ldubbelo

Internetsnelheid zakt in mekaar

ldubbelo plaatste een topic in Archief Internet & Netwerk

De snelheid van mijn internetverbinding daalt na enige tijd drastisch van een uitstekende + 150 Mps tot lager dan 5 Mps (meting met Telenet speedtest). Soms is dat na 10 minuten, soms na langere tijd, ongeacht het gebruik van de PC of van internet. Heropstarten geeft weer de hoge snelheid. Telenet vindt de oorzaak niet bij hun verbinding: zij hebben de router vervangen, de versterker en de kabels, en meten zelf 150 Mps. Vermits de technieker aanvoert dat het aan de PC ligt heb ik een nieuwe netwerkadapter geplaatst en windows 8.1 opnieuw geïnstalleerd, zonder resultaat. Wat kan de oorzaak zijn ?

foto's in live mail

ldubbelo reageerde op ldubbelo's topic in Archief Internet & Netwerk

Akkoord, maar wanneer ik een foto naar mijn laptop zend, staat de foto in bijlage maar ook heel groot in het tekst-vak. Op die laptop staat windows xp prof. versie 2002, en WLMail versie 2009, build 14.0.8117.0416.

foto's in live mail

ldubbelo plaatste een topic in Archief Internet & Netwerk

Hoe kan ik foto's verzenden in windows live mail als bijlage zonder dat de foto ook nog eens in het groot in het tekstvak verschijnt ? In opties>opstellen>fotoberichten staat 'omzetten' uitgevinkt.

nieuw venster op voorgrond

ldubbelo reageerde op ldubbelo's topic in Archief Windows Algemeen

Alles in orde nu. Proficiat voor de deskundigheid en de volharding ! Ik dacht dat het een simpel probleem was.

29 juni 2011
23 antwoorden
- komt
- neer
- (en 8 meer)
  Getagd met:
  - komt
  - neer
  - nieuw
  - probleem
  - programma
  - start
  - venster
  - verschijnt
  - wanneer
  - windows

