pc blijft sms hangen bij pokeren

sutter1980 · 21 juli 2012

Beste,

kun je even mijn logje nakijken?

Bij het online pokeren blijft de pagina soms hangen.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:12:27, on 21/07/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16447)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe

C:\Program Files\Launch Manager\HotkeyApp.exe

C:\Program Files\Launch Manager\OSD.exe

C:\Program Files\Launch Manager\WButton.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe

C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe

C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Users\kristof\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\kristof\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3

O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe"

O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [bullGuard] "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [instaLAN] "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [ROUTE66Sync] C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe -runinbackground

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart

O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s

O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\kristof\AppData\Local\Akamai\netsession_win.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\kristof\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\kristof\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: BgGamingMonitor.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe

O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe

O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--

End of file - 10701 bytes

kape · 21 juli 2012

Niet meteen iets aan de hand in dit logje. Doe nog even dit :

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

sutter1980 · 21 juli 2012

Beste,

Hier is het logje van combofix.

Ik kon mozilla firefox niet op de gewone manier openen, na de scan van combofix.

Kon enkel op het internet als ik mozilla opende als administrator...

Is dit normaal?

Ik kreeg telkens de meding : er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering...

Dit is bij meerdere programma'sen bestanden zo.

Hier is het logje van combofix:

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-31 176408]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"InstaLAN"="c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2011-05-27 2015136]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"ROUTE66Sync"="c:\program files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe" [2010-10-08 167936]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]

"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2012-05-09 4464472]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

@="Service"

.

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]

R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]

R3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]

R3 NxpCap;CTX capture service;c:\windows\system32\DRIVERS\NxpCap.sys [x]

R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]

R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S1 BdSpy;BdSpy;c:\windows\system32\DRIVERS\BdSpy.sys [x]

S1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\DRIVERS\NSKernel.sys [x]

S1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\DRIVERS\NSNetmon.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [x]

S2 BsBackup;BullGuard backup service;c:\windows\System32\SvcHost.exe [x]

S2 BsBhvScan;BullGuard behavioural detection service;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [x]

S2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe [x]

S2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe [x]

S2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe [x]

S2 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [x]

S2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [x]

S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [x]

S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]

S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]

S3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [x]

S3 X10Hid;X10 Hid Device;c:\windows\System32\Drivers\x10hid.sys [x]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - FSUSBEXDISK

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

BullGuard_Main REG_MULTI_SZ BsMain

BullGuard REG_MULTI_SZ BsFileScan

BullGuard_LowPriv REG_MULTI_SZ BsBrowser

BullGuard_Backup REG_MULTI_SZ BsBackup

BullGuard_Proxy REG_MULTI_SZ BsMailProxy

.

Inhoud van de 'Gedeelde Taken' map

.

2012-07-21 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 14:54]

.

2012-07-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1989308295-783603159-620971693-1001Core.job

- c:\users\kristof\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-07 20:20]

.

2012-07-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1989308295-783603159-620971693-1001UA.job

- c:\users\kristof\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-07 20:20]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.aldi.com

uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Free YouTube to MP3 Converter - c:\users\kristof\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

LSP: c:\windows\system32\BGLsp.dll

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\users\kristof\AppData\Roaming\Mozilla\Firefox\Profiles\yyybdx1h.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

HKLM-Run-LMgrOSD - c:\program files\Launch Manager\OSDCtrl.exe

AddRemove-DealPly - c:\program files\DealPly\uninst.exe

AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe

AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe

AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe

AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe

AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe

AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe

AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe

AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe

AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe

AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe

AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe

AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe

AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe

AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe

AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe

AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe

AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe

AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe

AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe

AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe

AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Belkin\Router Setup and Monitor\BelkinService.exe

c:\windows\system32\taskhost.exe

c:\program files\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\program files\Common Files\Protexis\License Service\PsiService_2.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\progra~1\COMMON~1\X10\Common\x10nets.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\conhost.exe

c:\program files\Synaptics\SynTP\SynTPHelper.exe

c:\windows\system32\sppsvc.exe

c:\program files\Windows Media Player\wmpnetwk.exe

.

**************************************************************************

.

Voltooingstijd: 2012-07-21 23:39:23 - machine werd herstart

ComboFix-quarantined-files.txt 2012-07-21 21:39

.

Pre-Run: 162.059.010.048 bytes beschikbaar

Post-Run: 163.974.299.648 bytes beschikbaar

.

- - End Of File - - 4A1BBB862963BA58C25261203D980A7B

Alvast bedankt voor de hulp die jullie geven!!

kape · 22 juli 2012

Om die foutmeldingen en het probleem met Firefox te ontlopen, moet je de PC gewoon opnieuw opstarten. Maar dat zal inmiddels misschien al wel gebeurd zijn ?

Het logje van Combofix is niet helemaal volledig gekopieerd. Er ontbreekt een (noodzakelijk) deel van het begin van het log. Wil je eens kijken of je het opnieuw kan oppikken en dan volledig in een volgende bericht hangen ?

sutter1980 · 22 juli 2012

Ok, dit was het geval na heropstarten!

