Random vastlopers van mijn PC

[WillemB]

Hallo,

Ik heb sinds de installatie van mijn windows 7 64bit, last van random crashes van mijn pc.

Wanneer hij crashed, kan ik mijn cursor niet meer bewegen, en het beeld blijft staan (freezes) waar ik op dat moment mee bezig was. Om dit te verhelpen moet ik vervolgens de powerknop lang in te houden (of de stekker er gewoon uit te trekken) om mijn computer opnieuw opstarten.

Soms gebeurt dit na 10 minuten, soms na 4 uur, of soms een paar dagen niet; compleet random dus!

Hopelijk kunnen jullie dit probleem detecteren en mij vertellen wat ik hier aan kan doen?!

Alvast bedankt,

Willem

LOG HIJJACKTHIS:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:59:25, on 24-9-2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

C:\Program Files\Mouse\Amoumain.exe

C:\Users\WillemB\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Users\WillemB\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\WillemB\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\WillemB\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\WillemB\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\WillemB\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\WillemB\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\WillemB\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\WillemB\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\WillemB\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\WillemB\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\WillemB\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\WillemB\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\WillemB\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\WillemB\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [ROC_ROC_NT] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\WillemB\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = WillemB\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11107 bytes

LOG MBAM:

Malwarebytes Anti-Malware (Trial) 1.65.0.1400

Malwarebytes : Free anti-malware download

Database version: v2012.09.24.03

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

WillemB :: WILLEMB-PC [administrator]

Protection: Enabled

24-9-2012 12:59:07

mbam-log-2012-09-24 (12-59-07).txt

Scan type: Full scan (B:\|C:\|F:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 438948

Time elapsed: 40 minute(s), 45 second(s)

Memory Processes Detected: 1

C:\Windows\KMService.exe (RiskWare.Tool.CK) -> 2660 -> Delete on reboot.

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Delete on reboot.

(end)

[kape]

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

[WillemB]

ComboFix 12-09-26.01 - WillemB 26-09-2012 15:59:12.3.2 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1033.18.8191.6597 [GMT 2:00]

Gestart vanuit: c:\users\WillemB\Desktop\ComboFix.exe

AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}

SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-08-26 to 2012-09-26 ))))))))))))))))))))))))))))))

.

.

2012-09-26 14:02 . 2012-09-26 14:02 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-09-26 07:57 . 2012-09-26 07:57 -------- d-----w- c:\program files (x86)\Common Files\LogiShrd

2012-09-26 07:56 . 2012-09-26 07:56 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2012-09-26 07:56 . 2012-09-26 07:57 -------- d-----w- c:\programdata\Logishrd

2012-09-26 07:56 . 2012-09-26 07:56 -------- d-----w- c:\program files\Logitech

2012-09-26 07:56 . 2012-09-26 07:56 -------- d-----w- c:\program files\Common Files\Logishrd

2012-09-24 19:52 . 2012-09-24 19:52 -------- d-----w- c:\programdata\KONAMI

2012-09-24 10:57 . 2012-09-24 10:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-09-24 10:57 . 2012-09-24 10:57 -------- d-----w- c:\programdata\Malwarebytes

2012-09-24 10:57 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-24 10:30 . 2012-09-24 10:30 -------- d-----w- c:\program files\Mouse

2012-09-24 10:30 . 2000-01-01 00:00 32768 ----a-w- c:\windows\SysWow64\Amhooker.dll

2012-09-24 10:30 . 2000-01-01 00:00 21504 ----a-w- c:\windows\system32\drivers\Amps2x64.sys

2012-09-24 10:30 . 2000-01-01 00:00 17920 ----a-w- c:\windows\system32\drivers\Amusbx64.sys

2012-09-24 10:30 . 2000-01-01 00:00 12288 ----a-w- c:\windows\system32\drivers\Amfltx64.sys

2012-09-24 10:24 . 2012-09-24 10:24 -------- d-----w- c:\program files (x86)\Intel

