Ga naar inhoud

geoffke001

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    351

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door geoffke001

  1. geoffke001
    enkel routinecontrole, dank je wel kape
  2. geoffke001
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:31:00, on 4-5-2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16766) Boot mode: Normal Running processes: C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe C:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe C:\Program Files (x86)\MagicDisc\MagicDisc.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\MediaInfo\MediaInfo.exe C:\Program Files (x86)\ImageShack Uploader\ImageShackUploader.exe C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE C:\Program Files (x86)\SABnzbd\SABnzbd.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Users\Gebruiker\Documents\Advanced DivX Calculator\DivXCalc.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files (x86)\AVG\AVG10\avgcsrvx.exe C:\Program Files (x86)\Spotnet\Spotnet.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Facemoods Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Remote Control Editor] "C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Mega Manager] C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe /Tray O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Download alles met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Download de Link met Mega Manager... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: Download selectie met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} - http://www.extrafilm.nl/ExtraFilmUploader6.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files (x86)\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\x64\maconfservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: ViewRightDVRService (ViewRightDVRService.exe) - Verimatrix Inc. - C:\Program Files (x86)\Nokia Siemens Network\Home Media Center\ViewRightDVRService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13495 bytes
  3. geoffke001
    opgelost, ik heb het via geavanceerd gebruikersbeheer een wachtwoord ingesteld. en dan heb ik het wachtwoord verander en verwijderd bij gebruikersaccounts. Dank u wel
  4. geoffke001
    Heb ik al gedaan. Maar ik heb geen oud wachtwoord. Want ik moest voor de ik mijn wachtwoord gewijzigd had, starte de pc automatisch door tot het bureaublad
  5. geoffke001
    Beste, Ik kan mijn wachtwoord niet wijzigen terwijl ik er wel mee kan inloggen. Het probleem deed zit voor wanneer er op mijn computer een venstertje rechts onderaan verscheen dat ik best mijn wachtwoord eens zou veranderen. Dus klikte ik op dat venstertje en veranderde mijn wachtwoord, tot daar had ik geen problemen. De volgende dag leg ik mijn pc terug aan, en er kwam op dat de gebruikersnaam of wachtwoord verkeerd is, Ik kon dan wel op OK klikken en dan kwam er een veld waar ik mijn wachtwoord kon ingeven. Dat deed ik ook, en zo kom ik op mijn pc. Maar als ik mijn wachtwoord bij gebruikers account wil wijzigen dan lukt dit niet. Kan iemand me helpen? Dank u wel
  6. geoffke001
    Beste, Ik kan niet maar op internet, alleen youtube en msn werkt nog. Kan iemand mij helpen? Dank u wel. Logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:15:00, on 26/01/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Windows\System32\spool\drivers\x64\3\E_FATIBGE.EXE C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [EPSON Stylus D78 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBGE.EXE /FU "C:\Windows\TEMP\E_S82B2.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8911 bytes
  7. geoffke001
    alles is in orde, Dank u wel
  8. geoffke001
    nee dit is opgelost. Ik denk dat alles in orde is nu.
