Ga naar inhoud

Windows 7 problemen


Gast Bolio
 Delen

Aanbevolen berichten

Dit is een reactie op het onderwerp " Windows 7 Problemen " gestart door Bolio in het subforum : Windows.

Logje

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:44:49, on 16/01/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16700)

Boot mode: Normal

Running processes:

C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2011\WebProxy.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe

C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\ApVxdWin.exe

C:\Users\Power4Pc\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001

C:\Users\Power4Pc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Power4Pc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PavBckPT.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=c:\windows\syswow64\userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [CTSyncService] C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe /StartRunKey

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r

O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXE

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\Inicio.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Google Update] "C:\Users\Power4Pc\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsCtrls.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe

O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\pavsrvx86.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files (x86)\panda security\panda internet security 2011\firewall\PSHOST.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsImSvc.exe

O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PskSvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\TPSrvWow.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9092 bytes

Speccy

Summary

Operating System

MS Windows 7 Home Premium 64-bit

CPU

AMD Phenom II X6 1075T

Thuban 45nm Technology

RAM

4.0GB Dual-Channel DDR3 @ 573MHz (7-7-7-20)

Motherboard

ASRock 870 Extreme3 (CPUSocket) 28 °C

Graphics

B2430L @ 1920x1080

ATI Radeon HD 5700 Series

ATI Radeon HD 5700 Series

Hard Drives

977GB SAMSUNG SAMSUNG HD103SJ ATA Device (Unknown) 25 °C

Optical Drives

TSSTcorp CDDVDW SH-S223C ATA Device

CDKP U78H6BK SCSI CdRom Device

CDKP U78H6BK SCSI CdRom Device

Audio

Realtek High Definition Audio

Operating System

MS Windows 7 Home Premium 64-bit

Installation Date: 15 October 2010, 20:05

Serial Number: RG3RH-R34MM-QRKD4-V7FG3-VXDJM

CPU

AMD Phenom II X6 1075T

Cores 6

Threads 6

Name AMD Phenom II X6 1075T

Code Name Thuban

Package Socket AM3 (938)

Technology 45nm

Specification AMD Phenom II X6 1075T Processor

Family F

Extended Family 10

Model A

Extended Model A

Stepping 0

Revision PH-E0

Instructions MMX (+), 3DNow! (+), SSE, SSE2, SSE3, SSE4A, x86-64

Bus Speed 215.0 MHz

Rated Bus Speed 2150.1 MHz

Stock Core Speed 3000 MHz

Stock Bus Speed 200 MHz

Caches

L1 Data Cache Size 6 x 64 KBytes

L1 Instructions Cache Size 6 x 64 KBytes

L2 Unified Cache Size 6 x 512 KBytes

L3 Unified Cache Size 6144 KBytes

Core 0

Core Speed 859.9 MHz

Multiplier x 4.0

Bus Speed 215.0 MHz

Rated Bus Speed 2150.1 MHz

Thread 1

APIC ID 0

Core 1

Core Speed 859.9 MHz

Multiplier x 4.0

Bus Speed 215.0 MHz

Rated Bus Speed 2150.1 MHz

Thread 1

APIC ID 1

Core 2

Core Speed 859.9 MHz

Multiplier x 4.0

Bus Speed 215.0 MHz

Rated Bus Speed 2150.1 MHz

Thread 1

APIC ID 2

Core 3

Core Speed 859.9 MHz

Multiplier x 4.0

Bus Speed 215.0 MHz

Rated Bus Speed 2150.1 MHz

Thread 1

APIC ID 3

Core 4

Core Speed 859.9 MHz

Multiplier x 4.0

Bus Speed 215.0 MHz

Rated Bus Speed 2150.1 MHz

Thread 1

APIC ID 4

Core 5

Core Speed 859.9 MHz

Multiplier x 4.0

Bus Speed 215.0 MHz

Rated Bus Speed 2150.1 MHz

Thread 1

APIC ID 5

RAM

Memory slots

Total memory slots 4

Used memory slots 2

Free memory slots 2

Memory

Type DDR3

Size 4096 MBytes

Channels # Dual

DRAM Frequency 573.4 MHz

CAS# Latency (CL) 7 clocks

RAS# to CAS# Delay (tRCD) 7 clocks

RAS# Precharge (tRP) 7 clocks

Cycle Time (tRAS) 20 clocks

Bank Cycle Time (tR?) 27 clocks

Command Rate (CR) 2T

SPD

Number Of SPD Modules 2

Slot #1

Type DDR3

Size 2048 MBytes

Manufacturer Mushkin

Max Bandwidth PC3-10700 (667 MHz)