2012-09-24 10:24 . 2000-01-01 00:00 53248 ----a-w- c:\windows\SysWow64\CSVer.dll

2012-09-24 10:24 . 2012-09-24 10:24 -------- d-----w- C:\Intel

2012-09-24 10:22 . 2012-09-26 14:04 15712 ----a-w- c:\windows\system32\drivers\SWDUMon.sys

2012-09-24 10:22 . 2012-09-24 10:22 -------- d-----w- c:\program files (x86)\SlimDrivers

2012-09-19 09:10 . 2012-09-19 09:10 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-09-19 09:10 . 2012-09-19 09:10 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-09-19 09:09 . 2012-09-19 09:09 -------- d-----w- c:\windows\SysWow64\Macromed

2012-09-19 09:09 . 2012-09-19 09:09 -------- d-----w- c:\windows\system32\Macromed

2012-09-18 09:01 . 2012-09-18 09:01 73216 ----a-w- c:\windows\ST6UNST.EXE

2012-09-18 09:01 . 2012-09-18 09:01 286720 ------w- c:\windows\Setup1.exe

2012-09-18 07:43 . 2012-09-18 07:43 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2012-09-18 07:41 . 2012-08-21 11:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-09-18 07:41 . 2012-09-18 07:41 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-09-18 07:41 . 2012-09-18 07:41 -------- d-----w- c:\program files\iTunes

2012-09-18 07:41 . 2012-09-18 07:41 -------- d-----w- c:\program files (x86)\iTunes

2012-09-18 07:41 . 2012-09-18 07:41 -------- d-----w- c:\program files\iPod

2012-09-16 21:19 . 2012-09-16 21:19 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2012-09-16 21:15 . 2012-09-16 21:15 -------- d-----w- c:\program files (x86)\Google

2012-09-16 20:22 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll

2012-09-16 20:22 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll

2012-09-16 20:22 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2012-09-16 13:08 . 2012-09-16 13:08 -------- d-----w- c:\programdata\Ubisoft

2012-09-16 12:54 . 2012-09-16 12:54 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller

2012-09-16 12:27 . 2012-09-16 12:27 -------- d-----w- c:\program files (x86)\uTorrent

2012-09-16 12:23 . 2012-09-16 12:29 -------- d-----w- c:\program files\Autodesk

2012-09-16 12:23 . 2012-09-16 12:23 -------- d-----w- c:\program files (x86)\Autodesk

2012-09-16 12:13 . 2003-04-18 17:06 8192 ----a-w- c:\windows\SysWow64\srvany.exe

2012-09-16 11:58 . 2012-09-16 11:58 -------- d-----w- c:\programdata\Electronic Arts

2012-09-16 11:58 . 2012-09-16 11:58 -------- d-----w- c:\programdata\EA Core

2012-09-16 11:58 . 2012-09-16 12:18 -------- d-----w- c:\programdata\EA Logs

2012-09-16 11:53 . 2012-09-16 11:53 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services

2012-09-16 11:52 . 2012-09-16 11:52 -------- d-----w- c:\windows\PCHEALTH

2012-09-16 11:52 . 2012-09-16 11:52 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework

2012-09-16 11:52 . 2012-09-16 11:52 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition

2012-09-16 11:52 . 2012-09-16 11:52 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8

2012-09-16 11:51 . 2012-09-16 11:51 -------- d-----w- c:\program files\Microsoft Office

2012-09-16 11:51 . 2012-09-16 11:51 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services

2012-09-16 11:51 . 2012-09-17 21:53 -------- d-----w- c:\programdata\Microsoft Help

2012-09-16 11:51 . 2012-09-16 11:51 -------- d-----r- C:\MSOCache

2012-09-16 11:42 . 2012-09-16 11:42 -------- d-----w- c:\programdata\FLEXnet

2012-09-16 11:37 . 2012-09-16 11:37 -------- d-----w- c:\program files\Common Files\Macrovision Shared

2012-09-16 11:28 . 2012-09-16 11:28 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS

2012-09-16 11:25 . 2009-09-04 15:44 73544 ----a-w- c:\windows\system32\XAPOFX1_3.dll

2012-09-16 11:23 . 2012-09-16 11:52 -------- d-----w- c:\program files (x86)\Microsoft.NET

