Guy9910

Lid

Bekijk profiel Bekijk hun activiteit

Items
31
Registratiedatum
7 februari 2012
Laatst bezocht
26 februari 2012

Inhoudstype

Alle activiteit

Profielen

Forums

Store

Product Reviews

Alles dat geplaatst werd door Guy9910

Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Ik heb vroeger al een melding gedaan bij Brother omdat het probleem zich steeds voordoet bij het afdrukken. Dit is hun reactie : Geachte heer, Het bestand cycpdxo.sys is geen bestand van Brother. Wijhebben op de verschillende Windows 7 systemen (x32/x64) op onze helpdeskgecontroleerd en hebben dit bestand niet gevonden ondanks dat de MFC-6490CW oponze PC's is geïnstalleerd. Steeds tot uw dienst Brother Helpdesk +32 2 467 43 33 -----Oorspronkelijk bericht----- Van: Guy "][mailto:Guy@a***ine.be] Verzonden: vrijdag 20 januari 2012 12:26 Aan: Support (Brother Belgium) Onderwerp: RE: Track 0008272668 Ik heb (enkel) bij hetafdrukken Beste, Ik gebruik Windows 7 In bijlage vindt u het gevraagde bestand. Mvg, Guy De Boeck -----Oorspronkelijk bericht----- Van: support@brother.be "][mailto:support@brother.be] Verzonden: vrijdag 20 januari 2012 10:59 Aan: guy@a***ine.be Onderwerp: RE: Track 0008272668 Ik heb (enkel) bij hetafdrukken Geachte heer, Welke versie van Windows gebruikt u (2000/XP/Vista/7)? Zou het mogelijk zijn ons het bestand 011912-26629-01.dmptoe te sturen? Steeds tot uw dienst Brother Helpdesk +32 2 467 43 33 -----Oorspronkelijk bericht----- Van: guy@a***ine.be "][mailto:guy@a***ine.be] Verzonden: donderdag 19 januari 2012 20:38 Aan: Support (Brother Belgium) Onderwerp: Track 0008272668 Ik heb (enkel) bij hetafdrukken ************************** Van: guy@a***ine.be Land: BE Taal: NL Categorie vraag: Productgerelateerd Model: MFC6490CW Serienummer: J0F388520 Voornaam: Guy Achternaam: De Boeck Telefoonnummer: Uw vraag: Ik heb (enkel) bij het afdrukken regelmatig een bluescreen. Kan u me zeggen wat ik moet doen ? Hieronder vindt u een rapport van de foutmelding (steedshetzelfde) Crash Dump Analysis -------------------------------------------------------------------------------- Crash dump directory: C:\Windows\Minidump Crash dumps are enabled on your computer. On Thu 19/01/2012 19:25:36 GMT your computer crashedcrash dump file: C:\Windows\Minidump\011912-26629-01.dmp This was probably caused by the following module:cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFBC6F3000, 0x2, 0x0,0xFFFFFFFF83AB2CCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys ************************** ---------- Post toegevoegd om 09:44 ---------- Vorige post was om 09:42 ---------- Daarna ook bij Asus geprobeerd maar vind hun voorstel te drastisch : Geachte heer De Boeck, Bedankt voor uw email. In dit geval zou ik u willen adviseren om het notebook terug te zetten naar defabrieksinstellingen. Dit kunt u doen door gebruik te maken van de recovery partitie. Hiervoor bent u dus verder geen dvd's nodig. Om de recovery door te voeren drukt u veelvuldig op F9 nadat u het notebookaanzet. Nu komt u in een Windows Boot/ Preload Wizard in welke u alleen op enter hoeftte drukken om het recovery menu te laden. En hier vannuit kunt u het notebook terug zetten naar de fabrieksinstellingen. Dit zou dan uiteindelijk het probleem moeten oplossen. Houdt er wel rekening mee dat alle gegevens verloren gaan tijdens een recovery. Ik hoop u hierbij voldoende te hebben geinformeerd. Vriendelijke groet/ Kind regards, Asus TSD. Pierre Kotlarski ---------- Original Message ---------- From : guy@a***ine.be Sent : 20-1-2012 16:30:59 To : "tsd@asus.com.tw" Subject : <TSD> Notebook K70IJ [CASEID=WTM2012012101701583] Apply date : 1/20/2012 4:17:00 PM(UTC Time) [Contact Information] *Name : A***ine bvba *Email Address : guy@a***ine.be Phone Number : City : Ursel *Country : Belgium (netherlands)[belgië (Nederlands)] [Product Information] *Product Type : Notebook *Product Model : K70IJ *Product S/N : 98N0AS47356034C Place of Purchase : Fast Act *Date of Purchase : 2009/9/12 *Operating System : Windows 7 32bit [Problem Description] Aangezien Microsoft deze door u aangeboden software niet ondersteunt, richt ikmij tot u voor volgend probleem. Ik krijg regelmatig een blue screen en bij een analyse van de crash dump krijgik volgende meededeling : Crash Dump Analysis -------------------------------------------------------------------------------- Crash dump directory: C:\Windows\Minidump Crash dumps are enabled on your computer. On Thu 19/01/2012 19:25:36 GMT your computer crashed crash dump file: C:\Windows\Minidump\011912-26629-01.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFBC6F3000, 0x2, 0x0, 0xFFFFFFFF83AB2CCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search onits name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted toaccess pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be causedby a hardware problem. A third party driver was identified as the probable root cause of this systemerror. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL Graag uw mening hieromtrent aub Mvg, Guy De Boeck ---------- Post toegevoegd om 09:49 ---------- Vorige post was om 09:44 ---------- Ik had ook al geprobeerd om bij Microsoft een oplossing te vinden maar dat lukte niet omdat de software niet origineel is. Ik heb deze laptop gekocht met Vista en heb later ( door een actie van Asus ) een upgrade kunnen doen naar Windows 7 Ik weet niet of je hier enig nut aan hebt maar ik wou het je toch laten weten.
- 18 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

[TABLE=class: top left] [TR] [TD=width: 100]Bij de eerste scan blue screen en ja hoor ... cyc... is terug ( staat nog steeds op de locatie) On Sat 18/02/2012 8:03:17 GMT your computer crashed crash dump file: C:\Windows\Minidump\021812-27471-01.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFE8820000, 0x2, 0x0, 0xFFFFFFFF83B1ECCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys 2e scan ... Bestandsnaam:[/TD] [TD=width: *] ntkrnlpa.exe[/TD] [/TR] [TR] [TD] Status:[/TD] [TD]Scan voltooid. 0 uit 20 scanners vonden malware. [/TD] [/TR] [TR] [TD]Scan genomen op: [/TD] [TD]za 14 jan 2012 02:10:04 (CET) Permalink[/TD] [/TR] [/TABLE] ---------- Post toegevoegd om 09:22 ---------- Vorige post was om 09:20 ---------- Weet niet hoe het komt dat vorig bericht in kolommen staat :-o
- 18 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Toch wel : System Information (local) computer name: GUY-LAPTOP windows version: Windows 7 Service Pack 1, 6.1, build: 7601 windows dir: C:\Windows CPU: GenuineIntel Pentium® Dual-Core CPU T4200 @ 2.00GHz Intel586, level: 6 2 logical processors, active mask: 3 RAM: 3184615424 total VM: 2147352576, free: 1968132096 Crash Dump Analysis Crash dump directory: C:\Windows\Minidump Crash dumps are enabled on your computer. On Thu 16/02/2012 20:52:17 GMT your computer crashed crash dump file: C:\Windows\Minidump\021612-27440-01.dmp This was probably caused by the following module: ntkrnlpa.exe (nt+0xDEEF4) Bugcheck code: 0xC000021A (0xFFFFFFFF99FE0970, 0x1, 0xFFFFFFFFC0000001, 0x100454) Error: STATUS_SYSTEM_PROCESS_TERMINATED file path: C:\Windows\system32\ntkrnlpa.exe product: Microsoft® Windows® Operating System company: Microsoft Corporation description: NT Kernel & System Bug check description: This means that an error has occurred in a crucial user-mode subsystem. There is a possibility this problem was caused by a virus or other malware. The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.
- 17 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Systeem heeft pc uitgezet. Heb zelf herstart, alles ziet er goed uit op het eerste zicht maar heb geen log op c:\avenger.txt
- 16 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

pc start op in veilige modus .. ok ? (ik bericht nu van op andere pc) ---------- Post toegevoegd om 21:56 ---------- Vorige post was om 21:55 ---------- Doet " system recovery options " ---------- Post toegevoegd om 22:06 ---------- Vorige post was om 21:56 ---------- is nu bezig met startup repair
- 16 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

md5(cycpdxo): f591cd8336df9c5d0467dcd61d1a546f Heb hier iets gevonden . Nuttig ?
- 16 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Kan ook niet verwijderen
- 16 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Kan het bestand niet verwijderen, krijg de volgende foutmelding. "Er is een fout opgetreden bij het openen van de sleutel. Kan cycpdxo niet openen Deze sleutel kan niet worden geopend vanwege een fout Details: Een apparaat dat op het systeem is aangesloten, werkt niet "
- 16 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Ja, het staat op de locatie
- 16 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Heb je nog suggesties Kape ?
- 16 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