  9. geoffke001
    c:\windows\ativpsrm.bin is verwijdert Mdm staat er niet meer tussen Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:07:12, on 29-12-2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\MagicDisc\MagicDisc.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Easy Uploader\EasyUp.exe C:\Program Files (x86)\FTDv3.8\FTDv3.exe C:\Program Files (x86)\SABnzbd\SABnzbd.exe C:\Program Files (x86)\DNA\btdna.exe C:\Program Files (x86)\Java\jre6\bin\javaw.exe C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe C:\Program Files (x86)\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe C:\Program Files (x86)\MediaInfo\MediaInfo.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files (x86)\DNA\btdna.exe" O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_Plugin.exe -update plugin O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe O8 - Extra context menu item: Download alles met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: Download selectie met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.nl/ExtraFilmUploader6.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files (x86)\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9913 bytes
  10. geoffke001
    ComboFix 10-12-26.01 - Gebruiker 27-12-2010 18:33:40.1.6 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.6143.4162 [GMT 1:00] Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\SysWow64\bvbs4v.dll . (((((((((((((((((((( Bestanden Gemaakt van 2010-11-27 to 2010-12-27 )))))))))))))))))))))))))))))) . 2010-12-27 17:38 . 2010-12-27 17:38 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-12-27 12:52 . 2010-12-27 12:52 -------- d-----w- c:\program files (x86)\XviD 2010-12-27 12:52 . 2010-12-27 12:52 -------- d-----w- c:\program files (x86)\AviSynth 2.5 2010-12-27 12:52 . 2010-12-27 12:52 -------- d-----w- c:\program files (x86)\Gabest 2010-12-27 12:51 . 2010-12-27 12:52 -------- d-----w- c:\program files (x86)\AutoGK 2010-12-27 09:42 . 2010-09-03 12:32 10915840 ----a-w- c:\windows\SysWow64\libmfxhw32.dll 2010-12-27 09:42 . 2010-09-03 12:32 10833920 ----a-w- c:\windows\SysWow64\libmfxsw32.dll 2010-12-27 09:42 . 2010-12-27 09:42 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia 2010-12-27 09:41 . 2010-09-03 12:33 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll 2010-12-27 09:41 . 2010-12-27 10:25 -------- d-----w- c:\programdata\AVS4YOU 2010-12-27 09:41 . 2010-12-27 09:42 -------- d-----w- c:\program files (x86)\AVS4YOU 2010-12-27 07:12 . 2010-12-27 07:12 -------- d-----w- c:\programdata\Malwarebytes 2010-12-27 07:12 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2010-12-27 07:11 . 2010-12-27 07:12 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2010-12-26 20:41 . 2010-12-27 10:00 -------- d-----w- C:\Downloads 2010-12-26 20:41 . 2010-12-26 20:41 -------- d-----w- c:\program files (x86)\Free Download Manager 2010-12-26 20:41 . 2010-12-26 20:41 -------- d-----w- c:\programdata\FreeDownloadManager.ORG 2010-12-26 18:36 . 2010-12-26 18:36 -------- d-----w- c:\program files (x86)\Trend Micro 2010-12-26 18:12 . 2010-12-26 18:12 -------- d-----w- c:\windows\SysWow64\Wat 2010-12-26 17:09 . 2010-12-26 17:09 -------- d-----w- c:\program files (x86)\FileZilla FTP Client 2010-12-26 16:30 . 2010-12-26 16:30 -------- d-----w- c:\program files (x86)\ImageShack Uploader 2010-12-26 14:34 . 2010-12-26 14:34 60004 ---h--w- c:\windows\mdm.exe 2010-12-26 14:34 . 2010-12-27 07:14 -------- d-----w- C:\Extracted 2010-12-26 14:33 . 