Ga naar inhoud

iyuna

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    10

  • Registratiedatum

  • Laatst bezocht

iyuna's prestaties

Groentje

Groentje (2/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. iyuna
    Alles uitgevoerd zoals gevraagd. Jammer maar helaas...
  2. iyuna
    Hierzo, http://speccy.piriform.com/results/5vI5ZVTDaVNfcSMVvG62kfy Soluto heeft de PC al iets versneld bij het opstarten maar bij het gewoon werken blijft het nagelbijtend. Groeten
  3. iyuna
    @Kape: de PC werkt no altijd tergend traag. @Asus: Ik kan me niet herinneren dat de PC nog maar 5 min. aktief was. Ik meen me te herinneren dat hij al enkele uren op was en dat ik me terug mateloos aan het ergeren was en zo jullie gecontacteerd heb. Waarschijnlijk een herstart?! Maar als jullie het nodig vinden wil ik alsnog die zelfde actie eens overdoen. Gelieve te comfirmeren a.u.b. Alvast bedankt voor alle moeite. Groeten.
  4. iyuna
    Hierbij de gevraagde logfile: ComboFix 12-01-21.02 - Pieter&Hilde 22/01/2012 17:35:26.3.4 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3063.1952 [GMT 1:00] Gestart vanuit: c:\users\Pieter&Hilde\Desktop\ComboFix1.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Pieter&Hilde\AppData\Local\temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll c:\users\PIETER~1\AppData\Local\Temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-22 to 2012-01-22 )))))))))))))))))))))))))))))) . . 2012-01-22 16:41 . 2012-01-22 16:52 -------- d-----w- c:\users\Pieter&Hilde\AppData\Local\temp 2012-01-22 16:41 . 2012-01-22 16:41 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-22 16:22 . 2012-01-06 04:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C116276E-0D46-4C27-8C5D-60BF9EC3AF7B}\mpengine.dll ERROR(0x00000005) 2012-01-22 15:29 . 2012-01-22 15:29 -------- d-----w- c:\users\Pieter&Hilde\AppData\Local\Diagnostics 2012-01-13 07:08 . 2011-11-17 05:41 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-13 07:08 . 2011-11-17 05:41 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-01-13 07:08 . 2011-11-17 05:39 369352 ----a-w- c:\windows\system32\drivers\cng.sys 2012-01-13 07:08 . 2011-11-17 05:34 224768 ----a-w- c:\windows\system32\schannel.dll 2012-01-13 07:08 . 2011-11-17 05:32 1038848 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-13 07:08 . 2011-11-17 05:35 314880 ----a-w- c:\windows\system32\webio.dll 2012-01-13 07:08 . 2011-11-17 05:34 15872 ----a-w- c:\windows\system32\sspisrv.dll 2012-01-13 07:08 . 2011-11-17 05:34 100352 ----a-w- c:\windows\system32\sspicli.dll 2012-01-13 07:08 . 2011-11-17 05:34 22016 ----a-w- c:\windows\system32\secur32.dll 2012-01-13 07:08 . 2011-11-17 05:29 22528 ----a-w- c:\windows\system32\lsass.exe 2012-01-11 13:47 . 2012-01-11 13:47 -------- d-----w- c:\users\Pieter&Hilde\AppData\Roaming\Malwarebytes 2012-01-11 13:44 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-11 13:44 . 2012-01-11 13:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-01-11 12:03 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll 2012-01-11 12:03 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll 2012-01-11 12:03 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll 2012-01-11 12:03 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll 2012-01-10 18:24 . 2012-01-10 18:24 388096 ----a-r- c:\users\Pieter&Hilde\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-10 18:24 . 2012-01-10 18:24 -------- d-----w- c:\program files\Trend Micro 2012-01-10 17:40 . 2012-01-10 18:01 -------- d-----w- c:\program files\Speccy 2012-01-10 16:28 . 2012-01-10 16:28 -------- d-----w- c:\program files\DriverFinder 2012-01-10 16:25 . 2012-01-10 16:28 -------- d-----w- c:\users\Pieter&Hilde\AppData\Roaming\DriverFinder 2012-01-09 14:45 . 2012-01-09 14:45 -------- d-----w- c:\users\Pieter&Hilde\AppData\Local\PackageAware 2012-01-03 13:09 . 2012-01-03 13:19 1688 ----a-w- c:\windows\system32\ASOROSet.bin 2012-01-03 12:23 . 2012-01-03 12:23 -------- d-----w- c:\users\Pieter&Hilde\AppData\Roaming\Systweak 2012-01-03 12:23 . 