w32.blasterwom

[Bezem]

ComboFix 11-07-22.02 - Ron 22-07-2011 19:40:26.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3326.1873 [GMT 2:00]

Gestart vanuit: c:\users\Ron\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Ron\Desktop\CFScript.txt

AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

FW: Trend Micro Firewall Booster *Enabled* {49A8346C-6900-54B6-B1B3-5F678736DDE9}

SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\program files\Bandoo\Bandoo.exe"

"c:\windows\system32\bandoolmx.dll"

"c:\windows\system32\ConduitEngine.tmp"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\Bandoo

c:\program files\Bandoo\Bandoo.exe

c:\program files\Bandoo\BandooGo.exe

c:\program files\Bandoo\BandooUI.exe

c:\program files\Bandoo\BndCore.exe

c:\program files\Bandoo\BndHook.dll

c:\program files\Bandoo\CrashRpt.dll

c:\program files\Bandoo\ExtensionsManager.exe

c:\program files\Bandoo\FFSettings.exe

c:\program files\Bandoo\FlashAnimator.dll

c:\program files\Bandoo\GIFAnimator.dll

c:\program files\Bandoo\INSTALL.LOG

c:\program files\Bandoo\InstallerHelper.dll

c:\program files\Bandoo\libungif4.dll

c:\program files\Bandoo\license.rtf

c:\program files\Bandoo\Plugins.ini

c:\program files\Bandoo\Plugins\IE\ieplugin.dll

c:\program files\Bandoo\Plugins\IE\Resources\bandoo.js

c:\program files\Bandoo\Plugins\IE\Resources\HTML\blank.html

c:\program files\Bandoo\Plugins\IE\Resources\HTML\error.html

c:\program files\Bandoo\Plugins\MSN\msnplugin.dll

c:\program files\Bandoo\Plugins\MSN\Resources\HTML\blank.html

c:\program files\Bandoo\Plugins\MSN\Resources\HTML\error.html

c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\BandooToolbar.xml

c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1001.dat

c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1002.dat

c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1003.dat

c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1004.dat

c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1005.dat

c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1006.dat

c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1011.dat

c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1012.dat

c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1013.dat

c:\program files\Bandoo\Plugins\MSN\Resources\Toolbar\Images\1014.dat

c:\program files\Bandoo\Plugins\Yahoo\Resources\HTML\blank.html

c:\program files\Bandoo\Plugins\Yahoo\Resources\HTML\error.html

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\BandooToolbar.xml

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\BandooToolbarV9.xml

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1001.dat

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1002.dat

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1003.dat

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1004.dat

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1005.dat

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1006.dat

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1051.dat

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1052.dat

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1053.dat

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1054.dat

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1055.dat

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1056.dat

c:\program files\Bandoo\Plugins\Yahoo\Resources\Toolbar\Images\1057.dat

c:\program files\Bandoo\Plugins\Yahoo\YahooPlugin.dll

c:\program files\Bandoo\PreUninstall.exe

c:\program files\Bandoo\Resources.dll

c:\program files\Bandoo\Resources\BandooMessages.xml

c:\program files\Bandoo\Resources\downloading.gif

c:\program files\Bandoo\Resources\nudge0.wav

c:\program files\Bandoo\Resources\nudge1.wav

c:\program files\Bandoo\Resources\nudge2.wav

c:\program files\Bandoo\Resources\nudge3.wav

c:\program files\Bandoo\Resources\nudge4.wav

c:\program files\Bandoo\Resources\nudge5.wav

c:\program files\Bandoo\UNWISE.EXE

c:\program files\Conduit

c:\program files\Conduit\Community Alerts\Alert.dll

c:\program files\uTorrentBar_NL

c:\program files\uTorrentBar_NL\GottenAppsContextMenu.xml

c:\program files\uTorrentBar_NL\ldrtbuTor.dll

c:\program files\uTorrentBar_NL\OtherAppsContextMenu.xml

c:\program files\uTorrentBar_NL\prxtbuTor.dll

c:\program files\uTorrentBar_NL\SharedAppsContextMenu.xml

c:\program files\uTorrentBar_NL\tbuTor.dll

c:\program files\uTorrentBar_NL\toolbar.cfg

c:\program files\uTorrentBar_NL\ToolbarContextMenu.xml