ComboFix 12-02-09.04 - Eigenaar 13/02/2012 18:01:47.4.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3037.1605 [GMT 1:00] Gestart vanuit: d:\users\Eigenaar\Desktop\ComboFix.exe gebruikte Opdracht switches :: d:\users\Eigenaar\Desktop\CFScript.txt AV: Telenet Security Pack 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} FW: Telenet Security Pack 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C} SP: Telenet Security Pack 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\System32\Drivers\cycpdxo.sys" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Eigenaar\AppData\Local\Temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-13 to 2012-02-13 )))))))))))))))))))))))))))))) . . 2012-02-13 17:13 . 2012-02-13 17:13 -------- d-----w- c:\users\Niels\AppData\Local\temp 2012-02-13 17:13 . 2012-02-13 17:13 -------- d-----w- c:\users\Mieke\AppData\Local\temp 2012-02-13 17:13 . 2012-02-13 17:13 -------- d-----w- c:\users\Inneke\AppData\Local\temp 2012-02-13 17:13 . 2012-02-13 17:13 -------- d-----w- c:\users\Gilles\AppData\Local\temp 2012-02-13 17:13 . 2012-02-13 17:13 -------- d-----w- c:\users\Gast\AppData\Local\temp 2012-02-13 17:13 . 2012-02-13 17:13 -------- d-----w- c:\users\Elke\AppData\Local\temp 2012-02-13 17:13 . 2012-02-13 17:13 -------- d-----w- c:\users\Dieter\AppData\Local\temp 2012-02-13 17:13 . 2012-02-13 17:13 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-13 17:13 . 2012-02-13 17:13 -------- d-----w- c:\users\A***ine\AppData\Local\temp 2012-02-11 12:54 . 2012-02-11 12:55 -------- d-----w- c:\program files\Duplicate Music Files Finder 2012-02-11 12:07 . 2012-02-11 12:07 -------- d-----w- c:\program files\Pioneer 2012-02-11 09:46 . 2012-02-11 09:46 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-11 09:14 . 2012-02-11 09:14 -------- d-----w- c:\programdata\Easy Driver Pro 2012-02-10 11:57 . 2012-02-10 11:57 -------- d-----w- c:\users\Gast\AppData\Local\Google 2012-02-10 11:56 . 2012-02-13 16:17 45056 ----a-w- c:\windows\system32\acovcnt.exe 2012-02-09 12:03 . 2012-02-09 12:04 -------- d-----w- c:\windows\system32\SPReview 2012-02-09 11:29 . 2010-11-20 03:21 8704 ----a-w- c:\windows\system32\riched32.dll 2012-02-09 11:24 . 2012-02-09 11:24 -------- d-----w- c:\windows\system32\EventProviders 2012-02-08 19:02 . 2012-02-08 19:02 388096 ----a-r- c:\users\Eigenaar\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-02-08 18:46 . 2012-02-08 18:46 -------- d-----w- c:\program files\NirSoft 2012-02-07 10:49 . 2012-02-07 10:49 -------- d-----w- c:\program files\Trend Micro 2012-02-02 09:07 . 2012-02-02 09:07 -------- d-----w- c:\windows\system32\SRSLabs 2012-02-02 09:06 . 2009-07-06 13:09 856064 ----a-w- c:\windows\system32\VIAPropPageExt.dll 2012-02-02 09:06 . 2009-07-06 10:03 497664 ----a-w- c:\windows\system32\VIASysFx.dll 2012-02-02 09:06 . 2009-07-09 15:08 1066496 ----a-w- c:\windows\system32\drivers\viahduaa.sys 2012-01-27 14:17 . 2012-01-27 14:17 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\Lite 2012-01-25 23:10 . 2011-11-17 05:32 1038848 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-25 23:10 . 2011-11-17 05:35 314880 ----a-w- c:\windows\system32\webio.dll 2012-01-25 23:10 . 2011-11-17 05:34 224768 ----a-w- c:\windows\system32\schannel.dll 2012-01-25 23:10 . 2011-11-17 05:41 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-01-25 23:10 . 2011-11-17 05:39 369352 ----a-w- c:\windows\system32\drivers\cng.sys 2012-01-25 23:10 . 2011-11-17 05:34 100352 ----a-w- c:\windows\system32\sspicli.dll 2012-01-25 23:10 . 2011-11-17 05:41 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-25 23:10 . 2011-11-17 05:34 15872 ----a-w- c:\windows\system32\sspisrv.dll 2012-01-25 23:10 . 2011-11-17 05:29 22528 ----a-w- c:\windows\system32\lsass.exe 2012-01-25 23:10 . 2011-11-17 05:34 22016 ----a-w- c:\windows\system32\secur32.dll 2012-01-19 19:18 . 2002-04-11 23:00 57344 ----a-w- c:\windows\system32\BRSVC01A.EXE 2012-01-19 19:18 . 2001-12-12 23:01 45056 ----a-w- c:\windows\system32\BRSS01A.EXE 2012-01-19 19:15 . 2004-04-18 22:40 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll 2012-01-19 19:15 . 2004-04-18 22:39 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll 2012-01-19 19:15 . 2004-04-18 22:39 172032 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll 2012-01-19 19:15 . 2004-04-18 22:39 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe 2012-01-19 19:15 . 2004-04-18 22:36 32768 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\Objectps.dll 2012-01-19 19:15 . 2012-01-19 19:15 303236 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll 2012-01-19 19:15 . 2012-01-19 19:15 180356 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll 2012-01-19 19:15 . 2004-04-18 22:42 733184 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll 2012-01-15 11:53 . 2012-01-15 11:53 -------- d-----w- c:\programdata\McAfee . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-09 11:54 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2011-12-27 13:22 . 2011-12-27 13:22 4608 ----a-r- c:\users\Eigenaar\AppData\Roaming\Microsoft\Installer\{1636397E-519F-443C-9AF3-2FB044FA59DD}\Icon1636397E.exe 2011-12-10 14:24 . 2009-09-11 20:09 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-01 17:20 . 2011-12-01 17:20 86528 ----a-w- c:\windows\system32\iesysprep.dll 2011-12-01 17:20 . 2011-12-01 17:20 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-12-01 17:20 . 2011-12-01 17:20 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-12-01 17:20 . 2011-12-01 17:20 74752 ----a-w- c:\windows\system32\iesetup.dll 2011-12-01 17:20 . 2011-12-01 17:20 63488 ----a-w- c:\windows\system32\tdc.ocx 2011-12-01 17:20 . 2011-12-01 17:20 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-12-01 17:20 . 2011-12-01 17:20 420864 ----a-w- c:\windows\system32\vbscript.dll 2011-12-01 17:20 . 2011-12-01 17:20 367104 ----a-w- c:\windows\system32\html.iec 2011-12-01 17:20 . 2011-12-01 17:20 35840 ----a-w- c:\windows\system32\imgutil.dll 2011-12-01 17:20 . 2011-12-01 17:20 23552 ----a-w- c:\windows\system32\licmgr10.dll 2011-12-01 17:20 . 2011-12-01 17:20 161792 ----a-w- c:\windows\system32\msls31.dll 2011-12-01 17:20 . 2011-12-01 17:20 152064 ----a-w- c:\windows\system32\wextract.exe 2011-12-01 17:20 . 2011-12-01 17:20 150528 ----a-w- c:\windows\system32\iexpress.exe 2011-12-01 17:20 . 2011-12-01 17:20 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2011-12-01 17:20 . 2011-12-01 17:20 11776 ----a-w- c:\windows\system32\mshta.exe 2011-12-01 17:20 . 2011-12-01 17:20 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-12-01 17:20 . 2011-12-01 17:20 101888 ----a-w- c:\windows\system32\admparse.dll 2011-11-24 21:23 . 2011-11-24 21:23 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys 2011-11-24 21:23 . 2011-11-24 21:23 80184 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2011-11-24 04:25 . 2011-12-15 08:26 2342912 ----a-w- c:\windows\system32\win32k.sys 2011-11-22 10:56 . 2011-07-19 09:23 23376 ----a-w- c:\windows\system32\dopdfmn7.dll 2011-11-22 10:56 . 2011-07-19 09:23 20816 ----a-w- c:\windows\system32\dopdfmi7.dll 2011-11-19 14:01 . 2012-01-11 11:32 67072 ----a-w- c:\windows\system32\packager.dll 2011-11-17 05:38 . 2012-01-11 11:32 1288472 ----a-w- c:\windows\system32\ntdll.dll 2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files\Common Files\CPInstallAction.dll 2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files\Common Files\MSIactionall.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384] "SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-07-09 3417336] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-01 39408] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-01-04 21392] "KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-01-04 937872] "Seedonk"="c:\program files\Seedonk\seedonk.exe" [2011-12-20 3465216] "RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2011-12-29 107000] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 497536] "AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2009-04-03 237568] "ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-08-23 72248] "ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-08-23 3054136] "ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2009-04-07 159744] "ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-06-10 8568832] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936] "HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-04-02 98304] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 1474560] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "Bonus.SSR.FR10"="c:\program files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" [2010-01-17 941320] "F-Secure Manager"="c:\program files\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-01-04 3508624] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680] "tvncontrol"="c:\program files\TightVNC\tvnserver.exe" [2011-08-03 828944] "IsaKbcCertUpdate"="c:\program files\Common Files\Isabel\isa_kbc_certupdate.exe" [2010-07-06 1023576] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "Nikon Message Center 2"="c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-03 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-03 171288] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-03 172824] "MIXTRAXSystemTray.exe"="c:\program files\Pioneer\MIXTRAX\MIXTRAXSystemTray.exe" [2011-10-12 26912] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Snagit 9.lnk - c:\program files\TechSmith\Snagit 9\Snagit32.exe [2009-10-15 6287176] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) "SoftwareSASGeneration"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders credssp.dll, schannel.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-10-28 19:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent] 2010-03-26 08:52 1234216 ----a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2011-04-22 12:21 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe . R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 136176] R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\DRIVERS\CRFILTER.sys [2008-03-07 6656] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-11-24 80184] R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 136176] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 121064] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-11-24 181432] R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1343400] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920] S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2011-08-17 42672] S0 ***laby;***laby;c:\windows\system32\DRIVERS\***laby.sys [2009-06-18 15416] S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 68064] S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2010-12-17 36792] S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2010-12-17 73160] S1 fsvista;F-Secure Vista Support Driver;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-10 814344] S2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2009-03-06 20376] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-26 217088] S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280] S2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-07-09 107744] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592] S2 tvnserver;TightVNC Server;c:\program files\TightVNC\tvnserver.exe [2011-08-03 828944] S2 Viewpoint Service;Viewpoint Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2008-04-04 30152] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-06-12 90624] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2011-09-08 148632] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Telenet Security Pack\ORSP Client\fsorsp.exe [2011-05-23 61088] S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-07-26 36640] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488] S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\srs_PremiumSound_i386.sys [2009-05-18 233512] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-09 1066496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - cycpdxo . Inhoud van de 'Gedeelde Taken' map . 2012-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 05:54] . 2012-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 05:54] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie mSearch Bar = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Formulieren Invullen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html IE: Formulieren opslaan - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html IE: Menu aanpassen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html IE: RoboForm Werkbalk - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html LSP: c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL Trusted Zone: kbc.be Trusted Zone: kbcgroup.eu Trusted Zone: cbc.be\* Trusted Zone: cbc.be\cbc-pdf Trusted Zone: cbc.be\cbconline Trusted Zone: cbc.be\static Trusted Zone: cbc.be\www Trusted Zone: cbc.eu\* Trusted Zone: cbc.eu\www Trusted Zone: isabel.be\*.IBS6 Trusted Zone: isabel.be\gotoIBS6 Trusted Zone: isabel.be\pki Trusted Zone: isabel.be\www Trusted Zone: isabel.eu Trusted Zone: isabel.eu\ugrade Trusted Zone: isabel.eu\upgrade Trusted Zone: isabel.eu\www Trusted Zone: kbc.be\* Trusted Zone: kbc.be\kbc-pdf Trusted Zone: kbc.be\kbconline Trusted Zone: kbc.be\static Trusted Zone: kbc.be\www Trusted Zone: kbc.com\* Trusted Zone: kbc.com\www Trusted Zone: kbc.eu\* Trusted Zone: kbc.eu\www Trusted Zone: kbcam.be\www Trusted Zone: kbcam.com\www Trusted Zone: kbcbankingforbusiness.com\* Trusted Zone: kbcbankingforbusiness.com\www Trusted Zone: kbcgroup.eu\* Trusted Zone: kbcgroup.eu\multimediafiles Trusted Zone: kbcgroup.eu\www Trusted Zone: kbcmerchantbanking.com\* Trusted Zone: kbcmerchantbanking.com\www TCP: DhcpNameServer = 195.130.130.133 195.130.131.133 . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\cycpdxo] . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(5316) c:\program files\Telenet Security Pack\Spam Control\fsscoepl.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\WUDFHost.exe c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe c:\program files\ATKGFNEX\GFNEXSrv.exe c:\windows\system32\brss01a.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Telenet Security Pack\Anti-Virus\fsgk32st.exe c:\program files\Telenet Security Pack\Anti-Virus\FSGK32.EXE c:\program files\Telenet Security Pack\Common\FSMA32.EXE c:\program files\Telenet Security Pack\Common\FSHDLL32.EXE c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe c:\program files\Telenet Security Pack\FWES\Program\fsdfwd.exe c:\program files\Telenet Security Pack\Anti-Virus\fssm32.exe c:\program files\Telenet Security Pack\Anti-Virus\fsav32.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\taskhost.exe c:\program files\ASUS\SmartLogon\sensorsrv.exe c:\program files\ASUS\ASUS CopyProtect\aspg.exe c:\program files\P4G\BatteryLife.exe c:\windows\system32\conhost.exe c:\windows\system32\AUDIODG.EXE c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac c:\program files\TechSmith\Snagit 9\TSCHelp.exe c:\program files\TechSmith\Snagit 9\SnagPriv.exe c:\program files\TechSmith\Snagit 9\snagiteditor.exe c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe . ************************************************************************** . Voltooingstijd: 2012-02-13 18:28:41 - machine werd herstart ComboFix-quarantined-files.txt 2012-02-13 17:28 ComboFix2.txt 2012-02-13 15:58 ComboFix3.txt 2012-02-13 14:04 ComboFix4.txt 2012-02-09 20:05 . Pre-Run: 66.576.191.488 bytes beschikbaar Post-Run: 66.474.954.752 bytes beschikbaar . - - End Of File - - 66B1FFB3B6B3733E61AA7FB658CDC1C2
- 13 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Ik ben te euforisch geweest vrees ik Welcome to WhoCrashed (HOME EDITION) v 3.03 This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution. Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice. This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. If will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems. To obtain technical support visit www.resplendence.com/support Click here to check if you have the latest version or if an update is available. Just click the Analyze button for a comprehensible report ... Home Edition Notice This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which also allows analysis of crashdumps on remote drives and computers on the network and offers a range of additional features. Click here for more information on the professional edition. Click here to buy the the professional edition of WhoCrashed. System Information (local) computer name: GUY-LAPTOP windows version: Windows 7 Service Pack 1, 6.1, build: 7601 windows dir: C:\Windows CPU: GenuineIntel Pentium® Dual-Core CPU T4200 @ 2.00GHz Intel586, level: 6 2 logical processors, active mask: 3 RAM: 3184615424 total VM: 2147352576, free: 1946267648 Crash Dump Analysis Crash dump directory: C:\Windows\Minidump Crash dumps are enabled on your computer. On Mon 13/02/2012 16:16:09 GMT your computer crashed crash dump file: C:\Windows\Minidump\021312-35412-01.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFD90C0000, 0x2, 0x0, 0xFFFFFFFF8B426CCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL On Mon 13/02/2012 16:16:09 GMT your computer crashed crash dump file: C:\Windows\memory.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFD90C0000, 0x2, 0x0, 0xFFFFFFFF8B426CCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL On Fri 10/02/2012 18:46:18 GMT your computer crashed crash dump file: C:\Windows\Minidump\021012-29624-01.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFBDC34000, 0x2, 0x0, 0xFFFFFFFF83B2DCCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL On Fri 10/02/2012 18:02:13 GMT your computer crashed crash dump file: C:\Windows\Minidump\021012-30232-01.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFD7E40000, 0x2, 0x0, 0xFFFFFFFF83B14CCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL On Fri 10/02/2012 7:05:50 GMT your computer crashed crash dump file: C:\Windows\Minidump\021012-29250-01.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFB9FD1000, 0x2, 0x0, 0xFFFFFFFF8B436CCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL Conclusion 5 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers: cycpdxo.sys If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems. Read the topic general suggestions for troubleshooting system crashes for more information. Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
