kan vinden
  8. casc
    Mijn woorden waren nog niet koud of ik had een nieuw blauw scherm, dit is dan het laatste ================================================== Dump File : Mini090111-01.dmp Crash Time : 1/09/2011 12:47:10 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x10000050 Parameter 1 : 0xc25c4000 Parameter 2 : 0x00000000 Parameter 3 : 0x9214e184 Parameter 4 : 0x00000000 Caused By Driver : FldSafe.sys Caused By Address : FldSafe.sys+17ba File Description : Scanner Filter Product Name : Windows ® Win 7 DDK driver Company : Windows ® Win 7 DDK provider File Version : 6.1.7600.16385 built by: WinDDK Processor : 32-bit Crash Address : FldSafe.sys+1184 Stack Address 1 : FldSafe.sys+17ba Stack Address 2 : FldSafe.sys+1872 Stack Address 3 : FldSafe.sys+1a00 Computer Name : Full Path : C:\Windows\Minidump\Mini090111-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 6002 Dump File Size : 144.181 ==================================================
  9. casc
    Dit is het laatste blauw scherm sindsdien niet meer en heb de computer een tijd laten opstaan Dump File : Mini082911-01.dmp Crash Time : 29/08/2011 17:09:23 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x10000050 Parameter 1 : 0xd3f3b000 Parameter 2 : 0x00000000 Parameter 3 : 0x90d13184 Parameter 4 : 0x00000000 Caused By Driver : FldSafe.sys Caused By Address : FldSafe.sys+17ba File Description : Scanner Filter Product Name : Windows ® Win 7 DDK driver Company : Windows ® Win 7 DDK provider File Version : 6.1.7600.16385 built by: WinDDK Processor : 32-bit Crash Address : FldSafe.sys+1184 Stack Address 1 : FldSafe.sys+17ba Stack Address 2 : FldSafe.sys+1872 Stack Address 3 : FldSafe.sys+1a00 Computer Name : Full Path : C:\Windows\Minidump\Mini082911-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 6002 Dump File Size : 144.181 ==================================================
  10. casc
    [TABLE=class: top left] [TR] [TD][/TD] [/TR] [TR] [TD=colspan: 2] ik hoop dat ik het zo goed heb gedaan [/TD] [/TR] [TR] [TD=width: 100] Bestandsnaam:[/TD] [TD=width: *]FldSafe.sys[/TD] [/TR] [TR] [TD] Status:[/TD] [TD]Scan voltooid. 0 uit 19 scanners vonden malware. [/TD] [/TR] [TR] [TD]Scan genomen op: [/TD] [TD]zo 27 mrt 2011 22:27:51 (CET) Permalink[/TD] [/TR] [TR] [TD][/TD] [TD][/TD] [TD][/TD] [TD][/TD] [/TR] [/TABLE] [h=3]Extra informatie[/h][TABLE=class: scannertable] [TR] [TD=width: 100] Bestandsgrootte:[/TD] [TD] 10240 bytes[/TD] [/TR] [TR] [TD=width: 100] Bestandstype:[/TD] [TD] PE32 executable for MS Windows (native) Intel 80386 32-bit[/TD] [/TR] [TR] [TD] MD5:[/TD] [TD] fc8d7576ce1d3d3a70f0feafa441ef8b[/TD] [/TR] [TR] [TD] SHA1:[/TD] [TD] 23982a568415230b72469fec27422bcb51161ed6[/TD] [/TR] [/TABLE]
  11. casc
    ComboFix 11-08-30.01 - Walter 30/08/2011 16:34:30.1.4 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3071.1499 [GMT 2:00] Gestart vanuit: c:\users\Walter\Desktop\ComboFix.exe AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . D:\resycled L:\autorun.inf . . (((((((((((((((((((( Bestanden Gemaakt van 2011-07-28 to 2011-08-30 )))))))))))))))))))))))))))))) . . 2011-08-30 14:43 . 2011-08-30 14:43 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp 2011-08-30 14:43 . 2011-08-30 14:43 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-08-29 20:47 . 2011-08-29 20:47 388096 ----a-r- c:\users\Walter\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-08-29 20:47 . 2011-08-29 20:47 -------- d-----w- c:\program files\Trend Micro 2011-08-28 17:03 . 2011-08-28 17:03 -------- d-----w- c:\program files\iPod 2011-08-28 17:03 . 2011-08-28 17:03 -------- d-----w- c:\program files\iTunes 2011-08-28 13:38 . 2011-08-28 13:38 -------- d-----w- c:\program files\NirSoft 2011-08-24 11:43 . 