Ga naar inhoud

Stefandb

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    8

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Berichten die geplaatst zijn door Stefandb

    windows wisselt van venster

    in Archief Windows Algemeen

    Geplaatst:

    Hier komt de log, ik heb echter wel het probleem dat ik alle programma's als administrator nu moet opstarten, is dit normaal?.

    log:

    ComboFix 12-07-16.01 - Stefandebeyer 17-07-2012 23:49:31.1.8 - x64

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8140.3086 [GMT 2:00]

    Gestart vanuit: c:\users\Stefandebeyer\Desktop\ComboFix.exe

    AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

    FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

    SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\program files (x86)\BasicScan

    c:\program files (x86)\BasicScan\uninstall.exe

    c:\programdata\b9976e0f5c7ba37077513a0f6cec9e73_c

    c:\programdata\Roaming

    c:\programdata\windows

    c:\users\Stefandebeyer\AppData\Roaming\DB5827.dat

    c:\users\Stefandebeyer\AppData\Roaming\Irasem

    c:\users\Stefandebeyer\AppData\Roaming\Irasem\veoqa.ate

    c:\users\Stefandebeyer\AppData\Roaming\Opidfy

    c:\users\Stefandebeyer\AppData\Roaming\Opidfy\ylbo.ewe

    c:\windows\assembly\GAC_32\Desktop.ini

    c:\windows\assembly\GAC_64\Desktop.ini

    c:\windows\assembly\temp\@

    c:\windows\assembly\temp\cfg.ini

    c:\windows\system32\consrv.dll

    c:\windows\System64

    .

    .

    (((((((((((((((((((( Bestanden Gemaakt van 2012-06-17 to 2012-07-17 ))))))))))))))))))))))))))))))

    .

    .

    2012-07-17 21:55 . 2012-07-17 21:55 -------- d-----w- c:\users\Default\AppData\Local\temp

    2012-07-16 20:30 . 2012-07-16 20:30 -------- d-----w- c:\users\Stefandebeyer\AppData\Roaming\Malwarebytes

    2012-07-16 20:30 . 2012-07-16 20:30 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

    2012-07-16 20:30 . 2012-07-16 20:30 -------- d-----w- c:\programdata\Malwarebytes

    2012-07-16 20:30 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

    2012-07-15 19:10 . 2012-07-15 19:10 388096 ----a-r- c:\users\Stefandebeyer\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

    2012-07-15 19:10 . 2012-07-15 19:10 -------- d-----w- c:\program files (x86)\Trend Micro

    2012-07-15 12:14 . 2012-07-15 12:14 -------- d-----w- c:\program files (x86)\7-Zip

    2012-07-11 22:44 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys

    2012-07-11 21:16 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll

    2012-07-08 12:49 . 2012-07-08 12:49 -------- d-----w- c:\users\Stefandebeyer\AppData\Roaming\WinZip

    2012-07-06 19:50 . 2012-07-06 19:50 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll

    2012-07-06 19:50 . 2012-07-06 19:50 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll

    2012-07-04 22:28 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe

    2012-07-04 10:58 . 2012-07-04 10:58 -------- d-----w- c:\program files (x86)\Common Files\Java

    2012-07-04 10:58 . 2012-07-04 10:58 -------- d-----w- c:\program files (x86)\Oracle

    2012-07-04 10:57 . 2012-05-04 17:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

    2012-07-02 21:27 . 2012-07-02 21:27 -------- d--h--w- c:\programdata\CanonBJ

    2012-07-02 21:27 . 2009-07-14 01:40 84992 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNBPP4.DLL

    2012-06-24 11:36 . 2012-06-24 11:36 -------- d-----w- C:\MocroGames

    2012-06-21 13:23 . 2012-06-24 14:49 -------- d-----w- C:\Eclipse Flyff Client

    2012-06-20 13:12 . 2012-06-20 13:12 -------- d--h--w- c:\windows\AxInstSV

    2012-06-20 09:08 . 2012-06-20 09:08 -------- d-----w- c:\program files (x86)\steam

    2012-06-19 08:58 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll

    2012-06-19 08:58 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe

    2012-06-19 08:58 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll

    2012-06-19 08:58 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll

    2012-06-19 08:57 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll

    2012-06-19 08:57 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll

    2012-06-19 08:57 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll

    2012-06-19 08:57 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll

    2012-06-19 08:57 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe

    2012-06-18 06:26 . 2012-06-18 06:26 -------- d-----w- c:\program files (x86)\Common Files\Telespree

    .