nieuw venster op voorgrond

ldubbelo reageerde op ldubbelo's topic in Archief Windows Algemeen

ComboFix 11-06-27.01 - danny 7 jun 2011 21 29 03.4.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.8174.5905 [GMT 2:00] Gestart vanuit: c:\users\danny\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\danny\Desktop\CFScript.txt AV: G Data AntiVirus 2011 *Disabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\system32\hasplms.exe" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\danny\AppData\Local\{BEB2AEA9-EB12-47FB-853B-AD1E7BF66CFF} c:\windows\system32\hasplms.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_hasplms . . (((((((((((((((((((( Bestanden Gemaakt van 2011-05-27 to 2011-06-27 )))))))))))))))))))))))))))))) . . 2011-06-27 19:35 . 2011-06-27 19:35 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-06-26 08:08 . 2011-06-26 08:08 -------- d-----w- c:\users\danny\AppData\Roaming\Malwarebytes 2011-06-26 08:07 . 2011-06-26 08:07 -------- d-----w- c:\programdata\Malwarebytes 2011-06-26 08:07 . 2011-05-29 07:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-06-26 08:07 . 2011-06-26 08:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-06-26 08:07 . 2011-05-29 07:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-25 13:56 . 2011-06-25 13:56 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle 2011-06-25 13:55 . 2011-06-25 13:55 -------- d-----w- c:\programdata\Studio 15 2011-06-25 13:55 . 2011-06-25 13:55 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging 2011-06-25 13:02 . 2011-06-25 13:02 388096 ----a-r- c:\users\danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-06-25 13:02 . 2011-06-25 13:02 -------- d-----w- c:\program files (x86)\Trend Micro 2011-06-25 06:21 . 2011-06-07 17:10 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{23639D27-DAA6-4DF6-B214-0486F992B1D9}\mpengine.dll 2011-06-22 18:15 . 2011-06-22 18:17 -------- d-----w- c:\users\danny\AppData\Roaming\Download Manager 2011-06-22 14:48 . 2011-06-27 16:33 -------- d-----w- c:\users\Greta 2011-06-22 14:10 . 2011-06-22 14:10 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll 2011-06-22 14:10 . 2011-06-22 14:10 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll 2011-06-21 15:01 . 2011-06-21 15:01 -------- d-----w- c:\windows\Sun 2011-06-20 15:20 . 2011-06-20 15:20 -------- d-----w- c:\program files (x86)\Photodex Presenter 2011-06-20 15:20 . 2011-06-20 15:20 -------- d-----w- c:\users\danny\AppData\Roaming\Netscape 2011-06-20 15:19 . 2011-06-20 15:19 -------- d-----w- c:\program files (x86)\Photodex 2011-06-20 15:17 . 2011-06-20 15:20 -------- d-----w- c:\programdata\Photodex 2011-06-20 15:17 . 2011-06-20 15:17 -------- d-----w- c:\users\danny\AppData\Roaming\Photodex 2011-06-19 08:10 . 2011-06-19 08:10 -------- d-----w- c:\programdata\Wondershare 2011-06-19 08:09 . 2011-06-21 15:02 -------- d-----w- c:\program files (x86)\Wondershare 2011-06-19 07:58 . 2011-06-19 07:58 -------- d-----w- c:\users\danny\AppData\Roaming\Softplicity 2011-06-19 07:58 . 2011-06-19 07:58 -------- d-----w- c:\program files (x86)\PhotoMusic 2011-06-17 09:18 . 2011-06-17 09:18 -------- d-----w- c:\users\danny\AppData\Roaming\VanDale 2011-06-17 09:17 . 2011-06-17 09:17 -------- d-----w- c:\program files (x86)\Woordenboeken 2011-06-17 06:33 . 2011-06-17 06:33 -------- d-----w- c:\users\danny\AppData\Roaming\7 Taskbar Tweaker 2011-06-16 16:09 . 2011-06-16 16:09 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-06-16 08:48 . 2011-06-16 08:48 -------- d-----w- c:\program files (x86)\FilerFrog 2011-06-08 16:46 . 2011-06-08 16:46 -------- d-----w- c:\program files (x86)\Image Resizer 2011-06-08 16:05 . 2011-06-08 16:05 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-06-08 16:05 . 2011-06-08 16:05 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-06-07 16:56 . 2011-06-07 16:56 -------- d-----w- c:\program files\SiSoftware 2011-06-06 12:11 . 2009-08-28 11:23 1521893 ----a-w- c:\program files (x86)\winrar-x64-390.exe 2011-06-06 11:57 . 2009-08-28 11:23 1521893 ----a-w- c:\program files (x86)\Mozilla Firefox\winrar-x64-390.exe 2011-06-06 11:56 . 2009-08-28 11:23 1521893 ----a-w- c:\program files\winrar-x64-390.exe 2011-06-06 11:29 . 2011-06-07 14:44 -------- d-----w- c:\users\danny\AppData\Roaming\7plus 2011-06-05 08:00 . 2011-06-05 07:58 8192 ----a-w- c:\windows\SysWow64\srvany.exe 2011-06-05 07:55 . 2011-06-05 08:08 -------- d-----w- c:\program files (x86)\Genuine Advantage 2011-06-05 07:55 . 2011-06-05 07:55 -------- d-----w- c:\windows\Genuine Advantage 2011-06-05 06:22 . 2011-06-05 06:22 -------- d-----w- c:\users\danny\AppData\Local\Ilivid Player 2011-06-05 06:21 . 2011-06-05 06:21 -------- d-----w- c:\users\danny\AppData\Local\PackageAware 2011-06-04 16:27 . 2011-06-04 16:27 -------- d-----w- c:\users\danny\AppData\Roaming\Serif 2011-06-04 06:51 . 2011-06-04 06:51 -------- d-----w- c:\programdata\FilerFrog 2011-05-31 16:50 . 2011-06-16 11:05 -------- d-----w- c:\users\danny\AppData\Local\Ashampoo Photo Optimizer 4 2011-05-31 16:35 . 2011-05-31 16:51 -------- d-----w- c:\users\danny\AppData\Local\photoOptimizeHistoryDataBase 2011-05-31 16:35 . 2011-05-31 16:49 -------- d-----w- c:\users\danny\AppData\Local\Ashampoo Photo Optimizer 3 2011-05-31 15:22 . 2011-05-31 15:24 -------- d-----w- c:\program files (x86)\Picasa2 2011-05-31 15:16 . 2011-05-31 15:16 -------- d-----w- c:\users\danny\AppData\Roaming\Ashampoo Photo Commander 5 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-23 12:07 . 2011-03-29 12:02 106224 ----a-w- c:\windows\SysWow64\drivers\GRD.sys 2011-06-16 07:02 . 2011-05-14 07:09 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-05-24 17:14 . 2010-11-21 03:27 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-05-18 16:16 . 2011-05-18 16:16 137544 ----a-w- c:\windows\SysWow64\atl100.dll 2011-04-23 08:08 . 2011-02-25 12:07 40392 ----a-w- c:\windows\system32\drivers\GDBehave.sys 2011-04-23 08:08 . 2011-02-25 12:07 49096 ----a-w- c:\windows\system32\drivers\HookCentre.sys 2011-04-23 08:08 . 2011-02-25 12:07 85960 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys 2011-04-22 22:15 . 2011-05-25 06:04 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-04-21 19:24 . 2011-04-21 19:24 53248 ----a-r- c:\users\danny\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2011-04-21 19:24 . 2011-04-21 19:24 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr 2011-04-09 07:02 . 2011-05-11 05:23 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-04-09 06:58 . 2011-05-19 05:49 142336 ----a-w- c:\windows\system32\poqexec.exe 2011-04-09 06:02 . 2011-05-11 05:23 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2011-04-09 06:02 . 2011-05-11 05:23 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2011-04-09 05:56 . 2011-05-19 05:49 123904 ----a-w- c:\windows\SysWow64\poqexec.exe . . ((((((((((((((((((((((((((((( SnapShot@2011-06-27_16.32.03 ))))))))))))))))))))))))))))))))))))))))) . + 2010-11-21 03:09 . 2011-06-27 18:19 43968 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:10 . 2011-06-27 16:16 46102 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-06-27 18:19 46102 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2011-04-21 19:18 . 2011-06-27 16:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-04-21 19:18 . 2011-06-27 18:18 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-06-08 16:04 . 2011-06-26 16:57 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat + 2011-06-08 16:04 . 