2012-09-16 11:16 . 2012-09-18 13:30 -------- d-----w- c:\programdata\Autodesk

2012-09-16 11:15 . 2012-09-16 11:15 -------- d-----w- c:\program files\Tracker Software

2012-09-16 10:51 . 2012-09-16 10:51 -------- d-----w- c:\programdata\AVG Secure Search

2012-09-16 10:51 . 2012-09-16 10:51 -------- d-----w- c:\program files (x86)\AVG Secure Search

2012-09-16 10:51 . 2012-09-16 10:51 31080 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2012-09-16 10:51 . 2012-09-16 10:51 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search

2012-09-16 10:50 . 2012-09-16 10:50 -------- d-----w- c:\windows\SysWow64\drivers\AVG

2012-09-16 10:50 . 2012-09-26 08:43 -------- d-----w- c:\windows\system32\drivers\AVG

2012-09-16 10:50 . 2012-09-16 10:57 -------- d-----w- c:\programdata\AVG2012

2012-09-16 10:50 . 2012-09-16 10:50 -------- d-----w- C:\$AVG

2012-09-16 10:50 . 2012-09-16 10:50 -------- d-----w- c:\program files (x86)\AVG

2012-09-16 10:48 . 2012-09-26 07:28 -------- d-----w- c:\programdata\MFAData

2012-09-16 10:48 . 2012-09-16 10:48 -------- d--h--w- c:\programdata\Common Files

2012-09-16 10:48 . 2012-09-16 10:48 -------- d-----w- c:\program files (x86)\Webteh

2012-09-16 10:43 . 2012-09-18 07:41 -------- dc----w- c:\windows\system32\DRVSTORE

2012-09-16 10:43 . 2012-08-21 11:01 125872 ----a-w- c:\windows\system32\GEARAspi64.dll

2012-09-16 10:43 . 2012-08-21 11:01 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll

2012-09-16 10:43 . 2012-09-18 07:41 -------- d-----w- c:\programdata\Apple Computer

2012-09-16 10:43 . 2012-09-16 10:43 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2012-09-16 10:42 . 2012-09-16 10:42 -------- d-----w- c:\program files (x86)\SpeedFan

2012-09-16 10:42 . 2012-09-16 10:42 -------- d-----w- c:\program files (x86)\Apple Software Update

2012-09-16 10:42 . 2012-09-16 10:42 -------- d-----w- c:\program files\Common Files\Apple

2012-09-16 10:42 . 2012-09-16 10:42 -------- d-----w- c:\program files\Bonjour

2012-09-16 10:42 . 2012-09-16 10:42 -------- d-----w- c:\program files (x86)\Bonjour

2012-09-16 10:42 . 2012-09-18 07:41 -------- d-----w- c:\program files (x86)\Common Files\Apple

2012-09-16 10:42 . 2012-09-16 10:42 -------- d-----w- c:\programdata\Apple

2012-09-16 10:42 . 2012-09-16 10:42 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2012-09-16 10:42 . 2012-09-16 10:42 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite

2012-09-16 10:40 . 2012-09-16 12:19 -------- d-----w- c:\programdata\DAEMON Tools Lite

2012-09-16 10:40 . 2012-09-16 10:40 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2012-09-16 10:37 . 2012-09-16 10:37 -------- d-----w- c:\program files\WinRAR

2012-09-16 10:36 . 2012-09-16 10:36 -------- d-----w- c:\programdata\ATI

2012-09-16 10:31 . 2012-09-16 10:31 0 ----a-w- c:\windows\ativpsrm.bin

2012-09-16 10:28 . 2012-09-16 10:28 -------- d-----w- c:\program files (x86)\AMD APP

2012-09-16 10:28 . 2012-09-16 10:28 -------- d-----w- c:\program files\Common Files\ATI Technologies

2012-09-16 10:28 . 2012-09-16 10:28 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies

2012-09-16 10:28 . 2012-09-26 07:57 -------- d-sh--w- c:\windows\Installer

2012-09-16 10:28 . 2012-09-16 10:28 -------- d-----w- c:\program files (x86)\ATI Technologies

2012-09-16 10:28 . 2012-09-16 10:28 -------- d-----w- c:\program files\ATI Technologies