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2012-07-11 21:18 . 2012-04-11 05:43 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

    2012-07-11 21:18 . 2012-04-11 05:43 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

    2012-06-29 10:04 . 2012-07-17 19:32 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E82F3B18-9EB6-4169-B867-765EA988F985}\mpengine.dll

    2012-06-20 13:39 . 2012-04-06 21:04 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr

    2012-06-20 13:39 . 2012-04-06 20:17 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

    2012-06-08 20:48 . 2012-06-08 20:48 50000 ----a-w- c:\windows\system32\drivers\ylzhnvto.sys

    2012-06-04 18:59 . 2012-04-06 20:17 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0

    2012-06-04 11:48 . 2012-06-04 11:48 50000 ----a-w- c:\windows\system32\drivers\nuwipoxw.sys

    2012-06-03 15:22 . 2012-04-06 20:17 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

    2012-05-31 10:25 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe

    2012-05-20 07:50 . 2012-05-20 07:50 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin

    2012-05-14 04:39 . 2010-06-24 09:33 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

    2012-05-04 17:29 . 2011-08-30 17:37 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll

    2012-05-04 11:06 . 2012-06-13 11:44 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

    2012-05-04 10:03 . 2012-06-13 11:44 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

    2012-05-04 10:03 . 2012-06-13 11:44 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

    2012-05-03 02:55 . 2012-05-03 02:55 42392 ----a-w- c:\windows\SysWow64\xfcodec.dll

    2012-05-03 02:55 . 2012-05-03 02:55 28056 ----a-w- c:\windows\system32\xfcodec64.dll

    2012-05-01 05:40 . 2012-06-13 11:44 209920 ----a-w- c:\windows\system32\profsvc.dll

    2012-04-28 03:55 . 2012-06-13 11:44 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

    2012-04-26 05:41 . 2012-06-13 11:44 77312 ----a-w- c:\windows\system32\rdpwsx.dll

    2012-04-26 05:41 . 2012-06-13 11:44 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

    2012-04-26 05:34 . 2012-06-13 11:44 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

    2012-04-24 05:37 . 2012-06-13 11:44 184320 ----a-w- c:\windows\system32\cryptsvc.dll

    2012-04-24 05:37 . 2012-06-13 11:44 140288 ----a-w- c:\windows\system32\cryptnet.dll

    2012-04-24 05:37 . 2012-06-13 11:44 1462272 ----a-w- c:\windows\system32\crypt32.dll

    2012-04-24 04:36 . 2012-06-13 11:44 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

    2012-04-24 04:36 . 2012-06-13 11:44 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll

    2012-04-24 04:36 . 2012-06-13 11:44 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

    .

    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    REGEDIT4

    .

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

    2012-02-14 22:58 94208 ----a-w- c:\users\Stefandebeyer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

    2012-02-14 22:58 94208 ----a-w- c:\users\Stefandebeyer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

    2012-02-14 22:58 94208 ----a-w- c:\users\Stefandebeyer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "Spotify Web Helper"="c:\users\Stefandebeyer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-07-04 1192664]

    "Steam"="c:\steam\Steam.exe" [2012-06-14 1242448]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-08 336384]

    "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]

    "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]

    "HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]

    "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]

    "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

    "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]

    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]

    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]

    "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]

    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

    "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]

    "HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-06-14 103992]

    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

    .

    c:\users\Stefandebeyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

    Dropbox.lnk - c:\users\Stefandebeyer\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "ConsentPromptBehaviorAdmin"= 5 (0x5)

    "ConsentPromptBehaviorUser"= 3 (0x3)

    "EnableUIADesktopToggle"= 0 (0x0)

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

    "EnableShellExecuteHooks"= 1 (0x1)

    .