2011-07-11 13:25 2048 ----a-w- c:\windows\system32\tzres.dll 2011-08-18 22:01 . 2011-08-18 22:01 -------- d-----w- c:\users\Walter\AppData\Roaming\Malwarebytes 2011-08-18 22:01 . 2011-07-08 05:55 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-08-18 22:01 . 2011-08-18 22:01 -------- d-----w- c:\programdata\Malwarebytes 2011-08-18 22:01 . 2011-08-18 22:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-08-18 22:01 . 2011-07-08 05:55 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-15 12:02 . 2011-08-15 12:02 -------- d-----w- c:\program files\MSBuild 2011-08-15 11:59 . 2011-08-15 11:59 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2011-08-14 11:16 . 2011-08-14 11:15 8192 ----a-w- c:\windows\system32\srvany.exe 2011-08-12 22:19 . 2011-08-12 22:19 10240 ----a-w- c:\windows\system32\drivers\FldSafe.sys 2011-08-12 22:19 . 2011-08-12 22:19 -------- d-----w- c:\program files\FolderDefence 2011-08-10 13:27 . 2011-06-17 16:03 375808 ----a-w- c:\windows\system32\winsrv.dll 2011-08-10 13:27 . 2011-07-06 15:31 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-08-10 13:27 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-08-10 13:27 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-08-10 13:27 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-08-10 13:27 . 2011-06-17 20:13 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-15 11:54 . 2011-07-13 11:48 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-08-10 13:15 . 2011-07-13 19:56 952 --sha-w- c:\programdata\KGyGaAvL.sys 2011-07-30 20:32 . 2011-07-13 09:46 6656 ----a-w- c:\windows\system32\lpcio.dll 2011-07-22 16:13 . 2011-07-22 16:13 233024 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2011-07-19 09:16 . 2011-07-19 09:16 717296 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-07-14 13:18 . 2011-07-14 13:18 345328 ----a-w- c:\windows\system32\SRSTSXT.dll 2011-07-14 13:18 . 2011-07-14 13:18 1829992 ----a-w- c:\windows\system32\RtkPgExt.dll 2011-07-14 13:18 . 2011-07-14 13:18 140528 ----a-w- c:\windows\system32\SRSWOW.dll 2011-07-14 13:18 . 2011-07-14 13:18 367208 ----a-w- c:\windows\system32\RtkApoApi.dll 2011-07-14 13:18 . 2011-07-12 00:03 141928 ----a-w- c:\windows\RTKAUDIOSERVICE.EXE 2011-07-14 13:18 . 2011-07-12 00:02 64616 ----a-w- c:\windows\system32\RtkCoInst.dll 2011-07-14 13:18 . 2011-07-14 13:18 76488 ----a-w- c:\windows\system32\RTEEL32A.dll 2011-07-14 13:18 . 2011-07-14 13:18 62664 ----a-w- c:\windows\system32\RTEEG32A.dll 2011-07-14 13:18 . 2011-07-14 13:18 357576 ----a-w- c:\windows\system32\RTEEP32A.dll 2011-07-14 13:18 . 2011-07-14 13:18 3154920 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys 2011-07-14 13:18 . 2011-07-14 13:18 293584 ----a-w- c:\windows\system32\RP3DHT32.dll 2011-07-14 13:18 . 2011-07-14 13:18 293584 ----a-w- c:\windows\system32\RP3DAA32.dll 2011-07-14 13:18 . 2011-07-14 13:18 168648 ----a-w- c:\windows\system32\RTEED32A.dll 2011-07-14 13:18 . 2011-07-14 13:18 1084008 ----a-w- c:\windows\system32\RTSndMgr.cpl 2011-07-14 13:18 . 2011-07-12 00:02 3604584 ----a-w- c:\windows\system32\RtkAPO.dll 2011-07-14 13:18 . 2011-07-14 13:18 96160 ----a-w- c:\windows\system32\AERTARen.dll 2011-07-14 13:18 . 2011-07-14 13:18 299424 ----a-w- c:\windows\system32\FMAPO.dll 2011-07-14 13:18 . 2011-07-14 13:18 175200 ----a-w- c:\windows\system32\AERTACap.dll 2011-07-14 13:13 . 2011-07-14 13:13 1426304 ----a-w- c:\windows\system32\drivers\HCW85BDA.sys 2011-07-14 13:13 . 2011-07-14 13:13 140800 ----a-w- c:\windows\system32\hcw85enc.ax 2011-07-14 13:13 . 2011-07-14 13:13 115712 ----a-w- c:\windows\system32\hcw85prop.ax 2011-07-14 12:58 . 2011-07-14 12:58 9888360 ----a-w- c:\windows\system32\RtsUStoricon.dll 2011-07-14 12:58 . 