c:\program files\uTorrentBar_NL\uninstall.exe

c:\program files\uTorrentBar_NL\uTorrentBar_NLToolbarHelper.exe

c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}

c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.dat

c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.exe

c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.lnk

c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.msi

c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.par

c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.res

c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\instance.dat

c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\mia.lib

c:\programdata\Bandoo

c:\programdata\Bandoo\config.xml

c:\programdata\Bandoo\CrashReportInfo.xml

c:\programdata\Bandoo\MostlyUsed.xml

c:\programdata\Bandoo\Repository\65765.dat

c:\programdata\Bandoo\Repository\65766.xml

c:\programdata\Bandoo\Repository\70145.dat

c:\programdata\Bandoo\Repository\70146.xml

c:\programdata\Bandoo\WPSubsystems.xml

c:\users\Ron\AppData\Local\Conduit

c:\users\Ron\AppData\Local\Conduit\CT2865317\uTorrentBar_NLAutoUpdateHelper.exe

c:\users\Ron\AppData\Local\Ilivid Player

c:\users\Ron\AppData\Local\Ilivid Player\script.qscript

c:\users\Ron\AppData\Roaming\Bandoo

c:\windows\system32\bandoolmx.dll

c:\windows\system32\ConduitEngine.tmp

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-06-22 to 2011-07-22 ))))))))))))))))))))))))))))))

.

.

2011-07-22 17:57 . 2011-07-22 17:57 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-07-22 17:15 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6B2802B4-AD91-45AE-BB22-25B021B4720E}\mpengine.dll

2011-07-20 00:38 . 2011-07-20 00:38 -------- d-----w- c:\programdata\boost_interprocess

2011-07-20 00:38 . 2011-07-20 00:39 -------- d-----w- c:\program files\Windows iLivid Toolbar

2011-07-20 00:38 . 2011-07-20 00:38 -------- d-----w- c:\users\Ron\AppData\Local\PackageAware

2011-07-20 00:23 . 2011-07-20 00:26 -------- d-----w- c:\programdata\Spotnet

2011-07-20 00:23 . 2011-07-20 00:23 -------- d-----w- c:\program files\Spotnet

2011-07-17 19:58 . 2011-07-17 19:58 -------- d-----w- c:\users\Ron\AppData\Roaming\Malwarebytes

2011-07-17 19:58 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-07-17 19:58 . 2011-07-17 19:58 -------- d-----w- c:\programdata\Malwarebytes

2011-07-17 19:58 . 2011-07-17 19:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-07-17 19:58 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-17 18:56 . 2011-07-17 18:56 388096 ----a-r- c:\users\Ron\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-07-16 15:30 . 2011-07-16 15:30 -------- d-----w- C:\temp

2011-07-16 15:14 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys

2011-07-16 15:01 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll

2011-07-16 15:01 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll

2011-07-15 20:25 . 2011-07-15 20:25 -------- d-----w- C:\extensions

2011-07-15 20:25 . 2011-07-20 00:28 -------- d-----w- c:\program files\ConduitEngine

2011-07-15 20:19 . 2011-07-20 08:18 -------- d-----w- c:\users\Ron\AppData\Roaming\uTorrent

2011-07-15 20:19 . 2011-07-15 20:19 -------- d-----w- c:\users\Ron\AppData\Local\uTorrent

2011-07-01 18:17 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-05-24 17:14 . 2009-10-02 17:19 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-05-02 17:16 . 2011-06-18 12:15 739328 ----a-w- c:\windows\system32\inetcomm.dll

2011-04-29 13:25 . 2011-06-18 12:16 146432 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-04-29 13:25 . 2011-06-18 12:16 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-04-29 13:24 . 2011-06-18 12:15 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-04-29 13:24 . 2011-06-18 12:15 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-04-29 13:24 . 2011-06-18 12:15 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-06 39408]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 202024]

"Steam"="e:\programs\Steam\Steam.exe" [2010-11-17 1242448]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Ai Nap"="c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 1426432]

"CPU Power Monitor"="c:\program files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-16 626176]

"Cpu Level Up help"="c:\program files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 880640]

"RCSystem"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2006-11-22 57344]

"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2006-11-22 57344]

"CTHelper"="CTHELPER.EXE" [2007-10-25 19456]