2011-06-27 16:50 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat + 2011-06-08 16:04 . 2011-06-27 16:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat - 2011-06-08 16:04 . 2011-06-26 16:57 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat + 2011-06-08 16:04 . 2011-06-27 16:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat - 2011-06-08 16:04 . 2011-06-26 16:57 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat + 2011-04-21 19:18 . 2011-06-27 18:18 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-04-21 19:18 . 2011-06-27 16:15 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-04-21 19:18 . 2011-06-27 18:18 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-04-21 19:18 . 2011-06-27 16:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-04-21 19:18 . 2011-06-27 16:18 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-04-21 19:18 . 2011-06-27 19:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-04-21 19:18 . 2011-06-27 16:18 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-04-21 19:18 . 2011-06-27 19:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-04-21 19:18 . 2011-06-27 18:19 5488 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-30360702-2838772066-1010712987-1001_UserData.bin - 2011-06-27 16:31 . 2011-06-27 16:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-06-27 19:36 . 2011-06-27 19:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-02-21 11:09 . 2011-06-27 16:19 701326 c:\windows\system32\perfh013.dat + 2011-02-21 11:09 . 2011-06-27 18:22 701326 c:\windows\system32\perfh013.dat + 2009-07-14 02:36 . 2011-06-27 18:22 615810 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2011-06-27 16:19 615810 c:\windows\system32\perfh009.dat - 2011-02-21 11:09 . 2011-06-27 16:19 133358 c:\windows\system32\perfc013.dat + 2011-02-21 11:09 . 2011-06-27 18:22 133358 c:\windows\system32\perfc013.dat - 2009-07-14 02:36 . 2011-06-27 16:19 106190 c:\windows\system32\perfc009.dat + 2009-07-14 02:36 . 2011-06-27 18:22 106190 c:\windows\system32\perfc009.dat - 2009-07-14 05:01 . 2011-06-27 16:31 429700 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2011-06-27 19:35 429700 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2011-04-21 19:48 . 2011-06-27 16:31 20447360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-30360702-2838772066-1010712987-1001-8192.dat + 2011-04-21 19:48 . 2011-06-27 19:35 20447360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-30360702-2838772066-1010712987-1001-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WashAndGo - Cleanup of old Backupfiles"="c:\program files (x86)\WashAndgo\checker.exe" [2003-04-07 71680] "StartMenu7"="c:\program files (x86)\Start Menu 7\StartMenu7.exe" [2011-04-29 2752920] "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "G Data AntiVirus Tray Application"="c:\program files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe" [2010-09-10 997960] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "beid"="c:\program files (x86)\Belgium Identity Card\beid35gui.exe" [2011-02-03 2068480] "RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-04-20 234792] "NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-02-22 1226024] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "ST Recovery Launcher"="c:\windows\SMINST\VistaLauncher.exe" [2008-09-11 46416] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon] [bU] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer4"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-23 136176] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x] R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe [2009-08-17 93848] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [x] S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [x] S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [x] S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [x] S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [x] S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/05/05 18:40];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-04-12 09:16 148976] S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x] S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2010-09-02 1098312] S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\AntiVirus\AVK\AVKService.exe [2010-05-04 410696] S2 AVKWCtl;G Data Filesystem Monitor;c:\program files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe [2010-08-25 1865344] S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-04-20 83240] S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-03-31 70952] S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-03-31 312616] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-02-18 462632] S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-04-20 75248] S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [2010-08-25 340552] S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 . Inhoud van de 'Gedeelde Taken' map . 2011-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-23 15:54] . 2011-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-23 15:54] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "combofix"="c:\combofix\CF32067.cfxxe" [X] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976] "EPSON Stylus C62 Series"="c:\windows\system32\spool\DRIVERS\x64\3\E_S0BIC1.EXE" [2002-04-10 74240] "mylbx"="c:\program files\My Lockbox\mylbx.exe" [2011-04-25 1901888] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.searchqu.com/406 mStart Page = hxxp://www.bigseekpro.com/freedesktopclock/{E067DA3B-56FD-4C18-A8B8-06967DB40E2D} mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.1 195.130.131.1 FF - ProfilePath - c:\users\danny\AppData\Roaming\Mozilla\Firefox\Profiles\hjbvoqxa.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.deredactie.be/cm/vrtnieuws|http://www.krantenkoppen.be/|http://www.netvibes.com/privatepage/1#Mijn_overzicht . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) WebBrowser-{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Photodex\ProShowGold\ScsiAccess.exe . ************************************************************************** . Voltooingstijd: 2011-06-27 21:40:54 - machine werd herstart ComboFix-quarantined-files.txt 2011-06-27 19:40 ComboFix2.txt 2011-06-27 18:16 ComboFix3.txt 2011-06-27 16:33 . Pre-Run: 40.152.969.216 bytes beschikbaar Post-Run: 39.615.680.512 bytes beschikbaar . - - End Of File - - B9596CEA9D7919B8E653E00C83124CFA ------------------------ Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21 47:46, on 27 juni 2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Windows\System32\spool\drivers\x64\3\E_S0BIC1.EXE C:\Program Files\My Lockbox\mylbx.exe C:\Program Files (x86)\Start Menu 7\StartMenu7.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AvkWebIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AvkWebIE.dll O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [RemoteControl11] "C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe O4 - HKCU\..\Run: [WashAndGo - Cleanup of old Backupfiles] C:\Program Files (x86)\WashAndgo\checker.exe /check O4 - HKCU\..\Run: [startMenu7] "C:\Program Files (x86)\Start Menu 7\StartMenu7.exe" O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe O23 - Service: G Data Filesystem Monitor (AVKWCtl) - Unknown owner - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11158 bytes