2012-01-03 12:23 -------- d-----w- c:\program files\RegClean Pro . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-06 04:19 . 2011-10-23 08:16 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll ERROR(0x00000005) 2011-12-02 13:03 . 2011-12-02 13:03 158056 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin ERROR(0x00000005) 2011-11-24 04:25 . 2011-12-15 17:41 2342912 ----a-w- c:\windows\system32\win32k.sys 2011-11-13 09:47 . 2011-11-13 09:47 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-05 04:26 . 2011-12-15 17:41 2048 ----a-w- c:\windows\system32\tzres.dll 2011-11-03 22:47 . 2011-12-15 18:02 1798144 ----a-w- c:\windows\system32\jscript9.dll 2011-11-03 22:40 . 2011-12-15 18:02 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-03 22:39 . 2011-12-15 18:02 1127424 ----a-w- c:\windows\system32\wininet.dll 2011-11-03 22:31 . 2011-12-15 18:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-10-26 04:47 . 2011-12-15 17:41 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-26 04:47 . 2011-12-15 17:41 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 04:28 . 2011-12-15 17:41 38912 ----a-w- c:\windows\system32\csrsrv.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-01-04 21392] "KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-01-04 937872] "Spotify"="c:\users\Pieter&Hilde\AppData\Roaming\Spotify\Spotify.exe" [2012-01-21 4027056] "DriverFinder"="c:\program files\DriverFinder\DriverFinder.exe" [2011-07-18 5515464] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-04 7703072] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "IsaKbcCertUpdate"="c:\program files\Common Files\Isabel\isa_kbc_certupdate.exe" [2010-07-06 1023576] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-01-04 3508624] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders credssp.dll, schannel.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-11-23 136176] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872] R3 cpuz135;cpuz135;c:\users\PIETER~1\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-11-23 136176] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-21 1343400] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336] S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-08-21 66592] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 121064] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2012-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-11-23 07:01] . 2012-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-11-23 07:01] . 2012-01-22 c:\windows\Tasks\RegClean Pro_DEFAULT.job - c:\program files\RegClean Pro\RegCleanPro.exe [2012-01-03 10:52] . 2012-01-11 c:\windows\Tasks\RegClean Pro_UPDATES.job - c:\program files\RegClean Pro\RegCleanPro.exe [2012-01-03 10:52] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000 Trusted Zone: kbc.be\www Trusted Zone: cbc.be\cbc-pdf Trusted Zone: cbc.be\cbconline Trusted Zone: cbc.be\static Trusted Zone: cbc.be\www Trusted Zone: cbc.eu\www Trusted Zone: isabel.be\*.IBS6 Trusted Zone: isabel.be\gotoIBS6 Trusted Zone: isabel.be\pki Trusted Zone: isabel.be\www Trusted Zone: isabel.eu\upgrade Trusted Zone: isabel.eu\www Trusted Zone: kbc.be\kbc-pdf Trusted Zone: kbc.be\kbconline Trusted Zone: kbc.be\static Trusted Zone: kbc.be\www Trusted Zone: kbc.com\www Trusted Zone: kbc.eu\www Trusted Zone: kbcam.be\www Trusted Zone: kbcam.com\www Trusted Zone: kbcbankingforbusiness.com\www Trusted Zone: kbcgroup.eu\multimediafiles Trusted Zone: kbcgroup.eu\www Trusted Zone: kbcmerchantbanking.com\www TCP: DhcpNameServer = 192.168.1.1 . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe c:\windows\system32\nvvsvc.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe c:\windows\system32\PSIService.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\TeamViewer\Version6\TeamViewer.exe c:\windows\system32\taskhost.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\conhost.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\HP\Digital Imaging\bin\hpqbam08.exe c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Voltooingstijd: 2012-01-22 17:53:58 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-22 16:53 ComboFix2.txt 2012-01-13 06:36 . Pre-Run: 884.202.147.840 bytes beschikbaar Post-Run: 884.269.350.912 bytes beschikbaar . - - End Of File - - 9511A662E78E5239B81D22712CBF19AC
