computeboy
-
Items
282 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door computeboy
-
Bedankt, dan zal ik deze discucussie als opgelost markeren.
-
Xigmatek Shield NPC-D211 19" Notebook Cooler
computeboy reageerde op superjona's topic in Hardware Reviews
Misschien en domme vraag, maar is het een veilige site om zo'n apparatuur te kopen? Kan je het ook gewoon in een winkel verkrijgen? MVG Computerboy -
De pc is goed snel. Moet ik nu ComboFix.exe en HWMonitor verwijderen? Is dit soort koeler ook goed, want ik mag van mijn ouders niet op het internet kopen. BELKIN Cooling Loung V2
-
Mijn laptop staat altijd op mijn bureau, maar ik ben van plan om een laptopkoeler te kopen, maar welke weet ik nog niet. Er is altijd luchttoevoer in mijn kamer want mijn ramen staan altijd open. Hier is het screentje:
-
hier is het screentje
-
Ok, dan laat ik mijn harde schijf op NTFS staan. Toch bedankt
-
Hey, Ik heb zojuist exFAT ontdekt, ik heb opgezocht waarvoor het dient en het lijkt wel interessant. Kan ik mijn externe harde schijf converteren van NTFS naar exFAT, zonder dat ik bestanden kwijt ben? Computerboy
-
Heel goed van snelheid. Heeft al iemand naar het screentje van msconfig gekeken?
-
hier is het logje: ComboFix 11-07-29.01 - Thomas 29/07/2011 11:32:15.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3878.2486 [GMT 2:00] Gestart vanuit: c:\users\Thomas\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Thomas\Desktop\CFScript.txt AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\SysWow64\mqsv32.exe" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\BearShare Applications c:\program files (x86)\BearShare Applications\BearShare\ammp3.dll c:\program files (x86)\BearShare Applications\BearShare\avcodec-51.dll c:\program files (x86)\BearShare Applications\BearShare\avformat-51.dll c:\program files (x86)\BearShare Applications\BearShare\avutil-49.dll c:\program files (x86)\BearShare Applications\BearShare\BearShare.exe c:\program files (x86)\BearShare Applications\BearShare\BearShare.ico c:\program files (x86)\BearShare Applications\BearShare\BerkeleyLoader.dll c:\program files (x86)\BearShare Applications\BearShare\Copy_Folder.bat c:\program files (x86)\BearShare Applications\BearShare\DiscoveryHelper.dll c:\program files (x86)\BearShare Applications\BearShare\FixAudioDriverSignature.reg c:\program files (x86)\BearShare Applications\BearShare\GIFAnimator.dll c:\program files (x86)\BearShare Applications\BearShare\HTML\error.html c:\program files (x86)\BearShare Applications\BearShare\HTML\Images\bg-top.jpg c:\program files (x86)\BearShare Applications\BearShare\HTML\Images\closeRecommend.gif c:\program files (x86)\BearShare Applications\BearShare\HTML\loading.html c:\program files (x86)\BearShare Applications\BearShare\HTML\noInternet.html c:\program files (x86)\BearShare Applications\BearShare\HTML\offline.html c:\program files (x86)\BearShare Applications\BearShare\HTML\Recommendation_Offline.html c:\program files (x86)\BearShare Applications\BearShare\htmlayout.dll c:\program files (x86)\BearShare Applications\BearShare\ImageUploader5.ocx c:\program files (x86)\BearShare Applications\BearShare\IMTrProgress.dll c:\program files (x86)\BearShare Applications\BearShare\IMWebControl.dll c:\program files (x86)\BearShare Applications\BearShare\Launcher_x64.exe c:\program files (x86)\BearShare Applications\BearShare\libungif4.dll c:\program files (x86)\BearShare Applications\BearShare\lic_helper.dll c:\program files (x86)\BearShare Applications\BearShare\license.txt c:\program files (x86)\BearShare Applications\BearShare\NCTAudioCDGrabber2.dll c:\program files (x86)\BearShare Applications\BearShare\NCTAudioCDWriter2.dll c:\program files (x86)\BearShare Applications\BearShare\NCTAudioCompress3.dll c:\program files (x86)\BearShare Applications\BearShare\NCTAudioFile3.dll c:\program files (x86)\BearShare Applications\BearShare\NCTAudioFileWMA3.dll c:\program files (x86)\BearShare Applications\BearShare\NCTAudioFormatSettings3.dll c:\program files (x86)\BearShare Applications\BearShare\NCTDataCDWriter2.dll c:\program files (x86)\BearShare Applications\BearShare\Nickel.ocx c:\program files (x86)\BearShare Applications\BearShare\ResourcesLoc.dll c:\program files (x86)\BearShare Applications\BearShare\SHW32.DLL c:\program files (x86)\BearShare Applications\BearShare\Skins\Default.skn c:\program files (x86)\BearShare Applications\BearShare\Skins\Default.xml c:\program files (x86)\BearShare Applications\BearShare\Skins\html\albumsview\albums.html c:\program files (x86)\BearShare Applications\BearShare\Skins\html\albumsview\images\defpreview.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\albumsview\images\playbtn.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\albumsview\images\playing.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\artistsview\artists.html c:\program files (x86)\BearShare Applications\BearShare\Skins\html\artistsview\images\defpreview.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\artistsview\images\play.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\artistsview\images\play_disabled.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\artistsview\images\play_down.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\artistsview\images\play_over.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\artistsview\menu.html c:\program files (x86)\BearShare Applications\BearShare\Skins\html\cdripview\cdrip.html c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\active.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\azure.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\black.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\blue.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\bs.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\byzantium.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\close-hovered.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\close-normal.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\close-pressed.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\close.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\dark-blue.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\green.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\grey.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\hover.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\inactive.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\magenta.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\olive.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\orange.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\pink.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\pro.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\images\red.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\pro-view.html c:\program files (x86)\BearShare Applications\BearShare\Skins\html\colorschemebubble\view.html c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\defalbum.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\defbutton.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\ls_btn.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\ls_btn_hover.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\ls_btn_pressed.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\sbv_bottom.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\sbv_bottom_over.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\sbv_bottom_pressed.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\sbv_fill.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\sbv_slider.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\sbv_slider_center.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\sbv_slider_center_over.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\sbv_slider_center_pressed.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\sbv_slider_over.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\sbv_slider_pressed.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\sbv_top.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\sbv_top_over.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\sbv_top_pressed.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\th_btn.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\th_btn_hover.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\th_btn_pressed.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\tip.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\tipb.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\images\white.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\videosview\images\defpreview.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\videosview\images\list_btn.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\videosview\images\playbtn.