Hier is het volledige logje:

ComboFix 12-07-21.01 - kristof 21/07/2012 23:19:18.1.4 - x86

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.2935.1157 [GMT 2:00]

Gestart vanuit: c:\users\kristof\Desktop\ComboFix.exe

AV: BullGuard Antivirus *Disabled/Outdated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}

SP: BullGuard Antispyware *Disabled/Outdated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}

SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\DealPly

c:\program files\DealPly\DealPly.crx

c:\program files\DealPly\DealPly.xpi

c:\program files\DealPly\DealPlyUpdate.exe

c:\program files\DealPly\DealPlyUpdate.log

c:\program files\DealPly\DealPlyUpdateRun.exe

c:\program files\DealPly\icon.ico

c:\program files\DealPly\uninst.exe

c:\users\kristof\AppData\Local\Temp\1.tmp\F_IN_BOX.dll

c:\users\kristof\AppData\Local\Temp\35a21c59-6cef-4901-a8d6-b682815a126d\CliSecureRT.dll

c:\windows\system32\drivers\etc\lmhosts

c:\windows\system32\muzapp.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-21 to 2012-07-21 ))))))))))))))))))))))))))))))

.

2012-07-20 14:15 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{947EA3AF-29A6-4D54-A1BB-FDB0DF542EE8}\mpengine.dll

2012-07-12 03:57 . 2012-06-02 08:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-07-12 03:57 . 2012-06-02 09:08 140920 ----a-w- c:\program files\Internet Explorer\sqmapi.dll

2012-07-12 03:57 . 2012-06-02 08:22 194560 ----a-w- c:\program files\Internet Explorer\ieproxy.dll

2012-07-12 03:57 . 2012-06-02 08:21 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll

2012-07-12 03:57 . 2012-06-02 08:20 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-07-12 03:57 . 2012-06-02 08:33 1800192 ----a-w- c:\windows\system32\jscript9.dll

2012-07-12 03:56 . 2012-06-02 09:08 748664 ----a-w- c:\program files\Internet Explorer\iexplore.exe

2012-07-12 03:56 . 2012-06-02 08:27 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll

2012-07-12 03:56 . 2012-06-02 08:26 387584 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll

2012-07-12 03:56 . 2012-06-02 08:25 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-07-11 14:33 . 2012-07-11 14:34 -------- d-----w- c:\programdata\WinZip

2012-07-07 11:39 . 2012-07-07 11:40 -------- d-----w- c:\users\kristof\AppData\Local\Facebook

2012-06-23 17:15 . 2012-06-23 17:15 -------- d-----w- c:\users\kristof\AppData\Local\Macromedia

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-12 14:54 . 2012-04-12 14:01 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-12 14:54 . 2011-06-20 11:25 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-12 02:40 . 2012-07-12 03:54 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-06-02 22:19 . 2012-06-21 15:02 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-21 15:02 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-21 15:02 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-21 15:02 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:19 . 2012-06-21 15:02 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:12 . 2012-06-21 15:02 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:12 . 2012-06-21 15:02 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-06-21 15:01 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:12 . 2012-06-21 15:01 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 08:25 . 2012-07-12 03:57 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-06-02 04:40 . 2012-07-12 03:19 225280 ----a-w- c:\windows\system32\schannel.dll

2012-05-31 10:25 . 2010-04-30 06:08 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-05-01 04:44 . 2012-06-14 08:36 164352 ----a-w- c:\windows\system32\profsvc.dll

2012-04-28 03:17 . 2012-06-14 08:36 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-04-26 04:45 . 2012-06-14 08:36 58880 ----a-w- c:\windows\system32\rdpwsx.dll

2012-04-26 04:45 . 2012-06-14 08:36 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-04-26 04:41 . 2012-06-14 08:36 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-04-24 04:36 . 2012-06-14 08:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll

2012-04-24 04:36 . 2012-06-14 08:36 1158656 ----a-w- c:\windows\system32\crypt32.dll

2012-04-24 04:36 . 2012-06-14 08:36 103936 ----a-w- c:\windows\system32\cryptnet.dll

2012-05-19 07:51 . 2011-06-13 02:08 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-12-08 935824]

"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-12-08 3508624]

"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-12-08 21392]

"Akamai NetSession Interface"="c:\users\kristof\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

"Facebook Update"="c:\users\kristof\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-14 138096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-23 9177632]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RtHDVBg.exe" [2010-04-23 1423904]

"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2009-12-14 200704]

"LMgrVolOSD"="c:\program files\Launch Manager\OSD.exe" [2009-12-11 348960]

"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2010-01-13 413696]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-12-11 1594664]

"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]

"BullGuard"="c:\program files\bullguard ltd\bullguard\BullGuard.exe" [2012-07-05 1756000]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-31 142616]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 177432]