2010-12-26 14:33 -------- d-----w- c:\program files (x86)\EA Sports 2010-12-26 14:31 . 2010-12-26 14:31 -------- d-----w- c:\program files (x86)\MagicDisc 2010-12-26 14:31 . 2009-02-24 17:35 255552 ----a-w- c:\windows\SysWow64\drivers\mcdbus.sys 2010-12-26 14:24 . 2010-12-26 14:24 -------- d-----w- c:\program files (x86)\MediaInfo 2010-12-26 13:52 . 2010-12-26 13:52 -------- d-----w- c:\program files (x86)\uTorrent 2010-12-26 13:18 . 2010-12-26 15:24 -------- d-----w- c:\users\Public\CyberLink 2010-12-26 12:59 . 2010-12-26 12:59 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services 2010-12-26 12:59 . 2010-12-26 12:59 -------- d-----w- c:\windows\PCHEALTH 2010-12-26 11:30 . 2010-12-26 11:30 -------- d-----w- c:\program files (x86)\ESET 2010-12-26 11:29 . 2010-12-26 13:05 8192 ----a-w- c:\windows\SysWow64\srvany.exe 2010-12-26 11:25 . 2010-12-26 11:25 -------- d-----r- C:\Sandbox 2010-12-26 11:22 . 2010-12-26 11:22 -------- d-----w- c:\program files\Sandboxie 2010-12-24 07:43 . 2010-11-16 11:01 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{75CDC8A7-ACB3-420B-BDEB-C3BD07FA7030}\mpengine.dll 2010-12-23 11:13 . 2010-12-23 11:14 -------- d-----w- C:\Temp 2010-12-23 09:34 . 2010-12-26 21:43 -------- d-----w- c:\program files (x86)\RapidShareManager 2010-12-23 09:16 . 2010-12-23 09:16 -------- d-----w- c:\program files (x86)\VideoLAN 2010-12-23 08:08 . 2010-12-23 08:08 -------- d-----w- c:\windows\nl 2010-12-23 08:05 . 2010-12-26 12:59 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition 2010-12-23 08:01 . 2010-12-23 08:08 -------- d-----w- c:\program files (x86)\Windows Live 2010-12-23 08:01 . 2010-12-23 08:01 -------- d-----w- c:\program files\Windows Live 2010-12-23 08:01 . 2010-12-23 08:01 -------- d-----w- c:\program files (x86)\Microsoft 2010-12-23 08:01 . 2010-12-23 08:01 -------- d-----w- c:\program files (x86)\MSN Toolbar 2010-12-23 08:00 . 2010-12-23 08:01 -------- d-----w- c:\program files (x86)\Bing Bar Installer 2010-12-23 08:00 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll 2010-12-23 08:00 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll 2010-12-23 08:00 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL 2010-12-23 08:00 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll 2010-12-23 08:00 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll 2010-12-23 07:57 . 2010-12-23 07:57 -------- d-----w- c:\program files (x86)\Common Files\Windows Live 2010-12-23 06:37 . 2010-12-27 17:35 -------- d-----w- c:\program files (x86)\Easy Uploader 2010-12-22 19:53 . 2010-12-22 19:53 -------- d-----w- c:\program files (x86)\Windows Installer Clean Up 2010-12-22 19:53 . 2010-12-23 07:06 -------- d-----w- c:\program files (x86)\MSECACHE 2010-12-22 19:45 . 2010-12-22 19:45 -------- d-----w- c:\program files\CCleaner 2010-12-22 19:39 . 2010-12-22 19:39 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2 2010-12-22 19:30 . 2010-12-22 19:30 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2010-12-22 19:30 . 2010-12-26 18:21 -------- d-----w- c:\programdata\Microsoft Help 2010-12-22 19:30 . 2010-12-22 19:30 -------- d-----r- C:\MSOCache 2010-12-22 19:28 . 2010-12-22 19:28 -------- d-----w- c:\program files (x86)\Common Files\Java 2010-12-22 19:27 . 2010-12-22 19:27 -------- d-----w- c:\windows\Sun 2010-12-22 19:24 . 2010-12-26 15:07 -------- d-----w- c:\program files (x86)\Common Files\Steam 2010-12-22 19:24 . 2010-12-27 16:16 -------- d-----w- c:\program files (x86)\Steam 2010-12-22 19:15 . 