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\videosview\images\playing.png c:\program files (x86)\BearShare Applications\BearShare\Skins\html\videosview\videos.html c:\program files (x86)\BearShare Applications\BearShare\Skins\Images\DefArtwork.jpg c:\program files (x86)\BearShare Applications\BearShare\Skins\Images\DefFemale.gif c:\program files (x86)\BearShare Applications\BearShare\Skins\Images\DefMale.gif c:\program files (x86)\BearShare Applications\BearShare\Skins\Images\FriendshipNotif.jpg c:\program files (x86)\BearShare Applications\BearShare\Skins\Images\SendPlaylist.jpg c:\program files (x86)\BearShare Applications\BearShare\Skins\Images\TAFLogo.PNG c:\program files (x86)\BearShare Applications\BearShare\Skins\Images\ToGoLogo.PNG c:\program files (x86)\BearShare Applications\BearShare\Skins\RemoteSkin.wmz c:\program files (x86)\BearShare Applications\BearShare\Skins\Settings.xml c:\program files (x86)\BearShare Applications\BearShare\Smiley.ico c:\program files (x86)\BearShare Applications\BearShare\UninstallUsers.exe c:\program files (x86)\BearShare Applications\BearShare\UpdateInst.exe c:\program files (x86)\BearShare Applications\BearShare\WMAProfiles.prx c:\program files (x86)\BearShare Applications\BearShare\WMHelper.dll c:\program files (x86)\BearShare Applications\BearShare\WMHelper.log c:\program files (x86)\YoWindow c:\program files (x86)\YoWindow\buildNumber.txt c:\program files (x86)\YoWindow\eula.txt c:\program files (x86)\YoWindow\lang\bg.xml c:\program files (x86)\YoWindow\lang\br.xml c:\program files (x86)\YoWindow\lang\ca.xml c:\program files (x86)\YoWindow\lang\chs.xml c:\program files (x86)\YoWindow\lang\cht.xml c:\program files (x86)\YoWindow\lang\cs.xml c:\program files (x86)\YoWindow\lang\da.xml c:\program files (x86)\YoWindow\lang\de-at.xml c:\program files (x86)\YoWindow\lang\de.xml c:\program files (x86)\YoWindow\lang\el.xml c:\program files (x86)\YoWindow\lang\en.xml c:\program files (x86)\YoWindow\lang\es.xml c:\program files (x86)\YoWindow\lang\et.xml c:\program files (x86)\YoWindow\lang\eu.xml c:\program files (x86)\YoWindow\lang\fi.xml c:\program files (x86)\YoWindow\lang\fr.xml c:\program files (x86)\YoWindow\lang\hr.xml c:\program files (x86)\YoWindow\lang\hu.xml c:\program files (x86)\YoWindow\lang\it.xml c:\program files (x86)\YoWindow\lang\ja.xml c:\program files (x86)\YoWindow\lang\lt.xml c:\program files (x86)\YoWindow\lang\lv.xml c:\program files (x86)\YoWindow\lang\mini\bg.xml c:\program files (x86)\YoWindow\lang\mini\br.xml c:\program files (x86)\YoWindow\lang\mini\ca.xml c:\program files (x86)\YoWindow\lang\mini\chs.xml c:\program files (x86)\YoWindow\lang\mini\cht.xml c:\program files (x86)\YoWindow\lang\mini\cs.xml c:\program files (x86)\YoWindow\lang\mini\da.xml c:\program files (x86)\YoWindow\lang\mini\de-at.xml c:\program files (x86)\YoWindow\lang\mini\de.xml c:\program files (x86)\YoWindow\lang\mini\el.xml c:\program files (x86)\YoWindow\lang\mini\en.xml c:\program files (x86)\YoWindow\lang\mini\es.xml c:\program files (x86)\YoWindow\lang\mini\et.xml c:\program files (x86)\YoWindow\lang\mini\eu.xml c:\program files (x86)\YoWindow\lang\mini\fi.xml c:\program files (x86)\YoWindow\lang\mini\fr.xml c:\program files (x86)\YoWindow\lang\mini\hr.xml c:\program files (x86)\YoWindow\lang\mini\hu.xml c:\program files (x86)\YoWindow\lang\mini\it.xml c:\program files (x86)\YoWindow\lang\mini\ja.xml c:\program files (x86)\YoWindow\lang\mini\lt.xml c:\program files (x86)\YoWindow\lang\mini\lv.xml c:\program files (x86)\YoWindow\lang\mini\mk.xml c:\program files (x86)\YoWindow\lang\mini\nl.xml c:\program files (x86)\YoWindow\lang\mini\no.xml c:\program files (x86)\YoWindow\lang\mini\pl.xml c:\program files (x86)\YoWindow\lang\mini\pt.xml c:\program files (x86)\YoWindow\lang\mini\ro.xml c:\program files (x86)\YoWindow\lang\mini\ru.xml c:\program files (x86)\YoWindow\lang\mini\si.xml c:\program files (x86)\YoWindow\lang\mini\sk.xml c:\program files (x86)\YoWindow\lang\mini\sq.xml c:\program files (x86)\YoWindow\lang\mini\sr.xml c:\program files (x86)\YoWindow\lang\mini\sv.xml c:\program files (x86)\YoWindow\lang\mini\tr.xml c:\program files (x86)\YoWindow\lang\mini\uk.xml c:\program files (x86)\YoWindow\lang\mk.xml c:\program files (x86)\YoWindow\lang\nl.xml c:\program files (x86)\YoWindow\lang\no.xml c:\program files (x86)\YoWindow\lang\pl.xml c:\program files (x86)\YoWindow\lang\pt.xml c:\program files (x86)\YoWindow\lang\ro.xml c:\program files (x86)\YoWindow\lang\ru.xml c:\program files (x86)\YoWindow\lang\si.xml c:\program files (x86)\YoWindow\lang\sk.xml c:\program files (x86)\YoWindow\lang\sq.xml c:\program files (x86)\YoWindow\lang\sr.xml c:\program files (x86)\YoWindow\lang\sv.xml c:\program files (x86)\YoWindow\lang\tr.xml c:\program files (x86)\YoWindow\lang\uk.xml c:\program files (x86)\YoWindow\uninstall.exe c:\program files (x86)\YoWindow\yodesktop.swf c:\program files (x86)\YoWindow\yowindow.exe c:\program files (x86)\YoWindow\yowindow_debugMode.bat c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE} c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\{5F624839-947D-46EA-BD63-FD847C1AC6F1} c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\BearShare_V9_nl_Setup.dat c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\BearShare_V9_nl_Setup.exe c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\BearShare_V9_nl_Setup.lnk c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\BearShare_V9_nl_Setup.msi c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\BearShare_V9_nl_Setup.par c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\BearShare_V9_nl_Setup.res c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\instance.dat c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\mia.lib c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\OFFLINE\{E27E9375-1937-4226-949F-850AC9572FBE} c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\OFFLINE\mDown.dll\mDownExec.dll c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\OFFLINE\mIDEFunc.dll\mEXEFunc.dll c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\OFFLINE\mMSI.dll\mMSIExec.dll c:\programdata\BearShare c:\programdata\BearShare\Creatives.xml c:\programdata\BearShare\CreativesFiles\1.gif c:\programdata\BearShare\CreativesFiles\10.gif c:\programdata\BearShare\CreativesFiles\1040.gif c:\programdata\BearShare\CreativesFiles\1043.gif c:\programdata\BearShare\CreativesFiles\1044.gif c:\programdata\BearShare\CreativesFiles\1050.gif c:\programdata\BearShare\CreativesFiles\1054.gif c:\programdata\BearShare\CreativesFiles\1055.gif c:\programdata\BearShare\CreativesFiles\1057.gif c:\programdata\BearShare\CreativesFiles\1058.gif c:\programdata\BearShare\CreativesFiles\1060.gif c:\programdata\BearShare\CreativesFiles\1062.gif c:\programdata\BearShare\CreativesFiles\1063.gif c:\programdata\BearShare\CreativesFiles\1070.gif c:\programdata\BearShare\CreativesFiles\11.gif c:\programdata\BearShare\CreativesFiles\12.gif c:\programdata\BearShare\CreativesFiles\13.gif c:\programdata\BearShare\CreativesFiles\14.gif c:\programdata\BearShare\CreativesFiles\15.gif c:\programdata\BearShare\CreativesFiles\16.gif c:\programdata\BearShare\CreativesFiles\17.gif c:\programdata\BearShare\CreativesFiles\18.gif c:\programdata\BearShare\CreativesFiles\19.gif c:\programdata\BearShare\CreativesFiles\2.gif c:\programdata\BearShare\CreativesFiles\20.gif c:\programdata\BearShare\CreativesFiles\21.gif c:\programdata\BearShare\CreativesFiles\22.gif c:\programdata\BearShare\CreativesFiles\23.gif c:\programdata\BearShare\CreativesFiles\24.gif c:\programdata\BearShare\CreativesFiles\25.gif c:\programdata\BearShare\CreativesFiles\26.gif c:\programdata\BearShare\CreativesFiles\27.gif c:\programdata\BearShare\CreativesFiles\28.gif c:\programdata\BearShare\CreativesFiles\29.gif c:\programdata\BearShare\CreativesFiles\3.gif c:\programdata\BearShare\CreativesFiles\30.gif c:\programdata\BearShare\CreativesFiles\31.gif c:\programdata\BearShare\CreativesFiles\32.gif c:\programdata\BearShare\CreativesFiles\33.gif c:\programdata\BearShare\CreativesFiles\34.gif c:\programdata\BearShare\CreativesFiles\35.gif c:\programdata\BearShare\CreativesFiles\36.gif c:\programdata\BearShare\CreativesFiles\37.gif c:\programdata\BearShare\CreativesFiles\38.gif c:\programdata\BearShare\CreativesFiles\4.gif c:\programdata\BearShare\CreativesFiles\5.gif c:\programdata\BearShare\CreativesFiles\6.gif c:\programdata\BearShare\CreativesFiles\7.gif c:\programdata\BearShare\CreativesFiles\8.gif c:\programdata\BearShare\CreativesFiles\9.gif c:\programdata\BearShare\Player.swf c:\programdata\YoWindow c:\programdata\YoWindow\about.css c:\programdata\YoWindow\about.html c:\programdata\YoWindow\crab.swf c:\programdata\YoWindow\data.xml c:\programdata\YoWindow\images\arrows\0.gif c:\programdata\YoWindow\images\arrows\1.gif c:\programdata\YoWindow\images\arrows\10.gif c:\programdata\YoWindow\images\arrows\11.gif c:\programdata\YoWindow\images\arrows\12.gif c:\programdata\YoWindow\images\arrows\13.gif c:\programdata\YoWindow\images\arrows\14.gif c:\programdata\YoWindow\images\arrows\15.gif c:\programdata\YoWindow\images\arrows\2.gif c:\programdata\YoWindow\images\arrows\3.gif c:\programdata\YoWindow\images\arrows\4.gif c:\programdata\YoWindow\images\arrows\5.gif c:\programdata\YoWindow\images\arrows\6.gif c:\programdata\YoWindow\images\arrows\7.gif c:\programdata\YoWindow\images\arrows\8.gif c:\programdata\YoWindow\images\arrows\9.gif c:\programdata\YoWindow\images\get_flash_player.gif c:\programdata\YoWindow\images\house.gif c:\programdata\YoWindow\images\weather\clear.gif c:\programdata\YoWindow\images\weather\clear_night.gif c:\programdata\YoWindow\images\weather\cloudy.gif c:\programdata\YoWindow\images\weather\dust.gif c:\programdata\YoWindow\images\weather\fog.gif c:\programdata\YoWindow\images\weather\haze.gif c:\programdata\YoWindow\images\weather\heavyRain.gif c:\programdata\YoWindow\images\weather\heavySnow.gif c:\programdata\YoWindow\images\weather\lightRain.gif c:\programdata\YoWindow\images\weather\lightSnow.gif c:\programdata\YoWindow\images\weather\mist.gif c:\programdata\YoWindow\images\weather\mostlyCloudy.gif c:\programdata\YoWindow\images\weather\partlyCloudy.gif c:\programdata\YoWindow\images\weather\partlyCloudy_night.gif