    [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

    .

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

    "mixer3"=wdmaud.drv

    .

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

    Notification Packages REG_MULTI_SZ scecli iPrntWinCredMan

    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

    .

    R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20101123.003\BHDrvx64.sys [2010-11-23 953904]

    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS [2011-01-27 171128]

    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

    R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-03 116648]

    R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]

    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]

    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 250056]

    R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-01-24 1298496]

    R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

    R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-03 116648]

    R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-06-14 1098296]

    R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-05-17 34200]

    R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-06 113120]

    R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-02-04 340240]

    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

    R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

    R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

    R3 tswNT;toolstar*testWIN support driver;c:\users\ADMINI~1\AppData\Local\Temp\003157C1\tswnt.sys [x]

    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-04 1255736]

    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS [2011-01-27 450680]

    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS [2011-03-15 912504]

    S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20101201.001\IDSVia64.sys [2010-11-11 476792]

    S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207010.003\SYMNETS.SYS [2011-04-21 386168]

    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

    S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]

    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-05-07 203776]

    S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-01-24 901184]

    S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-01-24 991296]

    S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]

    S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-17 265544]

    S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

    S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]

    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-01-26 30520]

    S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]

    S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]

    S2 iprntsrv;Novell iPrint Service;c:\windows\system32\iprntsrv.exe [2011-11-04 55296]

    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]

    S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe [2011-04-17 130008]

    S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]

    S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]

    S2 VBoxDrv;VBox Support Driver;c:\program files (x86)\YouWave_Android\vb\VBoxDrv.sys [2011-11-20 202592]

    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-05-07 9259520]

    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-05-07 301568]

    S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-01-24 58128]

    S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-01-24 274944]

    S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]

    S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-01-24 59904]

    S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]

    S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-04-15 12228128]

    S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-05-17 25496]

    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]

    S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

    S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-02-24 8591872]

    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]

    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]

    S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-13 333928]

    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]

    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

    .

    .

    --- Andere Services/Drivers In Geheugen ---

    .

    *NewlyCreated* - WS2IFSL

    .

    Inhoud van de 'Gedeelde Taken' map

    .

    2012-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job

    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 21:18]

    .

    2012-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-03 04:55]

    .

    2012-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-03 04:55]

    .

    2012-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2989424886-3088513803-49936933-1000Core.job

    - c:\users\Stefandebeyer\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-03 04:55]

    .

    2012-07-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2989424886-3088513803-49936933-1000UA.job

    - c:\users\Stefandebeyer\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-03 04:55]

    .

    2012-07-16 c:\windows\Tasks\HPCeeScheduleForStefandebeyer.job

    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]

    .

    .

    --------- X64 Entries -----------

    .

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

    2012-02-14 22:58 97792 ----a-w- c:\users\Stefandebeyer\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

    2012-02-14 22:58 97792 ----a-w- c:\users\Stefandebeyer\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

    2012-02-14 22:58 97792 ----a-w- c:\users\Stefandebeyer\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

    2012-02-14 22:58 97792 ----a-w- c:\users\Stefandebeyer\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "iPrint Tray"="c:\windows\system32\iprntctl.exe" [2011-11-04 66136]

    "iPrint Event Monitor"="c:\windows\system32\iprntlgn.exe" [2011-11-04 69720]

    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-03-11 1128448]

    "Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-15 416024]

    "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-02-04 1933584]

    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-15 168216]

    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-15 392472]

    "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-01-24 10355200]

    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]

    "combofix"="c:\combofix\CF13687.3XE" [2010-11-21 345088]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

    "LoadAppInit_DLLs"=0x0

    .