2012-09-16 10:28 . 2012-09-16 10:28 -------- d-----w- c:\program files\ATI

2012-09-16 10:27 . 2012-09-16 10:27 -------- d-----w- C:\AMD

2012-09-16 10:12 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe

2012-09-16 10:06 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-09-16 10:06 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll

2012-09-16 10:06 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll

2012-09-16 10:06 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll

2012-09-16 10:06 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-09-16 10:06 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-09-16 10:06 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll

2012-09-16 04:12 . 2012-09-15 18:57 -------- d-----w- c:\windows\Panther

2012-09-16 04:12 . 2012-09-16 04:12 -------- d-----w- C:\Boot

2012-09-15 19:05 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll

2012-09-15 19:03 . 2012-08-27 23:49 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9B33E4FD-4059-4EE9-85C3-18CB948E319F}\mpengine.dll

2012-09-15 19:01 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-09-15 19:01 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-09-15 19:01 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-09-15 18:58 . 2012-09-16 14:19 -------- d-----w- c:\users\WillemB

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-09-15 18:57 . 2010-11-21 03:24 14848 ----a-w- c:\windows\system32\slwga.dll

2012-09-15 18:57 . 2010-11-21 03:24 419840 ----a-w- c:\windows\system32\systemcpl.dll

2012-09-15 18:57 . 2010-11-21 03:23 13824 ----a-w- c:\windows\SysWow64\slwga.dll

2012-09-15 18:56 . 2010-11-21 03:24 833024 ----a-w- c:\windows\SysWow64\user32.dll

2012-09-15 18:56 . 2010-11-21 03:24 1008640 ----a-w- c:\windows\system32\user32.dll

2012-08-24 13:43 . 2012-08-24 13:43 384352 ----a-w- c:\windows\system32\drivers\avgtdia.sys

2012-07-28 04:09 . 2012-07-28 04:09 5538984 ----a-w- c:\windows\SysWow64\atiumdag.dll

2012-07-28 04:07 . 2012-07-28 04:07 10278912 ----a-w- c:\windows\system32\drivers\atikmdag.sys

2012-07-28 03:43 . 2012-07-28 03:43 70144 ----a-w- c:\windows\system32\coinst_8.982.dll

2012-07-28 03:19 . 2012-07-28 03:19 24935424 ----a-w- c:\windows\system32\atio6axx.dll

2012-07-28 02:50 . 2012-07-28 02:50 20546560 ----a-w- c:\windows\SysWow64\atioglxx.dll

2012-07-28 02:15 . 2012-07-28 02:15 163840 ----a-w- c:\windows\system32\atiapfxx.exe

2012-07-28 02:15 . 2012-07-28 02:15 931328 ----a-w- c:\windows\SysWow64\aticfx32.dll

2012-07-28 02:13 . 2012-07-28 02:13 1100288 ----a-w- c:\windows\system32\aticfx64.dll

2012-07-28 02:10 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll

2012-07-28 02:10 . 2012-07-28 02:10 534528 ----a-w- c:\windows\system32\atieclxx.exe

2012-07-28 02:09 . 2012-07-28 02:09 239616 ----a-w- c:\windows\system32\atiesrxx.exe

2012-07-28 02:08 . 2012-07-28 02:08 120320 ----a-w- c:\windows\system32\atitmm64.dll

2012-07-28 02:08 . 2012-07-28 02:08 21504 ----a-w- c:\windows\system32\atimuixx.dll

2012-07-28 02:07 . 2012-07-28 02:07 59392 ----a-w- c:\windows\system32\atiedu64.dll

2012-07-28 02:07 . 2012-07-28 02:07 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll

2012-07-28 02:07 . 2012-07-28 02:07 6430208 ----a-w- c:\windows\SysWow64\atidxx32.dll

2012-07-28 01:51 . 2012-07-28 01:51 7052288 ----a-w- c:\windows\system32\atidxx64.dll

2012-07-28 01:41 . 2012-07-28 01:41 4266496 ----a-w- c:\windows\system32\atiumd6a.dll