c:\programdata\YoWindow\images\weather\rain.gif c:\programdata\YoWindow\images\weather\smoke.gif c:\programdata\YoWindow\images\weather\snow.gif c:\programdata\YoWindow\images\weather\thickMist.gif c:\programdata\YoWindow\images\weather\thunderstorm.gif c:\programdata\YoWindow\images\weather\unsupported.gif c:\programdata\YoWindow\images\weather\view.html c:\programdata\YoWindow\images\yo_64.png c:\programdata\YoWindow\landscapes\airport\airport.ywl c:\programdata\YoWindow\landscapes\airport\swf\airport.swf c:\programdata\YoWindow\landscapes\airport\swf\planes.swf c:\programdata\YoWindow\landscapes\airport\swf\seaside.swf c:\programdata\YoWindow\landscapes\airport\swf\seasons\autumn.swf c:\programdata\YoWindow\landscapes\airport\swf\seasons\naked.swf c:\programdata\YoWindow\landscapes\airport\swf\seasons\spring.swf c:\programdata\YoWindow\landscapes\airport\swf\seasons\summer.swf c:\programdata\YoWindow\landscapes\airport\swf\seasons\winter.swf c:\programdata\YoWindow\landscapes\live_sky_example\img\pyramids.png c:\programdata\YoWindow\landscapes\live_sky_example\pyramids.ywl c:\programdata\YoWindow\landscapes\seaside\seaside.ywl c:\programdata\YoWindow\landscapes\seaside\swf\seaside.swf c:\programdata\YoWindow\landscapes\seaside\swf\seasons\spring.swf c:\programdata\YoWindow\landscapes\seaside\swf\seasons\summer.swf c:\programdata\YoWindow\landscapes\seaside\swf\seasons\winter.swf c:\programdata\YoWindow\landscapes\village\swf\garland.swf c:\programdata\YoWindow\landscapes\village\swf\optionsDialog.swf c:\programdata\YoWindow\landscapes\village\swf\sandbox.swf c:\programdata\YoWindow\landscapes\village\swf\seasons\autumn.swf c:\programdata\YoWindow\landscapes\village\swf\seasons\naked.swf c:\programdata\YoWindow\landscapes\village\swf\seasons\spring.swf c:\programdata\YoWindow\landscapes\village\swf\seasons\summer.swf c:\programdata\YoWindow\landscapes\village\swf\seasons\winter.swf c:\programdata\YoWindow\landscapes\village\swf\village.swf c:\programdata\YoWindow\landscapes\village\village.ywl c:\programdata\YoWindow\projector.xml c:\programdata\YoWindow\styleSheet.xml c:\programdata\YoWindow\styleSheetBlack.xml c:\programdata\YoWindow\swf\inspector\lang\en.xml c:\programdata\YoWindow\swf\inspector\lang\ru.xml c:\programdata\YoWindow\swf\inspector\options.xml c:\programdata\YoWindow\swf\inspector\yoinspector.swf c:\programdata\YoWindow\swf\stage\animals\dummy_crab.swf c:\programdata\YoWindow\swf\stage\animals\horse\graze_left.swf c:\programdata\YoWindow\swf\stage\animals\horse\graze_right.swf c:\programdata\YoWindow\swf\stage\animals\horse\head_down.swf c:\programdata\YoWindow\swf\stage\animals\horse\start_walk_head_down_left.swf c:\programdata\YoWindow\swf\stage\animals\horse\start_walk_head_down_right.swf c:\programdata\YoWindow\swf\stage\animals\horse\start_walk_left.swf c:\programdata\YoWindow\swf\stage\animals\horse\start_walk_right.swf c:\programdata\YoWindow\swf\stage\animals\horse\stop_walk_head_down_left.swf c:\programdata\YoWindow\swf\stage\animals\horse\stop_walk_head_down_right.swf c:\programdata\YoWindow\swf\stage\animals\horse\stop_walk_left.swf c:\programdata\YoWindow\swf\stage\animals\horse\stop_walk_right.swf c:\programdata\YoWindow\swf\stage\animals\horse\turn.swf c:\programdata\YoWindow\swf\stage\animals\horse\walk.swf c:\programdata\YoWindow\swf\stage\animals\horse\walk_head_down.swf c:\programdata\YoWindow\swf\stage\effects\balloons\balloons.swf c:\programdata\YoWindow\swf\stage\effects\birds\birds_nest.swf c:\programdata\YoWindow\swf\stage\foreground\burdocks\autumn.swf c:\programdata\YoWindow\swf\stage\foreground\burdocks\naked.swf c:\programdata\YoWindow\swf\stage\foreground\burdocks\spring.swf c:\programdata\YoWindow\swf\stage\foreground\burdocks\summer.swf c:\programdata\YoWindow\swf\stage\foreground\burdocks\winter.swf c:\programdata\YoWindow\trayTooltipTemplate.html . . (((((((((((((((((((( Bestanden Gemaakt van 2011-06-28 to 2011-07-29 )))))))))))))))))))))))))))))) . . 2011-07-29 16:09 . 2011-07-29 16:09 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-07-29 16:09 . 2011-07-29 16:09 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-07-29 09:29 . 2011-07-29 09:29 -------- d-----w- C:\32788R22FWJFW 2011-07-28 08:05 . 2011-07-28 08:05 -------- d-----w- c:\program files\iPod 2011-07-28 08:05 . 2011-07-28 08:06 -------- d-----w- c:\program files\iTunes 2011-07-28 08:03 . 2011-07-28 08:03 -------- d-----w- c:\program files (x86)\QuickTime 2011-07-28 08:03 . 2011-07-28 08:03 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-07-28 08:02 . 2011-07-28 08:02 -------- d-----w- c:\program files\Common Files\Apple 2011-07-28 08:02 . 2011-07-28 08:05 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-07-23 09:43 . 2011-07-23 09:43 -------- d-----w- c:\program files (x86)\WOT 2011-07-20 12:08 . 2007-06-19 12:00 4608 ----a-w- c:\windows\SysWow64\mqsv32.exe 2011-07-20 12:05 . 2011-07-20 12:05 -------- d-----w- c:\program files (x86)\Games 2011-07-20 11:22 . 2011-07-20 11:23 -------- d-----w- c:\program files (x86)\Windows Sidebar 2011-07-17 09:13 . 2011-07-07 06:34 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys 2011-07-17 09:13 . 2011-07-17 09:13 -------- d-----w- c:\program files\Soluto 2011-07-17 09:06 . 2011-07-17 09:06 -------- d-----w- c:\windows\en 2011-07-17 09:02 . 2011-07-17 09:02 -------- d-----w- c:\windows\nl 2011-07-17 08:13 . 2011-07-17 08:13 -------- d-----w- c:\windows\Sun 2011-07-15 11:37 . 2011-07-15 11:37 -------- d-----w- c:\programdata\Canneverbe Limited 2011-07-15 06:51 . 2011-07-15 06:51 8192 ----a-w- c:\windows\SysWow64\srvany.exe 2011-07-15 06:51 . 2011-07-15 06:51 151552 ----a-w- c:\windows\KMService.exe 2011-07-14 20:10 . 2011-07-14 20:10 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2011-07-14 16:39 . 2011-07-14 16:39 -------- d-----w- c:\programdata\ASUS 2011-07-14 16:33 . 2011-07-14 16:33 -------- d-----w- c:\program files (x86)\Common Files\ControlDeck 2011-07-13 18:20 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll 2011-07-13 16:58 . 2011-07-13 16:58 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services 2011-07-13 16:57 . 2011-07-13 16:57 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework 2011-07-13 16:54 . 2011-07-13 16:54 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2011-07-13 16:53 . 2011-07-13 16:53 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2011-07-13 16:53 . 2011-07-14 20:14 -------- d-----w- c:\programdata\Microsoft Help 2011-07-13 16:52 . 2011-07-13 16:52 -------- d-----r- C:\MSOCache 2011-07-10 08:34 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-07-10 08:34 . 2011-07-10 08:34 -------- d-----w- c:\programdata\Malwarebytes 2011-07-10 08:32 . 2011-07-10 08:32 -------- d-----w- c:\programdata\!SASCORE 2011-07-08 14:29 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2011-07-08 14:28 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll 2011-07-08 14:28 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll 2011-07-08 14:28 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll 2011-07-08 14:28 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll 2011-07-08 13:22 . 2011-07-08 13:22 -------- d-----w- c:\windows\system32\SPReview 2011-07-08 12:21 . 2011-07-08 12:21 -------- d-----w- c:\windows\system32\EventProviders 2011-07-07 15:52 . 2010-11-20 13:27 3072 ----a-w- c:\windows\system32\drivers\he-IL\tsusbflt.sys.mui 2011-07-07 15:52 . 2010-11-20 13:30 2560 ----a-w- c:\windows\system32\drivers\he-IL\rdpwd.sys.mui 2011-07-07 15:52 . 2010-11-20 13:40 3584 ----a-w- c:\windows\system32\drivers\pt-PT\tsusbflt.sys.mui 2011-07-07 15:52 . 2010-11-20 13:45 3072 ----a-w- c:\windows\system32\drivers\pt-PT\rdpwd.sys.mui 2011-07-07 15:52 . 2010-11-20 13:45 3072 ----a-w- c:\windows\system32\drivers\pt-PT\MTConfig.sys.mui 2011-07-07 15:52 . 2010-11-20 13:37 6656 ----a-w- c:\windows\system32\drivers\pt-PT\IPMIDrv.sys.mui 2011-07-07 15:52 . 2010-11-20 13:45 4096 ----a-w- c:\windows\system32\drivers\pt-PT\pscr.sys.mui 2011-07-07 15:52 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll 2011-07-07 15:52 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll 2011-07-07 15:52 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2011-07-07 15:50 . 2010-11-20 13:27 867840 ----a-w- c:\windows\system32\SearchFolder.dll 2011-07-07 15:49 . 2010-11-20 13:28 298104 ----a-w- c:\windows\system32\bcryptprimitives.dll 2011-07-07 15:48 . 2010-11-20 13:25 3745792 ----a-w- c:\windows\system32\accessibilitycpl.dll 2011-07-07 15:47 . 2010-11-20 13:27 13312 ----a-w- c:\windows\system32\sscore.dll 2011-07-07 15:46 . 2010-11-20 13:01 2560 ----a-w- c:\windows\system32\drivers\en-US\rdpwd.sys.mui 2011-07-07 15:45 . 2010-11-20 13:01 3072 ----a-w- c:\windows\system32\drivers\es-ES\Dot4usb.sys.mui 2011-07-07 15:45 . 2010-11-20 12:56 25600 ----a-w- c:\windows\system32\drivers\es-ES\usbport.sys.mui 2011-07-07 15:45 . 2010-11-20 13:44 2560 ----a-w- c:\windows\system32\drivers\it-IT\rdpwd.sys.mui 2011-07-07 15:45 . 2010-11-20 13:34 3584 ----a-w- c:\windows\system32\drivers\it-IT\tsusbflt.sys.mui 2011-07-07 15:45 . 2010-11-20 13:33 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui 2011-07-07 15:45 . 2010-11-20 13:34 2560 ----a-w- c:\windows\system32\drivers\nl-NL\rdpwd.sys.mui 2011-07-07 15:44 . 