- 13 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Hopelijk nu juist ? ComboFix 12-02-09.04 - Eigenaar 13/02/2012 16:39:26.3.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3037.1719 [GMT 1:00] Gestart vanuit: d:\users\Eigenaar\Desktop\ComboFix.exe gebruikte Opdracht switches :: d:\users\Eigenaar\Desktop\CFScript.txt AV: Telenet Security Pack 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} FW: Telenet Security Pack 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C} SP: Telenet Security Pack 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Eigenaar\AppData\Local\Temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-13 to 2012-02-13 )))))))))))))))))))))))))))))) . . 2012-02-13 15:48 . 2012-02-13 15:48 -------- d-----w- c:\users\Niels\AppData\Local\temp 2012-02-13 15:48 . 2012-02-13 15:48 -------- d-----w- c:\users\Mieke\AppData\Local\temp 2012-02-13 15:48 . 2012-02-13 15:48 -------- d-----w- c:\users\Inneke\AppData\Local\temp 2012-02-13 15:48 . 2012-02-13 15:48 -------- d-----w- c:\users\Gilles\AppData\Local\temp 2012-02-13 15:48 . 2012-02-13 15:48 -------- d-----w- c:\users\Gast\AppData\Local\temp 2012-02-13 15:48 . 2012-02-13 15:48 -------- d-----w- c:\users\Elke\AppData\Local\temp 2012-02-13 15:48 . 2012-02-13 15:48 -------- d-----w- c:\users\Dieter\AppData\Local\temp 2012-02-13 15:48 . 2012-02-13 15:48 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-13 15:48 . 2012-02-13 15:48 -------- d-----w- c:\users\A***ine\AppData\Local\temp 2012-02-11 12:54 . 2012-02-11 12:55 -------- d-----w- c:\program files\Duplicate Music Files Finder 2012-02-11 12:07 . 2012-02-11 12:07 -------- d-----w- c:\program files\Pioneer 2012-02-11 09:46 . 2012-02-11 09:46 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-11 09:14 . 2012-02-11 09:14 -------- d-----w- c:\programdata\Easy Driver Pro 2012-02-10 11:57 . 2012-02-10 11:57 -------- d-----w- c:\users\Gast\AppData\Local\Google 2012-02-10 11:56 . 2012-02-13 15:50 45056 ----a-w- c:\windows\system32\acovcnt.exe 2012-02-09 11:29 . 2010-11-20 01:22 6656 ----a-w- c:\windows\system32\drivers\RDPCDD.sys 2012-02-09 11:24 . 2012-02-09 11:24 -------- d-----w- c:\windows\system32\EventProviders 2012-02-08 19:02 . 2012-02-08 19:02 388096 ----a-r- c:\users\Eigenaar\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-02-08 18:46 . 2012-02-08 18:46 -------- d-----w- c:\program files\NirSoft 2012-02-07 10:49 . 2012-02-07 10:49 -------- d-----w- c:\program files\Trend Micro 2012-02-02 09:06 . 2009-07-09 15:08 1066496 ----a-w- c:\windows\system32\drivers\viahduaa.sys 2012-01-27 14:17 . 2012-01-27 14:17 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\Lite 2012-01-25 23:10 . 2011-11-17 05:32 1038848 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-25 23:10 . 2011-11-17 05:41 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-01-25 23:10 . 2011-11-17 05:39 369352 ----a-w- c:\windows\system32\drivers\cng.sys 2012-01-25 23:10 . 2011-11-17 05:41 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-25 23:10 . 2011-11-17 05:29 22528 ----a-w- c:\windows\system32\lsass.exe 2012-01-19 19:18 . 2002-04-11 23:00 57344 ----a-w- c:\windows\system32\BRSVC01A.EXE 2012-01-19 19:18 . 2001-12-12 23:01 45056 ----a-w- c:\windows\system32\BRSS01A.EXE 2012-01-19 19:15 . 2004-04-18 22:40 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll 2012-01-19 19:15 . 2004-04-18 22:39 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll 2012-01-19 19:15 . 2004-04-18 22:39 172032 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll 2012-01-19 19:15 . 2004-04-18 22:39 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe 2012-01-19 19:15 . 2004-04-18 22:36 32768 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\Objectps.dll 2012-01-19 19:15 . 2012-01-19 19:15 303236 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll 2012-01-19 19:15 . 2012-01-19 19:15 180356 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll 2012-01-19 19:15 . 2004-04-18 22:42 733184 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll 2012-01-15 11:53 . 2012-01-15 11:53 -------- d-----w- c:\programdata\McAfee . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-09 11:54 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2011-12-27 13:22 . 2011-12-27 13:22 4608 ----a-r- c:\users\Eigenaar\AppData\Roaming\Microsoft\Installer\{1636397E-519F-443C-9AF3-2FB044FA59DD}\Icon1636397E.exe 2011-12-10 14:24 . 2009-09-11 20:09 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-01 17:20 . 2011-12-01 17:20 86528 ----a-w- c:\windows\system32\iesysprep.dll 2011-12-01 17:20 . 2011-12-01 17:20 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-12-01 17:20 . 2011-12-01 17:20 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-12-01 17:20 . 2011-12-01 17:20 74752 ----a-w- c:\windows\system32\iesetup.dll 2011-12-01 17:20 . 2011-12-01 17:20 63488 ----a-w- c:\windows\system32\tdc.ocx 2011-12-01 17:20 . 2011-12-01 17:20 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-12-01 17:20 . 2011-12-01 17:20 420864 ----a-w- c:\windows\system32\vbscript.dll 2011-12-01 17:20 . 2011-12-01 17:20 367104 ----a-w- c:\windows\system32\html.iec 2011-12-01 17:20 . 2011-12-01 17:20 35840 ----a-w- c:\windows\system32\imgutil.dll 2011-12-01 17:20 . 2011-12-01 17:20 23552 ----a-w- c:\windows\system32\licmgr10.dll 2011-12-01 17:20 . 2011-12-01 17:20 161792 ----a-w- c:\windows\system32\msls31.dll 2011-12-01 17:20 . 2011-12-01 17:20 152064 ----a-w- c:\windows\system32\wextract.exe 2011-12-01 17:20 . 2011-12-01 17:20 150528 ----a-w- c:\windows\system32\iexpress.exe 2011-12-01 17:20 . 2011-12-01 17:20 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2011-12-01 17:20 . 2011-12-01 17:20 11776 ----a-w- c:\windows\system32\mshta.exe 2011-12-01 17:20 . 2011-12-01 17:20 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-12-01 17:20 . 2011-12-01 17:20 101888 ----a-w- c:\windows\system32\admparse.dll 2011-11-24 21:23 . 2011-11-24 21:23 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys 2011-11-24 21:23 . 2011-11-24 21:23 80184 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2011-11-24 04:25 . 2011-12-15 08:26 2342912 ----a-w- c:\windows\system32\win32k.sys 2011-11-22 10:56 . 2011-07-19 09:23 23376 ----a-w- c:\windows\system32\dopdfmn7.dll 2011-11-22 10:56 . 2011-07-19 09:23 20816 ----a-w- c:\windows\system32\dopdfmi7.dll 2011-11-19 14:01 . 2012-01-11 11:32 67072 ----a-w- c:\windows\system32\packager.dll 2011-11-17 05:38 . 2012-01-11 11:32 1288472 ----a-w- c:\windows\system32\ntdll.dll 2011-11-17 05:35 . 2012-01-25 23:10 314880 ----a-w- c:\windows\system32\webio.dll 2011-11-17 05:34 . 2012-01-25 23:10 100352 ----a-w- c:\windows\system32\sspicli.dll 2011-11-17 05:34 . 2012-01-25 23:10 15872 ----a-w- c:\windows\system32\sspisrv.dll 2011-11-17 05:34 . 2012-01-25 23:10 224768 ----a-w- c:\windows\system32\schannel.dll 2011-11-17 05:34 . 2012-01-25 23:10 22016 ----a-w- c:\windows\system32\secur32.dll 2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files\Common Files\CPInstallAction.dll 2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files\Common Files\MSIactionall.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384] "SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-07-09 3417336] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-01 39408] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-01-04 21392] "KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-01-04 937872] "Seedonk"="c:\program files\Seedonk\seedonk.exe" [2011-12-20 3465216] "RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2011-12-29 107000] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 497536] "AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2009-04-03 237568] "ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-08-23 72248] "ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-08-23 3054136] "ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2009-04-07 159744] "ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-06-10 8568832] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936] "HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-04-02 98304] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 1474560] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "Bonus.SSR.FR10"="c:\program files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" [2010-01-17 941320] "F-Secure Manager"="c:\program files\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-01-04 3508624] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680] "tvncontrol"="c:\program files\TightVNC\tvnserver.exe" [2011-08-03 828944] "IsaKbcCertUpdate"="c:\program files\Common Files\Isabel\isa_kbc_certupdate.exe" [2010-07-06 1023576] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "Nikon Message Center 2"="c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-03 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-03 171288] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-03 172824] "MIXTRAXSystemTray.exe"="c:\program files\Pioneer\MIXTRAX\MIXTRAXSystemTray.exe" [2011-10-12 26912] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Snagit 9.lnk - c:\program files\TechSmith\Snagit 9\Snagit32.exe [2009-10-15 6287176] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) "SoftwareSASGeneration"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders credssp.dll, schannel.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-10-28 19:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent] 2010-03-26 08:52 1234216 ----a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2011-04-22 12:21 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe . R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 136176] R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\DRIVERS\CRFILTER.sys [2008-03-07 6656] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-11-24 80184] R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 136176] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 121064] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-11-24 181432] R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1343400] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920] S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2011-08-17 42672] S0 ***laby;***laby;c:\windows\system32\DRIVERS\***laby.sys [2009-06-18 15416] S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 68064] S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2010-12-17 36792] S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2010-12-17 73160] S1 fsvista;F-Secure Vista Support Driver;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-10 814344] S2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2009-03-06 20376] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-26 217088] S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280] S2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-07-09 107744] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592] S2 tvnserver;TightVNC Server;c:\program files\TightVNC\tvnserver.exe [2011-08-03 828944] S2 Viewpoint Service;Viewpoint Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2008-04-04 30152] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-06-12 90624] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2011-09-08 148632] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Telenet Security Pack\ORSP Client\fsorsp.exe [2011-05-23 61088] S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-07-26 36640] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488] S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\srs_PremiumSound_i386.sys [2009-05-18 233512] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-09 1066496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - FSUSBEXDISK *Deregistered* - cycpdxo . Inhoud van de 'Gedeelde Taken' map . 2012-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 05:54] . 2012-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 05:54] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie mSearch Bar = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Formulieren Invullen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html IE: Formulieren opslaan - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html IE: Menu aanpassen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html IE: RoboForm Werkbalk - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html LSP: c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL Trusted Zone: kbc.be Trusted Zone: kbcgroup.eu Trusted Zone: cbc.be\* Trusted Zone: cbc.be\cbc-pdf Trusted Zone: cbc.be\cbconline Trusted Zone: cbc.be\static Trusted Zone: cbc.be\www Trusted Zone: cbc.eu\* Trusted Zone: cbc.eu\www Trusted Zone: isabel.be\*.IBS6 Trusted Zone: isabel.be\gotoIBS6 Trusted Zone: isabel.be\pki Trusted Zone: isabel.be\www Trusted Zone: isabel.eu Trusted Zone: isabel.eu\ugrade Trusted Zone: isabel.eu\upgrade Trusted Zone: isabel.eu\www Trusted Zone: kbc.be\* Trusted Zone: kbc.be\kbc-pdf Trusted Zone: kbc.be\kbconline Trusted Zone: kbc.be\static Trusted Zone: kbc.be\www Trusted Zone: kbc.com\* Trusted Zone: kbc.com\www Trusted Zone: kbc.eu\* Trusted Zone: kbc.eu\www Trusted Zone: kbcam.be\www Trusted Zone: kbcam.com\www Trusted Zone: kbcbankingforbusiness.com\* Trusted Zone: kbcbankingforbusiness.com\www Trusted Zone: kbcgroup.eu\* Trusted Zone: kbcgroup.eu\multimediafiles Trusted Zone: kbcgroup.eu\www Trusted Zone: kbcmerchantbanking.com\* Trusted Zone: kbcmerchantbanking.com\www TCP: DhcpNameServer = 195.130.130.133 195.130.131.133 . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\cycpdxo] . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(4396) c:\program files\Telenet Security Pack\Spam Control\fsscoepl.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\AUDIODG.EXE c:\windows\system32\WUDFHost.exe c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe c:\program files\ATKGFNEX\GFNEXSrv.exe c:\windows\system32\brss01a.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Telenet Security Pack\Anti-Virus\fsgk32st.exe c:\program files\Telenet Security Pack\Anti-Virus\FSGK32.EXE c:\program files\Telenet Security Pack\Common\FSMA32.EXE c:\program files\Telenet Security Pack\Common\FSHDLL32.EXE c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe c:\windows\system32\taskhost.exe c:\program files\ASUS\SmartLogon\sensorsrv.exe c:\program files\ASUS\ASUS CopyProtect\aspg.exe c:\program files\P4G\BatteryLife.exe c:\program files\ASUS\Splendid\ACMON.exe c:\program files\ASUS\ATK Hotkey\HControl.exe c:\program files\ASUS\Wireless Console 3\wcourier.exe c:\windows\System32\ACEngSvr.exe c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe c:\program files\Telenet Security Pack\FWES\Program\fsdfwd.exe c:\program files\Telenet Security Pack\Anti-Virus\fssm32.exe c:\windows\servicing\TrustedInstaller.exe c:\windows\system32\conhost.exe c:\program files\Telenet Security Pack\Anti-Virus\fsav32.exe c:\program files\Brother\Brmfcmon\BrMfimon.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac c:\program files\ASUS\ATK Hotkey\ATKOSD.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\ASUS\ATK Hotkey\KBFiltr.exe c:\program files\ASUS\ATK Hotkey\WDC.exe c:\program files\TechSmith\Snagit 9\TSCHelp.exe c:\program files\TechSmith\Snagit 9\SnagPriv.exe c:\program files\TechSmith\Snagit 9\snagiteditor.exe c:\windows\system32\sppsvc.exe c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe . ************************************************************************** . Voltooingstijd: 2012-02-13 16:58:49 - machine werd herstart ComboFix-quarantined-files.txt 2012-02-13 15:58 ComboFix2.txt 2012-02-13 14:04 ComboFix3.txt 2012-02-09 20:05 . Pre-Run: 66.672.771.072 bytes beschikbaar Post-Run: 66.634.022.912 bytes beschikbaar . - - End Of File - - 5E260213D25E5BB69CF476AB20621D51
- 13 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