    ------- Bijkomende Scan -------

    .

    uStart Page = hxxp://isearch.avg.com/?cid={9229DA7A-DD47-4FC3-937B-DCCAFA84D658}&mid=202c200f48a5406c9f88a3cbadc471fe-6b21070d39018d0a4b7371b5893eed988e68e24d〈=en&ds=hk011&pr=sa&d=2012-07-08 14:40&v=11.1.0.12&sap=hp

    uLocal Page = c:\windows\system32\blank.htm

    mLocal Page = c:\windows\SysWOW64\blank.htm

    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

    IE: Free YouTube to MP3 Converter - c:\users\Stefandebeyer\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

    TCP: DhcpNameServer = 192.168.0.1

    FF - ProfilePath - c:\users\Stefandebeyer\AppData\Roaming\Mozilla\Firefox\Profiles\ousvodcq.default\

    FF - prefs.js: browser.search.selectedEngine - Google

    FF - prefs.js: browser.startup.homepage - hxxp://twitter.com/

    FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B82a15e1c-4843-4402-b8d2-a39ec37e0fc3%7D&mid=202c200f48a5406c9f88a3cbadc471fe-6b21070d39018d0a4b7371b5893eed988e68e24d&ds=hk011&v=11.1.0.12〈=en&pr=sa&d=2012-07-08%2014%3A40%3A49&sap=ku&q=

    FF - prefs.js: network.proxy.type - 0

    .

    - - - - ORPHANS VERWIJDERD - - - -

    .

    Wow6432Node-HKCU-Run-AdobeBridge - (no file)

    WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

    AddRemove-BattlEye for A2 - c:\program files (x86)\steam\steamapps\common\arma 2BattlEye\UnInstallBE.exe

    AddRemove-BattlEye for OA - c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowheadExpansion\BattlEye\UnInstallBE.exe

    AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe

    AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe

    .

    .

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]

    "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.1.3\diMaster.dll\" /prefetch:1"

    .

    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

    @Denied: (A 2) (Everyone)

    @="FlashBroker"

    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

    "Enabled"=dword:00000001

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

    @Denied: (A 2) (Everyone)

    @="Shockwave Flash Object"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"

    "ThreadingModel"="Apartment"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

    @="0"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

    @="ShockwaveFlash.ShockwaveFlash.11"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

    @="1.0"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

    @="ShockwaveFlash.ShockwaveFlash"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

    @Denied: (A 2) (Everyone)

    @="Macromedia Flash Factory Object"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"

    "ThreadingModel"="Apartment"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

    @="FlashFactory.FlashFactory.1"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

    @="1.0"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

    @="FlashFactory.FlashFactory"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

    @Denied: (A 2) (Everyone)

    @="IFlashBroker4"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

    @="{00020424-0000-0000-C000-000000000046}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    "Version"="1.0"

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

    @Denied: (Full) (Everyone)

    .

    ------------------------ Andere Aktieve Processen ------------------------

    .

    c:\windows\SysWOW64\ezSharedSvcHost.exe

    c:\windows\SysWOW64\PnkBstrA.exe

    c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe

    c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    .

    **************************************************************************

    .

    Voltooingstijd: 2012-07-18 00:03:44 - machine werd herstart

    ComboFix-quarantined-files.txt 2012-07-17 22:03

    .

    Pre-Run: 469.427.580.928 bytes beschikbaar

    Post-Run: 471.239.426.048 bytes beschikbaar

    .