2010-11-20 13:27 3072 ----a-w- c:\windows\system32\drivers\nl-NL\Dot4usb.sys.mui 2011-07-07 15:44 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll 2011-07-07 15:44 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll 2011-07-07 15:44 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll 2011-07-07 15:44 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll 2011-07-07 15:41 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll 2011-07-07 13:38 . 2011-07-07 13:38 -------- d-----w- c:\users\Public\CyberLink 2011-07-07 08:16 . 2011-07-10 08:18 -------- d-----w- c:\program files (x86)\Exact Audio Copy 2011-07-06 19:17 . 2011-07-10 08:26 -------- d-----w- c:\programdata\Deskshare 2011-07-06 19:12 . 2011-07-06 19:12 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-07-06 19:12 . 2011-07-06 19:12 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-07-06 18:21 . 2011-07-23 09:41 -------- d-----w- c:\programdata\Soluto 2011-07-06 14:17 . 2011-06-08 09:04 34816 ----a-w- c:\windows\nircmdc.exe 2011-07-06 12:53 . 2011-07-06 13:10 -------- d-----w- c:\programdata\DVD Shrink 2011-07-06 12:10 . 2011-07-17 14:38 -------- d-----w- c:\windows\SysWow64\Adobe 2011-07-06 11:31 . 2011-07-08 07:47 -------- d-----w- c:\program files (x86)\Bit Che 2011-07-06 11:31 . 2004-03-08 22:00 152848 ----a-w- c:\windows\SysWow64\comdlg32.OCX 2011-07-06 11:31 . 2004-03-08 22:00 124688 ----a-w- c:\windows\SysWow64\mswinsck.ocx 2011-07-06 11:30 . 2011-07-06 11:30 -------- d-----w- c:\program files (x86)\BitTorrent 2011-07-06 08:06 . 1999-09-10 10:06 5600 ----a-w- c:\windows\system\WINASPI.DLL 2011-07-06 08:06 . 1999-09-10 10:06 4672 ----a-w- c:\windows\system\WOWPOST.EXE 2011-07-06 08:06 . 1999-09-10 10:06 45056 ----a-w- c:\windows\SysWow64\WNASPI32.DLL 2011-07-06 08:06 . 1999-09-10 10:06 25244 ----a-w- c:\windows\SysWow64\drivers\ASPI32.SYS 2011-07-06 08:06 . 2011-07-06 08:06 -------- d-----w- c:\program files (x86)\XviD 2011-07-06 08:06 . 2004-07-26 10:12 166912 ----a-w- c:\windows\SysWow64\Lame_enc.dll 2011-07-06 08:06 . 2004-07-26 10:12 187904 ----a-w- c:\windows\SysWow64\Lame.exe 2011-07-06 08:06 . 2011-07-06 08:06 641021 ----a-w- c:\windows\unins000.exe 2011-07-06 08:06 . 2004-07-26 10:13 200192 ----a-w- c:\windows\SysWow64\LameACM.acm 2011-07-06 05:43 . 2011-07-06 05:43 -------- d-----w- c:\windows\system32\log 2011-07-05 17:10 . 2011-07-05 17:10 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2011-07-05 17:07 . 2009-05-18 11:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2011-07-05 17:07 . 2008-04-17 10:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll 2011-07-05 17:07 . 2008-04-17 10:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll 2011-07-05 17:07 . 2011-07-05 17:07 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2011-07-05 17:06 . 2011-07-28 08:03 -------- d-----w- c:\programdata\Apple Computer 2011-07-05 17:05 . 2011-07-05 17:05 -------- d-----w- c:\program files\Bonjour 2011-07-05 17:05 . 2011-07-05 17:05 -------- d-----w- c:\program files (x86)\Bonjour 2011-07-05 17:02 . 2011-07-05 17:02 -------- d-----w- c:\programdata\Apple 2011-07-05 16:59 . 2011-07-15 08:22 403616 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-07-05 16:18 . 2011-07-05 16:18 -------- d-----w- c:\windows\SysWow64\Wat 2011-07-05 16:18 . 2011-07-05 16:18 -------- d-----w- c:\windows\system32\Wat 2011-07-05 15:55 . 2011-07-05 15:55 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2011-07-05 15:48 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe 2011-07-05 15:43 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll 2011-07-05 15:43 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll 2011-07-05 15:43 . 2011-04-25 05:33 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-07-05 15:43 . 2011-04-25 02:34 499200 ----a-w- c:\windows\system32\drivers\afd.sys 2011-07-05 15:43 . 2010-11-20 13:33 288640 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2011-07-05 15:43 . 2011-07-05 15:43 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine 2011-07-05 15:43 . 2011-07-05 15:44 -------- d-----w- c:\program files (x86)\Winamp 2011-07-05 15:42 . 2011-03-11 06:34 1359872 ----a-w- c:\windows\system32\mfc42u.dll 2011-07-05 15:42 . 2011-03-11 06:34 1395712 ----a-w- c:\windows\system32\mfc42.dll 2011-07-05 15:42 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll 2011-07-05 15:42 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll 2011-07-05 15:42 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll 2011-07-05 15:42 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-17 08:57 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-07-08 14:08 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2011-07-08 14:08 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2011-06-03 05:57 . 2011-07-13 18:20 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2011-05-13 14:03 . 2011-05-13 14:03 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll 2011-05-13 13:42 . 2011-05-13 13:42 302448 ----a-w- c:\windows\WLXPGSS.SCR 2011-05-10 06:06 . 2011-05-10 06:06 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys 2011-05-10 06:06 . 2011-05-10 06:06 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll 2009-04-08 08:31 . 2009-04-08 08:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll 2008-08-11 19:45 . 2008-08-11 19:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-07-28_08.14.20 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-14 04:54 . 2011-07-29 09:27 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-07-27 18:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-07-27 18:44 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-07-29 09:27 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-07-27 18:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-07-29 09:27 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-08-04 10:40 . 2011-07-28 17:15 83774 c:\windows\system32\perfc00D.dat - 2009-08-04 10:40 . 2011-07-27 18:38 83774 c:\windows\system32\perfc00D.dat - 2009-07-14 05:30 . 2011-07-28 08:02 86016 c:\windows\system32\DriverStore\infpub.dat + 2009-07-14 05:30 . 2011-07-28 09:46 86016 c:\windows\system32\DriverStore\infpub.dat + 2011-07-06 05:42 . 2011-07-28 10:25 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-07-06 05:42 . 2011-07-13 18:01 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-07-06 05:42 . 2011-07-28 10:25 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-07-06 05:42 . 2011-07-13 18:01 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-07-13 18:01 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-07-28 10:25 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-07-29 16:12 . 2011-07-29 16:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-07-28 08:13 . 2011-07-28 08:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-07-28 08:13 . 2011-07-28 08:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-07-29 16:12 . 2011-07-29 16:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-07-06 07:13 . 2011-07-29 16:05 232362 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin + 2011-07-05 18:17 . 2011-07-29 14:42 229388 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin - 2009-08-04 10:28 . 2011-07-27 18:38 718780 c:\windows\system32\prfh0816.dat + 2009-08-04 10:28 . 2011-07-28 17:15 718780 c:\windows\system32\prfh0816.dat + 2009-08-04 10:22 . 2011-07-28 17:15 399446 c:\windows\system32\prfh0404.dat - 2009-08-04 10:22 . 2011-07-27 18:38 399446 c:\windows\system32\prfh0404.dat + 2009-08-04 10:28 . 2011-07-28 17:15 151762 c:\windows\system32\prfc0816.dat - 2009-08-04 10:28 . 2011-07-27 18:38 151762 c:\windows\system32\prfc0816.dat + 2009-08-04 10:22 . 2011-07-28 17:15 121068 c:\windows\system32\prfc0404.dat - 2009-08-04 10:22 . 2011-07-27 18:38 121068 c:\windows\system32\prfc0404.dat - 2009-08-04 10:15 . 2011-07-27 18:38 743330 c:\windows\system32\perfh013.dat + 2009-08-04 10:15 . 2011-07-28 17:15 743330 c:\windows\system32\perfh013.dat + 2009-08-04 10:09 . 2011-07-28 17:15 729780 c:\windows\system32\perfh010.dat - 2009-08-04 10:09 . 2011-07-27 18:38 729780 c:\windows\system32\perfh010.dat - 2009-08-04 10:40 . 2011-07-27 18:38 382572 c:\windows\system32\perfh00D.dat + 2009-08-04 10:40 . 2011-07-28 17:15 382572 c:\windows\system32\perfh00D.dat + 2009-08-04 10:03 . 2011-07-28 17:15 735244 c:\windows\system32\perfh00C.dat - 2009-08-04 10:03 . 2011-07-27 18:38 735244 c:\windows\system32\perfh00C.dat + 2009-08-04 09:57 . 2011-07-28 17:15 735088 c:\windows\system32\perfh00A.dat - 2009-08-04 09:57 . 2011-07-27 18:38 735088 c:\windows\system32\perfh00A.dat - 2009-07-14 02:36 . 2011-07-27 18:38 652136 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2011-07-28 17:15 652136 c:\windows\system32\perfh009.dat + 2009-08-04 10:34 . 2011-07-28 17:15 596464 c:\windows\system32\perfh008.dat - 2009-08-04 10:34 . 2011-07-27 18:38 596464 c:\windows\system32\perfh008.dat - 2009-08-04 09:51 . 2011-07-27 18:38 686528 c:\windows\system32\perfh007.dat + 2009-08-04 09:51 . 2011-07-28 17:15 686528 c:\windows\system32\perfh007.dat - 2009-08-04 10:15 . 2011-07-27 18:38 152414 c:\windows\system32\perfc013.dat + 2009-08-04 10:15 . 2011-07-28 17:15 152414 c:\windows\system32\perfc013.dat + 2009-08-04 10:09 . 2011-07-28 17:15 145662 c:\windows\system32\perfc010.dat - 2009-08-04 10:09 . 2011-07-27 18:38 145662 c:\windows\system32\perfc010.dat - 2009-08-04 10:03 . 2011-07-27 18:38 148166 c:\windows\system32\perfc00C.dat + 2009-08-04 10:03 . 2011-07-28 17:15 148166 c:\windows\system32\perfc00C.dat - 2009-08-04 09:57 . 2011-07-27 18:38 157198 c:\windows\system32\perfc00A.dat + 2009-08-04 09:57 . 2011-07-28 17:15 157198 c:\windows\system32\perfc00A.dat + 2009-07-14 02:36 . 