Silassiai

16 oktober 2012

en nog als laatste info, het is een Eee pc 1000h

16 oktober 2012

Ze is trouwens voor 3 maanden in het buitenland en heeft geen windows cd bij de hand

16 oktober 2012

ComboFix 12-10-16.02 - Silas 16-10-2012 16:12:53.2.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3982.2500 [GMT 2:00]

Gestart vanuit: c:\users\Silas\Desktop\ComboFix.exe

AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}

SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-16 to 2012-10-16 ))))))))))))))))))))))))))))))

.

2012-10-16 14:19 . 2012-10-16 14:19 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-10-16 14:19 . 2012-10-16 14:19 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2012-10-13 19:43 . 2012-10-16 13:44 -------- d-----w- c:\users\Silas\AppData\Local\Spotify

2012-10-13 19:43 . 2012-10-16 13:44 -------- d-----w- c:\users\Silas\AppData\Roaming\Spotify

2012-10-12 22:27 . 2012-10-12 22:27 -------- d-----w- c:\users\Silas\AppData\Local\Deployment

2012-10-12 22:27 . 2012-10-12 22:27 -------- d-----w- c:\users\Silas\AppData\Local\Apps

2012-10-12 15:17 . 2012-10-12 15:17 -------- d-----w- c:\users\Silas\AppData\Local\AVG Secure Search

2012-10-12 14:27 . 2012-10-12 14:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-10-12 14:27 . 2012-10-12 14:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2012-10-12 14:27 . 2012-10-12 14:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2012-10-12 14:27 . 2012-10-12 14:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2012-10-12 14:27 . 2012-10-12 14:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2012-10-12 14:27 . 2012-10-12 14:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2012-10-12 14:27 . 2012-10-12 14:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2012-10-12 14:26 . 2012-10-12 14:27 -------- d-----w- c:\program files (x86)\QuickTime

2012-10-12 14:16 . 2012-10-12 14:16 -------- d-----w- c:\users\Silas\AppData\Roaming\Sony Creative Software Inc

2012-10-12 14:13 . 2012-10-12 14:13 -------- d-----w- c:\users\Silas\AppData\Roaming\Publish Providers

2012-10-12 14:01 . 2012-10-13 16:15 -------- d-----w- c:\program files (x86)\Sony

2012-10-12 14:01 . 2012-10-12 14:17 -------- d-----w- c:\users\Silas\AppData\Local\Sony

2012-10-12 14:01 . 2012-10-12 14:16 -------- d-----w- c:\programdata\Sony

2012-10-12 14:00 . 2012-10-12 14:17 -------- d-----w- c:\users\Silas\AppData\Roaming\Sony

2012-10-11 16:08 . 2012-10-11 16:08 -------- d-----w- c:\users\Silas\AppData\Local\ElevatedDiagnostics

2012-10-11 15:54 . 2012-10-11 15:54 -------- d-----w- c:\users\Silas\AppData\Roaming\PACE Anti-Piracy

2012-10-11 15:54 . 2012-10-11 15:54 -------- d-----w- c:\users\Silas\AppData\Local\PACE Anti-Piracy

2012-10-11 15:54 . 2012-10-11 15:54 -------- d-----w- c:\programdata\PACE Anti-Piracy

2012-10-11 15:36 . 2012-10-11 15:36 -------- d-----w- c:\programdata\regid.1986-12.com.adobe

2012-10-11 15:29 . 2011-10-17 01:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys

2012-10-11 15:29 . 2011-11-03 01:01 56208 ------w- c:\windows\system32\drivers\PxHlpa64.sys

2012-10-11 15:29 . 2011-10-17 01:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys

2012-10-11 15:29 . 2012-10-11 15:29 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared

2012-10-11 15:29 . 2012-10-11 15:29 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine

2012-10-11 15:29 . 2012-10-11 15:29 -------- d-----w- c:\program files (x86)\My Company Name

2012-10-11 15:26 . 2012-10-11 15:26 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR

2012-10-11 15:25 . 2012-10-11 15:36 -------- d-----w- c:\program files\Adobe

2012-10-11 15:22 . 2012-10-11 15:36 -------- d-----w- c:\program files\Common Files\Adobe

2012-10-10 22:31 . 2012-10-12 11:01 -------- d-----w- c:\programdata\AVG Secure Search

2012-10-10 11:50 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-10-10 11:50 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-10-10 11:50 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-10-09 21:52 . 2012-10-09 21:52 -------- d-----w- C:\$AVG

2012-10-09 21:44 . 2012-10-09 21:44 -------- d-----w- c:\users\Silas\AppData\Roaming\AVG2012

2012-10-09 21:44 . 2012-10-12 11:01 -------- d-----w- c:\program files (x86)\AVG Secure Search

2012-10-09 21:44 . 2012-10-12 11:01 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search

2012-10-09 21:44 . 2012-10-09 21:44 -------- d-----w- c:\windows\SysWow64\drivers\AVG

2012-10-09 21:43 . 2012-10-16 08:27 -------- d-----w- c:\windows\system32\drivers\AVG

2012-10-09 21:43 . 2012-10-09 21:57 -------- d-----w- c:\programdata\AVG2012

2012-10-09 21:43 . 2012-10-09 21:43 -------- d-----w- c:\program files (x86)\AVG

2012-10-09 21:39 . 2012-10-16 10:01 -------- d-----w- c:\programdata\MFAData

2012-10-09 20:36 . 2012-10-09 20:36 -------- d--h--w- c:\programdata\Common Files

2012-10-09 13:02 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BC6A1FAE-6BC0-492F-8B3E-C1E097660E63}\mpengine.dll

2012-10-04 21:03 . 2012-05-29 18:46 34656 ----a-w- c:\windows\system32\TURegOpt.exe

2012-10-04 21:03 . 2012-05-29 18:46 25952 ----a-w- c:\windows\system32\authuitu.dll

2012-10-04 21:03 . 2012-05-29 18:46 21344 ----a-w- c:\windows\SysWow64\authuitu.dll

2012-10-04 21:03 . 2012-10-04 21:03 -------- d-----w- c:\users\Silas\AppData\Roaming\TuneUp Software

2012-10-04 21:03 . 2012-10-16 13:40 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012

2012-10-04 21:02 . 2012-10-04 21:03 -------- d-----w- c:\programdata\TuneUp Software

2012-10-04 21:01 . 2012-10-04 21:01 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2012-10-04 20:30 . 2012-10-04 20:30 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation

2012-10-04 20:30 . 2012-10-04 20:30 -------- d-----w- c:\users\Silas\AppData\Roaming\Intel Corporation

2012-10-04 19:49 . 2012-10-04 20:42 -------- d-----w- c:\programdata\DriverGenius

2012-10-04 19:49 . 2012-10-04 19:49 -------- d-----w- c:\program files (x86)\Driver-Soft

2012-10-02 18:48 . 2012-10-02 18:48 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services

2012-09-28 12:53 . 2012-09-28 12:53 -------- d-----w- c:\users\Silas\AppData\Local\Diagnostics

2012-09-27 14:23 . 2012-09-27 14:35 -------- d-----w- C:\aws

2012-09-26 11:12 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2012-09-24 19:08 . 2012-09-24 19:08 -------- d-----r- C:\MSOCache

2012-09-23 19:31 . 2012-09-23 19:48 -------- d-----w- c:\programdata\VirtualizedApplications

2012-09-23 17:08 . 2012-09-23 17:08 -------- d-----w- c:\users\Silas\AppData\Local\SoftGrid Client

2012-09-23 17:08 . 2012-10-02 19:06 -------- d-----w- c:\users\Silas\AppData\Roaming\SoftGrid Client

2012-09-23 17:04 . 2012-09-23 17:04 -------- d-----w- c:\program files\Microsoft Office

2012-09-23 17:04 . 2012-09-23 17:08 -------- d-----w- c:\users\Silas\AppData\Roaming\TP

2012-09-23 15:07 . 2012-08-24 10:39 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-09-17 19:03 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll

2012-09-17 15:51 . 2012-09-17 15:51 -------- d-----w- c:\users\Silas\AppData\Local\Microsoft Games

2012-09-16 21:46 . 2012-09-16 21:47 -------- d-----w- c:\users\Silas\AppData\Local\MagicCamera

2012-09-16 21:46 . 2012-09-16 21:46 -------- d-----w- c:\program files (x86)\ShiningMorning

2012-09-16 19:26 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll

2012-09-16 19:26 . 2006-07-28 07:31 83736 ----a-w- c:\windows\system32\xinput1_2.dll

2012-09-16 19:26 . 2006-07-28 07:30 363288 ----a-w- c:\windows\system32\xactengine2_3.dll

2012-09-16 19:26 . 2006-07-28 07:30 236824 ----a-w- c:\windows\SysWow64\xactengine2_3.dll

2012-09-16 19:26 . 2006-07-28 07:30 62744 ----a-w- c:\windows\SysWow64\xinput1_2.dll

2012-09-16 19:26 . 2006-05-31 05:22 354072 ----a-w- c:\windows\system32\xactengine2_2.dll

2012-09-16 19:26 . 2006-03-31 10:39 83664 ----a-w- c:\windows\system32\xinput1_1.dll

2012-09-16 19:26 . 2006-03-31 10:40 352464 ----a-w- c:\windows\system32\xactengine2_1.dll

2012-09-16 18:07 . 2012-09-16 19:22 -------- d-----w- c:\program files (x86)\Common Files\Steam

2012-09-16 16:51 . 2009-02-24 16:35 255552 ----a-w- c:\windows\SysWow64\drivers\mcdbus.sys

2012-09-16 16:51 . 2009-02-24 16:35 255552 ----a-w- c:\windows\system32\drivers\mcdbus.sys

2012-09-16 16:51 . 2012-09-16 16:52 -------- d-----w- c:\program files (x86)\MagicDisc

2012-09-16 15:07 . 2012-10-16 13:43 380 ----a-w- c:\users\Silas\AppData\Roaming\sp_data.sys

2012-09-16 14:36 . 2012-04-20 14:05 224384 ----a-w- c:\program files\Windows Sidebar\Shared Gadgets\InstantOnTM.gadget\InstantOnCOM.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-11 01:02 . 2012-09-11 08:21 65309168 ----a-w- c:\windows\system32\MRT.exe

2012-10-08 20:37 . 2012-09-10 14:42 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-08 20:37 . 2012-09-10 14:42 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-09-10 20:30 . 2011-03-29 02:36 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-08-24 13:43 . 2012-08-24 13:43 384352 ----a-w- c:\windows\system32\drivers\avgtdia.sys

2012-08-22 18:12 . 2012-09-12 10:27 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-08-22 18:12 . 2012-09-12 10:27 950128 ----a-w- c:\windows\system32\drivers\ndis.sys

2012-08-22 18:12 . 2012-09-12 10:27 376688 ----a-w- c:\windows\system32\drivers\netio.sys

2012-08-22 18:12 . 2012-09-12 10:27 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-08-20 17:38 . 2012-10-10 11:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-08-02 17:58 . 2012-09-12 10:27 574464 ----a-w- c:\windows\system32\d3d10level9.dll

2012-08-02 16:57 . 2012-09-12 10:27 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll

2012-07-26 01:21 . 2012-07-26 01:21 291680 ----a-w- c:\windows\system32\drivers\avgldx64.sys

2012-07-18 18:15 . 2012-09-10 20:01 3148800 ----a-w- c:\windows\system32\win32k.sys

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-10-12 11:01 2074208 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-10-12 2074208]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"Spotify"="c:\users\Silas\AppData\Roaming\Spotify\Spotify.exe" [2012-10-13 5576408]

"Spotify Web Helper"="c:\users\Silas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-10-13 1193176]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-02-24 3331312]

"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]

"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-02 2321072]

"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-06-25 322208]

"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-06-19 174752]

"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]

"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-02-21 102568]

"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe" [2012-08-03 740736]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-06-22 56128]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-10-12 1107552]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"Driver Genius"=

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"

.