"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]

"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2008-04-14 380928]

"VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2008-08-06 233576]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-06-15 47408]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-14 30192]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]

"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13683232]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 92704]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]

"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-02-17 1111568]

"CTxfiHlp"="CTXFIHLP.EXE" [2008-07-11 19968]

"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 116752]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]

"OE"="c:\program files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe" [2010-12-20 238928]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CtxfiReg"="CTXFIREG.exe" [2008-07-11 43520]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-03-15 183560]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2008-11-06 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2008-11-06 79360]

R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-14 30192]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

R4 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2007-03-07 32256]

R4 iaNvStor;Intel® Turbo Memory Technology NAND Controller;c:\windows\system32\drivers\ianvstor.sys [2006-04-24 210432]

R4 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-05-30 36608]

R4 ioatdma;Intel® QuickData Technology Device;c:\windows\system32\drivers\ioatdma.sys [2008-01-18 36480]

R4 stex;stex;c:\windows\system32\drivers\stex.sys [2006-08-22 18944]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

S1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;c:\windows\system32\DRIVERS\tmlwf.sys [2010-12-20 143952]

S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]

S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2008-12-11 3575808]

S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-12-20 64080]

S2 tmwfp;Trend Micro WFP Callout Driver;c:\windows\system32\DRIVERS\tmwfp.sys [2010-12-20 284752]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Inhoud van de 'Gedeelde Taken' map

.

2011-07-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-946351660-546763968-3580765103-1003Core.job

- c:\users\Ron\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 19:46]

.

2011-07-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-946351660-546763968-3580765103-1003UA.job

- c:\users\Ron\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 19:46]

.

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS VERWIJDERD - - - -

.

AddRemove-Bandoo - c:\program files\Bandoo\PreUninstall.exe

AddRemove-iLivid - c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.exe

AddRemove-uTorrentBar_NL Toolbar - c:\program files\uTorrentBar_NL\uninstall.exe

AddRemove-{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406} - c:\programdata\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.exe

.

.

.

**************************************************************************

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

CTxfiHlp = CTXFIHLP.EXE?

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden:

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-946351660-546763968-3580765103-1003\Software\G*e*n*i*e*"!\FM Genie Scout 10]

"GameDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010\\games"

"ShortlistDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010\\shortlists"

"ScreenshotsDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010"

"SaveDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010\\"

"LangDB"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2010\\shortlists"

"LastSaveGame"=""

"Language"="English"

"LoadLangDB"=dword:00000000

"CompressHistoryPoints"=dword:00000000

"HighlightedAttributes"=dword:00000001

"MinCondition"=dword:00000050

"GraphStep"=dword:00000000

"SkinName"="Steklo Black"

"LastUpdateCheck"=dword:00009dc8

"HighQualityGUI"=dword:00000001

"AutomaticallyUpdateCheck"=dword:00000001

"AdvancedGeneration"=dword:00000001

"TranslateStaffSkills"=dword:00000001

"TranslatePlayerSkills"=dword:00000001

"TranslatePositions"=dword:00000001

"ShowHistory"=dword:00000001

"Version"=dword:00000074

"UniqueID"="35-EA80-E0CF"

"UseProxy"=dword:00000000

"ProxyHost"=""

"ProxyPort"=""

"UseAuthentication"=dword:00000000

"UserName"=""

"UserPassword"=""

"Currency"=dword:00000056

.

[HKEY_USERS\S-1-5-21-946351660-546763968-3580765103-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE]

"GameDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009\\games"

"ShortlistDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009\\shortlists"

"ScreenshotsDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009"

"SaveDir"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009\\"

"LangDB"="c:\\Users\\Ron\\Documents\\Sports Interactive\\Football Manager 2009\\shortlists"

"Language"="English"

"LoadLangDB"=dword:00000000

"CompressHistoryPoints"=dword:00000000

"HighlightedAttributes"=dword:00000001

"MinCondition"=dword:00000050

"SkinName"="FM 2009"

"LastUpdateCheck"=dword:00000000

"HighQualityGUI"=dword:00000001

"AutomaticallyUpdateCheck"=dword:00000001

"AdvancedGeneration"=dword:00000001

"TranslateStaffSkills"=dword:00000001

"TranslatePlayerSkills"=dword:00000001

"TranslatePositions"=dword:00000001

"ShowHistory"=dword:00000001

"Version"=dword:00000067

"UniqueID"="35-EA80-E0CF"