ComboFix 12-02-09.04 - Eigenaar 13/02/2012 14:40:29.2.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3037.1828 [GMT 1:00] Gestart vanuit: d:\users\Eigenaar\Desktop\ComboFix.exe gebruikte Opdracht switches :: d:\users\Eigenaar\Desktop\CFScript.txt.doc AV: Telenet Security Pack 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} FW: Telenet Security Pack 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C} SP: Telenet Security Pack 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Eigenaar\AppData\Local\Temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll c:\users\Eigenaar\AppData\Roaming\inst.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-13 to 2012-02-13 )))))))))))))))))))))))))))))) . . 2012-02-13 13:52 . 2012-02-13 13:52 -------- d-----w- c:\users\Niels\AppData\Local\temp 2012-02-13 13:52 . 2012-02-13 13:52 -------- d-----w- c:\users\Mieke\AppData\Local\temp 2012-02-13 13:52 . 2012-02-13 13:52 -------- d-----w- c:\users\Inneke\AppData\Local\temp 2012-02-13 13:52 . 2012-02-13 13:52 -------- d-----w- c:\users\Gilles\AppData\Local\temp 2012-02-13 13:52 . 2012-02-13 13:52 -------- d-----w- c:\users\Gast\AppData\Local\temp 2012-02-13 13:52 . 2012-02-13 13:52 -------- d-----w- c:\users\Elke\AppData\Local\temp 2012-02-13 13:52 . 2012-02-13 13:52 -------- d-----w- c:\users\Dieter\AppData\Local\temp 2012-02-13 13:52 . 2012-02-13 13:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-13 13:52 . 2012-02-13 13:52 -------- d-----w- c:\users\A***ine\AppData\Local\temp 2012-02-11 12:54 . 2012-02-11 12:55 -------- d-----w- c:\program files\Duplicate Music Files Finder 2012-02-11 12:07 . 2012-02-11 12:07 -------- d-----w- c:\program files\Pioneer 2012-02-11 09:46 . 2012-02-11 09:46 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-11 09:14 . 2012-02-11 09:14 -------- d-----w- c:\programdata\Easy Driver Pro 2012-02-10 11:57 . 2012-02-10 11:57 -------- d-----w- c:\users\Gast\AppData\Local\Google 2012-02-10 11:56 . 2012-02-13 13:56 45056 ----a-w- c:\windows\system32\acovcnt.exe 2012-02-09 11:29 . 2010-11-20 01:22 6656 ----a-w- c:\windows\system32\drivers\RDPCDD.sys 2012-02-09 11:24 . 2012-02-09 11:24 -------- d-----w- c:\windows\system32\EventProviders 2012-02-08 19:02 . 2012-02-08 19:02 388096 ----a-r- c:\users\Eigenaar\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-02-08 18:46 . 2012-02-08 18:46 -------- d-----w- c:\program files\NirSoft 2012-02-07 10:49 . 2012-02-07 10:49 -------- d-----w- c:\program files\Trend Micro 2012-02-02 09:06 . 2009-07-09 15:08 1066496 ----a-w- c:\windows\system32\drivers\viahduaa.sys 2012-01-27 14:17 . 2012-01-27 14:17 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\Lite 2012-01-25 23:10 . 2011-11-17 05:32 1038848 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-25 23:10 . 2011-11-17 05:41 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-01-25 23:10 . 2011-11-17 05:39 369352 ----a-w- c:\windows\system32\drivers\cng.sys 2012-01-25 23:10 . 2011-11-17 05:41 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-25 23:10 . 2011-11-17 05:29 22528 ----a-w- c:\windows\system32\lsass.exe 2012-01-19 19:18 . 2002-04-11 23:00 57344 ----a-w- c:\windows\system32\BRSVC01A.EXE 2012-01-19 19:18 . 2001-12-12 23:01 45056 ----a-w- c:\windows\system32\BRSS01A.EXE 2012-01-19 19:15 . 2004-04-18 22:40 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll 2012-01-19 19:15 . 2004-04-18 22:39 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll 2012-01-19 19:15 . 2004-04-18 22:39 172032 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll 2012-01-19 19:15 . 2004-04-18 22:39 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe 2012-01-19 19:15 . 2004-04-18 22:36 32768 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\Objectps.dll 2012-01-19 19:15 . 2012-01-19 19:15 303236 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll 2012-01-19 19:15 . 2012-01-19 19:15 180356 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll 2012-01-19 19:15 . 2004-04-18 22:42 733184 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll 2012-01-15 11:53 . 2012-01-15 11:53 -------- d-----w- c:\programdata\McAfee . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-09 11:54 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2011-12-27 13:22 . 2011-12-27 13:22 4608 ----a-r- c:\users\Eigenaar\AppData\Roaming\Microsoft\Installer\{1636397E-519F-443C-9AF3-2FB044FA59DD}\Icon1636397E.exe 2011-12-10 14:24 . 2009-09-11 20:09 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-01 17:20 . 2011-12-01 17:20 86528 ----a-w- c:\windows\system32\iesysprep.dll 2011-12-01 17:20 . 2011-12-01 17:20 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-12-01 17:20 . 2011-12-01 17:20 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-12-01 17:20 . 2011-12-01 17:20 74752 ----a-w- c:\windows\system32\iesetup.dll 2011-12-01 17:20 . 2011-12-01 17:20 63488 ----a-w- c:\windows\system32\tdc.ocx 2011-12-01 17:20 . 2011-12-01 17:20 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-12-01 17:20 . 2011-12-01 17:20 420864 ----a-w- c:\windows\system32\vbscript.dll 2011-12-01 17:20 . 2011-12-01 17:20 367104 ----a-w- c:\windows\system32\html.iec 2011-12-01 17:20 . 2011-12-01 17:20 35840 ----a-w- c:\windows\system32\imgutil.dll 2011-12-01 17:20 . 2011-12-01 17:20 23552 ----a-w- c:\windows\system32\licmgr10.dll 2011-12-01 17:20 . 2011-12-01 17:20 161792 ----a-w- c:\windows\system32\msls31.dll 2011-12-01 17:20 . 2011-12-01 17:20 152064 ----a-w- c:\windows\system32\wextract.exe 2011-12-01 17:20 . 2011-12-01 17:20 150528 ----a-w- c:\windows\system32\iexpress.exe 2011-12-01 17:20 . 2011-12-01 17:20 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2011-12-01 17:20 . 2011-12-01 17:20 11776 ----a-w- c:\windows\system32\mshta.exe 2011-12-01 17:20 . 2011-12-01 17:20 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-12-01 17:20 . 2011-12-01 17:20 101888 ----a-w- c:\windows\system32\admparse.dll 2011-11-24 21:23 . 2011-11-24 21:23 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys 2011-11-24 21:23 . 2011-11-24 21:23 80184 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2011-11-24 04:25 . 2011-12-15 08:26 2342912 ----a-w- c:\windows\system32\win32k.sys 2011-11-22 10:56 . 2011-07-19 09:23 23376 ----a-w- c:\windows\system32\dopdfmn7.dll 2011-11-22 10:56 . 2011-07-19 09:23 20816 ----a-w- c:\windows\system32\dopdfmi7.dll 2011-11-19 14:01 . 2012-01-11 11:32 67072 ----a-w- c:\windows\system32\packager.dll 2011-11-17 05:38 . 2012-01-11 11:32 1288472 ----a-w- c:\windows\system32\ntdll.dll 2011-11-17 05:35 . 2012-01-25 23:10 314880 ----a-w- c:\windows\system32\webio.dll 2011-11-17 05:34 . 2012-01-25 23:10 100352 ----a-w- c:\windows\system32\sspicli.dll 2011-11-17 05:34 . 2012-01-25 23:10 15872 ----a-w- c:\windows\system32\sspisrv.dll 2011-11-17 05:34 . 2012-01-25 23:10 224768 ----a-w- c:\windows\system32\schannel.dll 2011-11-17 05:34 . 2012-01-25 23:10 22016 ----a-w- c:\windows\system32\secur32.dll 2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files\Common Files\CPInstallAction.dll 2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files\Common Files\MSIactionall.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384] "SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-07-09 3417336] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-01 39408] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-01-04 21392] "KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-01-04 937872] "Seedonk"="c:\program files\Seedonk\seedonk.exe" [2011-12-20 3465216] "RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2011-12-29 107000] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 497536] "AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2009-04-03 237568] "ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-08-23 72248] "ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-08-23 3054136] "ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2009-04-07 159744] "ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-06-10 8568832] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936] "HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-04-02 98304] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 1474560] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "Bonus.SSR.FR10"="c:\program files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" [2010-01-17 941320] "F-Secure Manager"="c:\program files\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-01-04 3508624] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680] "tvncontrol"="c:\program files\TightVNC\tvnserver.exe" [2011-08-03 828944] "IsaKbcCertUpdate"="c:\program files\Common Files\Isabel\isa_kbc_certupdate.exe" [2010-07-06 1023576] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "Nikon Message Center 2"="c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-03 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-03 171288] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-03 172824] "MIXTRAXSystemTray.exe"="c:\program files\Pioneer\MIXTRAX\MIXTRAXSystemTray.exe" [2011-10-12 26912] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Snagit 9.lnk - c:\program files\TechSmith\Snagit 9\Snagit32.exe [2009-10-15 6287176] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) "SoftwareSASGeneration"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders credssp.dll, schannel.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-10-28 19:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent] 2010-03-26 08:52 1234216 ----a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2011-04-22 12:21 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe . R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 136176] R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\DRIVERS\CRFILTER.sys [2008-03-07 6656] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-11-24 80184] R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 136176] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 121064] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-11-24 181432] R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1343400] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920] S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2011-08-17 42672] S0 ***laby;***laby;c:\windows\system32\DRIVERS\***laby.sys [2009-06-18 15416] S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 68064] S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2010-12-17 36792] S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2010-12-17 73160] S1 fsvista;F-Secure Vista Support Driver;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-10 814344] S2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2009-03-06 20376] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-26 217088] S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280] S2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-07-09 107744] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592] S2 tvnserver;TightVNC Server;c:\program files\TightVNC\tvnserver.exe [2011-08-03 828944] S2 Viewpoint Service;Viewpoint Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2008-04-04 30152] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-06-12 90624] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2011-09-08 148632] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Telenet Security Pack\ORSP Client\fsorsp.exe [2011-05-23 61088] S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-07-26 36640] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488] S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\srs_PremiumSound_i386.sys [2009-05-18 233512] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-09 1066496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - cycpdxo . Inhoud van de 'Gedeelde Taken' map . 2012-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 05:54] . 2012-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 05:54] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie mSearch Bar = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Formulieren Invullen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html IE: Formulieren opslaan - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html IE: Menu aanpassen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html IE: RoboForm Werkbalk - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html LSP: c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL Trusted Zone: kbc.be Trusted Zone: kbcgroup.eu Trusted Zone: cbc.be\* Trusted Zone: cbc.be\cbc-pdf Trusted Zone: cbc.be\cbconline Trusted Zone: cbc.be\static Trusted Zone: cbc.be\www Trusted Zone: cbc.eu\* Trusted Zone: cbc.eu\www Trusted Zone: isabel.be\*.IBS6 Trusted Zone: isabel.be\gotoIBS6 Trusted Zone: isabel.be\pki Trusted Zone: isabel.be\www Trusted Zone: isabel.eu Trusted Zone: isabel.eu\ugrade Trusted Zone: isabel.eu\upgrade Trusted Zone: isabel.eu\www Trusted Zone: kbc.be\* Trusted Zone: kbc.be\kbc-pdf Trusted Zone: kbc.be\kbconline Trusted Zone: kbc.be\static Trusted Zone: kbc.be\www Trusted Zone: kbc.com\* Trusted Zone: kbc.com\www Trusted Zone: kbc.eu\* Trusted Zone: kbc.eu\www Trusted Zone: kbcam.be\www Trusted Zone: kbcam.com\www Trusted Zone: kbcbankingforbusiness.com\* Trusted Zone: kbcbankingforbusiness.com\www Trusted Zone: kbcgroup.eu\* Trusted Zone: kbcgroup.eu\multimediafiles Trusted Zone: kbcgroup.eu\www Trusted Zone: kbcmerchantbanking.com\* Trusted Zone: kbcmerchantbanking.com\www TCP: DhcpNameServer = 195.130.130.133 195.130.131.133 . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\cycpdxo] . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(5904) c:\program files\Telenet Security Pack\Spam Control\fsscoepl.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\AUDIODG.EXE c:\windows\system32\WUDFHost.exe c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe c:\program files\ATKGFNEX\GFNEXSrv.exe c:\windows\system32\brss01a.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Telenet Security Pack\Anti-Virus\fsgk32st.exe c:\program files\Telenet Security Pack\Common\FSMA32.EXE c:\program files\Telenet Security Pack\Anti-Virus\FSGK32.EXE c:\program files\Telenet Security Pack\Common\FSHDLL32.EXE c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe c:\windows\system32\taskhost.exe c:\program files\ASUS\SmartLogon\sensorsrv.exe c:\program files\ASUS\ASUS CopyProtect\aspg.exe c:\program files\P4G\BatteryLife.exe c:\program files\ASUS\Splendid\ACMON.exe c:\program files\ASUS\ATK Hotkey\HControl.exe c:\program files\ASUS\Wireless Console 3\wcourier.exe c:\windows\System32\ACEngSvr.exe c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe c:\program files\Telenet Security Pack\FWES\Program\fsdfwd.exe c:\program files\Telenet Security Pack\Anti-Virus\fssm32.exe c:\windows\servicing\TrustedInstaller.exe c:\windows\system32\conhost.exe c:\program files\Brother\Brmfcmon\BrMfimon.exe c:\program files\Telenet Security Pack\Anti-Virus\fsav32.exe c:\program files\ASUS\ATK Hotkey\ATKOSD.exe c:\program files\ASUS\ATK Hotkey\KBFiltr.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac c:\program files\ASUS\ATK Hotkey\WDC.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\TechSmith\Snagit 9\TSCHelp.exe c:\program files\TechSmith\Snagit 9\SnagPriv.exe c:\program files\TechSmith\Snagit 9\snagiteditor.exe c:\windows\system32\sppsvc.exe c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe . ************************************************************************** . Voltooingstijd: 2012-02-13 15:04:50 - machine werd herstart ComboFix-quarantined-files.txt 2012-02-13 14:04 ComboFix2.txt 2012-02-09 20:05 . Pre-Run: 66.421.473.280 bytes beschikbaar Post-Run: 66.636.840.960 bytes beschikbaar . - - End Of File - - 1A25AA6D5480BD3E360183E7B16E40D7 Heb voor de eerste keer een pdf kunnen afdrukken zonder blue screen
- 13 februari 2012
- 45 antwoorden
Blue scree bij afdrukken pdf