2011-07-28 17:15 121068 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2011-07-27 18:38 121068 c:\windows\system32\perfc009.dat + 2009-08-04 10:34 . 2011-07-28 17:15 109866 c:\windows\system32\perfc008.dat - 2009-08-04 10:34 . 2011-07-27 18:38 109866 c:\windows\system32\perfc008.dat + 2009-08-04 09:51 . 2011-07-28 17:15 147656 c:\windows\system32\perfc007.dat - 2009-08-04 09:51 . 2011-07-27 18:38 147656 c:\windows\system32\perfc007.dat + 2009-07-14 05:30 . 2011-07-28 09:46 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:30 . 2011-07-28 08:02 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:01 . 2011-07-28 08:10 432436 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2011-07-29 16:09 432436 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-07-07 13:13 . 2011-07-29 16:09 9050418 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-904468322-2197100903-2083495133-1002-12288.dat + 2011-07-17 18:30 . 2011-07-29 16:09 12294456 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2011-07-17 18:30 . 2011-07-28 08:10 12294456 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-07-05 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-24 6806144] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] R3 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 135664] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 ***laby;***laby;c:\windows\system32\DRIVERS\***laby.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 !SASCORE;SAS Core Service;d:\programma's\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-05-04 128384] S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/11/05 17:55];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [2010-02-24 18:14 146928] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-07-12 1616488] S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-07 376352] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x] S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2011-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 01:03] . 2011-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 01:03] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\ld35x66s.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - Google FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) AddRemove-BearShare - c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\BearShare_V9_nl_Setup.exe AddRemove-yowindow - c:\program files (x86)\YoWindow\uninstall.exe AddRemove-{5F624839-947D-46EA-BD63-FD847C1AC6F1} - c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE}\BearShare_V9_nl_Setup.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11a_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11a_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe c:\windows\SysWOW64\srvany.exe c:\windows\KMService.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files\ASUS\NB Probe\SPM\spmgr.exe c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe . ************************************************************************** . Voltooingstijd: 2011-07-29 18:21:52 - machine werd herstart ComboFix-quarantined-files.txt 2011-07-29 16:21 ComboFix2.txt 2011-07-28 08:23 ComboFix3.txt 2011-07-25 17:44 . Pre-Run: 83.209.105.408 bytes beschikbaar Post-Run: 82.807.238.656 bytes beschikbaar . - - End Of File - - 2C6858BF11C41EA2836B22AB05D43449 Moet er iets gebeuren in msconfig -> tabblad opstarten?
-
ja, dat is alles dat bij het tabblad staat. P.S. Ik heb dat van CFScript.txt al in ComboFix.exe gesleept.
-
Hier is het logje van ComboFix: ComboFix 11-07-27.02 - Thomas 27/07/2011 20:20:37.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3878.2435 [GMT 2:00] Gestart vanuit: c:\users\Thomas\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Thomas\Desktop\CFScript.txt AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\yowindow.scr" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\esupport\eDriver\Software\ASUS\MultiFrame\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0021\Desktop_.ini c:\programdata\FullRemove.exe c:\windows\yowindow.scr . . (((((((((((((((((((( Bestanden Gemaakt van 2011-06-28 to 2011-07-28 )))))))))))))))))))))))))))))) . . 2011-07-28 08:09 . 2011-07-28 08:09 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-07-28 08:09 . 2011-07-28 08:09 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-07-28 08:05 . 2011-07-28 08:05 -------- d-----w- c:\program files\iPod 2011-07-28 08:05 . 2011-07-28 08:06 -------- d-----w- c:\program files\iTunes 2011-07-28 08:03 . 2011-07-28 08:03 -------- d-----w- c:\program files (x86)\QuickTime 2011-07-28 08:03 . 2011-07-28 08:03 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-07-28 08:02 . 2011-07-28 08:02 -------- d-----w- c:\program files\Common Files\Apple 2011-07-28 08:02 . 2011-07-28 08:05 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-07-25 16:57 . 2011-07-27 18:17 -------- d-----w- C:\32788R22FWJFW 2011-07-23 09:43 . 2011-07-23 09:43 -------- d-----w- c:\program files (x86)\WOT 2011-07-20 12:08 . 2007-06-19 12:00 4608 ----a-w- c:\windows\SysWow64\mqsv32.exe 2011-07-20 12:05 . 2011-07-20 12:05 -------- d-----w- c:\program files (x86)\Games 2011-07-20 11:22 . 2011-07-20 11:23 -------- d-----w- c:\program files (x86)\Windows Sidebar 2011-07-17 09:13 . 2011-07-07 06:34 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys 2011-07-17 09:13 . 2011-07-17 09:13 -------- d-----w- c:\program files\Soluto 2011-07-17 09:06 . 2011-07-17 09:06 -------- d-----w- c:\windows\en 2011-07-17 09:02 . 2011-07-17 09:02 -------- d-----w- c:\windows\nl 2011-07-17 08:13 . 2011-07-17 08:13 -------- d-----w- c:\windows\Sun 2011-07-15 11:37 . 2011-07-15 11:37 -------- d-----w- c:\programdata\Canneverbe Limited 2011-07-15 06:51 . 2011-07-15 06:51 8192 ----a-w- c:\windows\SysWow64\srvany.exe 2011-07-15 06:51 . 2011-07-15 06:51 151552 ----a-w- c:\windows\KMService.exe 2011-07-14 20:10 . 2011-07-14 20:10 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2011-07-14 16:39 . 2011-07-14 16:39 -------- d-----w- c:\programdata\ASUS 2011-07-14 16:33 . 2011-07-14 16:33 -------- d-----w- c:\program files (x86)\Common Files\ControlDeck 2011-07-13 18:20 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll 2011-07-13 16:58 . 2011-07-13 16:58 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services 2011-07-13 16:57 . 2011-07-13 16:57 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework 2011-07-13 16:54 . 2011-07-13 16:54 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2011-07-13 16:53 . 2011-07-13 16:53 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2011-07-13 16:53 . 2011-07-14 20:14 -------- d-----w- c:\programdata\Microsoft Help 2011-07-13 16:52 . 2011-07-13 16:52 -------- d-----r- C:\MSOCache 2011-07-13 08:49 . 2011-07-17 14:37 -------- d-----w- c:\programdata\YoWindow 2011-07-13 08:49 . 2011-07-13 08:49 -------- d-----w- c:\program files (x86)\YoWindow 2011-07-10 08:37 . 2011-07-10 08:37 -------- d-----w- c:\programdata\BearShare 2011-07-10 08:37 . 2011-07-10 08:37 -------- d-----w- c:\program files (x86)\BearShare Applications 2011-07-10 08:36 . 2011-07-10 08:38 -------- dc-h--w- c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE} 2011-07-10 08:34 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-07-10 08:34 . 2011-07-10 08:34 -------- d-----w- c:\programdata\Malwarebytes 2011-07-10 08:32 . 2011-07-10 08:32 -------- d-----w- c:\programdata\!SASCORE 2011-07-08 14:29 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2011-07-08 14:28 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll 2011-07-08 14:28 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll 2011-07-08 14:28 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll 2011-07-08 14:28 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll 2011-07-08 13:22 . 2011-07-08 13:22 -------- d-----w- c:\windows\system32\SPReview 2011-07-08 12:21 . 2011-07-08 12:21 -------- d-----w- c:\windows\system32\EventProviders 2011-07-07 15:52 . 2010-11-20 13:27 3072 ----a-w- c:\windows\system32\drivers\he-IL\tsusbflt.sys.mui 2011-07-07 15:52 . 2010-11-20 13:30 2560 ----a-w- c:\windows\system32\drivers\he-IL\rdpwd.sys.mui 2011-07-07 15:52 . 2010-11-20 13:40 3584 ----a-w- c:\windows\system32\drivers\pt-PT\tsusbflt.sys.mui 2011-07-07 15:52 . 2010-11-20 13:45 3072 ----a-w- c:\windows\system32\drivers\pt-PT\rdpwd.sys.mui 2011-07-07 15:52 . 2010-11-20 13:45 3072 ----a-w- c:\windows\system32\drivers\pt-PT\MTConfig.sys.mui 2011-07-07 15:52 . 2010-11-20 13:37 6656 ----a-w- c:\windows\system32\drivers\pt-PT\IPMIDrv.sys.mui 2011-07-07 15:52 . 2010-11-20 13:45 4096 ----a-w- c:\windows\system32\drivers\pt-PT\pscr.sys.mui 2011-07-07 15:52 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll 2011-07-07 15:52 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll 2011-07-07 15:52 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2011-07-07 15:50 . 2010-11-20 13:27 867840 ----a-w- c:\windows\system32\SearchFolder.dll 2011-07-07 15:49 . 2010-11-20 13:28 298104 ----a-w- c:\windows\system32\bcryptprimitives.dll 2011-07-07 15:48 . 2010-11-20 13:25 3745792 ----a-w- c:\windows\system32\accessibilitycpl.dll 2011-07-07 15:47 . 2010-11-20 13:27 13312 ----a-w- c:\windows\system32\sscore.dll 2011-07-07 15:46 . 2010-11-20 13:01 2560 ----a-w- c:\windows\system32\drivers\en-US\rdpwd.sys.mui 2011-07-07 15:45 . 2010-11-20 13:01 3072 ----a-w- c:\windows\system32\drivers\es-ES\Dot4usb.sys.mui 2011-07-07 15:45 . 2010-11-20 12:56 25600 ----a-w- c:\windows\system32\drivers\es-ES\usbport.sys.mui 2011-07-07 15:45 . 2010-11-20 13:44 2560 ----a-w- c:\windows\system32\drivers\it-IT\rdpwd.sys.mui 2011-07-07 15:45 . 