2012-07-28 01:35 . 2012-07-28 01:35 51200 ----a-w- c:\windows\system32\aticalrt64.dll

2012-07-28 01:35 . 2012-07-28 01:35 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll

2012-07-28 01:35 . 2012-07-28 01:35 44544 ----a-w- c:\windows\system32\aticalcl64.dll

2012-07-28 01:35 . 2012-07-28 01:35 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll

2012-07-28 01:34 . 2012-07-28 01:34 16034304 ----a-w- c:\windows\system32\aticaldd64.dll

2012-07-28 01:32 . 2012-07-28 01:32 4751872 ----a-w- c:\windows\SysWow64\atiumdva.dll

2012-07-28 01:30 . 2012-07-28 01:30 13605888 ----a-w- c:\windows\SysWow64\aticaldd.dll

2012-07-28 01:25 . 2012-07-28 01:25 6676480 ----a-w- c:\windows\system32\atiumd64.dll

2012-07-28 01:15 . 2012-07-28 01:15 540160 ----a-w- c:\windows\system32\atiadlxx.dll

2012-07-28 01:15 . 2012-07-28 01:15 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll

2012-07-28 01:15 . 2012-07-28 01:15 17920 ----a-w- c:\windows\system32\atig6pxx.dll

2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll

2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\system32\atiglpxx.dll

2012-07-28 01:15 . 2012-07-28 01:15 41984 ----a-w- c:\windows\system32\atig6txx.dll

2012-07-28 01:14 . 2012-07-28 01:14 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll

2012-07-28 01:14 . 2012-07-28 01:14 368640 ----a-w- c:\windows\system32\drivers\atikmpag.sys

2012-07-28 01:13 . 2012-07-28 01:13 129536 ----a-w- c:\windows\system32\atiuxp64.dll

2012-07-28 01:13 . 2012-07-28 01:13 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll

2012-07-28 01:13 . 2012-07-28 01:13 103936 ----a-w- c:\windows\system32\atiu9p64.dll

2012-07-28 01:13 . 2012-07-28 01:13 83456 ----a-w- c:\windows\SysWow64\atiu9pag.dll

2012-07-28 01:12 . 2012-07-28 01:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\atimpc64.dll

2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\amdpcom64.dll

2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll

2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll

2012-07-27 20:47 . 2012-07-27 20:47 187392 ----a-w- c:\windows\system32\clinfo.exe

2012-07-27 20:47 . 2012-07-27 20:47 75776 ----a-w- c:\windows\system32\OpenVideo64.dll

2012-07-27 20:47 . 2012-07-27 20:47 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll

2012-07-27 20:47 . 2012-07-27 20:47 63488 ----a-w- c:\windows\system32\OVDecode64.dll

2012-07-27 20:47 . 2012-07-27 20:47 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll

2012-07-27 20:46 . 2012-07-27 20:46 16464896 ----a-w- c:\windows\system32\amdocl64.dll

2012-07-27 20:46 . 2012-07-27 20:46 13013504 ----a-w- c:\windows\SysWow64\amdocl.dll

2012-07-27 20:44 . 2012-07-27 20:44 54784 ----a-w- c:\windows\system32\OpenCL.dll

2012-07-27 20:44 . 2012-07-27 20:44 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll

2012-07-26 01:21 . 2012-07-26 01:21 291680 ----a-w- c:\windows\system32\drivers\avgldx64.sys

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

[-] 2012-09-15 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll

.

[-] 2012-09-15 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll

[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-09-16 10:51 1734240 ----a-w- c:\program files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll" [2012-09-16 1734240]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\users\WillemB\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\users\WillemB\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\users\WillemB\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\users\WillemB\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

"Spotify Web Helper"="c:\users\WillemB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-09-26 1193176]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-09-16 947808]

"ROC_ROC_NT"="c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe" [2012-09-16 856160]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

.

c:\users\WillemB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\WillemB\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-7-25 26909544]

Logitech . Productregistratie.lnk - c:\program files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-16 116648]

R2 KMService;KMService;c:\windows\system32\srvany.exe [x]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-19 250288]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]

R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-09-16 21712]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-09-16 1432400]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-16 116648]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]

R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-09-26 15712]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]

R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-15 1255736]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]

S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-22 48992]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-07-26 291680]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-09-16 31080]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-16 283200]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-28 239616]

S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]

S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2012-06-13 2321560]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-08-13 5167736]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]

S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-09-16 722528]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-07-28 10278912]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-07-28 368640]

S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2009-06-25 58368]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2012-09-26 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-19 09:10]

.