  5. iyuna
    Uiteindelijk toch gelukt! ComboFix 12-01-12.04 - Pieter&Hilde 12/01/2012 23:18:36.2.4 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3063.1952 [GMT 1:00] Gestart vanuit: c:\users\Pieter&Hilde\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Pieter&Hilde\AppData\Local\Temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll c:\users\PIETER~1\AppData\Local\Temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll c:\windows\system32\roboot.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-13 to 2012-01-13 )))))))))))))))))))))))))))))) . . 2012-01-12 22:26 . 2012-01-13 06:35 -------- d-----w- c:\users\Pieter&Hilde\AppData\Local\temp 2012-01-12 22:26 . 2012-01-12 22:26 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-12 17:09 . 2012-01-12 17:09 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F6529194-44E2-49E7-A396-ABB95807B7BA}\MpKsl64310b37.sys ERROR(0x00000005) 2012-01-12 17:09 . 2012-01-12 22:27 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F6529194-44E2-49E7-A396-ABB95807B7BA}\offreg.dll ERROR(0x00000005) 2012-01-12 16:18 . 2011-11-21 10:47 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F6529194-44E2-49E7-A396-ABB95807B7BA}\mpengine.dll ERROR(0x00000005) 2012-01-11 13:47 . 2012-01-11 13:47 -------- d-----w- c:\users\Pieter&Hilde\AppData\Roaming\Malwarebytes 2012-01-11 13:44 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-11 13:44 . 2012-01-11 13:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-01-11 12:03 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll 2012-01-11 12:03 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll 2012-01-11 12:03 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll 2012-01-11 12:03 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll 2012-01-10 18:24 . 2012-01-10 18:24 388096 ----a-r- c:\users\Pieter&Hilde\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-10 18:24 . 2012-01-10 18:24 -------- d-----w- c:\program files\Trend Micro 2012-01-10 17:40 . 2012-01-10 18:01 -------- d-----w- c:\program files\Speccy 2012-01-10 16:28 . 2012-01-10 16:28 -------- d-----w- c:\program files\DriverFinder 2012-01-10 16:25 . 2012-01-10 16:28 -------- d-----w- c:\users\Pieter&Hilde\AppData\Roaming\DriverFinder 2012-01-09 14:45 . 2012-01-09 14:45 -------- d-----w- c:\users\Pieter&Hilde\AppData\Local\PackageAware 2012-01-03 13:09 . 2012-01-03 13:19 1688 ----a-w- c:\windows\system32\ASOROSet.bin 2012-01-03 12:23 . 2012-01-03 12:23 -------- d-----w- c:\users\Pieter&Hilde\AppData\Roaming\Systweak 2012-01-03 12:23 . 2012-01-03 12:23 -------- d-----w- c:\program files\RegClean Pro 2011-12-15 18:00 . 2011-12-15 18:00 -------- d-sh--w- c:\windows\system32\%APPDATA% 2011-12-15 17:41 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys 2011-12-15 17:41 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll 2011-12-15 17:41 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-15 17:41 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll 2011-12-15 17:41 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-12-15 17:41 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-02 13:03 . 2011-12-02 13:03 158056 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin ERROR(0x00000005) 2011-11-21 10:47 . 2011-10-23 08:16 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll ERROR(0x00000005) 2011-11-13 09:47 . 2011-11-13 09:47 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-19 20:26 . 2011-10-19 20:26 703824 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A73FBF20-5B52-41B7-8280-86778CC79CBE}\gapaengine.dll ERROR(0x00000005) 2011-10-18 21:17 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2011-10-18 20:54 . 2011-10-18 20:54 86528 ----a-w- c:\windows\system32\iesysprep.dll 2011-10-18 20:54 . 2011-10-18 20:54 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-10-18 20:54 . 