2010-11-20 13:34 3584 ----a-w- c:\windows\system32\drivers\it-IT\tsusbflt.sys.mui 2011-07-07 15:45 . 2010-11-20 13:33 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui 2011-07-07 15:45 . 2010-11-20 13:34 2560 ----a-w- c:\windows\system32\drivers\nl-NL\rdpwd.sys.mui 2011-07-07 15:44 . 2010-11-20 13:27 3072 ----a-w- c:\windows\system32\drivers\nl-NL\Dot4usb.sys.mui 2011-07-07 15:44 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll 2011-07-07 15:44 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll 2011-07-07 15:44 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll 2011-07-07 15:44 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll 2011-07-07 15:41 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll 2011-07-07 13:38 . 2011-07-07 13:38 -------- d-----w- c:\users\Public\CyberLink 2011-07-07 08:16 . 2011-07-10 08:18 -------- d-----w- c:\program files (x86)\Exact Audio Copy 2011-07-06 19:17 . 2011-07-10 08:26 -------- d-----w- c:\programdata\Deskshare 2011-07-06 19:12 . 2011-07-06 19:12 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-07-06 19:12 . 2011-07-06 19:12 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-07-06 18:21 . 2011-07-23 09:41 -------- d-----w- c:\programdata\Soluto 2011-07-06 14:17 . 2011-06-08 09:04 34816 ----a-w- c:\windows\nircmdc.exe 2011-07-06 12:53 . 2011-07-06 13:10 -------- d-----w- c:\programdata\DVD Shrink 2011-07-06 12:10 . 2011-07-17 14:38 -------- d-----w- c:\windows\SysWow64\Adobe 2011-07-06 11:31 . 2011-07-08 07:47 -------- d-----w- c:\program files (x86)\Bit Che 2011-07-06 11:31 . 2004-03-08 22:00 152848 ----a-w- c:\windows\SysWow64\comdlg32.OCX 2011-07-06 11:31 . 2004-03-08 22:00 124688 ----a-w- c:\windows\SysWow64\mswinsck.ocx 2011-07-06 11:30 . 2011-07-06 11:30 -------- d-----w- c:\program files (x86)\BitTorrent 2011-07-06 08:06 . 1999-09-10 10:06 5600 ----a-w- c:\windows\system\WINASPI.DLL 2011-07-06 08:06 . 1999-09-10 10:06 4672 ----a-w- c:\windows\system\WOWPOST.EXE 2011-07-06 08:06 . 1999-09-10 10:06 45056 ----a-w- c:\windows\SysWow64\WNASPI32.DLL 2011-07-06 08:06 . 1999-09-10 10:06 25244 ----a-w- c:\windows\SysWow64\drivers\ASPI32.SYS 2011-07-06 08:06 . 2011-07-06 08:06 -------- d-----w- c:\program files (x86)\XviD 2011-07-06 08:06 . 2004-07-26 10:12 166912 ----a-w- c:\windows\SysWow64\Lame_enc.dll 2011-07-06 08:06 . 2004-07-26 10:12 187904 ----a-w- c:\windows\SysWow64\Lame.exe 2011-07-06 08:06 . 2011-07-06 08:06 641021 ----a-w- c:\windows\unins000.exe 2011-07-06 08:06 . 2004-07-26 10:13 200192 ----a-w- c:\windows\SysWow64\LameACM.acm 2011-07-06 05:43 . 2011-07-06 05:43 -------- d-----w- c:\windows\system32\log 2011-07-05 17:10 . 2011-07-05 17:10 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2011-07-05 17:07 . 2009-05-18 11:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2011-07-05 17:07 . 2008-04-17 10:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll 2011-07-05 17:07 . 2008-04-17 10:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll 2011-07-05 17:07 . 2011-07-05 17:07 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2011-07-05 17:06 . 2011-07-28 08:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2011-07-05 17:06 . 2011-07-28 08:03 -------- d-----w- c:\programdata\Apple Computer 2011-07-05 17:05 . 2011-07-05 17:05 -------- d-----w- c:\program files\Bonjour 2011-07-05 17:05 . 2011-07-05 17:05 -------- d-----w- c:\program files (x86)\Bonjour 2011-07-05 17:02 . 2011-07-05 17:02 -------- d-----w- c:\programdata\Apple 2011-07-05 16:59 . 2011-07-15 08:22 403616 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-07-05 16:18 . 2011-07-05 16:18 -------- d-----w- c:\windows\SysWow64\Wat 2011-07-05 16:18 . 2011-07-05 16:18 -------- d-----w- c:\windows\system32\Wat 2011-07-05 15:55 . 2011-07-05 15:55 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2011-07-05 15:48 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe 2011-07-05 15:43 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll 2011-07-05 15:43 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll 2011-07-05 15:43 . 2011-04-25 05:33 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-07-05 15:43 . 2011-04-25 02:34 499200 ----a-w- c:\windows\system32\drivers\afd.sys 2011-07-05 15:43 . 2010-11-20 13:33 288640 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2011-07-05 15:43 . 2011-07-05 15:43 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine 2011-07-05 15:43 . 2011-07-05 15:44 -------- d-----w- c:\program files (x86)\Winamp 2011-07-05 15:42 . 2011-03-11 06:34 1359872 ----a-w- c:\windows\system32\mfc42u.dll . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-17 08:57 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-07-08 14:08 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2011-07-08 14:08 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2011-06-03 05:57 . 2011-07-13 18:20 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2011-05-13 14:03 . 2011-05-13 14:03 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll 2011-05-13 13:42 . 2011-05-13 13:42 302448 ----a-w- c:\windows\WLXPGSS.SCR 2011-05-10 06:06 . 2011-05-10 06:06 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys 2011-05-10 06:06 . 2011-05-10 06:06 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll 2009-04-08 08:31 . 2009-04-08 08:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll 2008-08-11 19:45 . 2008-08-11 19:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-24 6806144] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] R3 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 135664] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 ***laby;***laby;c:\windows\system32\DRIVERS\***laby.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 !SASCORE;SAS Core Service;d:\programma's\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-05-04 128384] S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/11/05 17:55];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [2010-02-24 18:14 146928] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-07-12 1616488] S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-07 376352] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x] S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2011-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 01:03] . 2011-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 01:03] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\ld35x66s.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - Google FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Toolbar-Locked - (no file) Toolbar-10 - (no file) . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11a_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11a_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe c:\windows\SysWOW64\srvany.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\windows\KMService.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe c:\program files\ASUS\NB Probe\SPM\spmgr.exe c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe . ************************************************************************** . Voltooingstijd: 2011-07-28 10:23:31 - machine werd herstart ComboFix-quarantined-files.txt 2011-07-28 08:23 ComboFix2.txt 2011-07-25 17:44 . Pre-Run: 84.193.402.880 bytes beschikbaar Post-Run: 83.011.301.376 bytes beschikbaar . - - End Of File - - 8BAA913A471E34B56F50496DA7D76E35 Hier is het logje van HiJackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:20:09, on 28/07/2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe D:\Programma's\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: PowerOffer - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Public\Documents\PowerOffer\PowerOfferBHO.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-21-904468322-2197100903-2083495133-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-904468322-2197100903-2083495133-1000\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'UpdatusUser') O4 - HKUS\S-1-5-21-904468322-2197100903-2083495133-1000\..\Run: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" (User 'UpdatusUser') O4 - HKUS\S-1-5-21-904468322-2197100903-2083495133-1000\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED (User 'UpdatusUser') O4 - HKUS\S-1-5-21-904468322-2197100903-2083495133-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Programma's\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Message Queuing Service (MSMQSVC) - Unknown owner - C:\Windows\system32\mqsv32.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11562 bytes Hier is het screentje van msconfig:
-