2012-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-16 21:15]

.

2012-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-16 21:15]

.

2012-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3611309094-1652631224-786953400-1001Core.job

- c:\users\WillemB\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 10:23]

.

2012-09-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3611309094-1652631224-786953400-1001UA.job

- c:\users\WillemB\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 10:23]

.

2012-09-26 c:\windows\Tasks\SlimDrivers Startup.job

- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2012-07-25 10:57]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 97792 ----a-w- c:\users\WillemB\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 97792 ----a-w- c:\users\WillemB\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 97792 ----a-w- c:\users\WillemB\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 97792 ----a-w- c:\users\WillemB\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]

"WheelMouse"="c:\program files\Mouse\Amoumain.exe" [2000-01-01 196608]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: &Verzenden naar OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

.

**************************************************************************

.

Voltooingstijd: 2012-09-26 16:05:47 - machine werd herstart

ComboFix-quarantined-files.txt 2012-09-26 14:05

.

Pre-Run: 18.241.863.680 bytes free

Post-Run: 18.192.805.888 bytes free

.

- - End Of File - - CDFDC4EAF881BED9FCE15246CED91018

[kape]

Op basis van deze logjes lijkt malware uitgesloten te zijn.

Download en installeer Speccy.

Tijdens de installatie heb je nu de mogelijkheid om Nederlands als taal te selecteren.

Als je niet wil dat Google Chrome op je pc als standaard webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!

Start nu het programma en er zal een overzicht gemaakt worden van je hardware.

Als dit gereed is selecteer je bovenaan " Bestand - Publiceer Snapshot " en vervolgens bevestig je die keuze met " Ja ".

In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht.

Wil je in woord en beeld zien hoe je een logje van Speccy maakt en plaatst kun je dat Hier lezen.

Ook Dit (KLIK) filmpje laat zien hoe je een Speccy-logje kan plakken in je antwoord.

Na het plaatsen van je logje wordt dit door een expert nagekeken.

[WillemB]

Update: Nog steeds vastlopers, nog steeds compleet willekeurig. Heb mijn windows taakbeheer ernaast gehouden om te zien of mijn processor of geheugen piekt wanneer hij vast loopt, maar dit is niet het geval..

Bedankt zover! voelt goed om te weten dat er echt naar mijn probleem gekeken wordt! hier het logje van Speccy:

http://speccy.piriform.com/results/nILj4VLQQQUibtHJ4wUUqG1

[kape]

Heb even onze specialisten van Speccy gebrieft om de resultaten ervan te bekijken.

[Kurtt]

Beste Willem

In afwachting tot de analyse van je speccy logje door onze specialisten, raad ik je hetvolgende aan:

- doe je pc open en maak hem HELEMAAL stofvrij. (vooral stof op het moederbord verwijderen). Hier staat een goede handleiding geschreven door collega Asus.

27 september 2012 aangepast door Kurtt

[kweezie wabbit]

Is er een lijn te trekken in wat je doet op het moment van freezen?

Is het steeds bij dezelfde handeling/toepassing/game of is dat ook at random?

27 september 2012 aangepast door kweezie wabbit

[WillemB]

Kurtt:

Had inderdaad al op dit forum gelezen dat stofvrij maken kon helpen, heb dit daarom ook al gedaan voordat ik het probleem in de software ging zoeken.

Kweezie:

Totaal random inderdaad.. Soms staan er geen eens zware processen open op het moment van freezen..

[Kurtt]

Kan je proberen om avg te verwijderen (via Configuratiescherm), én alle andere programma's die bij AVG horen verwijderen (avgwatchdog, ...). Bezoek tijdens het testen van deze oplossing GEEN (gevaarlijke) websites. Bevriest hij dan nog random?