2011-07-14 12:58 313960 ----a-w- c:\windows\system32\RtsUStor.dll 2011-07-14 12:58 . 2011-07-14 12:58 197224 ----a-w- c:\windows\system32\drivers\RtsUStor.sys 2011-07-12 19:35 . 2011-07-12 19:35 0 ----a-w- c:\windows\system32\ConduitEngine.tmp 2011-07-12 12:40 . 2011-07-12 12:40 86528 ----a-w- c:\windows\system32\iesysprep.dll 2011-07-12 12:40 . 2011-07-12 12:40 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-07-12 12:40 . 2011-07-12 12:40 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-07-12 12:40 . 2011-07-12 12:40 63488 ----a-w- c:\windows\system32\tdc.ocx 2011-07-12 12:40 . 2011-07-12 12:40 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-07-12 12:40 . 2011-07-12 12:40 367104 ----a-w- c:\windows\system32\html.iec 2011-07-12 12:40 . 2011-07-12 12:40 161792 ----a-w- c:\windows\system32\msls31.dll 2011-07-12 12:40 . 2011-07-12 12:40 74752 ----a-w- c:\windows\system32\iesetup.dll 2011-07-12 12:40 . 2011-07-12 12:40 23552 ----a-w- c:\windows\system32\licmgr10.dll 2011-07-12 12:40 . 2011-07-12 12:40 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2011-07-12 12:40 . 2011-07-12 12:40 420864 ----a-w- c:\windows\system32\vbscript.dll 2011-07-12 12:40 . 2011-07-12 12:40 152064 ----a-w- c:\windows\system32\wextract.exe 2011-07-12 12:40 . 2011-07-12 12:40 150528 ----a-w- c:\windows\system32\iexpress.exe 2011-07-12 12:40 . 2011-07-12 12:40 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2011-07-12 12:40 . 2011-07-12 12:40 35840 ----a-w- c:\windows\system32\imgutil.dll 2011-07-12 12:40 . 2011-07-12 12:40 11776 ----a-w- c:\windows\system32\mshta.exe 2011-07-12 12:40 . 2011-07-12 12:40 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-07-12 12:40 . 2011-07-12 12:40 101888 ----a-w- c:\windows\system32\admparse.dll 2011-07-12 12:39 . 2011-07-12 12:39 979456 ----a-w- c:\windows\system32\MFH264Dec.dll 2011-07-12 12:39 . 2011-07-12 12:39 98816 ----a-w- c:\windows\system32\mfps.dll 2011-07-12 12:39 . 2011-07-12 12:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll 2011-07-12 12:39 . 2011-07-12 12:39 302592 ----a-w- c:\windows\system32\mfmp4src.dll 2011-07-12 12:39 . 2011-07-12 12:39 2873344 ----a-w- c:\windows\system32\mf.dll 2011-07-12 12:39 . 2011-07-12 12:39 261632 ----a-w- c:\windows\system32\mfreadwrite.dll 2011-07-12 12:39 . 2011-07-12 12:39 209920 ----a-w- c:\windows\system32\mfplat.dll 2011-07-12 12:39 . 2011-07-12 12:39 586240 ----a-w- c:\windows\system32\stobject.dll 2011-07-12 12:39 . 2011-07-12 12:39 478720 ----a-w- c:\windows\system32\dxgi.dll 2011-07-12 12:39 . 2011-07-12 12:39 135680 ----a-w- c:\windows\system32\XpsRasterService.dll 2011-07-12 12:39 . 2011-07-12 12:39 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe 2011-07-12 12:39 . 2011-07-12 12:39 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2011-07-12 12:39 . 2011-07-12 12:39 37376 ----a-w- c:\windows\system32\cdd.dll 2011-07-12 12:39 . 2011-07-12 12:39 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll 2011-07-12 12:39 . 2011-07-12 12:39 258048 ----a-w- c:\windows\system32\winspool.drv 2011-07-12 12:38 . 2011-07-12 12:38 4096 ----a-w- c:\windows\system32\drivers\nl-NL\dxgkrnl.sys.mui 2011-07-12 12:38 . 2011-07-12 12:38 369664 ----a-w- c:\windows\system32\WMPhoto.dll 2011-07-12 12:38 . 2011-07-12 12:38 252928 ----a-w- c:\windows\system32\dxdiag.exe 2011-07-12 12:38 . 2011-07-12 12:38 195584 ----a-w- c:\windows\system32\dxdiagn.dll 2011-07-12 12:38 . 2011-07-12 12:38 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll 2011-07-12 12:38 . 2011-07-12 12:38 519680 ----a-w- c:\windows\system32\d3d11.dll 2011-07-12 12:38 . 2011-07-12 12:38 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll 2011-07-12 12:38 . 