27 juni 2011
23 antwoorden
- komt
- neer
- (en 8 meer)
  Getagd met:
  - komt
  - neer
  - nieuw
  - probleem
  - programma
  - start
  - venster
  - verschijnt
  - wanneer
  - windows

nieuw venster op voorgrond

ldubbelo reageerde op ldubbelo's topic in Archief Windows Algemeen

ComboFix 11-06-27.01 - danny 7 jun 2011 20 05 17.3.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.8174.6222 [GMT 2:00] Gestart vanuit: c:\users\danny\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\danny\Desktop\CFScript.txt AV: G Data AntiVirus 2011 *Disabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\programdata\xml560D.tmp" "c:\programdata\xml56C9.tmp" "c:\programdata\xml5718.tmp" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\xml560D.tmp c:\programdata\xml56C9.tmp c:\programdata\xml5718.tmp c:\users\danny\AppData\Local\{02AC37C9-0841-4BAD-A7D0-EF10ED13C2B3} c:\users\danny\AppData\Local\{03B7F44E-6656-4D80-8C06-5C921D47F772} c:\users\danny\AppData\Local\{05C69990-B6AB-4116-B612-344EAC1322FE} c:\users\danny\AppData\Local\{14F30BFF-1385-425C-8E7A-015CE8FA57E5} c:\users\danny\AppData\Local\{1559ED03-27BC-4DD0-9215-F018F25B7D46} c:\users\danny\AppData\Local\{1ABA0797-F2F0-46E0-A12A-0D422179A0E7} c:\users\danny\AppData\Local\{1B444250-28BE-47CB-9F4E-0957A9726347} c:\users\danny\AppData\Local\{273EA5F4-4AD7-43A7-9B62-E6BA3279CA51} c:\users\danny\AppData\Local\{2742C931-D34C-42AD-9E50-089A2479F186} c:\users\danny\AppData\Local\{27E83095-BB7A-4F9B-AA86-C864BDC4C3F3} c:\users\danny\AppData\Local\{31C8B5B9-7E66-43A3-981A-C199E91DCBC9} c:\users\danny\AppData\Local\{41CC3E33-5B73-4369-93FD-647BA213B136} c:\users\danny\AppData\Local\{4B5123F0-3F9D-4D79-B26C-3F8A6709C4EB} c:\users\danny\AppData\Local\{4C8F31FA-C913-4D13-A5A6-8966A8FD4D93} c:\users\danny\AppData\Local\{5040161D-7DA2-4CE5-A039-021C92A95A60} c:\users\danny\AppData\Local\{5074A7ED-6540-4DEE-B0EF-318430AAD51F} c:\users\danny\AppData\Local\{52FD5D47-B02C-42A3-B4FA-E57A7AA7663B} c:\users\danny\AppData\Local\{6488AB90-1F90-4FDE-A7EE-17C3CC00E3D5} c:\users\danny\AppData\Local\{65275FC3-6BEB-4B4E-9DEE-BA1AE9020B65} c:\users\danny\AppData\Local\{69CB1C0E-6563-4A5B-ADE3-28A1C0E439C5} c:\users\danny\AppData\Local\{6A5324E8-5A1C-46D5-8702-D5E869E93C50} c:\users\danny\AppData\Local\{6BBAC248-54EF-45AF-A977-A2737B913A40} c:\users\danny\AppData\Local\{7C99448D-1371-48CD-AEC5-E3369487404F} c:\users\danny\AppData\Local\{88109156-56ED-466F-AB24-70C8EA3A3B0E} c:\users\danny\AppData\Local\{8B850446-9E87-46F6-A7C8-DE222A005890} c:\users\danny\AppData\Local\{93688D76-35D8-48AD-915D-05BBAEFD4227} c:\users\danny\AppData\Local\{93B6CC62-8DE8-405F-9313-581AF6E59C07} c:\users\danny\AppData\Local\{9E9BE2D3-282C-433A-9023-EEC3B874515D} c:\users\danny\AppData\Local\{A2CB0DB6-C59F-4CDD-A848-0A865BF7E63C} c:\users\danny\AppData\Local\{B4724B6E-9915-40C6-97BA-516BD4E14183} c:\users\danny\AppData\Local\{B73BADC2-B5F4-484A-86F7-AE5795563576} c:\users\danny\AppData\Local\{B8F79CC7-694C-4089-847E-16B46512C433} c:\users\danny\AppData\Local\{D3708114-E7B3-4A40-8104-778977D76C5E} c:\users\danny\AppData\Local\{D372E22B-4C7C-41C5-A6FE-283E43017B38} c:\users\danny\AppData\Local\{DB5CD066-52A8-419B-88DC-AB8D5098CC23} c:\users\danny\AppData\Local\{E7F59AD0-A388-4032-9203-1539D921D896} c:\users\danny\AppData\Local\{EBFCE801-0B22-470D-BDE5-777211310208} c:\users\danny\AppData\Local\{EE71B61A-EED0-41A6-B23E-E7CA55F71489} c:\users\danny\AppData\Local\{F441E191-5AB9-4663-8275-4F452B4D7FC6} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-05-27 to 2011-06-27 )))))))))))))))))))))))))))))) . . 2011-06-27 18:14 . 2011-06-27 18:14 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-06-27 17:39 . 2011-06-27 17:39 -------- d-----w- c:\users\danny\AppData\Local\{BEB2AEA9-EB12-47FB-853B-AD1E7BF66CFF} 2011-06-26 08:08 . 2011-06-26 08:08 -------- d-----w- c:\users\danny\AppData\Roaming\Malwarebytes 2011-06-26 08:07 . 2011-06-26 08:07 -------- d-----w- c:\programdata\Malwarebytes 2011-06-26 08:07 . 2011-05-29 07:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-06-26 08:07 . 2011-06-26 08:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-06-26 08:07 . 2011-05-29 07:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-25 13:56 . 2011-06-25 13:56 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle 2011-06-25 13:55 . 2011-06-25 13:55 -------- d-----w- c:\programdata\Studio 15 2011-06-25 13:55 . 2011-06-25 13:55 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging 2011-06-25 13:02 . 2011-06-25 13:02 388096 ----a-r- c:\users\danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-06-25 13:02 . 2011-06-25 13:02 -------- d-----w- c:\program files (x86)\Trend Micro 2011-06-25 06:21 . 2011-06-07 17:10 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{23639D27-DAA6-4DF6-B214-0486F992B1D9}\mpengine.dll 2011-06-22 18:15 . 2011-06-22 18:17 -------- d-----w- c:\users\danny\AppData\Roaming\Download Manager 2011-06-22 14:48 . 2011-06-27 16:33 -------- d-----w- c:\users\Greta 2011-06-22 14:10 . 2011-06-22 14:10 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll 2011-06-22 14:10 . 2011-06-22 14:10 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll 2011-06-21 15:01 . 2011-06-21 15:01 -------- d-----w- c:\windows\Sun 2011-06-20 15:20 . 2011-06-20 15:20 -------- d-----w- c:\program files (x86)\Photodex Presenter 2011-06-20 15:20 . 2011-06-20 15:20 -------- d-----w- c:\users\danny\AppData\Roaming\Netscape 2011-06-20 15:19 . 2011-06-20 15:19 -------- d-----w- c:\program files (x86)\Photodex 2011-06-20 15:17 . 2011-06-20 15:20 -------- d-----w- c:\programdata\Photodex 2011-06-20 15:17 . 2011-06-20 15:17 -------- d-----w- c:\users\danny\AppData\Roaming\Photodex 2011-06-19 08:10 . 2011-06-19 08:10 -------- d-----w- c:\programdata\Wondershare 2011-06-19 08:09 . 2011-06-21 15:02 -------- d-----w- c:\program files (x86)\Wondershare 2011-06-19 07:58 . 2011-06-19 07:58 -------- d-----w- c:\users\danny\AppData\Roaming\Softplicity 2011-06-19 07:58 . 2011-06-19 07:58 -------- d-----w- c:\program files (x86)\PhotoMusic 2011-06-17 09:18 . 2011-06-17 09:18 -------- d-----w- c:\users\danny\AppData\Roaming\VanDale 2011-06-17 09:17 . 2011-06-17 09:17 -------- d-----w- c:\program files (x86)\Woordenboeken 2011-06-17 06:33 . 2011-06-17 06:33 -------- d-----w- c:\users\danny\AppData\Roaming\7 Taskbar Tweaker 2011-06-16 16:09 . 2011-06-16 16:09 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-06-16 08:48 . 2011-06-16 08:48 -------- d-----w- c:\program files (x86)\FilerFrog 2011-06-08 16:46 . 2011-06-08 16:46 -------- d-----w- c:\program files (x86)\Image Resizer 2011-06-08 16:05 . 2011-06-08 16:05 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-06-08 16:05 . 2011-06-08 16:05 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-06-07 16:56 . 2011-06-07 16:56 -------- d-----w- c:\program files\SiSoftware 2011-06-06 12:11 . 2009-08-28 11:23 1521893 ----a-w- c:\program files (x86)\winrar-x64-390.exe 2011-06-06 11:57 . 2009-08-28 11:23 1521893 ----a-w- c:\program files (x86)\Mozilla Firefox\winrar-x64-390.exe 2011-06-06 11:56 . 2009-08-28 11:23 1521893 ----a-w- c:\program files\winrar-x64-390.exe 2011-06-06 11:29 . 2011-06-07 14:44 -------- d-----w- c:\users\danny\AppData\Roaming\7plus 2011-06-05 08:00 . 2011-06-05 07:58 8192 ----a-w- c:\windows\SysWow64\srvany.exe 2011-06-05 07:55 . 2011-06-05 08:08 -------- d-----w- c:\program files (x86)\Genuine Advantage 2011-06-05 07:55 . 2011-06-05 07:55 -------- d-----w- c:\windows\Genuine Advantage 2011-06-05 06:22 . 2011-06-05 06:22 -------- d-----w- c:\users\danny\AppData\Local\Ilivid Player 2011-06-05 06:21 . 2011-06-05 06:21 -------- d-----w- c:\users\danny\AppData\Local\PackageAware 2011-06-04 16:27 . 2011-06-04 16:27 -------- d-----w- c:\users\danny\AppData\Roaming\Serif 2011-06-04 06:51 . 2011-06-04 06:51 -------- d-----w- c:\programdata\FilerFrog 2011-05-31 16:50 . 2011-06-16 11:05 -------- d-----w- c:\users\danny\AppData\Local\Ashampoo Photo Optimizer 4 2011-05-31 16:35 . 2011-05-31 16:51 -------- d-----w- c:\users\danny\AppData\Local\photoOptimizeHistoryDataBase 2011-05-31 16:35 . 2011-05-31 16:49 -------- d-----w- c:\users\danny\AppData\Local\Ashampoo Photo Optimizer 3 2011-05-31 15:22 . 2011-05-31 15:24 -------- d-----w- c:\program files (x86)\Picasa2 2011-05-31 15:16 . 2011-05-31 15:16 -------- d-----w- c:\users\danny\AppData\Roaming\Ashampoo Photo Commander 5 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-23 12:07 . 2011-03-29 12:02 106224 ----a-w- c:\windows\SysWow64\drivers\GRD.sys 2011-06-16 07:02 . 2011-05-14 07:09 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-05-24 17:14 . 2010-11-21 03:27 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-05-18 16:16 . 2011-05-18 16:16 137544 ----a-w- c:\windows\SysWow64\atl100.dll 2011-04-23 08:08 . 2011-02-25 12:07 40392 ----a-w- c:\windows\system32\drivers\GDBehave.sys 2011-04-23 08:08 . 2011-02-25 12:07 49096 ----a-w- c:\windows\system32\drivers\HookCentre.sys 2011-04-23 08:08 . 