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Ook in veilige modus kan het bestand niet gewijzigd worden.
- 13 februari 2012
- 11 antwoorden
Blue scree bij afdrukken pdf

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Heb deze melding gekregen
- 11 februari 2012
- 11 antwoorden
Blue scree bij afdrukken pdf

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Was het maar waar :-( Heb terug blue screen gehad en bijgevolg weer flasplayer moeten herinstalleren. Terug tijdens het afdrukken van een pdf met meerdere pagina's. Weer die verdomde cycpdx0.sys ( C/Windows/system 32/drivers ) Log van Whocrashed Welcome to WhoCrashed (HOME EDITION) v 3.03 This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution. Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice. This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. If will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems. To obtain technical support visit www.resplendence.com/support Click here to check if you have the latest version or if an update is available. Just click the Analyze button for a comprehensible report ... Home Edition Notice This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which also allows analysis of crashdumps on remote drives and computers on the network and offers a range of additional features. Click here for more information on the professional edition. Click here to buy the the professional edition of WhoCrashed. System Information (local) computer name: GUY-LAPTOP windows version: Windows 7 Service Pack 1, 6.1, build: 7601 windows dir: C:\Windows CPU: GenuineIntel Pentium® Dual-Core CPU T4200 @ 2.00GHz Intel586, level: 6 2 logical processors, active mask: 3 RAM: 3184615424 total VM: 2147352576, free: 1936244736 Crash Dump Analysis Crash dump directory: C:\Windows\Minidump Crash dumps are enabled on your computer. On Fri 10/02/2012 18:46:18 GMT your computer crashed crash dump file: C:\Windows\Minidump\021012-29624-01.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFBDC34000, 0x2, 0x0, 0xFFFFFFFF83B2DCCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL On Fri 10/02/2012 18:46:18 GMT your computer crashed crash dump file: C:\Windows\memory.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFBDC34000, 0x2, 0x0, 0xFFFFFFFF83B2DCCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL On Fri 10/02/2012 18:02:13 GMT your computer crashed crash dump file: C:\Windows\Minidump\021012-30232-01.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFD7E40000, 0x2, 0x0, 0xFFFFFFFF83B14CCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL On Fri 10/02/2012 7:05:50 GMT your computer crashed crash dump file: C:\Windows\Minidump\021012-29250-01.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFB9FD1000, 0x2, 0x0, 0xFFFFFFFF8B436CCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL Conclusion 4 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers: cycpdxo.sys If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems. Read the topic general suggestions for troubleshooting system crashes for more information. Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
- 10 februari 2012
- 11 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Het resultaat .... Na een blue screen ( ander topic van mij ) terug flash player kwijt :-( Ik vermoed dat ik eerst het andere probleem zal moeten zien op te lossen want dat het probleem daar ligt. Ik voeg nog een log bij van Whocrashed Welcome to WhoCrashed (HOME EDITION) v 3.03 This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution. Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice. This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. If will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems. To obtain technical support visit www.resplendence.com/support Click here to check if you have the latest version or if an update is available. Just click the Analyze button for a comprehensible report ... Home Edition Notice This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which also allows analysis of crashdumps on remote drives and computers on the network and offers a range of additional features. Click here for more information on the professional edition. Click here to buy the the professional edition of WhoCrashed. System Information (local) computer name: GUY-LAPTOP windows version: Windows 7 Service Pack 1, 6.1, build: 7601 windows dir: C:\Windows CPU: GenuineIntel Pentium® Dual-Core CPU T4200 @ 2.00GHz Intel586, level: 6 2 logical processors, active mask: 3 RAM: 3184615424 total VM: 2147352576, free: 1936244736 Crash Dump Analysis Crash dump directory: C:\Windows\Minidump Crash dumps are enabled on your computer. On Fri 10/02/2012 18:46:18 GMT your computer crashed crash dump file: C:\Windows\Minidump\021012-29624-01.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFBDC34000, 0x2, 0x0, 0xFFFFFFFF83B2DCCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL On Fri 10/02/2012 18:46:18 GMT your computer crashed crash dump file: C:\Windows\memory.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFBDC34000, 0x2, 0x0, 0xFFFFFFFF83B2DCCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL On Fri 10/02/2012 18:02:13 GMT your computer crashed crash dump file: C:\Windows\Minidump\021012-30232-01.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFD7E40000, 0x2, 0x0, 0xFFFFFFFF83B14CCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL On Fri 10/02/2012 7:05:50 GMT your computer crashed crash dump file: C:\Windows\Minidump\021012-29250-01.dmp This was probably caused by the following module: cycpdxo.sys (cycpdxo+0x4CCB) Bugcheck code: 0xD1 (0xFFFFFFFFB9FD1000, 0x2, 0x0, 0xFFFFFFFF8B436CCB) Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\System32\Drivers\cycpdxo.sys This file could not be located on your computer, we suggest that you search on its name with Google. Click here to do a Google search on cycpdxo.sys Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cycpdxo.sys . Google query: cycpdxo.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL Conclusion 4 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers: cycpdxo.sys If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems. Read the topic general suggestions for troubleshooting system crashes for more information. Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
- 10 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Heb het bestand verwijderd. Momenteel werkt Flash Player zoals het hoort. Nu nog afwachten of het zo blijft hé. Ik hou je wel op de hoogte
- 9 februari 2012
- 45 antwoorden
Blue scree bij afdrukken pdf