R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2012-06-13 2321560]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-08-13 5167736]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 116648]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]

R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-05-21 276288]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 116648]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-11 1255736]

R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]

S0 iusb3hcs;Intel® USB 3.0 hostcontrollerswitch-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-05-20 19264]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]

S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]

S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-22 48992]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-07-26 291680]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-03 379520]

S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]

S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-06-22 13632]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]

S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2011-12-16 128280]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]

S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-16 363800]

S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-10-12 935008]

S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2012-02-29 17152]

S3 ALSysIO;ALSysIO;c:\users\Silas\AppData\Local\Temp\ALSysIO64.sys [x]

S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys [2011-12-21 35968]

S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys [2011-11-08 16512]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-02-19 200488]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-02-20 331264]

S3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]

S3 iusb3xhc;Intel® USB 3.0 uitbreidbare hostcontroller-stuurprogramma;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]

S3 MEIx64;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]

S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys [2012-02-01 292968]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-20 11856]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - TUNEUPUTILITIESDRV

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-16 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-10 20:37]

.

2012-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 13:53]

.

2012-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 13:53]

.

2012-10-16 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job

- c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]

.

2012-10-15 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

- c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"

[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]

2012-08-03 09:39 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{64174815-8D98-4CE6-8646-4C039977D808}"

[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]

2012-08-03 09:39 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]

@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"

[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]

2012-08-03 09:39 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-05-21 170304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-05-21 398656]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-05-21 440128]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://asus.msn.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.2.254

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-10-16 16:20:36

ComboFix-quarantined-files.txt 2012-10-16 14:20

ComboFix2.txt 2012-10-14 13:17

.

Pre-Run: 53.470.973.952 bytes beschikbaar

Post-Run: 53.137.825.792 bytes beschikbaar

.

- - End Of File - - E95A800D990B48C46388CC28831BD8B1

16 oktober 2012

Via bios misschien een mogelijkheid?

16 oktober 2012

Wie kan mij helpen?

Een vriendin van mij was de stuurprogramma van haar interne webcam aan het bijwerken via apparaatbeheer.

Tijdens dit proces is haar laptop uitgevallen omdat de accu leeg was.

Nu kan ze windows niet meer opstarten.

ze komt steeds terug in het scherm van dat je kan kiezen tussen veilige modus en normale modus enz.

Het maakt niet uit welke keuze ze maakt, hij komt iedere keer weer terug op dit scherm.

Hoe nu verder??

16 oktober 2012

in mijn programdata vind ik de map {32364CEA-7855 enz.} niet meer terug.

Wel zie ik in deze map de submap {93E26451-CD9A-43A5-A2FA-C42392EA4001} terug.

Hier in bevind zich onder andere difxinstal64. Is het nodig deze map te verwijderen?

De stappen met ccleaner doe ik momenteel wekelijks en chrome heb ik ook opnieuw geinstalleerd, maar heeft helaas het probleem niet verholpen.

14 oktober 2012

correctie, bij facebook heb ik het niet.

ik heb het als ik hier 'Instruct-Online'' mijn huiswerk maak.

Met firefox heb ik dit probleem niet.

14 oktober 2012

ComboFix 12-10-14.03 - Silas 14-10-2012 15:09:48.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3982.1444 [GMT 2:00]

Gestart vanuit: c:\users\Silas\Desktop\ComboFix.exe

AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}

SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\programdata\FullRemove.exe

c:\windows\msvcr71.dll

c:\windows\SysWow64\FlashPlayerInstaller.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-14 to 2012-10-14 ))))))))))))))))))))))))))))))

.

2012-10-14 13:15 . 2012-10-14 13:15 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-10-13 19:43 . 2012-10-14 12:58 -------- d-----w- c:\users\Silas\AppData\Local\Spotify

2012-10-13 19:43 . 2012-10-14 11:18 -------- d-----w- c:\users\Silas\AppData\Roaming\Spotify