"Currency"=dword:00000056

"UseProxy"=dword:00000000

"ProxyHost"=""

"ProxyPort"=""

"UseAuthentication"=dword:00000000

"UserName"=""

"UserPassword"=""

"LastSaveGame"=""

"GraphStep"=dword:00000000

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'Explorer.exe'(3380)

c:\program files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEHook.dll

c:\windows\System32\ctagent.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\nvvsvc.exe

c:\program files\Creative\Shared Files\CTAudSvc.exe

c:\windows\system32\rundll32.exe

c:\program files\Trend Micro\AMSP\coreServiceShell.exe

c:\program files\ASUS\AASP\1.00.46\aaCenter.exe

c:\program files\Trend Micro\AMSP\coreFrameworkHost.exe

c:\program files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\System32\ASDR.exe

c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe

c:\windows\system32\PnkBstrA.exe

c:\windows\system32\PnkBstrB.exe

c:\program files\Microsoft\BingBar\SeaPort.EXE

c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\windows\system32\WUDFHost.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\conime.exe

c:\windows\System32\rundll32.exe

c:\windows\System32\Ctxfihlp.exe

c:\program files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe

c:\windows\SYSTEM32\CTXFISPI.EXE

c:\program files\Common Files\Nero\Lib\NMIndexingService.exe

c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

c:\program files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe

c:\program files\Creative\ShareDLL\CADI\NotiMan.exe

c:\windows\system32\wbem\unsecapp.exe

c:\windows\ehome\ehmsas.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Common Files\Steam\SteamService.exe

c:\windows\servicing\TrustedInstaller.exe

.

**************************************************************************

.

Voltooingstijd: 2011-07-22 20:05:31 - machine werd herstart

ComboFix-quarantined-files.txt 2011-07-22 18:05

ComboFix2.txt 2011-07-21 09:16

.

Pre-Run: 15.912.755.200 bytes beschikbaar

Post-Run: 15.761.354.752 bytes beschikbaar

.

- - End Of File - - 6BA7161BA12BCAF254A4F1CC39652B3D

Nadat combofix klaar was pc opnieuw herstart, daarbij viel op dat mijn bureaublad zwart blijft, ook na selecteren van nieuw bureablad. Tevens zie ik op de C en E schrijven geen pictogrammen van de bestanden en mappen, alleen de bestandnamen, de pictogramma laden als het ware niet in.

[kape]

Verwijder volgende vetgedrukte map : c:\program files\ConduitEngine

Download Unhide.exe naar het bureaublad, als u een melding krijgt dat het bestand mogelijk onveilig is kunt u dit negeren.

• Dubbelklik op "Unhide.exe" om de tool te starten.
  
• Let op!!! Windows Vista & 7 gebruikers dienen "Unhide.exe" als administrator uit te voeren "Rechtermuisknop uitvoeren als administrator",
  
• Wacht rustig af totdat de tool gereed is en doe in de tussentijd verder niets op de computer.
  
• Als de tool gereed is krijgt u het onderstaande scherm te zien, met de melding "Your files should now be visible"
  
  • 
    

  [*] Vermeld in uw volgende bericht of u deze melding heeft gekregen.

[Bezem]

Beste,

Unhide opgestart bovenstaande melding gekregen, alleen probleem doet zich nog steeds voor.

Misshien dat ik vanavond nog reageer anders duurt het weer een poosje, vanaf morgen 10 dagen op vakantie.

[kape]

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

[Bezem]

Uitgevoerd en er zijn aantal problemen gefixed door CCleaner, alleen achtergrond is nog steeds zwart, zijn die bestandenpictogramma nog onzichtbaar en de .sqm bestanden staan nog op de C schrijf. Daarnaast merk ik nu net op dat de C schrijf op 2 gig na ineens vol is geraakt.

[kape]

Heb je al eens geprobeerd een andere bureaubladachtergrond in te stellen ?

[Bezem]

Ook dat heb ik geprobeerd, kan geen andere achtergrond kiezen, je ziet de plaatjes niet laden, alleen transparanten blauwe vakjes als het ware.