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Ja, het is dezelfde pc. Ik heb combofix gedraaid (i.v.m. het Flash Player probleem) en in het rapport staat een vermelding van het bestand cycpdxo.sys Misschien is het ook opgelost ?
- 9 februari 2012
- 11 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Ik heb de combofix gedraaid zoals gevraagd. na een tijdje is de pc heropgestart waarna een afwisselend zwart en blauw schermpje met titel pev.3XE. Dit bleef flikkeren en ik heb na een 10tal minuten de pc handmatig heropgestart. Toen heeft Combofix het volgende rapport opgesteld: ComboFix 12-02-09.04 - Eigenaar 09/02/2012 19:57:59.1.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3037.1558 [GMT 1:00] Gestart vanuit: d:\users\Eigenaar\Desktop\ComboFix.exe AV: Telenet Security Pack 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} FW: Telenet Security Pack 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C} SP: Telenet Security Pack 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Common Files\ASPG_icon.ico c:\users\A***ine\7016.gif c:\users\Eigenaar\AppData\Local\assembly\tmp c:\users\Eigenaar\AppData\Local\Temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll c:\users\Guy\2011.jpg c:\windows\system32\muzapp.exe c:\windows\system32\office.exe c:\windows\system32\system32 c:\windows\system32\system32\3DAudio.ax c:\windows\system32\system32\avrt.dll c:\windows\system32\system32\cis-2.4.dll c:\windows\system32\system32\issacapi_bs-2.3.dll c:\windows\system32\system32\issacapi_pe-2.3.dll c:\windows\system32\system32\issacapi_se-2.3.dll c:\windows\system32\system32\MACXMLProto.dll c:\windows\system32\system32\MaDRM.dll c:\windows\system32\system32\MaJGUILib.dll c:\windows\system32\system32\MaJUtilLib.dll c:\windows\system32\system32\MAMACExtract.dll c:\windows\system32\system32\MASetupCaller.dll c:\windows\system32\system32\MASetupCleaner.exe c:\windows\system32\system32\MaXMLProto.dll c:\windows\system32\system32\MetaStore2.dll c:\windows\system32\system32\mfplat.dll c:\windows\system32\system32\Microsoft.Synchronization.dll c:\windows\system32\system32\MK_Lyric.dll c:\windows\system32\system32\MSCLib.dll c:\windows\system32\system32\MSFLib.dll c:\windows\system32\system32\MSLUR71.dll c:\windows\system32\system32\msvcp60.dll c:\windows\system32\system32\MTTELECHIP.dll c:\windows\system32\system32\MTXSYNCICON.dll c:\windows\system32\system32\muzaf1.dll c:\windows\system32\system32\muzapp.dll c:\windows\system32\system32\muzapp.exe c:\windows\system32\system32\muzdecode.ax c:\windows\system32\system32\muzeffect.ax c:\windows\system32\system32\muzmp4sp.ax c:\windows\system32\system32\muzmpgsp.ax c:\windows\system32\system32\muzoggsp.ax c:\windows\system32\system32\muzwmts.dll c:\windows\system32\system32\psapi.dll c:\windows\system32\system32\Synchronization2.dll d:\users\Eigenaar\Desktop\Internet Explorer.lnk . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-09 to 2012-02-09 )))))))))))))))))))))))))))))) . . 2012-02-09 19:21 . 2012-02-09 19:21 -------- d-----w- c:\users\Niels\AppData\Local\temp 2012-02-09 19:21 . 2012-02-09 19:21 -------- d-----w- c:\users\Mieke\AppData\Local\temp 2012-02-09 19:21 . 2012-02-09 19:21 -------- d-----w- c:\users\Inneke\AppData\Local\temp 2012-02-09 19:21 . 2012-02-09 19:21 -------- d-----w- c:\users\Gilles\AppData\Local\temp 2012-02-09 19:21 . 2012-02-09 19:21 -------- d-----w- c:\users\Gast\AppData\Local\temp 2012-02-09 19:21 . 2012-02-09 19:21 -------- d-----w- c:\users\Elke\AppData\Local\temp 2012-02-09 19:21 . 2012-02-09 19:21 -------- d-----w- c:\users\Dieter\AppData\Local\temp 2012-02-09 19:21 . 2012-02-09 19:21 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-09 19:21 . 2012-02-09 19:21 -------- d-----w- c:\users\A***ine\AppData\Local\temp 2012-02-09 12:03 . 2012-02-09 12:04 -------- d-----w- c:\windows\system32\SPReview 2012-02-09 11:29 . 2010-11-20 03:21 8704 ----a-w- c:\windows\system32\riched32.dll 2012-02-09 11:24 . 2012-02-09 11:24 -------- d-----w- c:\windows\system32\EventProviders 2012-02-08 19:02 . 2012-02-08 19:02 388096 ----a-r- c:\users\Eigenaar\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-02-08 18:46 . 2012-02-08 18:46 -------- d-----w- c:\program files\NirSoft 2012-02-07 17:31 . 2012-02-07 17:31 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-07 10:49 . 2012-02-07 10:49 -------- d-----w- c:\program files\Trend Micro 2012-02-02 09:07 . 2012-02-02 09:07 -------- d-----w- c:\windows\system32\SRSLabs 2012-02-02 09:06 . 2009-07-06 13:09 856064 ----a-w- c:\windows\system32\VIAPropPageExt.dll 2012-02-02 09:06 . 2009-07-06 10:03 497664 ----a-w- c:\windows\system32\VIASysFx.dll 2012-02-02 09:06 . 2009-07-09 15:08 1066496 ----a-w- c:\windows\system32\drivers\viahduaa.sys 2012-01-27 14:17 . 2012-01-27 14:17 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\Lite 2012-01-25 23:10 . 2011-11-17 05:32 1038848 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-25 23:10 . 2011-11-17 05:35 314880 ----a-w- c:\windows\system32\webio.dll 2012-01-25 23:10 . 2011-11-17 05:34 224768 ----a-w- c:\windows\system32\schannel.dll 2012-01-25 23:10 . 2011-11-17 05:41 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-01-25 23:10 . 2011-11-17 05:39 369352 ----a-w- c:\windows\system32\drivers\cng.sys 2012-01-25 23:10 . 2011-11-17 05:34 100352 ----a-w- c:\windows\system32\sspicli.dll 2012-01-25 23:10 . 2011-11-17 05:41 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-25 23:10 . 2011-11-17 05:34 15872 ----a-w- c:\windows\system32\sspisrv.dll 2012-01-25 23:10 . 2011-11-17 05:29 22528 ----a-w- c:\windows\system32\lsass.exe 2012-01-25 23:10 . 2011-11-17 05:34 22016 ----a-w- c:\windows\system32\secur32.dll 2012-01-19 19:18 . 2002-04-11 23:00 57344 ----a-w- c:\windows\system32\BRSVC01A.EXE 2012-01-19 19:18 . 2001-12-12 23:01 45056 ----a-w- c:\windows\system32\BRSS01A.EXE 2012-01-19 19:15 . 2004-04-18 22:40 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll 2012-01-19 19:15 . 2004-04-18 22:39 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll 2012-01-19 19:15 . 2004-04-18 22:39 172032 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll 2012-01-19 19:15 . 2004-04-18 22:39 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe 2012-01-19 19:15 . 2004-04-18 22:36 32768 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\Objectps.dll 2012-01-19 19:15 . 2012-01-19 19:15 303236 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll 2012-01-19 19:15 . 2012-01-19 19:15 180356 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll 2012-01-19 19:15 . 2004-04-18 22:42 733184 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll 2012-01-15 11:53 . 2012-01-15 11:53 -------- d-----w- c:\programdata\McAfee 2012-01-11 11:32 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll 2012-01-11 11:32 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll 2012-01-11 11:32 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll 2012-01-11 11:32 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-09 19:57 . 2009-08-23 07:43 45056 ----a-w- c:\windows\system32\acovcnt.exe 2012-02-09 11:54 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2011-12-27 13:22 . 2011-12-27 13:22 4608 ----a-r- c:\users\Eigenaar\AppData\Roaming\Microsoft\Installer\{1636397E-519F-443C-9AF3-2FB044FA59DD}\Icon1636397E.exe 2011-12-10 14:24 . 2009-09-11 20:09 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-01 17:20 . 2011-12-01 17:20 86528 ----a-w- c:\windows\system32\iesysprep.dll 2011-12-01 17:20 . 2011-12-01 17:20 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-12-01 17:20 . 2011-12-01 17:20 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-12-01 17:20 . 2011-12-01 17:20 74752 ----a-w- c:\windows\system32\iesetup.dll 2011-12-01 17:20 . 2011-12-01 17:20 63488 ----a-w- c:\windows\system32\tdc.ocx 2011-12-01 17:20 . 2011-12-01 17:20 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-12-01 17:20 . 2011-12-01 17:20 420864 ----a-w- c:\windows\system32\vbscript.dll 2011-12-01 17:20 . 2011-12-01 17:20 367104 ----a-w- c:\windows\system32\html.iec 2011-12-01 17:20 . 2011-12-01 17:20 35840 ----a-w- c:\windows\system32\imgutil.dll 2011-12-01 17:20 . 2011-12-01 17:20 23552 ----a-w- c:\windows\system32\licmgr10.dll 2011-12-01 17:20 . 2011-12-01 17:20 161792 ----a-w- c:\windows\system32\msls31.dll 2011-12-01 17:20 . 2011-12-01 17:20 152064 ----a-w- c:\windows\system32\wextract.exe 2011-12-01 17:20 . 2011-12-01 17:20 150528 ----a-w- c:\windows\system32\iexpress.exe 2011-12-01 17:20 . 2011-12-01 17:20 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2011-12-01 17:20 . 2011-12-01 17:20 11776 ----a-w- c:\windows\system32\mshta.exe 2011-12-01 17:20 . 2011-12-01 17:20 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-12-01 17:20 . 2011-12-01 17:20 101888 ----a-w- c:\windows\system32\admparse.dll 2011-11-24 21:23 . 2011-11-24 21:23 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys 2011-11-24 21:23 . 2011-11-24 21:23 80184 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2011-11-24 04:25 . 2011-12-15 08:26 2342912 ----a-w- c:\windows\system32\win32k.sys 2011-11-22 10:56 . 2011-07-19 09:23 23376 ----a-w- c:\windows\system32\dopdfmn7.dll 2011-11-22 10:56 . 2011-07-19 09:23 20816 ----a-w- c:\windows\system32\dopdfmi7.dll 2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files\Common Files\CPInstallAction.dll 2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files\Common Files\MSIactionall.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384] "SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-07-09 3417336] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-01 39408] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-01-04 21392] "KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-01-04 937872] "Seedonk"="c:\program files\Seedonk\seedonk.exe" [2011-12-20 3465216] "RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2011-12-29 107000] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 497536] "AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2009-04-03 237568] "ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-08-23 72248] "ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-08-23 3054136] "ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2009-04-07 159744] "ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-06-10 8568832] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936] "HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-04-02 98304] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 1474560] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "Bonus.SSR.FR10"="c:\program files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" [2010-01-17 941320] "F-Secure Manager"="c:\program files\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-01-04 3508624] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680] "tvncontrol"="c:\program files\TightVNC\tvnserver.exe" [2011-08-03 828944] "IsaKbcCertUpdate"="c:\program files\Common Files\Isabel\isa_kbc_certupdate.exe" [2010-07-06 1023576] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "Nikon Message Center 2"="c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-03 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-03 171288] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-03 172824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) "SoftwareSASGeneration"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders credssp.dll, schannel.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-10-28 19:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent] 2010-03-26 08:52 1234216 ----a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2011-04-22 12:21 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe . R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 136176] R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\DRIVERS\CRFILTER.sys [2008-03-07 6656] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-11-24 80184] R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 136176] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 121064] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-11-24 181432] R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1343400] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920] S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2011-08-17 42672] S0 ***laby;***laby;c:\windows\system32\DRIVERS\***laby.sys [2009-06-18 15416] S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 68064] S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2010-12-17 36792] S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2010-12-17 73160] S1 fsvista;F-Secure Vista Support Driver;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-10 814344] S2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2009-03-06 20376] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-26 217088] S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280] S2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-07-09 107744] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592] S2 tvnserver;TightVNC Server;c:\program files\TightVNC\tvnserver.exe [2011-08-03 828944] S2 Viewpoint Service;Viewpoint Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2008-04-04 30152] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-06-12 90624] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2011-09-08 148632] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Telenet Security Pack\ORSP Client\fsorsp.exe [2011-05-23 61088] S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-07-26 36640] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488] S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\srs_PremiumSound_i386.sys [2009-05-18 233512] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-09 1066496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - cycpdxo . Inhoud van de 'Gedeelde Taken' map . 