2011-02-25 12:07 85960 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys 2011-04-22 22:15 . 2011-05-25 06:04 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-04-21 19:24 . 2011-04-21 19:24 53248 ----a-r- c:\users\danny\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2011-04-21 19:24 . 2011-04-21 19:24 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr 2011-04-09 07:02 . 2011-05-11 05:23 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-04-09 06:58 . 2011-05-19 05:49 142336 ----a-w- c:\windows\system32\poqexec.exe 2011-04-09 06:02 . 2011-05-11 05:23 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2011-04-09 06:02 . 2011-05-11 05:23 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2011-04-09 05:56 . 2011-05-19 05:49 123904 ----a-w- c:\windows\SysWow64\poqexec.exe . . ((((((((((((((((((((((((((((( SnapShot@2011-06-27_16.32.03 ))))))))))))))))))))))))))))))))))))))))) . + 2010-11-21 03:09 . 2011-06-27 16:47 43532 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:10 . 2011-06-27 16:16 46102 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-06-27 18:00 46102 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2011-04-21 19:18 . 2011-06-27 16:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-04-21 19:18 . 2011-06-27 17:59 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-06-08 16:04 . 2011-06-26 16:57 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat + 2011-06-08 16:04 . 2011-06-27 16:50 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat + 2011-06-08 16:04 . 2011-06-27 16:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat - 2011-06-08 16:04 . 2011-06-26 16:57 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat + 2011-06-08 16:04 . 2011-06-27 16:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat - 2011-06-08 16:04 . 2011-06-26 16:57 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat + 2011-04-21 19:18 . 2011-06-27 17:59 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-04-21 19:18 . 2011-06-27 16:15 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-04-21 19:18 . 2011-06-27 16:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-04-21 19:18 . 2011-06-27 17:59 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-04-21 19:18 . 2011-06-27 16:18 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-04-21 19:18 . 2011-06-27 18:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-04-21 19:18 . 2011-06-27 16:18 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-04-21 19:18 . 2011-06-27 18:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-04-21 19:18 . 2011-06-27 18:00 5488 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-30360702-2838772066-1010712987-1001_UserData.bin + 2011-06-27 18:14 . 2011-06-27 18:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-06-27 18:14 . 2011-06-27 18:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-06-27 16:31 . 2011-06-27 16:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-02-21 11:09 . 2011-06-27 16:19 701326 c:\windows\system32\perfh013.dat + 2011-02-21 11:09 . 2011-06-27 18:05 701326 c:\windows\system32\perfh013.dat - 2009-07-14 02:36 . 2011-06-27 16:19 615810 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2011-06-27 18:05 615810 c:\windows\system32\perfh009.dat - 2011-02-21 11:09 . 2011-06-27 16:19 133358 c:\windows\system32\perfc013.dat + 2011-02-21 11:09 . 2011-06-27 18:05 133358 c:\windows\system32\perfc013.dat + 2009-07-14 02:36 . 2011-06-27 18:05 106190 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2011-06-27 16:19 106190 c:\windows\system32\perfc009.dat - 2009-07-14 05:01 . 2011-06-27 16:31 429700 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2011-06-27 18:14 429700 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2011-04-21 19:48 . 2011-06-27 16:31 20447360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-30360702-2838772066-1010712987-1001-8192.dat + 2011-04-21 19:48 . 2011-06-27 18:14 20447360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-30360702-2838772066-1010712987-1001-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WashAndGo - Cleanup of old Backupfiles"="c:\program files (x86)\WashAndgo\checker.exe" [2003-04-07 71680] "StartMenu7"="c:\program files (x86)\Start Menu 7\StartMenu7.exe" [2011-04-29 2752920] "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "G Data AntiVirus Tray Application"="c:\program files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe" [2010-09-10 997960] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "beid"="c:\program files (x86)\Belgium Identity Card\beid35gui.exe" [2011-02-03 2068480] "RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-04-20 234792] "NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-02-22 1226024] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "ST Recovery Launcher"="c:\windows\SMINST\VistaLauncher.exe" [2008-09-11 46416] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon] [bU] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer4"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-23 136176] R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-02-18 462632] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x] R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe [2009-08-17 93848] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [x] S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [x] S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [x] S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [x] S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [x] S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/05/05 18:40];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-04-12 09:16 148976] S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x] S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2010-09-02 1098312] S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\AntiVirus\AVK\AVKService.exe [2010-05-04 410696] S2 AVKWCtl;G Data Filesystem Monitor;c:\program files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe [2010-08-25 1865344] S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-04-20 83240] S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-03-31 70952] S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-03-31 312616] S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x] S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-04-20 75248] S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [2010-08-25 340552] S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 . Inhoud van de 'Gedeelde Taken' map . 2011-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-23 15:54] . 2011-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-23 15:54] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976] "EPSON Stylus C62 Series"="c:\windows\system32\spool\DRIVERS\x64\3\E_S0BIC1.EXE" [2002-04-10 74240] "mylbx"="c:\program files\My Lockbox\mylbx.exe" [2011-04-25 1901888] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.searchqu.com/406 mStart Page = hxxp://www.bigseekpro.com/freedesktopclock/{E067DA3B-56FD-4C18-A8B8-06967DB40E2D} mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.1 195.130.131.1 FF - ProfilePath - c:\users\danny\AppData\Roaming\Mozilla\Firefox\Profiles\hjbvoqxa.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.deredactie.be/cm/vrtnieuws|http://www.krantenkoppen.be/|http://www.netvibes.com/privatepage/1#Mijn_overzicht . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) WebBrowser-{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\hasplms.exe c:\program files (x86)\Photodex\ProShowGold\ScsiAccess.exe . ************************************************************************** . Voltooingstijd: 2011-06-27 20:16:23 - machine werd herstart ComboFix-quarantined-files.txt 2011-06-27 18:16 ComboFix2.txt 2011-06-27 16:33 . Pre-Run: 40.284.614.656 bytes beschikbaar Post-Run: 39.968.788.480 bytes beschikbaar . - - End Of File - - A3155998738791CF63B4070D9AB579BC ----------------Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20 20:39, on 27 juni 2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Windows\System32\spool\drivers\x64\3\E_S0BIC1.EXE C:\Program Files\My Lockbox\mylbx.exe C:\Program Files (x86)\Start Menu 7\StartMenu7.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AvkWebIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AvkWebIE.dll O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [RemoteControl11] "C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe O4 - HKCU\..\Run: [WashAndGo - Cleanup of old Backupfiles] C:\Program Files (x86)\WashAndgo\checker.exe /check O4 - HKCU\..\Run: [startMenu7] "C:\Program Files (x86)\Start Menu 7\StartMenu7.exe" O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe O23 - Service: G Data Filesystem Monitor (AVKWCtl) - Unknown owner - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11270 bytes ----------------------------------------------------------------

