Ga naar inhoud

rocadoja

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    2

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Berichten die geplaatst zijn door rocadoja

    PC Traag

    in Archief Windows Algemeen

    Geplaatst:

    ComboFix 12-04-09.05 - Gebruiker 09-04-2012 21:01:55.1.1 - x64

    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2559.1347 [GMT 2:00]

    Gestart vanuit: c:\users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q48GT5CE\ComboFix.exe

    AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

    FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

    SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    Besmet exemplaar van c:\windows\SysWow64\ddraw.dll werd aangetroffen en gedesinfecteerd

    Hersteld exemplaar van - c:\combofix\HarddiskVolumeShadowCopy5_!Windows!SysWOW64!ddraw.dll

    .

    .

    (((((((((((((((((((( Bestanden Gemaakt van 2012-03-09 to 2012-04-09 ))))))))))))))))))))))))))))))

    .

    .

    2012-04-09 17:51 . 2012-04-09 17:51 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Malwarebytes

    2012-04-09 17:51 . 2012-04-09 17:51 -------- d-----w- c:\programdata\Malwarebytes

    2012-04-09 17:51 . 2012-04-09 17:51 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

    2012-04-09 17:51 . 2011-12-10 13:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

    2012-04-08 10:20 . 2012-04-08 10:20 53248 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

    2012-04-05 20:13 . 2012-04-05 20:13 8738464 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

    2012-04-05 19:59 . 2012-04-05 20:13 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

    2012-03-26 21:01 . 2012-03-26 21:01 388096 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

    2012-03-26 21:01 . 2012-03-26 21:01 -------- d-----w- c:\program files (x86)\Trend Micro

    2012-03-23 00:01 . 2012-03-23 00:02 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Belastingdienst

    2012-03-22 23:59 . 2012-03-22 23:59 -------- d-----w- c:\program files (x86)\Belastingdienst

    2012-03-20 22:55 . 2012-03-20 22:55 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll

    2012-03-20 22:55 . 2012-03-20 22:55 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll

    2012-03-17 20:14 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe

    2012-03-17 20:14 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

    2012-03-17 20:14 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

    2012-03-17 20:04 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys

    2012-03-17 20:04 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll

    2012-03-17 20:04 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

    2012-03-17 20:04 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

    2012-03-17 20:04 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll

    2012-03-17 20:04 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

    2012-03-17 20:04 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll

    2012-03-17 20:04 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

    2012-03-17 20:04 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll

    2012-03-17 20:04 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

    2012-03-17 20:04 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

    .

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2012-04-05 20:13 . 2011-11-09 23:09 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

    2012-03-04 21:21 . 2012-03-04 21:22 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll

    2012-03-04 21:21 . 2011-09-17 11:12 1490656 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll

    2012-01-18 06:44 . 2012-01-18 06:44 351136 ----a-w- c:\windows\system32\drivers\lvrs64.sys

    2012-01-18 04:44 . 2012-01-18 04:44 540960 ----a-w- c:\windows\SysWow64\LVUI2RC.dll

    2012-01-18 04:44 . 2012-01-18 04:44 545056 ----a-w- c:\windows\SysWow64\LVUI2.dll

    2012-01-18 04:44 . 2012-01-18 04:44 561440 ----a-w- c:\windows\system32\LVUIRC64.dll

    2012-01-18 04:44 . 2012-01-18 04:44 4865568 ----a-w- c:\windows\system32\drivers\lvuvc64.sys

    2012-01-18 04:44 . 2012-01-18 04:44 769312 ----a-w- c:\windows\system32\LVUI64.dll

    2012-01-18 04:44 . 2012-01-18 04:44 307488 ----a-w- c:\windows\SysWow64\lvcodec2.dll

    2012-01-18 04:44 . 2012-01-18 04:44 263456 ----a-w- c:\windows\system32\lvco13311044.dll

    2012-01-18 04:44 . 2012-01-18 04:44 176416 ----a-w- c:\windows\system32\lvcod64.dll

    2012-01-18 04:44 . 2012-01-18 04:44 336408 ----a-w- c:\windows\SysWow64\DevManagerCore.dll

    2012-01-18 04:44 . 2012-01-18 04:44 336408 ----a-w- c:\windows\system32\DevManagerCore.dll

    2012-01-18 04:44 . 2012-01-18 04:44 10920984 ----a-w- c:\windows\SysWow64\LogiDPP.dll

    2012-01-18 04:44 . 2012-01-18 04:44 10920984 ----a-w- c:\windows\system32\LogiDPP.dll

    2012-01-18 04:44 . 2012-01-18 04:44 104472 ----a-w- c:\windows\SysWow64\LogiDPPApp.exe

    2012-01-18 04:44 . 2012-01-18 04:44 104472 ----a-w- c:\windows\system32\LogiDPPApp.exe

    .

    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    REGEDIT4

    .

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

    "Live! Central 3"="c:\program files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe" [2011-04-08 503955]

    "LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]

    .

    c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

    Logitech . Productregistratie.lnk - c:\program files (x86)\Logitech\Ereg\eReg.exe [2009-11-16 517384]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "ConsentPromptBehaviorAdmin"= 0 (0x0)

    "ConsentPromptBehaviorUser"= 0 (0x0)

    "EnableLUA"= 0 (0x0)

    "EnableUIADesktopToggle"= 0 (0x0)

    .

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

    "NoResolveTrack"= 1 (0x1)

    .