    - - End Of File - - D392C4092A31E2D251B7B673F0A78424

    windows wisselt van venster

    in Archief Windows Algemeen

    Geplaatst:

    hierbij de logjes:

    mbam logje:

    Malwarebytes Anti-Malware (-evaluatieversie-) 1.62.0.1300

    Malwarebytes : Free anti-malware, anti-virus and spyware removal download

    Databaseversie: v2012.07.16.11

    Windows 7 Service Pack 1 x64 NTFS

    Internet Explorer 9.0.8112.16421

    Stefandebeyer :: STEFAN-PC [administrator]

    Realtime bescherming: Uitgeschakeld

    16-7-2012 22:39:22

    mbam-log-2012-07-16 (22-39-22).txt

    Scantype: Snelle scan

    Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

    Uitgeschakelde scanopties: P2P

    Objecten gescand: 221010

    Verstreken tijd: 4 minuut/minuten, 54 seconde(n)

    Geheugenprocessen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 2

    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Succesvol in quarantaine geplaatst en verwijderd.

    HKCR\CLSID\{312BFDCE-A901-4203-B4F2-ADCB957D1887} (Trojan.FakeMS) -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerwaarden gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 8

    C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C} (Adware.Zwangi) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome (Adware.Zwangi) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\defaults (Adware.Zwangi) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\defaults\preferences (Adware.Zwangi) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\Local Settings\Application Data\RavenBleuSA (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\Local Settings\Application Data\RavenBleuSA\bin (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\Local Settings\Application Data\RavenBleuSA\bin\1.0.11.0 (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\Local Settings\Application Data\RavenBleuSA\data (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd.

    Bestanden gedetecteerd: 25

    C:\ProgramData\Windows\msseedir.dll (Trojan.FakeMS) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\AppData\Roaming\DB5827.exe (Trojan.LockScreen) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\AppData\Roaming\Kipugi\evsy.exe (Trojan.FakeMS) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\AppData\Roaming\Ydfou\othy.exe (Trojan.LockScreen) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\$Recycle.Bin\S-1-5-21-2989424886-3088513803-49936933-1000\$R88E3RV.exe (RiskWare.Tool.CK) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\$Recycle.Bin\S-1-5-21-2989424886-3088513803-49936933-1000\$RCFRCRG.exe (RiskWare.Tool.HCK) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\AppData\Local\Temp\0005f7e5.exe (Trojan.LockScreen) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\AppData\Local\Temp\00063a41.exe (Trojan.LockScreen) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\AppData\Local\Temp\000651d7.exe (Trojan.LockScreen) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\AppData\Local\Temp\83BF.tmp (Trojan.LockScreen) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\AppData\Local\Temp\8B4E.tmp (Trojan.LockScreen) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\AppData\Local\Temp\msbeiea.com (Trojan.LockScreen) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\AppData\Local\Temp\msimg32.dll (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\AppData\Local\Temp\mszfty.cmd (Trojan.LockScreen) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\ProgramData\Windows\ccdxmmde.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\ProgramData\Windows\drss.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\ProgramData\Windows\xessmsxe.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome.manifest (Adware.Zwangi) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\install.rdf (Adware.Zwangi) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome\basicscan.jar (Adware.Zwangi) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\defaults\preferences\prefs.js (Adware.Zwangi) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\Local Settings\Application Data\RavenBleuSA\bin\1.0.11.0\copyright.txt (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\Local Settings\Application Data\RavenBleuSA\data\RavenBleuSA.dat (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\Local Settings\Application Data\RavenBleuSA\data\RavenBleuSAau.dat (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Users\Stefandebeyer\Local Settings\Application Data\RavenBleuSA\data\RavenBleuSA_kyf.dat (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd.

    (einde)

    HijackThis logje:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 22:46:24, on 16-7-2012

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v9.00 (9.00.8112.16447)

    Boot mode: Normal

    Running processes:

    C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

    C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

    C:\Users\Stefandebeyer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

    C:\Users\Stefandebeyer\AppData\Roaming\Dropbox\bin\Dropbox.exe

    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

    C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

    C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

    C:\Program Files (x86)\Skype\Phone\Skype.exe

    C:\Users\Stefandebeyer\AppData\Roaming\Spotify\spotify.exe

    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

    C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe

    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe

    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={9229DA7A-DD47-4FC3-937B-DCCAFA84D658}&mid=202c200f48a5406c9f88a3cbadc471fe-6b21070d39018d0a4b7371b5893eed988e68e24d〈=en&ds=hk011&pr=sa&d=2012-07-08 14:40:49&v=11.1.0.12&sap=hp