Part Number 991586

SPD Ext. EPP

JEDEC #4

Frequency 685.7 MHz

CAS# Latency 9.0

RAS# To CAS# 9

RAS# Precharge 9

tRAS 25

tRC 34

Voltage 1.500 V

JEDEC #3

Frequency 609.5 MHz

CAS# Latency 8.0

RAS# To CAS# 8

RAS# Precharge 8

tRAS 22

tRC 30

Voltage 1.500 V

JEDEC #2

Frequency 533.3 MHz

CAS# Latency 7.0

RAS# To CAS# 7

RAS# Precharge 7

tRAS 20

tRC 27

Voltage 1.500 V

JEDEC #1

Frequency 457.1 MHz

CAS# Latency 6.0

RAS# To CAS# 6

RAS# Precharge 6

tRAS 17

tRC 23

Voltage 1.500 V

Slot #2

Type DDR3

Size 2048 MBytes

Manufacturer

Max Bandwidth PC3-10700 (667 MHz)

Part Number F6456U64F9333G

SPD Ext. EPP

JEDEC #4

Frequency 685.7 MHz

CAS# Latency 9.0

RAS# To CAS# 9

RAS# Precharge 9

tRAS 25

tRC 34

Voltage 1.500 V

JEDEC #3

Frequency 609.5 MHz

CAS# Latency 8.0

RAS# To CAS# 8

RAS# Precharge 8

tRAS 22

tRC 30

Voltage 1.500 V

JEDEC #2

Frequency 533.3 MHz

CAS# Latency 7.0

RAS# To CAS# 7

RAS# Precharge 7

tRAS 20

tRC 27

Voltage 1.500 V

JEDEC #1

Frequency 457.1 MHz

CAS# Latency 6.0

RAS# To CAS# 6

RAS# Precharge 6

tRAS 17

tRC 23

Voltage 1.500 V

Motherboard

Manufacturer ASRock

Model 870 Extreme3

Version To Be Filled By O.E.M.

Chipset Vendor AMD

Chipset Model 870

Chipset Revision 00

Southbridge Vendor AMD

Southbridge Model SB850

Southbridge Revision 40

Temperature 28 °C

BIOS

Brand American Megatrends Inc.