2011-07-12 12:38 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll 2011-07-12 09:20 . 2011-07-12 09:20 50536 ----a-w- c:\windows\system32\jdns_sd.dll 2011-07-12 09:20 . 2011-07-12 09:20 178536 ----a-w- c:\windows\system32\dnssdX.dll 2011-07-12 00:02 . 2007-09-12 19:22 319456 ----a-w- c:\windows\DIFxAPI.dll 2011-07-11 23:14 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2011-07-11 23:14 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2011-07-11 22:02 . 2011-07-11 22:02 81920 ----a-r- c:\users\Walter\AppData\Roaming\Microsoft\Installer\{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}\NewShortcut2_6DD9963C271A4A1482B04DC148C52E58_2.exe 2011-07-11 22:02 . 2011-07-11 22:02 81920 ----a-r- c:\users\Walter\AppData\Roaming\Microsoft\Installer\{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}\NewShortcut1_6DD9963C271A4A1482B04DC148C52E58_2.exe 2011-07-11 22:02 . 2011-07-11 22:02 377344 ----a-w- c:\windows\system32\winhttp.dll 2011-07-11 21:59 . 2011-07-11 21:59 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll 2011-07-11 21:59 . 2011-07-11 21:59 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll 2011-07-11 21:59 . 2011-07-11 21:59 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll 2011-07-11 21:59 . 2011-07-11 21:59 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll 2011-07-11 21:59 . 2011-07-11 21:59 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll 2011-07-11 21:59 . 2011-07-11 21:59 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll 2011-07-11 21:59 . 2011-07-11 21:59 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll 2011-07-11 21:59 . 2011-07-11 21:59 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll 2011-07-11 21:59 . 2011-07-11 21:59 7964672 ----a-w- c:\windows\system32\NlsLexicons0024.dll 2011-07-11 21:59 . 2011-07-11 21:59 6224896 ----a-w- c:\windows\system32\NlsLexicons0027.dll 2011-07-11 21:59 . 2011-07-11 21:59 5791232 ----a-w- c:\windows\system32\NlsLexicons0026.dll 2011-07-11 21:59 . 2011-07-11 21:59 4175872 ----a-w- c:\windows\system32\NlsLexicons0010.dll 2011-07-11 21:59 . 2011-07-11 21:59 2466816 ----a-w- c:\windows\system32\NlsLexicons0011.dll 2011-07-11 21:59 . 2011-07-11 21:59 6781440 ----a-w- c:\windows\system32\NlsLexicons0019.dll 2011-07-11 21:59 . 2011-07-11 21:59 4981248 ----a-w- c:\windows\system32\NlsLexicons0013.dll 2011-07-11 21:59 . 2011-07-11 21:59 3331072 ----a-w- c:\windows\system32\NlsLexicons0018.dll 2011-07-11 21:59 . 2011-07-11 21:59 4164096 ----a-w- c:\windows\system32\NlsLexicons0002.dll 2011-07-11 21:59 . 2011-07-11 21:59 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll 2011-07-11 21:59 . 2011-07-11 21:59 11722752 ----a-w- c:\windows\system32\NlsLexicons0001.dll 2011-06-16 04:50 . 2011-07-11 21:48 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-14 221184] "Nexus"="c:\program files\Winstep\Nexus.exe" [2011-07-05 13283456] "PowerSuite"="c:\program files\Uniblue\PowerSuite\launcher.exe" [2011-01-27 67448] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CCUTRAYICON"="FactoryMode" [X] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536] "KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536] "OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240] "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 71176] "SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-14 81920] "NvSvc"="c:\windows\system32\nvsvc.dll" [2008-01-10 92704] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-01-10 8530464] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-01-10 88608] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168] . c:\users\Walter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Z