Wie is TS? ---------- Post toegevoegd om 19:52 ---------- Vorige post was om 19:51 ---------- Hier is het logje: ComboFix 11-07-25.02 - Thomas 25/07/2011 19:01:52.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3878.942 [GMT 2:00] Gestart vanuit: c:\users\Thomas\Desktop\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\esupport\eDriver\Software\ASUS\MultiFrame\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0021\Desktop_.ini c:\programdata\FullRemove.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-06-25 to 2011-07-25 )))))))))))))))))))))))))))))) . . 2011-07-25 16:57 . 2011-07-25 16:58 -------- d-----w- C:\32788R22FWJFW 2011-07-23 09:43 . 2011-07-23 09:43 -------- d-----w- c:\program files (x86)\WOT 2011-07-20 12:05 . 2011-07-20 12:05 -------- d-----w- c:\program files (x86)\Games 2011-07-20 11:22 . 2011-07-20 11:23 -------- d-----w- c:\program files (x86)\Windows Sidebar 2011-07-17 09:13 . 2011-07-07 06:34 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys 2011-07-17 09:13 . 2011-07-17 09:13 -------- d-----w- c:\program files\Soluto 2011-07-17 09:06 . 2011-07-17 09:06 -------- d-----w- c:\windows\en 2011-07-17 09:02 . 2011-07-17 09:02 -------- d-----w- c:\windows\nl 2011-07-17 08:13 . 2011-07-17 08:13 -------- d-----w- c:\windows\Sun 2011-07-15 11:37 . 2011-07-15 11:37 -------- d-----w- c:\programdata\Canneverbe Limited 2011-07-15 06:51 . 2011-07-15 06:51 8192 ----a-w- c:\windows\SysWow64\srvany.exe 2011-07-15 06:51 . 2011-07-15 06:51 151552 ----a-w- c:\windows\KMService.exe 2011-07-14 20:10 . 2011-07-14 20:10 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2011-07-14 16:39 . 2011-07-14 16:39 -------- d-----w- c:\programdata\ASUS 2011-07-14 16:33 . 2011-07-14 16:33 -------- d-----w- c:\program files (x86)\Common Files\ControlDeck 2011-07-13 18:20 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll 2011-07-13 16:58 . 2011-07-13 16:58 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services 2011-07-13 16:57 . 2011-07-13 16:57 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework 2011-07-13 16:54 . 2011-07-13 16:54 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2011-07-13 16:53 . 2011-07-13 16:53 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2011-07-13 16:53 . 2011-07-14 20:14 -------- d-----w- c:\programdata\Microsoft Help 2011-07-13 16:52 . 2011-07-13 16:52 -------- d-----r- C:\MSOCache 2011-07-13 08:49 . 2011-07-17 14:37 -------- d-----w- c:\programdata\YoWindow 2011-07-13 08:49 . 2011-07-13 08:49 -------- d-----w- c:\program files (x86)\YoWindow 2011-07-11 16:20 . 2011-07-11 16:20 688128 ----a-w- c:\windows\yowindow.scr 2011-07-10 08:37 . 2011-07-10 08:37 -------- d-----w- c:\programdata\BearShare 2011-07-10 08:37 . 2011-07-10 08:37 -------- d-----w- c:\program files (x86)\BearShare Applications 2011-07-10 08:36 . 2011-07-10 08:38 -------- dc-h--w- c:\programdata\{E27E9375-1937-4226-949F-850AC9572FBE} 2011-07-10 08:34 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-07-10 08:34 . 2011-07-10 08:34 -------- d-----w- c:\programdata\Malwarebytes 2011-07-10 08:32 . 2011-07-10 08:32 -------- d-----w- c:\programdata\!SASCORE 2011-07-08 14:29 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2011-07-08 14:28 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll 2011-07-08 14:28 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll 2011-07-08 14:28 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll 2011-07-08 14:28 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll 2011-07-08 13:22 . 2011-07-08 13:22 -------- d-----w- c:\windows\system32\SPReview 2011-07-08 12:21 . 2011-07-08 12:21 -------- d-----w- c:\windows\system32\EventProviders 2011-07-07 15:52 . 2010-11-20 13:27 3072 ----a-w- c:\windows\system32\drivers\he-IL\tsusbflt.sys.mui 2011-07-07 15:52 . 2010-11-20 13:30 2560 ----a-w- c:\windows\system32\drivers\he-IL\rdpwd.sys.mui 2011-07-07 15:52 . 2010-11-20 13:40 3584 ----a-w- c:\windows\system32\drivers\pt-PT\tsusbflt.sys.mui 2011-07-07 15:52 . 2010-11-20 13:45 3072 ----a-w- c:\windows\system32\drivers\pt-PT\rdpwd.sys.mui 2011-07-07 15:52 . 2010-11-20 13:45 3072 ----a-w- c:\windows\system32\drivers\pt-PT\MTConfig.sys.mui 2011-07-07 15:52 . 2010-11-20 13:37 6656 ----a-w- c:\windows\system32\drivers\pt-PT\IPMIDrv.sys.mui 2011-07-07 15:52 . 2010-11-20 13:45 4096 ----a-w- c:\windows\system32\drivers\pt-PT\pscr.sys.mui 2011-07-07 15:52 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll 2011-07-07 15:52 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll 2011-07-07 15:52 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2011-07-07 15:50 . 2010-11-20 13:27 867840 ----a-w- c:\windows\system32\SearchFolder.dll 2011-07-07 15:49 . 2010-11-20 13:28 298104 ----a-w- c:\windows\system32\bcryptprimitives.dll 2011-07-07 15:48 . 2010-11-20 13:25 3745792 ----a-w- c:\windows\system32\accessibilitycpl.dll 2011-07-07 15:47 . 2010-11-20 13:27 13312 ----a-w- c:\windows\system32\sscore.dll 2011-07-07 15:46 . 2010-11-20 13:01 2560 ----a-w- c:\windows\system32\drivers\en-US\rdpwd.sys.mui 2011-07-07 15:45 . 2010-11-20 13:01 3072 ----a-w- c:\windows\system32\drivers\es-ES\Dot4usb.sys.mui 2011-07-07 15:45 . 2010-11-20 12:56 25600 ----a-w- c:\windows\system32\drivers\es-ES\usbport.sys.mui 2011-07-07 15:45 . 2010-11-20 13:44 2560 ----a-w- c:\windows\system32\drivers\it-IT\rdpwd.sys.mui 2011-07-07 15:45 . 2010-11-20 13:34 3584 ----a-w- c:\windows\system32\drivers\it-IT\tsusbflt.sys.mui 2011-07-07 15:45 . 2010-11-20 13:33 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui 2011-07-07 15:45 . 2010-11-20 13:34 2560 ----a-w- c:\windows\system32\drivers\nl-NL\rdpwd.sys.mui 2011-07-07 15:44 . 2010-11-20 13:27 3072 ----a-w- c:\windows\system32\drivers\nl-NL\Dot4usb.sys.mui 2011-07-07 15:44 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll 2011-07-07 15:44 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll 2011-07-07 15:44 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll 2011-07-07 15:44 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll 2011-07-07 15:41 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll 2011-07-07 13:38 . 2011-07-07 13:38 -------- d-----w- c:\users\Public\CyberLink 2011-07-07 08:16 . 2011-07-10 08:18 -------- d-----w- c:\program files (x86)\Exact Audio Copy 2011-07-06 19:17 . 2011-07-10 08:26 -------- d-----w- c:\programdata\Deskshare 2011-07-06 19:12 . 2011-07-06 19:12 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-07-06 19:12 . 2011-07-06 19:12 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-07-06 18:23 . 2011-07-06 18:23 -------- d-----w- c:\program files (x86)\VideoLAN 2011-07-06 18:21 . 2011-07-23 09:41 -------- d-----w- c:\programdata\Soluto 2011-07-06 14:17 . 2011-06-08 09:04 34816 ----a-w- c:\windows\nircmdc.exe 2011-07-06 12:53 . 2011-07-06 13:10 -------- d-----w- c:\programdata\DVD Shrink 2011-07-06 12:10 . 2011-07-17 14:38 -------- d-----w- c:\windows\SysWow64\Adobe 2011-07-06 11:31 . 2011-07-08 07:47 -------- d-----w- c:\program files (x86)\Bit Che 2011-07-06 11:31 . 2004-03-08 22:00 152848 ----a-w- c:\windows\SysWow64\comdlg32.OCX 2011-07-06 11:31 . 2004-03-08 22:00 124688 ----a-w- c:\windows\SysWow64\mswinsck.ocx 2011-07-06 11:30 . 2011-07-06 11:30 -------- d-----w- c:\program files (x86)\BitTorrent 2011-07-06 08:06 . 1999-09-10 10:06 5600 ----a-w- c:\windows\system\WINASPI.DLL 2011-07-06 08:06 . 1999-09-10 10:06 4672 ----a-w- c:\windows\system\WOWPOST.EXE 2011-07-06 08:06 . 1999-09-10 10:06 45056 ----a-w- c:\windows\SysWow64\WNASPI32.DLL 2011-07-06 08:06 . 1999-09-10 10:06 25244 ----a-w- c:\windows\SysWow64\drivers\ASPI32.SYS 2011-07-06 08:06 . 2011-07-06 08:06 -------- d-----w- c:\program files (x86)\XviD 2011-07-06 08:06 . 2004-07-26 10:12 166912 ----a-w- c:\windows\SysWow64\Lame_enc.dll 2011-07-06 08:06 . 2004-07-26 10:12 187904 ----a-w- c:\windows\SysWow64\Lame.exe 2011-07-06 08:06 . 2011-07-06 08:06 641021 ----a-w- c:\windows\unins000.exe 2011-07-06 08:06 . 2004-07-26 10:13 200192 ----a-w- c:\windows\SysWow64\LameACM.acm 2011-07-06 05:43 . 2011-07-06 05:43 -------- d-----w- c:\windows\system32\log 2011-07-05 17:10 . 2011-07-05 17:10 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2011-07-05 17:07 . 2009-05-18 11:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2011-07-05 17:07 . 2008-04-17 10:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll 2011-07-05 17:07 . 2011-07-05 17:07 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2011-07-05 17:06 . 2011-07-05 17:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2011-07-05 17:06 . 2011-07-05 17:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2011-07-05 17:06 . 2011-07-05 17:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2011-07-05 17:06 . 2011-07-05 17:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2011-07-05 17:06 . 2011-07-05 17:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2011-07-05 17:06 . 2011-07-05 17:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2011-07-05 17:06 . 2011-07-05 17:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2011-07-05 17:06 . 2011-07-14 10:01 -------- d-----w- c:\programdata\Apple Computer 2011-07-05 17:05 . 2011-07-05 17:05 -------- d-----w- c:\program files\Bonjour 2011-07-05 17:05 . 2011-07-05 17:05 -------- d-----w- c:\program files (x86)\Bonjour 2011-07-05 17:02 . 2011-07-05 17:02 -------- d-----w- c:\programdata\Apple 2011-07-05 16:59 . 2011-07-15 08:22 403616 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-07-05 16:18 . 2011-07-05 16:18 -------- d-----w- c:\windows\SysWow64\Wat 2011-07-05 16:18 . 2011-07-05 16:18 -------- d-----w- c:\windows\system32\Wat 2011-07-05 15:55 . 2011-07-05 15:55 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2011-07-05 15:48 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe 2011-07-05 15:43 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll 2011-07-05 15:43 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll 2011-07-05 15:43 . 2011-04-25 05:33 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-07-05 15:43 . 2011-04-25 02:34 499200 ----a-w- c:\windows\system32\drivers\afd.sys 2011-07-05 15:43 . 2010-11-20 13:33 288640 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2011-07-05 15:43 . 2011-07-05 15:43 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine 2011-07-05 15:43 . 2011-07-05 15:44 -------- d-----w- c:\program files (x86)\Winamp 2011-07-05 15:42 . 2011-03-11 06:34 1359872 ----a-w- c:\windows\system32\mfc42u.dll 2011-07-05 15:42 . 