Version P1.50

Date 06/18/2010

Graphics

Monitor

Name B2430L on ATI Radeon HD 5700 Series

Current Resolution 1920x1080 pixels

Work Resolution 1920x1040 pixels

State enabled, primary, output devices support

Monitor Width 1920

Monitor Height 1080

Monitor BPP 32 bits per pixel

Monitor Frequency 60 Hz

Device \\.\DISPLAY1\Monitor0

ATI Radeon HD 5700 Series

Memory 1024 MB

Memory type 2

Driver version 8.782.0.0

ATI Radeon HD 5700 Series

Memory 1024 MB

Memory type 2

Driver version 8.782.0.0

Hard Drives

SAMSUNG HD103SJ ATA Device

Manufacturer SAMSUNG

Business Unit/Brand Desktop

Model Capacity For This Specific Drive 1TB

Serial Number S246J90Z801163

Interface Unknown

Capacity 977GB

Real size 1.000.204.886.016 bytes

S.M.A.R.T

01 Read Error Rate 100 (100 worst) Data 0000000000

02 Throughput Performance 252 (252) Data 0000000000

03 Spin-Up Time 070 (069) Data 0000002391

04 Start/Stop Count 100 (100) Data 0000000080

05 Reallocated Sectors Count 252 (252) Data 0000000000

07 Seek Error Rate 252 (252) Data 0000000000

08 Seek Time Performance 252 (252) Data 0000000000

09 Power-On Hours (POH) 100 (100) Data 00000000D4

0A Spin Retry Count 252 (252) Data 0000000000

0B Recalibration Retries 252 (252) Data 0000000000

0C Device Power Cycle Count 100 (100) Data 000000007F

BF G-sense error rate 100 (100) Data 0000000004

C0 Power-off Retract Count 252 (252) Data 0000000000

C2 Temperature 064 (064) Data 00000C0019

C3 Hardware ECC Recovered 100 (100) Data 0000000000

C4 Reallocation Event Count 252 (252) Data 0000000000

C5 Current Pending Sector Count 252 (252) Data 0000000000

C6 Uncorrectable Sector Count 252 (252) Data 0000000000

C7 UltraDMA CRC Error Count 200 (200) Data 0000000000

C8 Write Error Rate / Multi-Zone Error Rate 100 (100) Data 0000000003

DF Load/Unload Retry Count 252 (252) Data 0000000000

E1 Load/Unload Cycle Count 100 (100) Data 0000000080

Temperature 25 °C

Temperature Range ok (less than 50 °C)

Status Good

Partition 0

Partition ID Disk #0, Partition #0

Size 100 MB

Partition 1

Partition ID Disk #0, Partition #1

Disk Letter C:

File System NTFS

Volume Serial Number 165B2F49

Size 931GB

Used Space 202GB (22%)

Free Space 729GB (78%)

Optical Drives

TSSTcorp CDDVDW SH-S223C ATA Device

Media Type DVD Writer

Name TSSTcorp CDDVDW SH-S223C ATA Device

Availability Running/Full Power

Capabilities Random Access, Supports Writing, Supports Removable Media

Config Manager Error Code Device is working properly

Config Manager User Config FALSE

Drive D:

Media Loaded FALSE

SCSI Bus 0

SCSI Logical Unit 0

SCSI Port 0

SCSI Target Id 1

Status OK

CDKP U78H6BK SCSI CdRom Device

Media Type DVD-ROM

Name CDKP U78H6BK SCSI CdRom Device

Availability Running/Full Power

Capabilities Random Access, Supports Removable Media

Config Manager Error Code Device is working properly

Config Manager User Config FALSE

Drive G:

Media Loaded FALSE

SCSI Bus 0

SCSI Logical Unit 0

SCSI Port 4

SCSI Target Id 0

Status OK

CDKP U78H6BK SCSI CdRom Device

Media Type DVD-ROM

Name CDKP U78H6BK SCSI CdRom Device

Availability Running/Full Power

Capabilities Random Access, Supports Removable Media

Config Manager Error Code Device is working properly

Config Manager User Config FALSE

Drive H:

Media Loaded FALSE

SCSI Bus 0

SCSI Logical Unit 0

SCSI Port 4

SCSI Target Id 1

Status OK

Audio

Sound Cards

ATI High Definition Audio Device

ATI High Definition Audio Device

Realtek High Definition Audio

Playback Devices

Luidsprekers (Realtek High Definition Audio) (default)

Realtek Digital Output (Realtek High Definition Audio)

Peripherals

Standaard-PS/2-toetsenbord

Device Kind Keyboard

Device Name Standaard-PS/2-toetsenbord

Location Op toetsenbordpoort aangesloten

Driver

Date 6-21-2006

Version 6.1.7600.16385

File C:\Windows\system32\DRIVERS\i8042prt.sys

File C:\Windows\system32\DRIVERS\kbdclass.sys

HID-toetsenbordapparaat

Device Kind Keyboard

Device Name HID-toetsenbordapparaat

Vendor Logitech

Location USB-invoerapparaat

Driver

Date 6-21-2006

Version 6.1.7600.16385

File C:\Windows\system32\DRIVERS\kbdhid.sys

File C:\Windows\system32\DRIVERS\kbdclass.sys

HID-muis

Device Kind Mouse

Device Name HID-muis

Vendor Unknown

Location USB-invoerapparaat

Driver

Date 6-21-2006

Version 6.1.7600.16385

File C:\Windows\system32\DRIVERS\mouhid.sys

File C:\Windows\system32\DRIVERS\mouclass.sys

Network

You are connected to the internet

Connected through Compact Wireless-G USB-adapter #2

IP Address 192.168.0.104

Subnet mask 255.255.255.0

Gateway server 192.168.0.1

Preferred DNS server 195.130.130.2

Alternate DNS server 195.130.131.2

DHCP Enabled

DHCP server 192.168.0.1

External IP Address 78.21.206.150

Adapter Type IEEE 802.11 wireless

NetBIOS over TCP/IP Enabled via DHCP

WinInet Info

LAN-verbinding

Local system uses a local area network to connect to the Internet

Local system has RAS to connect to the Internet

Wi-Fi Info

Using native Wi-Fi API version 2

Available access points count 1

Wi-Fi (telenet-6C516)