Cinema.lnk - c:\users\Walter\AppData\Roaming\Microsoft\Installer\{3D1A8E16-10A6-43E0-90BE-0A0474A637A7}\NewShortcut1_3D1A8E1610A643E090BE0A0474A637A7.exe [2011-7-11 172032] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "PromptOnSecureDesktop"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKLM\~\startupfolder\C:^Users^Walter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Mediacontrole Picture Motion Browser.lnk] path=c:\users\Walter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediacontrole Picture Motion Browser.lnk backup=c:\windows\pss\Mediacontrole Picture Motion Browser.lnk.Startup backupExtension=.Startup . [HKLM\~\startupfolder\C:^Users^Walter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Schermopname en Snel starten.lnk] path=c:\users\Walter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk backup=c:\windows\pss\OneNote 2010 Schermopname en Snel starten.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] 2010-03-06 01:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor] 2008-08-08 15:30 16712 ----a-r- c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2011-01-20 09:20 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool] 2009-06-22 23:18 494064 ----a-w- c:\program files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray] 2009-07-24 06:33 240112 ----a-w- c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip] 2007-02-20 09:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696] R2 KMService;KMService;c:\windows\system32\srvany.exe [2011-08-14 8192] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe [2009-07-24 219632] R3 RoxMediaDB12;RoxMediaDB12;c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe [2009-07-24 1116656] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S0 SahdIa32;HDD Filter Driver;c:\windows\System32\Drivers\SahdIa32.sys [2009-06-01 21488] S0 SaibIa32;Volume Filter Driver;c:\windows\System32\Drivers\SaibIa32.sys [2009-06-01 15856] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-07-19 717296] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS [2011-01-27 340088] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS [2011-03-15 744568] S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110812.001\BHDrvx86.sys [2011-07-23 815736] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-22 233024] S1 FldSafe;FldSafe;c:\windows\system32\DRIVERS\FldSafe.sys [2011-08-12 10240] S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110828.030\IDSvix86.sys [2011-08-22 368248] S1 SaibVd32;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVd32.sys [2009-06-01 25584] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS [2011-01-27 136312] S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\NIS\1206000.01D\SYMTDIV.SYS [2011-03-22 331384] S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [2009-06-02 457200] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328] S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896] S2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240] S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008] S2 Winstep Xtreme Service;Winstep Xtreme Service;c:\program files\Winstep\WsxService [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-07-28 105592] S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2011-07-14 1426304] S3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2008-02-26 493568] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2011-07-14 197224] S3 ZCinema_TSHD;ZCinema TruSurround HD driver;c:\windows\system32\drivers\ZCinema_SRS_i386.sys [2007-08-22 18448] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-06-17 10:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=74&bd=Pavilion&pf=desktop uInternet Settings,ProxyOverride = *.local IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Walter\AppData\Roaming\Mozilla\Firefox\Profiles\w1mii9uh.