    R0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [x]

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 253600]

    R3 b06diag;Broadcom NetXtreme II Diag Driver;c:\windows\system32\drivers\bxdiaga.sys [x]

    R3 BFN7x64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\Xeno7x64.sys [x]

    R3 BFNVis64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\XenoVa64.sys [x]

    R3 BXOIS;BXOIS;c:\windows\system32\drivers\bxois.sys [x]

    R3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys [x]

    R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]

    R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [x]

    R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]

    R3 IAMTVE;Stuurprogramma voor Intel® Active Management Technology - KCS;c:\windows\system32\drivers\IAMTVE.sys [x]

    R3 IAMTXPE;Stuurprogramma voor Intel® Active Management Technology - KCS;c:\windows\system32\drivers\IAMTXPE.sys [x]

    R3 IFCoEMP;IFCoEMP;c:\windows\system32\drivers\ifM60x64.sys [x]

    R3 IFCoEVB;IFCoEVB;c:\windows\system32\drivers\ifP60X64.sys [x]

    R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [x]

    R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [x]

    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]

    R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

    R3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [x]

    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

    R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]

    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

    R3 V0560Vid;Creative Live! Cam Optia AF Driver;c:\windows\system32\DRIVERS\V0560Vid.sys [x]

    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

    S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]

    S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

    S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]

    S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]

    S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]

    S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-08-09 974944]

    S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-03 2358656]

    S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]

    S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]

    S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]

    S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]

    S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]

    S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys [x]

    .

    .

    --- Andere Services/Drivers In Geheugen ---

    .

    *NewlyCreated* - WS2IFSL

    .

    Inhoud van de 'Gedeelde Taken' map

    .

    2012-04-09 c:\windows\Tasks\Adobe Flash Player Updater.job

    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 20:13]

    .

    .

    --------- x86-64 -----------

    .

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-08-09 4030008]

    "SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]

    "NvSvc"="c:\windows\system32\nvsvc64.dll" [2006-10-09 57344]

    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-09 9793024]

    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-09 73728]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

    "LoadAppInit_DLLs"=0x0

    .

    ------- Bijkomende Scan -------

    .

    uLocal Page = c:\windows\system32\blank.htm

    uStart Page = hxxp://www.google.nl/

    mLocal Page = c:\windows\SysWOW64\blank.htm

    IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

    TCP: DhcpNameServer = 192.168.178.1

    FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ki4ov7n2.default\

    .

    - - - - ORPHANS VERWIJDERD - - - -

    .

    Toolbar-Locked - (no file)

    Toolbar-Locked - (no file)

    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

    .

    .

    .

    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

    @Denied: (A 2) (Everyone)

    @="FlashBroker"

    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

    "Enabled"=dword:00000001

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

    @Denied: (A 2) (Everyone)

    @="Shockwave Flash Object"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"

    "ThreadingModel"="Apartment"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

    @="0"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

    @="ShockwaveFlash.ShockwaveFlash.11"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

    @="1.0"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

    @="ShockwaveFlash.ShockwaveFlash"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

    @Denied: (A 2) (Everyone)

    @="Macromedia Flash Factory Object"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"

    "ThreadingModel"="Apartment"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

    @="FlashFactory.FlashFactory.1"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

    @="1.0"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

    @="FlashFactory.FlashFactory"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

    @Denied: (A 2) (Everyone)

    @="IFlashBroker4"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

    @="{00020424-0000-0000-C000-000000000046}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    "Version"="1.0"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

    @Denied: (Full) (Everyone)

    .

    ------------------------ Andere Aktieve Processen ------------------------

    .

    c:\windows\SOUNDMAN.EXE

    .

    **************************************************************************

    .

    Voltooingstijd: 2012-04-09 21:19:18 - machine werd herstart

    ComboFix-quarantined-files.txt 2012-04-09 19:19

    .

    Pre-Run: 50.087.997.440 bytes beschikbaar

    Post-Run: 49.700.376.576 bytes beschikbaar

    .

    - - End Of File - - 740551200E1F05C8FA50849B6B05F131

    PC Traag

    in Archief Windows Algemeen

    Geplaatst:

    Beste mede forum leden

    Ik heb een Pc draaien die erg traag is voor zijn componenten.

    AMD Athlon 64 Processor 3000+

    2,5gb Geheugen

    classificatie 3,5

    draaiend windows 7 ultimate x64 sp1.

    maar draait echt niet lekker. sloom traag....... loopt vast bij het gebruik van een hd webcam.

    heb hier gelijk even een Hijackthis log geplaatst.

    Hopenlijk kan iemand mij helpen met een evt. antwoord/oplossing

    mvg. Rob

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 19:45:42, on 9-4-2012

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v9.00 (9.00.8112.16421)

    Boot mode: Normal

    Running processes:

    C:\Windows\SOUNDMAN.EXE

    C:\Program Files (x86)\Skype\Phone\Skype.exe

    C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

    C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe

    C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com?

    LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    F2 - REG:system.ini: UserInit=userinit.exe

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:

    \PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common

    Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

    O4 - HKLM\..\Run: [Live! Central 3] "C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central

    3\CTLVCentral3.exe" /mode2

    O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

    O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

    O4 - Startup: Logitech . Productregistratie.lnk = C:\Program Files (x86)\Logitech\Ereg\eReg.exe

    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files

    (x86)\Microsoft Office\Office14\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files

    (x86)\Microsoft Office\Office14\ONBttnIE.dll

    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files

    (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program

    Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files

    \Microsoft Shared\OFFICE14\MSOXMLMF.DLL

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:

    \Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file

    missing)

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file

    missing)

    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file

    missing)

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe

    (file missing)

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows

    \system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

    (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file

    missing)

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

    (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

    (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe

    (file missing)

    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer

    \Version6\TeamViewer_Service.exe

    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer

    \Version7\TeamViewer_Service.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows

    \system32\UI0Detect.exe (file missing)

    O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe

    (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file

    missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file

    missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows

    \system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem

    \WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program

    Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --

    End of file - 7217 bytes

Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.