2011-10-18 20:54 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-10-18 20:54 . 2011-10-18 20:54 74752 ----a-w- c:\windows\system32\iesetup.dll 2011-10-18 20:54 . 2011-10-18 20:54 63488 ----a-w- c:\windows\system32\tdc.ocx 2011-10-18 20:54 . 2011-10-18 20:54 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-10-18 20:54 . 2011-10-18 20:54 420864 ----a-w- c:\windows\system32\vbscript.dll 2011-10-18 20:54 . 2011-10-18 20:54 367104 ----a-w- c:\windows\system32\html.iec 2011-10-18 20:54 . 2011-10-18 20:54 35840 ----a-w- c:\windows\system32\imgutil.dll 2011-10-18 20:54 . 2011-10-18 20:54 23552 ----a-w- c:\windows\system32\licmgr10.dll 2011-10-18 20:54 . 2011-10-18 20:54 161792 ----a-w- c:\windows\system32\msls31.dll 2011-10-18 20:54 . 2011-10-18 20:54 152064 ----a-w- c:\windows\system32\wextract.exe 2011-10-18 20:54 . 2011-10-18 20:54 150528 ----a-w- c:\windows\system32\iexpress.exe 2011-10-18 20:54 . 2011-10-18 20:54 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2011-10-18 20:54 . 2011-10-18 20:54 11776 ----a-w- c:\windows\system32\mshta.exe 2011-10-18 20:54 . 2011-10-18 20:54 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-10-18 20:54 . 2011-10-18 20:54 101888 ----a-w- c:\windows\system32\admparse.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-01-04 21392] "KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-01-04 937872] "Spotify"="c:\users\Pieter&Hilde\AppData\Roaming\Spotify\Spotify.exe" [2011-12-21 4010160] "DriverFinder"="c:\program files\DriverFinder\DriverFinder.exe" [2011-07-18 5515464] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-04 7703072] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "IsaKbcCertUpdate"="c:\program files\Common Files\Isabel\isa_kbc_certupdate.exe" [2010-07-06 1023576] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-01-04 3508624] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders credssp.dll, schannel.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R1 MpKsl54640daa;MpKsl54640daa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3C744807-CFC3-4DE8-AC6F-DDDB2997F6E4}\MpKsl54640daa.sys [x] R1 MpKslc845af14;MpKslc845af14;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3C744807-CFC3-4DE8-AC6F-DDDB2997F6E4}\MpKslc845af14.sys [x] R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] R2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-11-23 136176] R3 cpuz135;cpuz135;c:\users\PIETER~1\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-11-23 136176] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 121064] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-21 1343400] S1 MpKsl64310b37;MpKsl64310b37;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6529194-44E2-49E7-A396-ABB95807B7BA}\MpKsl64310b37.sys [2012-01-12 29904] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872] S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-08-21 66592] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-11-23 07:01] . 2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-11-23 07:01] . 2012-01-12 c:\windows\Tasks\RegClean Pro_DEFAULT.job - c:\program files\RegClean Pro\RegCleanPro.exe [2012-01-03 10:52] . 2012-01-11 c:\windows\Tasks\RegClean Pro_UPDATES.job - c:\program files\RegClean Pro\RegCleanPro.exe [2012-01-03 10:52] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000 Trusted Zone: kbc.be\www Trusted Zone: cbc.be\cbc-pdf Trusted Zone: cbc.be\cbconline Trusted Zone: cbc.be\static Trusted Zone: cbc.be\www Trusted Zone: cbc.eu\www Trusted Zone: isabel.be\*.IBS6 Trusted Zone: isabel.be\gotoIBS6 Trusted Zone: isabel.be\pki Trusted Zone: isabel.be\www Trusted Zone: isabel.eu\upgrade Trusted Zone: isabel.eu\www Trusted Zone: kbc.be\kbc-pdf Trusted Zone: kbc.be\kbconline Trusted Zone: kbc.be\static Trusted Zone: kbc.be\www Trusted Zone: kbc.com\www Trusted Zone: kbc.eu\www Trusted Zone: kbcam.be\www Trusted Zone: kbcam.com\www Trusted Zone: kbcbankingforbusiness.com\www Trusted Zone: kbcgroup.eu\multimediafiles Trusted Zone: kbcgroup.eu\www Trusted Zone: kbcmerchantbanking.com\www TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - c:\program files\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4} AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe c:\windows\system32\nvvsvc.