27 juni 2011
23 antwoorden
- komt
- neer
- (en 8 meer)
  Getagd met:
  - komt
  - neer
  - nieuw
  - probleem
  - programma
  - start
  - venster
  - verschijnt
  - wanneer
  - windows

nieuw venster op voorgrond

ldubbelo reageerde op ldubbelo's topic in Archief Windows Algemeen

ComboFix 11-06-27.01 - danny 7 jun 2011 18 24 21.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.8174.6331 [GMT 2:00] Gestart vanuit: c:\users\danny\Desktop\ComboFix.exe AV: G Data AntiVirus 2011 *Disabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Mozilla Firefox\searchplugins\SearchquWebSearch.xml c:\users\danny\AppData\Roaming\Mozilla\Firefox\Profiles\hjbvoqxa.default\searchplugins\SearchquWebSearch.xml c:\windows\shutdown.dll c:\windows\SysWow64\syspvc.dll E:\Autorun.inf . . (((((((((((((((((((( Bestanden Gemaakt van 2011-05-27 to 2011-06-27 )))))))))))))))))))))))))))))) . . 2011-06-27 16:30 . 2011-06-27 16:30 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-06-27 05:39 . 2011-06-27 05:39 -------- d-----w- c:\users\danny\AppData\Local\{88109156-56ED-466F-AB24-70C8EA3A3B0E} 2011-06-26 10:07 . 2011-06-26 10:07 -------- d-----w- c:\users\danny\AppData\Local\{B4724B6E-9915-40C6-97BA-516BD4E14183} 2011-06-26 08:08 . 2011-06-26 08:08 -------- d-----w- c:\users\danny\AppData\Roaming\Malwarebytes 2011-06-26 08:07 . 2011-06-26 08:07 -------- d-----w- c:\programdata\Malwarebytes 2011-06-26 08:07 . 2011-05-29 07:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-06-26 08:07 . 2011-06-26 08:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-06-26 08:07 . 2011-05-29 07:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-25 22:07 . 2011-06-25 22:07 -------- d-----w- c:\users\danny\AppData\Local\{6BBAC248-54EF-45AF-A977-A2737B913A40} 2011-06-25 13:56 . 2011-06-25 13:56 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle 2011-06-25 13:55 . 2011-06-25 13:55 -------- d-----w- c:\programdata\Studio 15 2011-06-25 13:55 . 2011-06-25 13:55 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging 2011-06-25 13:02 . 2011-06-25 13:02 388096 ----a-r- c:\users\danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-06-25 13:02 . 2011-06-25 13:02 -------- d-----w- c:\program files (x86)\Trend Micro 2011-06-25 06:21 . 2011-06-25 06:21 -------- d-----w- c:\users\danny\AppData\Local\{4C8F31FA-C913-4D13-A5A6-8966A8FD4D93} 2011-06-25 06:21 . 2011-06-07 17:10 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{23639D27-DAA6-4DF6-B214-0486F992B1D9}\mpengine.dll 2011-06-24 18:05 . 2011-06-24 18:05 -------- d-----w- c:\users\danny\AppData\Local\{8B850446-9E87-46F6-A7C8-DE222A005890} 2011-06-24 06:05 . 2011-06-24 06:05 -------- d-----w- c:\users\danny\AppData\Local\{2742C931-D34C-42AD-9E50-089A2479F186} 2011-06-23 18:04 . 2011-06-23 18:04 -------- d-----w- c:\users\danny\AppData\Local\{03B7F44E-6656-4D80-8C06-5C921D47F772} 2011-06-23 06:02 . 2011-06-23 06:02 -------- d-----w- c:\users\danny\AppData\Local\{93688D76-35D8-48AD-915D-05BBAEFD4227} 2011-06-22 18:15 . 2011-06-22 18:17 -------- d-----w- c:\users\danny\AppData\Roaming\Download Manager 2011-06-22 14:48 . 2011-06-22 14:49 -------- d-----w- c:\users\Greta 2011-06-22 14:10 . 2011-06-22 14:10 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll 2011-06-22 14:10 . 2011-06-22 14:10 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll 2011-06-22 06:40 . 2011-06-22 06:40 -------- d-----w- c:\users\danny\AppData\Local\{41CC3E33-5B73-4369-93FD-647BA213B136} 2011-06-21 18:12 . 2011-06-21 18:12 -------- d-----w- c:\users\danny\AppData\Local\{52FD5D47-B02C-42A3-B4FA-E57A7AA7663B} 2011-06-21 15:01 . 2011-06-21 15:01 -------- d-----w- c:\windows\Sun 2011-06-21 06:12 . 2011-06-21 06:12 -------- d-----w- c:\users\danny\AppData\Local\{93B6CC62-8DE8-405F-9313-581AF6E59C07} 2011-06-20 18:11 . 2011-06-20 18:12 -------- d-----w- c:\users\danny\AppData\Local\{5040161D-7DA2-4CE5-A039-021C92A95A60} 2011-06-20 15:20 . 2011-06-20 15:20 -------- d-----w- c:\program files (x86)\Photodex Presenter 2011-06-20 15:20 . 2011-06-20 15:20 -------- d-----w- c:\users\danny\AppData\Roaming\Netscape 2011-06-20 15:19 . 2011-06-20 15:19 -------- d-----w- c:\program files (x86)\Photodex 2011-06-20 15:17 . 2011-06-20 15:20 -------- d-----w- c:\programdata\Photodex 2011-06-20 15:17 . 2011-06-20 15:17 -------- d-----w- c:\users\danny\AppData\Roaming\Photodex 2011-06-20 06:11 . 2011-06-20 06:11 -------- d-----w- c:\users\danny\AppData\Local\{7C99448D-1371-48CD-AEC5-E3369487404F} 2011-06-19 08:10 . 2011-06-19 08:10 -------- d-----w- c:\programdata\Wondershare 2011-06-19 08:09 . 2011-06-21 15:02 -------- d-----w- c:\program files (x86)\Wondershare 2011-06-19 07:58 . 2011-06-19 07:58 -------- d-----w- c:\users\danny\AppData\Roaming\Softplicity 2011-06-19 07:58 . 2011-06-19 07:58 -------- d-----w- c:\program files (x86)\PhotoMusic 2011-06-19 06:41 . 2011-06-19 06:41 -------- d-----w- c:\users\danny\AppData\Local\{F441E191-5AB9-4663-8275-4F452B4D7FC6} 2011-06-18 07:18 . 2011-06-18 07:18 -------- d-----w- c:\users\danny\AppData\Local\{B8F79CC7-694C-4089-847E-16B46512C433} 2011-06-17 09:18 . 2011-06-17 09:18 -------- d-----w- c:\users\danny\AppData\Roaming\VanDale 2011-06-17 09:17 . 2011-06-17 09:17 -------- d-----w- c:\program files (x86)\Woordenboeken 2011-06-17 07:15 . 2011-06-17 07:15 -------- d-----w- c:\users\danny\AppData\Local\{9E9BE2D3-282C-433A-9023-EEC3B874515D} 2011-06-17 06:33 . 2011-06-17 06:33 -------- d-----w- c:\users\danny\AppData\Roaming\7 Taskbar Tweaker 2011-06-16 19:03 . 2011-06-16 19:03 -------- d-----w- c:\users\danny\AppData\Local\{6488AB90-1F90-4FDE-A7EE-17C3CC00E3D5} 2011-06-16 16:09 . 2011-06-16 16:09 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-06-16 08:48 . 2011-06-16 08:48 -------- d-----w- c:\program files (x86)\FilerFrog 2011-06-16 07:03 . 2011-06-16 07:03 -------- d-----w- c:\users\danny\AppData\Local\{D372E22B-4C7C-41C5-A6FE-283E43017B38} 2011-06-15 18:44 . 2011-06-15 18:44 -------- d-----w- c:\users\danny\AppData\Local\{1ABA0797-F2F0-46E0-A12A-0D422179A0E7} 2011-06-10 18:38 . 2011-06-10 18:38 -------- d-----w- c:\users\danny\AppData\Local\{DB5CD066-52A8-419B-88DC-AB8D5098CC23} 2011-06-10 06:38 . 2011-06-10 06:38 -------- d-----w- c:\users\danny\AppData\Local\{6A5324E8-5A1C-46D5-8702-D5E869E93C50} 2011-06-09 18:38 . 2011-06-09 18:38 -------- d-----w- c:\users\danny\AppData\Local\{B73BADC2-B5F4-484A-86F7-AE5795563576} 2011-06-09 06:38 . 2011-06-09 06:38 -------- d-----w- c:\users\danny\AppData\Local\{69CB1C0E-6563-4A5B-ADE3-28A1C0E439C5} 2011-06-08 18:37 . 2011-06-08 18:37 -------- d-----w- c:\users\danny\AppData\Local\{E7F59AD0-A388-4032-9203-1539D921D896} 2011-06-08 16:46 . 2011-06-08 16:46 -------- d-----w- c:\program files (x86)\Image Resizer 2011-06-08 16:05 . 2011-06-08 16:05 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-06-08 16:05 . 2011-06-08 16:05 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-06-08 06:09 . 2011-06-08 06:09 -------- d-----w- c:\users\danny\AppData\Local\{02AC37C9-0841-4BAD-A7D0-EF10ED13C2B3} 2011-06-07 16:57 . 2011-06-07 16:57 8296 ----a-w- c:\programdata\xml560D.tmp 2011-06-07 16:57 . 2011-06-07 16:57 2263 ----a-w- c:\programdata\xml5718.tmp 2011-06-07 16:57 . 2011-06-07 16:57 13455 ----a-w- c:\programdata\xml56C9.tmp 2011-06-07 16:56 . 2011-06-07 16:56 -------- d-----w- c:\program files\SiSoftware 2011-06-07 15:47 . 2011-06-07 15:47 -------- d-----w- c:\users\danny\AppData\Local\{05C69990-B6AB-4116-B612-344EAC1322FE} 2011-06-07 05:39 . 2011-06-07 05:39 -------- d-----w- c:\users\danny\AppData\Local\{31C8B5B9-7E66-43A3-981A-C199E91DCBC9} 2011-06-06 12:11 . 2009-08-28 11:23 1521893 ----a-w- c:\program files (x86)\winrar-x64-390.exe 2011-06-06 11:57 . 2009-08-28 11:23 1521893 ----a-w- c:\program files (x86)\Mozilla Firefox\winrar-x64-390.exe 2011-06-06 11:56 . 2009-08-28 11:23 1521893 ----a-w- c:\program files\winrar-x64-390.exe 2011-06-06 11:29 . 2011-06-07 14:44 -------- d-----w- c:\users\danny\AppData\Roaming\7plus 2011-06-06 06:27 . 2011-06-06 06:27 -------- d-----w- c:\users\danny\AppData\Local\{D3708114-E7B3-4A40-8104-778977D76C5E} 2011-06-05 18:10 . 