2012-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 05:54] . 2012-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-04-10 05:54] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie mSearch Bar = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Formulieren Invullen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html IE: Formulieren opslaan - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html IE: Menu aanpassen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html IE: RoboForm Werkbalk - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html LSP: c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL Trusted Zone: kbc.be Trusted Zone: kbcgroup.eu Trusted Zone: cbc.be\* Trusted Zone: cbc.be\cbc-pdf Trusted Zone: cbc.be\cbconline Trusted Zone: cbc.be\static Trusted Zone: cbc.be\www Trusted Zone: cbc.eu\* Trusted Zone: cbc.eu\www Trusted Zone: isabel.be\*.IBS6 Trusted Zone: isabel.be\gotoIBS6 Trusted Zone: isabel.be\pki Trusted Zone: isabel.be\www Trusted Zone: isabel.eu Trusted Zone: isabel.eu\ugrade Trusted Zone: isabel.eu\upgrade Trusted Zone: isabel.eu\www Trusted Zone: kbc.be\* Trusted Zone: kbc.be\kbc-pdf Trusted Zone: kbc.be\kbconline Trusted Zone: kbc.be\static Trusted Zone: kbc.be\www Trusted Zone: kbc.com\* Trusted Zone: kbc.com\www Trusted Zone: kbc.eu\* Trusted Zone: kbc.eu\www Trusted Zone: kbcam.be\www Trusted Zone: kbcam.com\www Trusted Zone: kbcbankingforbusiness.com\* Trusted Zone: kbcbankingforbusiness.com\www Trusted Zone: kbcgroup.eu\* Trusted Zone: kbcgroup.eu\multimediafiles Trusted Zone: kbcgroup.eu\www Trusted Zone: kbcmerchantbanking.com\* Trusted Zone: kbcmerchantbanking.com\www TCP: DhcpNameServer = 195.130.130.133 195.130.131.133 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Toolbar-!{081230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file) WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file) WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\program files\AskBarDis\bar\bin\askBar.dll WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) HKCU-Run-AdobeBridge - (no file) AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\cycpdxo] . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(556) c:\program files\telenet security pack\hips\fshook32.dll . - - - - - - - > 'lsass.exe'(584) c:\program files\telenet security pack\hips\fshook32.dll . - - - - - - - > 'Explorer.exe'(5396) c:\program files\telenet security pack\hips\fshook32.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\WUDFHost.exe c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe c:\program files\ATKGFNEX\GFNEXSrv.exe c:\windows\system32\brss01a.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Telenet Security Pack\Anti-Virus\fsgk32st.exe c:\program files\Telenet Security Pack\Anti-Virus\FSGK32.EXE c:\program files\Telenet Security Pack\Common\FSMA32.EXE c:\program files\Telenet Security Pack\Common\FSHDLL32.EXE c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe c:\windows\system32\taskhost.exe c:\program files\ASUS\SmartLogon\sensorsrv.exe c:\program files\P4G\BatteryLife.exe c:\program files\ASUS\ASUS CopyProtect\aspg.exe c:\program files\ASUS\Splendid\ACMON.exe c:\program files\ASUS\ATK Hotkey\HControl.exe c:\program files\ASUS\Wireless Console 3\wcourier.exe c:\windows\System32\ACEngSvr.exe c:\program files\Telenet Security Pack\FWES\Program\fsdfwd.exe c:\windows\servicing\TrustedInstaller.exe c:\program files\Telenet Security Pack\Anti-Virus\fssm32.exe c:\windows\system32\conhost.exe c:\program files\Telenet Security Pack\Anti-Virus\fsav32.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Voltooingstijd: 2012-02-09 21:05:16 - machine werd herstart ComboFix-quarantined-files.txt 2012-02-09 20:05 . Pre-Run: 70.212.902.912 bytes beschikbaar Post-Run: 70.385.864.704 bytes beschikbaar . - - End Of File - - 11E1D4A5D3F0B1E76EED73915F99F0CC
- 9 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Heb de items gefixed alhoewel er nog 2 in de log blijven staan Gebruik niet echt graag de updates zolang alles naar behoren werkt, maar zal service pack 1 nu installeren Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:15:50, on 9/02/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe C:\Program files\P4G\BatteryLife.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe C:\Windows\AsScrPro.exe C:\Program Files\ASUS\ATK Media\DMedia.exe C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Telenet Security Pack\Common\FSM32.EXE C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\Program Files\TightVNC\tvnserver.exe C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Windows\System32\igfxpers.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Seedonk\seedonk.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll O3 - Toolbar: (no name) - !{081230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file) O3 - Toolbar: (no name) - !{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - (no file) O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bonus.SSR.FR10] "C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Security Pack\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave O4 - HKLM\..\Run: [isaKbcCertUpdate] C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [sRS Premium Sound] "C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" /hideme O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [seedonk] "C:\Program Files\Seedonk\seedonk.exe" -silent O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Formulieren Invullen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.kbc.be O15 - Trusted Zone: *.kbcgroup.eu O15 - Trusted Zone: http://*.cbc.be (HKLM) O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM) O15 - Trusted Zone: CBC (HKLM) O15 - Trusted Zone: http://*.cbc.eu (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://ugrade.isabel.eu (HKLM) O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://*.isabel.eu (HKLM) O15 - Trusted Zone: http://*.kbc.be (HKLM) O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM) O15 - Trusted Zone: KBC (HKLM) O15 - Trusted Zone: http://*.kbc.com (HKLM) O15 - Trusted Zone: http://*.kbc.eu (HKLM) O15 - Trusted Zone: KBC Asset Management (HKLM) O15 - Trusted Zone: http://www.kbcam.com (HKLM) O15 - Trusted Zone: http://*.kbcbankingforbusiness.com (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O15 - Trusted Zone: http://*.kbcgroup.eu (HKLM) O15 - Trusted Zone: http://*.kbcmerchantbanking.com (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: WebEx Service Host for Support Center (atashost) - WebEx Communications, Inc. - C:\Windows\system32\atashost.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\ORSP Client\fsorsp.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe O23 - Service: Viewpoint Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 15691 bytes
- 9 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Had alles uitgevoerd maar kon de map niet verwijderen omdat deze in gebruik waren. Ben naar Windows taakbeheer gegaan, services en daar beide stopgezet. Daarna kon ik de map wel verwijderen. ALs ik nu de door u vernoemde commando's wil uitvoeren krijg ik de melding toegang geweigerd. Betekent dit dat alles verwijdert is of heb ik een ander probleem ? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:34:53, on 9/02/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe C:\Program files\P4G\BatteryLife.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe C:\Windows\AsScrPro.exe C:\Program Files\ASUS\ATK Media\DMedia.exe C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Telenet Security Pack\Common\FSM32.EXE C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\Program Files\TightVNC\tvnserver.exe C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Windows\System32\igfxpers.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Seedonk\seedonk.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll O3 - Toolbar: (no name) - !{081230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file) O3 - Toolbar: (no name) - !{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - (no file) O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bonus.SSR.FR10] "C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Security Pack\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave O4 - HKLM\..\Run: [isaKbcCertUpdate] C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [sRS Premium Sound] "C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" /hideme O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [seedonk] "C:\Program Files\Seedonk\seedonk.exe" -silent O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Formulieren Invullen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.kbc.be O15 - Trusted Zone: *.kbcgroup.eu O15 - Trusted Zone: http://*.cbc.be (HKLM) O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM) O15 - Trusted Zone: CBC (HKLM) O15 - Trusted Zone: http://*.cbc.eu (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://ugrade.isabel.eu (HKLM) O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://*.isabel.eu (HKLM) O15 - Trusted Zone: http://*.kbc.be (HKLM) O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM) O15 - Trusted Zone: KBC (HKLM) O15 - Trusted Zone: http://*.kbc.com (HKLM) O15 - Trusted Zone: http://*.kbc.eu (HKLM) O15 - Trusted Zone: KBC Asset Management (HKLM) O15 - Trusted Zone: http://www.kbcam.com (HKLM) O15 - Trusted Zone: http://*.kbcbankingforbusiness.com (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O15 - Trusted Zone: http://*.kbcgroup.eu (HKLM) O15 - Trusted Zone: http://*.kbcmerchantbanking.com (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe (file missing) O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: WebEx Service Host for Support Center (atashost) - WebEx Communications, Inc. - C:\Windows\system32\atashost.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\ORSP Client\fsorsp.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe O23 - Service: Viewpoint Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 15797 bytes
- 9 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.02.09.03 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 Eigenaar :: GUY-LAPTOP [administrator] 9/02/2012 9:16:05 mbam-log-2012-02-09 (09-16-05).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 336486 Verstreken tijd: 7 minuut/minuten, 24 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) ---------- Post toegevoegd om 09:29 ---------- Vorige post was om 09:27 ---------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:28:38, on 9/02/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe C:\Program files\P4G\BatteryLife.exe C:\Windows\system32\taskeng.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe C:\Windows\AsScrPro.exe C:\Program Files\ASUS\ATK Media\DMedia.exe C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Telenet Security Pack\Common\FSM32.EXE C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\TightVNC\tvnserver.exe C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll O3 - Toolbar: (no name) - !{081230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file) O3 - Toolbar: (no name) - !{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - (no file) O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bonus.SSR.FR10] "C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Security Pack\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave O4 - HKLM\..\Run: [isaKbcCertUpdate] C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [sRS Premium Sound] "C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" /hideme O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [seedonk] "C:\Program Files\Seedonk\seedonk.exe" -silent O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Formulieren Invullen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.kbc.be O15 - Trusted Zone: *.kbcgroup.eu O15 - Trusted Zone: http://*.cbc.be (HKLM) O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM) O15 - Trusted Zone: CBC (HKLM) O15 - Trusted Zone: http://*.cbc.eu (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://ugrade.isabel.eu (HKLM) O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://*.isabel.eu (HKLM) O15 - Trusted Zone: http://*.kbc.be (HKLM) O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM) O15 - Trusted Zone: KBC (HKLM) O15 - Trusted Zone: http://*.kbc.com (HKLM) O15 - Trusted Zone: http://*.kbc.eu (HKLM) O15 - Trusted Zone: KBC Asset Management (HKLM) O15 - Trusted Zone: http://www.kbcam.com (HKLM) O15 - Trusted Zone: http://*.kbcbankingforbusiness.com (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O15 - Trusted Zone: http://*.kbcgroup.eu (HKLM) O15 - Trusted Zone: http://*.kbcmerchantbanking.com (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe (file missing) O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: WebEx Service Host for Support Center (atashost) - WebEx Communications, Inc. - C:\Windows\system32\atashost.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\ORSP Client\fsorsp.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe O23 - Service: Viewpoint Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 15926 bytes
- 9 februari 2012
- 45 antwoorden
Adobe Flash Player