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.bnpparibasfortis.be/private/Start.asp . - - - - ORPHANS VERWIJDERD - - - - . MSConfigStartUp-BCSSync - c:\program files\Microsoft Office\Office14\BCSSync.exe MSConfigStartUp-OfficeSyncProcess - c:\program files\Microsoft Office\Office14\MSOSYNC.EXE . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-08-30 16:44 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Winstep Xtreme Service] "ImagePath"="c:\program files\Winstep\WsxService" . Voltooingstijd: 2011-08-30 16:46:35 ComboFix-quarantined-files.txt 2011-08-30 14:46 . Pre-Run: 308.488.114.176 bytes beschikbaar Post-Run: 308.499.308.544 bytes beschikbaar . - - End Of File - - 6D9193FE7DC3C38698F2B6A935B5C83D
  12. casc
    Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Databaseversie: 7609 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 30/08/2011 15:06:26 mbam-log-2011-08-30 (15-06-26).txt Scantype: Volledige scan (C:\|D:\|L:\|) Objecten gescand: 402619 Verstreken tijd: 1 uur/uren, 24 minuut/minuten, 26 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) ---------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:16:14, on 30/08/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Winstep\Nexus.exe C:\Windows\system32\schtasks.exe C:\Program Files\Logitech\Z Cinema\Z Cinema.exe C:\WINDOWS\System32\rundll32.exe C:\Windows\system32\conime.exe C:\hp\kbd\kbd.exe C:\Program Files\Uniblue\PowerSuite\powersuite.exe C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe C:\Program Files\BitTorrent\BitTorrent.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10v_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [sunJavaUpdateReg] "C:\Windows\system32\jureg.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKCU\..\Run: [Nexus] C:\Program Files\Winstep\Nexus.exe autostart O4 - HKCU\..\Run: [PowerSuite] "C:\Program Files\Uniblue\PowerSuite\launcher.exe" delay 20000 -m O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Z Cinema.lnk = ? O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: RoxMediaDB12 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Winstep Xtreme Service - Unknown owner - C:\Program.exe (file missing) -- End of file - 8817 bytes
  13. casc
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:47:46, on 30/08/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Winstep\Nexus.exe C:\Windows\system32\schtasks.exe C:\Program Files\Logitech\Z Cinema\Z Cinema.exe C:\WINDOWS\System32\rundll32.exe C:\Windows\system32\conime.exe C:\hp\kbd\kbd.exe C:\Program Files\Uniblue\PowerSuite\powersuite.exe C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10v_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskeng.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file) O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [sunJavaUpdateReg] "C:\Windows\system32\jureg.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKCU\..\Run: [Nexus] C:\Program Files\Winstep\Nexus.exe autostart O4 - HKCU\..\Run: [PowerSuite] "C:\Program Files\Uniblue\PowerSuite\launcher.exe" delay 20000 -m O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Z Cinema.lnk = ? O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: RoxMediaDB12 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Winstep Xtreme Service - Unknown owner - C:\Program.exe (file missing) -- End of file - 9194 bytes
  14. casc