2011-06-05 18:10 -------- d-----w- c:\users\danny\AppData\Local\{5074A7ED-6540-4DEE-B0EF-318430AAD51F} 2011-06-05 08:00 . 2011-06-05 07:58 8192 ----a-w- c:\windows\SysWow64\srvany.exe 2011-06-05 07:55 . 2011-06-05 08:08 -------- d-----w- c:\program files (x86)\Genuine Advantage 2011-06-05 07:55 . 2011-06-05 07:55 -------- d-----w- c:\windows\Genuine Advantage 2011-06-05 06:22 . 2011-06-05 06:22 -------- d-----w- c:\users\danny\AppData\Local\Ilivid Player 2011-06-05 06:21 . 2011-06-05 06:21 -------- d-----w- c:\users\danny\AppData\Local\PackageAware 2011-06-05 06:09 . 2011-06-05 06:09 -------- d-----w- c:\users\danny\AppData\Local\{65275FC3-6BEB-4B4E-9DEE-BA1AE9020B65} 2011-06-04 16:27 . 2011-06-04 16:27 -------- d-----w- c:\users\danny\AppData\Roaming\Serif 2011-06-04 07:37 . 2011-06-04 07:37 -------- d-----w- c:\users\danny\AppData\Local\{27E83095-BB7A-4F9B-AA86-C864BDC4C3F3} 2011-06-04 06:51 . 2011-06-04 06:51 -------- d-----w- c:\programdata\FilerFrog 2011-06-03 19:37 . 2011-06-03 19:37 -------- d-----w- c:\users\danny\AppData\Local\{1559ED03-27BC-4DD0-9215-F018F25B7D46} 2011-06-03 06:49 . 2011-06-03 06:49 -------- d-----w- c:\users\danny\AppData\Local\{1B444250-28BE-47CB-9F4E-0957A9726347} 2011-06-02 18:49 . 2011-06-02 18:49 -------- d-----w- c:\users\danny\AppData\Local\{273EA5F4-4AD7-43A7-9B62-E6BA3279CA51} 2011-06-02 06:48 . 2011-06-02 06:48 -------- d-----w- c:\users\danny\AppData\Local\{EE71B61A-EED0-41A6-B23E-E7CA55F71489} 2011-06-01 17:54 . 2011-06-01 17:54 -------- d-----w- c:\users\danny\AppData\Local\{A2CB0DB6-C59F-4CDD-A848-0A865BF7E63C} 2011-06-01 05:54 . 2011-06-01 05:54 -------- d-----w- c:\users\danny\AppData\Local\{EBFCE801-0B22-470D-BDE5-777211310208} 2011-05-31 16:50 . 2011-06-16 11:05 -------- d-----w- c:\users\danny\AppData\Local\Ashampoo Photo Optimizer 4 2011-05-31 16:35 . 2011-05-31 16:51 -------- d-----w- c:\users\danny\AppData\Local\photoOptimizeHistoryDataBase 2011-05-31 16:35 . 2011-05-31 16:49 -------- d-----w- c:\users\danny\AppData\Local\Ashampoo Photo Optimizer 3 2011-05-31 15:22 . 2011-05-31 15:24 -------- d-----w- c:\program files (x86)\Picasa2 2011-05-31 15:16 . 2011-05-31 15:16 -------- d-----w- c:\users\danny\AppData\Roaming\Ashampoo Photo Commander 5 2011-05-31 06:19 . 2011-05-31 06:19 -------- d-----w- c:\users\danny\AppData\Local\{4B5123F0-3F9D-4D79-B26C-3F8A6709C4EB} 2011-05-30 14:02 . 2011-05-30 14:03 -------- d-----w- c:\users\danny\AppData\Local\{14F30BFF-1385-425C-8E7A-015CE8FA57E5} . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-23 12:07 . 2011-03-29 12:02 106224 ----a-w- c:\windows\SysWow64\drivers\GRD.sys 2011-06-16 07:02 . 2011-05-14 07:09 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-05-24 17:14 . 2010-11-21 03:27 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-05-18 16:16 . 2011-05-18 16:16 137544 ----a-w- c:\windows\SysWow64\atl100.dll 2011-04-23 08:08 . 2011-02-25 12:07 40392 ----a-w- c:\windows\system32\drivers\GDBehave.sys 2011-04-23 08:08 . 2011-02-25 12:07 49096 ----a-w- c:\windows\system32\drivers\HookCentre.sys 2011-04-23 08:08 . 2011-02-25 12:07 85960 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys 2011-04-22 22:15 . 2011-05-25 06:04 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-04-21 19:24 . 2011-04-21 19:24 53248 ----a-r- c:\users\danny\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2011-04-21 19:24 . 2011-04-21 19:24 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr 2011-04-09 07:02 . 2011-05-11 05:23 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-04-09 06:58 . 2011-05-19 05:49 142336 ----a-w- c:\windows\system32\poqexec.exe 2011-04-09 06:02 . 2011-05-11 05:23 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2011-04-09 06:02 . 2011-05-11 05:23 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2011-04-09 05:56 . 2011-05-19 05:49 123904 ----a-w- c:\windows\SysWow64\poqexec.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WashAndGo - Cleanup of old Backupfiles"="c:\program files (x86)\WashAndgo\checker.exe" [2003-04-07 71680] "StartMenu7"="c:\program files (x86)\Start Menu 7\StartMenu7.exe" [2011-04-29 2752920] "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "G Data AntiVirus Tray Application"="c:\program files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe" [2010-09-10 997960] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "beid"="c:\program files (x86)\Belgium Identity Card\beid35gui.exe" [2011-02-03 2068480] "RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-04-20 234792] "NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-02-22 1226024] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "ST Recovery Launcher"="c:\windows\SMINST\VistaLauncher.exe" [2008-09-11 46416] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer4"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-23 136176] R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-02-18 462632] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x] R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe [2009-08-17 93848] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [x] S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [x] S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [x] S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [x] S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [x] S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/05/05 18:40];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-04-12 09:16 148976] S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x] S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2010-09-02 1098312] S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\AntiVirus\AVK\AVKService.exe [2010-05-04 410696] S2 AVKWCtl;G Data Filesystem Monitor;c:\program files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe [2010-08-25 1865344] S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-04-20 83240] S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-03-31 70952] S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-03-31 312616] S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x] S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-04-20 75248] S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [2010-08-25 340552] S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 . Inhoud van de 'Gedeelde Taken' map . 2011-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-23 15:54] . 2011-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-23 15:54] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976] "EPSON Stylus C62 Series"="c:\windows\system32\spool\DRIVERS\x64\3\E_S0BIC1.EXE" [2002-04-10 74240] "mylbx"="c:\program files\My Lockbox\mylbx.exe" [2011-04-25 1901888] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.searchqu.com/406 mStart Page = hxxp://www.bigseekpro.com/freedesktopclock/{E067DA3B-56FD-4C18-A8B8-06967DB40E2D} mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.1 195.130.131.1 FF - ProfilePath - c:\users\danny\AppData\Roaming\Mozilla\Firefox\Profiles\hjbvoqxa.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.deredactie.be/cm/vrtnieuws|http://www.krantenkoppen.be/|http://www.netvibes.com/privatepage/1#Mijn_overzicht FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=406&q= . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) Notify-WgaLogon - (no file) Toolbar-10 - (no file) WebBrowser-{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - (no file) AddRemove-7 Taskbar Tweaker - c:\users\danny\AppData\Roaming\7 Taskbar Tweaker\uninstall.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\hasplms.exe c:\program files (x86)\Photodex\ProShowGold\ScsiAccess.exe . ************************************************************************** . Voltooingstijd: 2011-06-27 18:33:20 - machine werd herstart ComboFix-quarantined-files.txt 2011-06-27 16:33 . Pre-Run: 36.698.828.800 bytes beschikbaar Post-Run: 40.279.568.384 bytes beschikbaar . - - End Of File - - F330C80BC5E66C172C93679842B15EF3