SSID telenet-6C516

Name No name

Signal Strength/Quality 73

Security Enabled

State The interface is connected to a network

Dot11 Type Infrastructure BSS network

Network Connectible

Network Flags Currently Connected to this network

Cipher Algorithm to be used when joining this network Temporal Key Integrity Protocol (TKIP) algorithm

Default Auth used to join this network for the first time WPA algorithm that uses preshared keys (PSK)

WinHTTPInfo

WinHTTPSessionProxyType No proxy

Session Proxy

Session Proxy Bypass

Connect Retries 5

Connect Timeout 60000

HTTP Version HTTP 1.1

Max Connects Per 1.0 Servers INFINITE

Max Connects Per Servers INFINITE

Max HTTP automatic redirects 10

Max HTTP status continue 10

Send Timeout 30000

IEProxy Auto Detect No

IEProxy Auto Config

IEProxy

IEProxy Bypass

Default Proxy Config Access Type No proxy

Default Config Proxy

Default Config Proxy Bypass

Alvast Bedankt ,

Vriendelijke groeten ,

Sacha

Link naar reactie
Delen op andere sites

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

Combofix logje :

ComboFix 11-01-15.01 - Power4Pc 16/01/2011 21:00:47.1.6 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1043.18.4095.2716 [GMT 1:00]

Running from: c:\users\Power4Pc\Desktop\ComboFix.exe

AV: Panda Internet Security 2011 *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}

FW: Panda Personal Firewall 2011 *Disabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}

SP: Panda Internet Security 2011 *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

((((((((((((((((((((((((( Files Created from 2010-12-16 to 2011-01-16 )))))))))))))))))))))))))))))))

.

2011-01-16 20:03 . 2011-01-16 20:03 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-01-16 10:34 . 2011-01-16 10:34 -------- d-----w- C:\found.000

2011-01-14 09:59 . 2010-11-10 05:35 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4835755-FEF5-485E-870F-D03225C07E2F}\mpengine.dll

2010-12-27 11:24 . 2010-12-27 11:24 2829 ----a-w- c:\windows\War3Unin.pif

2010-12-27 11:24 . 2010-12-27 11:24 126976 ----a-w- c:\windows\War3Unin.exe

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-12-12 16:12 . 2010-12-12 15:50 303616 ----a-w- c:\windows\system32\drivers\atksgt.sys

2010-12-12 16:12 . 2010-12-12 15:50 35328 ----a-w- c:\windows\system32\drivers\lirsgt.sys

2010-11-08 08:56 . 2010-10-15 18:22 466520 ----a-w- c:\windows\system32\wrap_oal.dll

2010-11-08 08:56 . 2010-10-15 18:22 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll

2010-11-08 08:56 . 2010-10-15 18:22 122968 ----a-w- c:\windows\system32\OpenAL32.dll

2010-11-08 08:56 . 2010-10-15 18:22 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll

2010-11-04 06:35 . 2010-12-16 10:21 1194496 ----a-w- c:\windows\system32\wininet.dll

2010-11-04 06:31 . 2010-12-16 10:21 57856 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-04 05:52 . 2010-12-16 10:21 978944 ----a-w- c:\windows\SysWow64\wininet.dll

2010-11-04 05:48 . 2010-12-16 10:21 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll

2010-11-04 05:16 . 2010-12-16 10:21 482816 ----a-w- c:\windows\system32\html.iec

2010-11-04 04:41 . 2010-12-16 10:21 386048 ----a-w- c:\windows\SysWow64\html.iec

2010-11-04 04:35 . 2010-12-16 10:21 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-11-04 04:08 . 2010-12-16 10:21 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb

2010-11-02 05:18 . 2010-12-16 10:21 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-02 05:17 . 2010-12-16 10:21 473600 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-02 05:17 . 2010-12-16 10:21 1169408 ----a-w- c:\windows\system32\taskschd.dll

2010-11-02 05:16 . 2010-12-16 10:21 1114624 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-02 05:10 . 2010-12-16 10:21 464384 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 05:10 . 2010-12-16 10:21 285696 ----a-w- c:\windows\system32\schtasks.exe

2010-11-02 04:40 . 2010-12-16 10:21 496128 ----a-w- c:\windows\SysWow64\taskschd.dll

2010-11-02 04:40 . 2010-12-16 10:21 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll

2010-11-02 04:34 . 2010-12-16 10:21 192000 ----a-w- c:\windows\SysWow64\taskeng.exe

2010-11-02 04:34 . 2010-12-16 10:21 179712 ----a-w- c:\windows\SysWow64\schtasks.exe

2010-10-27 05:06 . 2010-12-16 10:21 2048 ----a-w- c:\windows\system32\tzres.dll

2010-10-27 04:32 . 2010-12-16 10:21 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2010-10-24 19:31 . 2010-10-20 20:56 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2010-10-24 19:31 . 2010-10-20 20:56 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe

2010-10-24 19:31 . 2010-10-20 20:56 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2010-10-21 19:10 . 2010-10-21 19:10 388096 ----a-r- c:\users\Power4Pc\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-10-20 20:59 . 2010-10-20 20:59 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll

2010-10-20 05:20 . 2010-12-16 10:21 46080 ----a-w- c:\windows\system32\atmlib.dll

2010-10-20 04:54 . 2010-12-16 10:21 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2010-10-20 03:09 . 2010-12-16 10:21 3124224 ----a-w- c:\windows\system32\win32k.sys

2010-10-20 03:05 . 2010-12-16 10:21 367104 ----a-w- c:\windows\system32\atmfd.dll

2010-10-20 02:58 . 2010-12-16 10:21 294400 ----a-w- c:\windows\SysWow64\atmfd.dll

2010-10-19 09:41 . 2010-10-27 09:54 270720 ------w- c:\windows\system32\MpSigStub.exe

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

"Google Update"="c:\users\Power4Pc\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-10-27 136176]

"Steam"="c:\program files (x86)\Steam\Steam.exe" [2010-11-16 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]

"CTSyncService"="c:\program files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe" [2009-07-08 1233195]

"VolPanel"="c:\program files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" [2009-05-04 241789]

"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]

"APVXDWIN"="c:\program files (x86)\Panda Security\Panda Internet Security 2011\APVXDWIN.EXE" [2010-08-26 988480]

"SCANINICIO"="c:\program files (x86)\Panda Security\Panda Internet Security 2011\Inicio.exe" [2010-06-11 68928]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]

"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]

@="Service"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-10-15 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-10-15 79360]

R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]

R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys [x]

R3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2010-10-15 79360]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-27 1255736]

S0 pavboot;Panda boot driver;c:\windows\system32\Drivers\pavboot64.sys [2010-06-22 30792]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-21 503352]

S1 ShldFlt;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShldFlt.sys [2009-10-27 48136]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-29 203264]

S2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm6460.sys [2010-05-21 65608]

S2 APPFLT;App Filter Plugin;c:\windows\system32\Drivers\APPFLT64.SYS [2010-02-18 118280]

S2 ComFiltr;Panda Anti-Dialer;c:\windows\system32\DRIVERS\COMFiltr.sys [2010-10-15 15928]

S2 DSAFLT;DSA Filter Plugin;c:\windows\system32\Drivers\DSAFLT64.SYS [2009-09-25 82952]

S2 FNETMON;NetMon Filter Plugin;c:\windows\system32\Drivers\fnetm64.SYS [2009-09-25 31752]

S2 IDSFLT;Ids Filter Plugin;c:\windows\system32\Drivers\IDSFLT64.SYS [2009-09-25 78856]

S2 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\Drivers\NETTDI64.SYS [2009-09-25 12:54 170504]