Guy9910 reageerde op Guy9910's topic in Archief Windows Algemeen

CCleaner uitgevoerd. Hijack this : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:44:01, on 8/02/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe C:\Program files\P4G\BatteryLife.exe C:\Windows\system32\taskeng.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe C:\Windows\AsScrPro.exe C:\Program Files\ASUS\ATK Media\DMedia.exe C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Telenet Security Pack\Common\FSM32.EXE C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\TightVNC\tvnserver.exe C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Seedonk\seedonk.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: Download Energy Toolbar - {ad708c09-d51b-45b3-9d28-4eba2681febf} - C:\Program Files\Download_Energy\tbDown.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll O3 - Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file) O3 - Toolbar: (no name) - !{081230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file) O3 - Toolbar: (no name) - !{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - (no file) O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bonus.SSR.FR10] "C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Security Pack\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave O4 - HKLM\..\Run: [isaKbcCertUpdate] C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [sRS Premium Sound] "C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" /hideme O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [seedonk] "C:\Program Files\Seedonk\seedonk.exe" -silent O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &FreeRIP Search - res://C:\Program Files\FreeRIP3\toolband.dll/MENUSEARCH.HTM O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Formulieren Invullen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file) O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.kbc.be O15 - Trusted Zone: *.kbcgroup.eu O15 - Trusted Zone: http://*.cbc.be (HKLM) O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM) O15 - Trusted Zone: CBC (HKLM) O15 - Trusted Zone: http://*.cbc.eu (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://ugrade.isabel.eu (HKLM) O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM) O15 - Trusted Zone: Welcome to Isabel (HKLM) O15 - Trusted Zone: http://*.isabel.eu (HKLM) O15 - Trusted Zone: http://*.kbc.be (HKLM) O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM) O15 - Trusted Zone: KBC (HKLM) O15 - Trusted Zone: http://*.kbc.com (HKLM) O15 - Trusted Zone: http://*.kbc.eu (HKLM) O15 - Trusted Zone: KBC Asset Management (HKLM) O15 - Trusted Zone: http://www.kbcam.com (HKLM) O15 - Trusted Zone: http://*.kbcbankingforbusiness.com (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O15 - Trusted Zone: http://*.kbcgroup.eu (HKLM) O15 - Trusted Zone: http://*.kbcmerchantbanking.com (HKLM) O15 - Trusted Zone: KBC Merchant Banking (HKLM) O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab O16 - DPF: {10000000-1000-1000-1000-100000000000} - http://cdn.betteradvertising.com/ghostery/addons/ie/2.4.2.0/ghostery.cab O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file) O20 - AppInit_DLLs: O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: WebEx Service Host for Support Center (atashost) - WebEx Communications, Inc. - C:\Windows\system32\atashost.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\ORSP Client\fsorsp.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe O23 - Service: Viewpoint Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 17593 bytes
- 8 februari 2012
- 45 antwoorden

Inloggen

Profielen

Forums

Store

Alles dat geplaatst werd door Guy9910

OVER ONS

SITEMAP

Belangrijke informatie