27 juni 2011
23 antwoorden
- komt
- neer
- (en 8 meer)
  Getagd met:
  - komt
  - neer
  - nieuw
  - probleem
  - programma
  - start
  - venster
  - verschijnt
  - wanneer
  - windows

nieuw venster op voorgrond

ldubbelo reageerde op ldubbelo's topic in Archief Windows Algemeen

ja, dat is gebeurd nu nogmaals, daarna : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12 56:26, on 26 juni 2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Windows\System32\spool\drivers\x64\3\E_S0BIC1.EXE C:\Program Files\My Lockbox\mylbx.exe C:\Program Files (x86)\Start Menu 7\StartMenu7.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\SysWOW64\fixmapi.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AvkWebIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AvkWebIE.dll O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [RemoteControl11] "C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe O4 - HKCU\..\Run: [WashAndGo - Cleanup of old Backupfiles] C:\Program Files (x86)\WashAndgo\checker.exe /check O4 - HKCU\..\Run: [startMenu7] "C:\Program Files (x86)\Start Menu 7\StartMenu7.exe" O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe O23 - Service: G Data Filesystem Monitor (AVKWCtl) - Unknown owner - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11745 bytes

26 juni 2011
23 antwoorden
- komt
- neer
- (en 8 meer)
  Getagd met:
  - komt
  - neer
  - nieuw
  - probleem
  - programma
  - start
  - venster
  - verschijnt
  - wanneer
  - windows

nieuw venster op voorgrond

ldubbelo reageerde op ldubbelo's topic in Archief Windows Algemeen

Malwarebytes' Anti-Malware 1.51.0.1200 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 6953 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 26 juni 2011 10 23 07 mbam-log-2011-06-26 (10-23-07).txt Scantype: Snelle scan Objecten gescand: 172060 Verstreken tijd: 2 minuut/minuten, 7 seconde(n) Geheugenprocessen geïnfecteerd: 1 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 1 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 3 Bestanden geïnfecteerd: 6 Geheugenprocessen geïnfecteerd: c:\Windows\kmservice.exe (RiskWare.Tool.CK) -> 2432 -> Unloaded process successfully. Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\Software\ErrorRepairPro (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: c:\program files (x86)\error repair professional (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully. c:\program files (x86)\error repair professional\Backups (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully. c:\program files (x86)\error repair professional\startbug (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: c:\Windows\kmservice.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. c:\program files\Keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully. c:\program files (x86)\Keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully. c:\program files (x86)\mozilla firefox\Keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully. c:\Users\danny\AppData\Local\Temp\MGASetup.exe (Hacktool.WPA) -> Quarantined and deleted successfully. c:\program files (x86)\common files\alg.exe (Trojan.Agent) -> Quarantined and deleted successfully. ________________________________________________ Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10 32:57, on 26 juni 2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Windows\System32\spool\drivers\x64\3\E_S0BIC1.EXE C:\Program Files\My Lockbox\mylbx.exe C:\Program Files (x86)\Start Menu 7\StartMenu7.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AvkWebIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AvkWebIE.dll O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [RemoteControl11] "C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe O4 - HKCU\..\Run: [WashAndGo - Cleanup of old Backupfiles] C:\Program Files (x86)\WashAndgo\checker.exe /check O4 - HKCU\..\Run: [startMenu7] "C:\Program Files (x86)\Start Menu 7\StartMenu7.exe" O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe O23 - Service: G Data Filesystem Monitor (AVKWCtl) - Unknown owner - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11463 bytes

26 juni 2011
23 antwoorden
- komt
- neer
- (en 8 meer)
  Getagd met:
  - komt
  - neer
  - nieuw
  - probleem
  - programma
  - start
  - venster
  - verschijnt
  - wanneer
  - windows

nieuw venster op voorgrond

ldubbelo reageerde op ldubbelo's topic in Archief Windows Algemeen

printscreen in bijlage scherm.docx

25 juni 2011
23 antwoorden
- komt
- neer
- (en 8 meer)
  Getagd met:
  - komt
  - neer
  - nieuw
  - probleem
  - programma
  - start
  - venster
  - verschijnt
  - wanneer
  - windows

nieuw venster op voorgrond

ldubbelo reageerde op ldubbelo's topic in Archief Windows Algemeen

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15 07:49, on 25 juni 2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Windows\System32\spool\drivers\x64\3\E_S0BIC1.EXE C:\Program Files\My Lockbox\mylbx.exe C:\Program Files (x86)\Start Menu 7\StartMenu7.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Users\danny\Desktop\Snippy.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/freedesktopclock/{E067DA3B-56FD-4C18-A8B8-06967DB40E2D} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file) R3 - URLSearchHook: (no name) - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AvkWebIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AvkWebIE.dll O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [RemoteControl11] "C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe O4 - HKCU\..\Run: [WashAndGo - Cleanup of old Backupfiles] C:\Program Files (x86)\WashAndgo\checker.exe /check O4 - HKCU\..\Run: [startMenu7] "C:\Program Files (x86)\Start Menu 7\StartMenu7.exe" O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe O23 - Service: G Data Filesystem Monitor (AVKWCtl) - Unknown owner - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12010 bytes

25 juni 2011
23 antwoorden
- komt
- neer
- (en 8 meer)
  Getagd met:
  - komt
  - neer
  - nieuw
  - probleem
  - programma
  - start
  - venster
  - verschijnt
  - wanneer
  - windows

nieuw venster op voorgrond

ldubbelo reageerde op ldubbelo's topic in Archief Windows Algemeen

Ingevoegd door moderator Kurtt @Idubbelo Het invoegen van je afbeelding is mislukt. Je moet de afbeelding opslaan en invoegen via de knop "Meer opties" als je een nieuw bericht maakt en daarna op het paperclipje klikken. Meer info hier (KLIK). We zullen ook eens nagaan of malware of virussen de oorzaak zijn van je probleem. 1. Download HijackThis. Klik bij "HijackThis Downloads" op "Installer". Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren". Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst. 2. Klik op de snelkoppeling om HijackThis te starten Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog". Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets. Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets. Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis. Dit (KLIK) filmpje kan je helpen om een hijackthis logje te plaatsen. Na het plaatsen van je logje wordt dit door een expert (Kape of Kweezie Wabbit) nagekeken en begeleidt hij jou door het ganse proces.