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe c:\windows\system32\PSIService.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\taskhost.exe c:\program files\TeamViewer\Version6\TeamViewer.exe c:\windows\system32\conhost.exe c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\HP\Digital Imaging\bin\hpqbam08.exe c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe . ************************************************************************** . Voltooingstijd: 2012-01-13 07:36:28 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-13 06:36 . Pre-Run: 882.736.820.224 bytes beschikbaar Post-Run: 882.799.648.768 bytes beschikbaar . - - End Of File - - FFF3888B4B5C1E87CDC15ED002BD1BDD
  6. iyuna
    Heb ik al gedaan beschreven zoals hierboven(te vinden als C:\ComboFix.txt). Heb het al geprobeerd met de zoekfunctie maar helaas...
  7. iyuna
    De logfile vind ik nergens terug.
  8. iyuna
    De PC vertraagt hoe langer hoe meer. Opstarten duurt nu ongeveer 20 min. Hieronder de gevraagde logfiles. Bedankt alvast voor de hulp. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:22:33, on 11/01/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\TeamViewer\Version6\TeamViewer.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [isaKbcCertUpdate] C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [spotify] "C:\Users\Pieter&Hilde\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [DriverFinder] C:\Program Files\DriverFinder\DriverFinder.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM) O15 - Trusted Zone: CBC (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM) O15 - Trusted Zone: KBC (HKLM) O15 - Trusted Zone: KBC Asset Management (HKLM) O15 - Trusted Zone: http://www.kbcam.com (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- End of file - 7641 bytes Malwarebytes Anti-Malware (-evaluatieversie-) 1.60.0.1800 www.malwarebytes.org Databaseversie: v2012.01.11.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Pieter&Hilde :: PPC-POTTIE [administrator] Realtime bescherming: Ingeschakeld 11/01/2012 14:52:55 mbam-log-2012-01-11 (14-52-55).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 176718 Verstreken tijd: 18 minuut/minuten, 19 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\$RECYCLE.BIN\S-1-5-21-4084907728-1860407585-2747387890-1000\$R1654G1.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  9. iyuna
    http://speccy.piriform.com/results/yL4wVq7zz0jREuc7RvBtJ5R Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:32:25, on 10/01/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\prxtbuTor.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: uTorrentBar_NL - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\prxtbuTor.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\prxtbuTor.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [isaKbcCertUpdate] C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [spotify] "C:\Users\Pieter&Hilde\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [DriverFinder] C:\Program Files\DriverFinder\DriverFinder.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 O9 - Extra button: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM) O15 - Trusted Zone: CBC (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM) O15 - Trusted Zone: KBC (HKLM) O15 - Trusted Zone: KBC Asset Management (HKLM) O15 - Trusted Zone: http://www.kbcam.com (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- End of file - 8652 bytes
  10. iyuna
    Ik heb een Medion PC, ik schat nu zo'n 2 a 3 jaar oud)met Windows 7. Al een tijdje heb ik bij verschillende(zoniet alle) programma's een enorme vertraging bij iedere muisklik ik doe om één of andere verrichting uit te voeren. Is dit een software- of hardwareprobleem en wat is eraan te doen?
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.