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    F2 - REG:system.ini: UserInit=userinit.exe,

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\IPS\IPSBHO.DLL

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

    O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll

    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

    O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\npchrome_frame.dll

    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll

    O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

    O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

    O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

    O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

    O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

    O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

    O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

    O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

    O4 - HKCU\..\Run: [Google Update] "C:\Users\Stefandebeyer\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Stefandebeyer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

    O4 - HKCU\..\Run: [steam] "C:\Steam\Steam.exe" -silent

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

    O4 - Startup: Dropbox.lnk = Stefandebeyer\AppData\Roaming\Dropbox\bin\Dropbox.exe

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Stefandebeyer\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.140.0.cab

    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

    O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\npchrome_frame.dll

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

    O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

    O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

    O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

    O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

    O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

    O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

    O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe

    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

    O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

    O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

    O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

    O23 - Service: Novell iPrint Service (iprntsrv) - Unknown owner - C:\Windows\system32\iprntsrv.exe (file missing)

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe

    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --

    End of file - 16842 bytes

    windows wisselt van venster

    in Archief Windows Algemeen

    Geplaatst:

    het is me gelukt

    het log bestand:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 23:36:38, on 15-7-2012

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v9.00 (9.00.8112.16447)

    Boot mode: Normal

    Running processes:

    C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

    C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

    C:\Users\Stefandebeyer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

    C:\Steam\Steam.exe

    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

    C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

    C:\Users\Stefandebeyer\AppData\Roaming\Dropbox\bin\Dropbox.exe

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

    C:\Users\Stefandebeyer\AppData\Roaming\Spotify\spotify.exe

    C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe

    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe

    C:\Fraps\fraps.exe

    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={9229DA7A-DD47-4FC3-937B-DCCAFA84D658}&mid=202c200f48a5406c9f88a3cbadc471fe-6b21070d39018d0a4b7371b5893eed988e68e24d〈=en&ds=hk011&pr=sa&d=2012-07-08 14:40:49&v=11.1.0.12&sap=hp

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    F2 - REG:system.ini: UserInit=userinit.exe

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\IPS\IPSBHO.DLL

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

    O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll

    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

    O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\npchrome_frame.dll

    O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll

    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll

    O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

    O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

    O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

    O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

    O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

    O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

    O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

    O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

    O4 - HKCU\..\Run: [Google Update] "C:\Users\Stefandebeyer\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Stefandebeyer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

    O4 - HKCU\..\Run: [steam] "C:\Steam\Steam.exe" -silent

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

    O4 - Startup: Dropbox.lnk = Stefandebeyer\AppData\Roaming\Dropbox\bin\Dropbox.exe

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Stefandebeyer\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

    O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.140.0.cab

    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

    O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\npchrome_frame.dll

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

    O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

    O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

    O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

    O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

    O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

    O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

    O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe

    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

    O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

    O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

    O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

    O23 - Service: Novell iPrint Service (iprntsrv) - Unknown owner - C:\Windows\system32\iprntsrv.exe (file missing)

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe

    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --

    End of file - 16681 bytes

    windows wisselt van venster

    in Archief Windows Algemeen

    Geplaatst:

    hallo allemaal,

    sinds een week of 2 zit ik met het probleem dat als ik een spel speel zoals minecraft of farming simulator maar ook als ik iets aan het typen ben of in de webbrowser bezig ben, windows constand verwissel van venster, alsof ik op druk, maar dat doe ik dus niet.

    iemand van een ander forum waar ik bij zit dacht dat het lag aan vuil onder de toetsen, maar dit lijk me dus onlogisch omdat windows van venster verwisselt en niets anders.

    ik hoop dat iemand mij hiermee kan helpen want het is heel erg irritant

    met vriendelijke groet,

    Stefan de Beijer

Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.