    hier de laatste 5 foutmeldingen Dump File : Mini082811-02.dmp Crash Time : 28/08/2011 16:52:50 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x10000050 Parameter 1 : 0xc4602000 Parameter 2 : 0x00000000 Parameter 3 : 0x96a01184 Parameter 4 : 0x00000000 Caused By Driver : FldSafe.sys Caused By Address : FldSafe.sys+17ba File Description : Scanner Filter Product Name : Windows ® Win 7 DDK driver Company : Windows ® Win 7 DDK provider File Version : 6.1.7600.16385 built by: WinDDK Processor : 32-bit Crash Address : FldSafe.sys+1184 Stack Address 1 : FldSafe.sys+17ba Stack Address 2 : FldSafe.sys+1872 Stack Address 3 : FldSafe.sys+1a00 Computer Name : Full Path : C:\Windows\Minidump\Mini082811-02.dmp Processors Count : 4 Major Version : 15 Minor Version : 6002 Dump File Size : 144.181 ================================================== Dump File : Mini082811-01.dmp Crash Time : 28/08/2011 13:21:01 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x10000050 Parameter 1 : 0xc114f000 Parameter 2 : 0x00000000 Parameter 3 : 0x95fdd184 Parameter 4 : 0x00000000 Caused By Driver : FldSafe.sys Caused By Address : FldSafe.sys+17ba File Description : Scanner Filter Product Name : Windows ® Win 7 DDK driver Company : Windows ® Win 7 DDK provider File Version : 6.1.7600.16385 built by: WinDDK Processor : 32-bit Crash Address : FldSafe.sys+1184 Stack Address 1 : FldSafe.sys+17ba Stack Address 2 : FldSafe.sys+1872 Stack Address 3 : FldSafe.sys+1a00 Computer Name : Full Path : C:\Windows\Minidump\Mini082811-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 6002 Dump File Size : 144.181 ================================================== Dump File : Mini082711-02.dmp Crash Time : 27/08/2011 20:47:22 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x10000050 Parameter 1 : 0xbfe82000 Parameter 2 : 0x00000000 Parameter 3 : 0x91325184 Parameter 4 : 0x00000000 Caused By Driver : FldSafe.sys Caused By Address : FldSafe.sys+17ba File Description : Scanner Filter Product Name : Windows ® Win 7 DDK driver Company : Windows ® Win 7 DDK provider File Version : 6.1.7600.16385 built by: WinDDK Processor : 32-bit Crash Address : FldSafe.sys+1184 Stack Address 1 : FldSafe.sys+17ba Stack Address 2 : FldSafe.sys+1872 Stack Address 3 : FldSafe.sys+1a00 Computer Name : Full Path : C:\Windows\Minidump\Mini082711-02.dmp Processors Count : 4 Major Version : 15 Minor Version : 6002 Dump File Size : 144.181 ================================================== ================================================== Dump File : Mini082711-01.dmp Crash Time : 27/08/2011 16:31:52 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x10000050 Parameter 1 : 0xc56b4000 Parameter 2 : 0x00000000 Parameter 3 : 0x90d59184 Parameter 4 : 0x00000000 Caused By Driver : FldSafe.sys Caused By Address : FldSafe.sys+17ba File Description : Scanner Filter Product Name : Windows ® Win 7 DDK driver Company : Windows ® Win 7 DDK provider File Version : 6.1.7600.16385 built by: WinDDK Processor : 32-bit Crash Address : FldSafe.sys+1184 Stack Address 1 : FldSafe.sys+17ba Stack Address 2 : FldSafe.sys+1872 Stack Address 3 : FldSafe.sys+1a00 Computer Name : Full Path : C:\Windows\Minidump\Mini082711-01.dmp Processors Count : 4 Major Version : 15 Minor Version : 6002 Dump File Size : 144.181 ================================================== Dump File : Mini082611-02.dmp Crash Time : 26/08/2011 21:02:39 Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA Bug Check Code : 0x10000050 Parameter 1 : 0xe8a0b000 Parameter 2 : 0x00000000 Parameter 3 : 0x92304184 Parameter 4 : 0x00000000 Caused By Driver : FldSafe.sys Caused By Address : FldSafe.sys+17ba File Description : Scanner Filter Product Name : Windows ® Win 7 DDK driver Company : Windows ® Win 7 DDK provider File Version : 6.1.7600.16385 built by: WinDDK Processor : 32-bit Crash Address : FldSafe.sys+1184 Stack Address 1 : FldSafe.sys+17ba Stack Address 2 : FldSafe.sys+1872 Stack Address 3 : FldSafe.sys+1a00 Computer Name : Full Path : C:\Windows\Minidump\Mini082611-02.dmp Processors Count : 4 Major Version : 15 Minor Version : 6002 Dump File Size : 144.213 ==================================================