2011-03-11 06:34 1395712 ----a-w- c:\windows\system32\mfc42.dll 2011-07-05 15:42 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll 2011-07-05 15:42 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll 2011-07-05 15:42 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll 2011-07-05 15:42 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2011-07-05 15:42 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-07-05 15:42 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2011-07-05 15:42 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-17 08:57 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-07-08 14:08 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2011-07-08 14:08 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2011-06-03 05:57 . 2011-07-13 18:20 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2011-05-13 14:03 . 2011-05-13 14:03 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll 2011-05-13 13:42 . 2011-05-13 13:42 302448 ----a-w- c:\windows\WLXPGSS.SCR 2011-05-10 06:06 . 2011-05-10 06:06 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys 2011-05-10 06:06 . 2011-05-10 06:06 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll 2009-04-08 08:31 . 2009-04-08 08:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll 2008-08-11 19:45 . 2008-08-11 19:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-24 6806144] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MSMQSVC;Message Queuing Service;c:\windows\system32\mqsv32.exe [x] R3 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] R3 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 135664] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 ***laby;***laby;c:\windows\system32\DRIVERS\***laby.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 !SASCORE;SAS Core Service;d:\programma's\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-05-04 128384] S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/11/05 17:55];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [2010-02-24 18:14 146928] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-07-12 1616488] S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-07 376352] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x] S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x] . . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\ld35x66s.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - Google FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Toolbar-Locked - (no file) Toolbar-10 - (no file) HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-K_Series_ScreenSaver_EN - c:\windows\system32\K_Series_ScreenSaver_EN.scr . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11a_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11a_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe c:\windows\SysWOW64\srvany.exe c:\windows\KMService.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe c:\program files\ASUS\NB Probe\SPM\spmgr.exe c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe . ************************************************************************** . Voltooingstijd: 2011-07-25 19:44:43 - machine werd herstart ComboFix-quarantined-files.txt 2011-07-25 17:44 . Pre-Run: 84.281.155.584 bytes beschikbaar Post-Run: 83.920.015.360 bytes beschikbaar . - - End Of File - - BB9526764341E2243CC964598AEE898A
-
Ik heb ze toch gemarkeerd als OPGELOST
-
Logje MBAM: Malwarebytes' Anti-Malware 1.51.1.1800 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Database version: 7248 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 23/07/2011 12:53:52 mbam-log-2011-07-23 (12-53-47).txt Scan type: Quick scan Objects scanned: 183538 Time elapsed: 5 minute(s), 26 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Logje HiJackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:55:58, on 23/07/2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\Cyberlink\Shared files\brs.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe D:\Programma's\Program Files (x86)\Winamp\winamp.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Documents\PowerOffer\POService.exe D:\Programma's\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: PowerOffer - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Public\Documents\PowerOffer\PowerOfferBHO.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Programma's\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-904468322-2197100903-2083495133-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-904468322-2197100903-2083495133-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Programma's\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12276 bytes
-
Bedankt, nu is hij wel sneller in het opstarten.
-
Ik heb een schijf van 500 GB, maar die is niet goed verdeeld, nl. OS(C:) -> 116GB en DATA(D:) -> 327GB. Ik heb op OS(C:) nog 78,8GB vrij, ik vind dat veel en toch is hij wat traag. Ik heb een ASUS K52J Series.
-
Hey, Ik heb een sinds 3 weken een nieuwe laptop met windows 7, maar die is wel wat traag, ik draai of installeer misschien teveel programma's. Ik heb hier een logje van HiJackThis, kan iemand dat nakijken? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:46:25, on 20/07/2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\Cyberlink\Shared files\brs.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\BitTorrent\BitTorrent.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe D:\Programma's\Program Files (x86)\AVG PC Tuneup 2011\BoostSpeed.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Documents\PowerOffer\POService.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe D:\Programma's\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: PowerOffer - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Public\Documents\PowerOffer\PowerOfferBHO.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-904468322-2197100903-2083495133-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-904468322-2197100903-2083495133-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: SRS Premium Sound.lnk = ? O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Programma's\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Message Queuing Service (MSMQSVC) - Unknown owner - C:\Windows\system32\mqsv32.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12265 bytes
-
Iemand?
-
Ik heb het gedaan, maar het scherm zoals op de afbeelding is er nog steeds.
-
hier is de afbeelding:
-
Hey, Ik heb sinds 2 weken een nieuwe laptop met windows 7 Home Premium x64 en ik zou graag van het scherm als windows opstart met 'welkom' (zie afbeelding) weg hebben. Op de afbeelding is het wel van windows Vista, maar het is bijna hetzelfde. Ik had gehoord dat deze tweak het opstarten versnelt. MVG, Computerboy
-
Ja, ik merk verschil, bedankt! Ik gebruik Firefox 5.0
-
hier is het logje van HiJackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:20:26, on 6-7-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\WLTRAY.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\SpeedFan\speedfan.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\YoWindow\yowindow.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1308066299968 O17 - HKLM\System\CCS\Services\Tcpip\..\{AAF02453-75A2-41AE-AC5E-CE1F29CFFB85}: NameServer = 192.168.1.1 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 5880 bytes En hier is het logje van MBAM: Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 7032 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 6-7-2011 14:24:13 mbam-log-2011-07-06 (14-24-13).txt Scantype: Snelle scan Objecten gescand: 158966 Verstreken tijd: 4 minuut/minuten, 50 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 1 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 3 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 1 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal. Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
-
Hier is het logje van HiJackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:02:00, on 2-7-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\WINDOWS\system32\WLTRAY.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SpeedFan\speedfan.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Secunia\PSI\PSIA.exe C:\Program Files\Avira\AntiVir Desktop\avnotify.exe C:\Program Files\BitTorrent\BitTorrent.exe C:\Program Files\uTorrent\uTorrent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avnotify.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe c:\program files\avira\antivir desktop\avgnt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ost&s={searchTerms}&f=4 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: FroggyBoss Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Froggy.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: MrFroggy - {856E12B5-22D7-4E22-9ACA-EA9A008DD65B} - C:\Program Files\Minibar\Froggy.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Minibar BHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Kango.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Share Your Mood - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\MinibarButton.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1308066299968 O20 - AppInit_DLLs: O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 7221 bytes
-
nee, ik heb niet op zo'n sites gezeten, maar ik heb wel een paar weekjes geleden mijn laptop opnieuw geïnstalleerd. Moet ik dan een nieuw logje op het forum zetten van HiJackThis? Ik ga direct die links eens proberen.