S2 PskSvcRetail;Panda PSK service;c:\program files (x86)\Panda Security\Panda Internet Security 2011\PskSvc.exe [2010-08-16 28992]

S2 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\Drivers\WNMFLT64.SYS [2009-09-25 74760]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-29 7883264]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-29 285696]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-08-16 116240]

S3 NETIMFLT01060042;PANDA NDIS IM Filter Miniport v1.6.0.42;c:\windows\system32\DRIVERS\n64i1642.sys [2010-02-18 214536]

S3 netr7364;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]

S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]

S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]

S3 PavTPK.sys;PavTPK.sys;c:\windows\system32\PavTPK.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - CPUZ134

*Deregistered* - cpuz134

.

Contents of the 'Scheduled Tasks' folder

2011-01-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-942638529-4029727881-3950989009-1000Core.job

- c:\users\Power4Pc\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-27 14:37]

2011-01-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-942638529-4029727881-3950989009-1000UA.job

- c:\users\Power4Pc\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-27 14:37]

.

--------- x86-64 -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-08 10060832]

"RunDLLEntry"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000

.

- - - - ORPHANS REMOVED - - - -

Wow6432Node-HKCU-Run-ASRockOCTuner - (no file)

Wow6432Node-HKCU-Run-ASRockIES - (no file)

Wow6432Node-HKCU-Run-zASRockInstantBoot - (no file)

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2011-01-16 21:05:32

ComboFix-quarantined-files.txt 2011-01-16 20:05

Pre-Run: 784.094.281.728 bytes beschikbaar

Post-Run: 784.167.260.160 bytes beschikbaar

- - End Of File - - D647C0CD2F814C5BE9547F1E9F27FBCE

Ik vroeg me af hoe ik men systeem dan minder zwaar laat opstarten, dus alleen het essentiële laat opstarten ?

Alvast bedankt ,

vriendelijke groeten ,

Sacha

Link naar reactie
Delen op andere sites

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

F2 - REG:system.ini: UserInit=c:\windows\syswow64\userinit.exe,

Klik op 'Fix checked' om de items te verwijderen.

Download Codestuff Starter

Start Codestuff Starter op

Selecteer het tabblad Automatisch Opstarten en vink volgende items uit. Deze programma’s worden onnodig mee opgestart.

O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXE

O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\Inicio.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" –silent

Link naar reactie
Delen op andere sites

Kape ,

Ik kan je niet genoeg bedanken om me te helpen !

Bij de vorige stap is het volgende niet gelukt :

1) F2 - REG:system.ini: UserInit=c:\windows\syswow64\userinit.exe dit stond niet meer in de lijst.

2) O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\Inicio.exe" dit kon ik niet uitvinken, er kwam op : "Its very likely that you dont have enough access permissions" alhoewel ik het programma als adminstrator heb uitgevoerd.

Link naar reactie
Delen op andere sites

OK, dan nu even dit :

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Link naar reactie
Delen op andere sites

Ik weet niet goed wat er gebeurt is maar ik denk omdat mijn panda niet was afgesloten alvorens de opdracht combofix /uninstall uittevoeren blokkeerde deze de opdracht waardoor het programma combofix vastliep. Ik heb het programma dan moeten beïndigen waardoor mijn computer nu heel eigenaardig doet. Ik heb de opdracht nog eens proberen uitvoeren maar nu kan de computer de toepassing niet meer vinden ofzoiets. Hij blokkeert nu regelmatig. Wat moet ik nu doen ?

Vriendelijke groeten,

Sacha

---------- Post toegevoegd om 12:28 ---------- Vorige post was om 12:22 ----------

Oke , ik heb gewoon mijn reset knop ingedrukt en na het heropstarten kon ik het programma toch verwijderen.

Ik hoop dat dit geen kwaad kan?

Link naar reactie
Delen op andere sites

Opstarten gaat sneller nu, pc is ook nog niet vastgelopen ( dit was echter niet zo frequent, dus het valt nog af te wachten ). Ik vroeg me nog een iets af, bij het opstarten kan ik turbo modus af of aanzetten, maakt dit uit wat ik hiervoor kies?

Link naar reactie
Delen op andere sites

 Delen

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.