  15. casc
    Hallo ik zit met een vervelend probleem, als ik een tijdje op mijn pc werk (een tijd staat er niet op) krijg ik plots een blauw scherm en herstart mijn pc vanzelf. kan iemand me helpen om dat probleem op te lossen Ps: mijn besturing is vista Mvg
  16. casc
    bedankt Angel voor deze tip, ik ga het zeker uitproberen ---------- Post toegevoegd om 21:08 ---------- Vorige post was om 20:58 ---------- nog een vraagje Angel, ik het nog 2 schijven worden die dan ook gedefragmenteerd of is dat enkel de C schijf mvg
  17. casc
    heb al verschillende keren geplande defragmentetie ingevuld maar wat blijkt nu, dat werk niet en als ik kijk naar de instelling staat er bij volgende keer uivoeren: nooit uur (zie bijlage). wat is daar de reden voor en kan er mij iemand mij helpen zodat er toch automatisch gedeframenteerd word mvg
  18. casc
    Kape ik heb de map leeg gemaakt en een scan uitgevoerd met WD en bij wonder kwam er geen foutmelding meer dus ik denk dat het opgelost is. mijn dank voor deze tip Grtz
  19. casc
    Hier is de inhoud van de eerste foutmelding van Windows Defender Logboeknaam: System Bron: Microsoft-Windows-Windows Defender Datum: 2/05/2008 16:50:54 Gebeurtenis-id:5008 Taakcategorie: Geen Niveau: Fout Trefwoorden: Klassiek Gebruiker: n.v.t. Computer: PC_van_walter Beschrijving: Windows Defender engine is beëindigd als gevolg van een onverwachte fout. Type fout: Crash Uitzonderingscode: 0xc0000005 Bron: file:C:\Users\walter\AppData\Roaming\Microsoft\Windows\Cookies\Low\walter@search.yahoo[1].txt Gebeurtenis-XML: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Windows Defender" Guid="{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}" EventSourceName="WinDefend" /> <EventID Qualifiers="0">5008</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2008-05-02T14:50:54.000Z" /> <EventRecordID>41278</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>System</Channel> <Computer>PC_van_walter</Computer> <Security /> </System> <EventData> <Data Name="Product Name">%%827</Data> <Data Name="Product Version">1.1.1600.0</Data> <Data Name="Resource">file:C:\Users\walter\AppData\Roaming\Microsoft\Windows\Cookies\Low\walter@search.yahoo[1].txt</Data> <Data Name="Failure Type Index">2</Data> <Data Name="Failure Type">%%830</Data> <Data Name="Exception code">0xc0000005</Data> </EventData> </Event>
  20. casc
    de pc is nieuw van december 2007, ik werk met vista dus windows Defender stond daar al op en heb dan ook meteen norton geinstaleerd en nooit last gehad tot over enkele dagen Grtz
  21. casc
    heb de pc al van december is het dan normaal dat er nu foutmeldingen komt met Windows Defender Grtz
  22. casc
    Versie windows Defender is 1.1.1600.0 en heb maar 1 anti-virusprogramma en dat is Norton Grtz
  23. casc
    wie kan me helpen met de volgende problemen als ik een scan uitvoer met windows defender krijg ik de volgende foutmelding: er is een fout in windows defender opgetreden: 0x800703eb. Kan deze functie niet voltooien daarna: Hostproces voor windows services werkt niet meer en is gesloten dank bij voorbaat casc
  24. casc
    ik gebruik het pragramma niet en heb het dus verwijderd, en het lijkt wel dat het probleem opgelost is. nog eens bedankt voor alle hulp mvg casc
  25. casc
    dit krijg ik te zien als ik het met unlocker wil verwijderen mvg
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.