2010-12-22 19:15 -------- d-----w- c:\program files (x86)\SABnzbd 2010-12-22 19:14 . 2010-12-22 19:14 -------- d-----w- c:\programdata\ATI 2010-12-22 19:14 . 2010-12-22 19:14 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies 2010-12-22 19:14 . 2010-12-22 19:14 -------- d-----w- c:\program files (x86)\ATI Technologies 2010-12-22 19:14 . 2010-12-22 19:14 -------- d-----w- c:\program files\Common Files\ATI Technologies 2010-12-22 19:13 . 2010-12-22 19:14 -------- d-----w- c:\program files (x86)\ATI.ACE 2010-12-22 19:13 . 2010-12-22 19:13 -------- d-----w- c:\program files\ATI 2010-12-22 19:12 . 2010-12-22 19:12 -------- d-----w- C:\AMD 2010-12-22 19:12 . 2010-12-22 19:16 -------- d-----w- c:\program files (x86)\FTDv3.8 2010-12-22 19:10 . 2010-12-22 19:10 -------- d-----w- c:\programdata\LogiShrd 2010-12-22 18:37 . 2010-12-27 11:26 -------- d-----w- c:\windows\SysWow64\logishrd 2010-12-22 18:37 . 2010-12-22 18:37 -------- d-----w- c:\programdata\Logitech 2010-12-22 18:37 . 2010-12-22 18:37 -------- d-----w- c:\program files (x86)\Common Files\LWS 2010-12-22 18:37 . 2010-12-22 18:37 -------- d-----w- c:\program files (x86)\Logitech 2010-12-22 18:35 . 2010-12-22 18:38 -------- d-----w- c:\program files (x86)\Common Files\logishrd 2010-12-22 18:35 . 2010-12-22 18:37 -------- d-----w- c:\program files\Common Files\logishrd 2010-12-22 18:31 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2010-12-22 18:31 . 2010-06-29 05:35 4582912 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe 2010-12-22 18:31 . 2010-06-29 05:02 1413632 ----a-w- c:\windows\SysWow64\ole32.dll 2010-12-22 18:31 . 2010-06-29 04:57 4247040 ----a-w- c:\program files (x86)\Windows NT\Accessories\wordpad.exe 2010-12-22 18:31 . 2010-11-02 04:40 496128 ----a-w- c:\windows\SysWow64\taskschd.dll 2010-12-22 18:31 . 2010-11-02 04:40 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll 2010-12-22 18:31 . 2010-11-02 04:34 192000 ----a-w- c:\windows\SysWow64\taskeng.exe 2010-12-22 18:31 . 2010-11-02 04:34 179712 ----a-w- c:\windows\SysWow64\schtasks.exe 2010-12-22 18:31 . 2010-08-04 06:18 641536 ----a-w- c:\windows\SysWow64\CPFilters.dll 2010-12-22 18:31 . 2010-08-04 06:15 204288 ----a-w- c:\windows\SysWow64\MSNP.ax 2010-12-22 18:31 . 2010-08-04 06:15 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax 2010-12-22 18:21 . 2010-12-23 08:14 -------- d-----w- c:\users\Gebruiker 2010-12-22 18:20 . 2010-12-22 18:20 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2010-12-22 18:20 . 2010-12-22 18:20 -------- d-----w- c:\program files\PlayReady 2010-12-22 18:20 . 2010-11-12 17:53 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2010-12-22 18:19 . 2010-12-22 19:28 -------- d-----w- c:\program files (x86)\Java 2010-12-22 18:17 . 2010-02-04 09:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll 2010-12-22 18:16 . 2010-12-27 09:42 -------- d-sh--w- c:\windows\Installer 2010-12-22 18:16 . 2010-12-22 18:16 -------- d-sh--we c:\programdata\Sjablonen 2010-12-22 18:16 . 2010-12-22 18:16 -------- d-----w- C:\Recovery 2010-12-22 18:16 . 2010-12-22 18:16 -------- d-sh--we c:\users\Default\Sjablonen 2010-12-22 18:16 . 2010-12-22 18:16 -------- d-sh--we c:\users\Default\Netwerkprinteromgeving 2010-12-22 18:16 . 2010-12-22 18:16 -------- d-sh--we c:\users\Default\Mijn documenten 2010-12-22 18:16 . 2010-12-22 18:16 -------- d-sh--we c:\users\Default\Menu Start 2010-12-22 18:16 . 2010-12-22 18:16 -------- d-sh--we c:\users\Default\AppData\Local\Geschiedenis 2010-12-22 18:16 . 2010-12-22 18:16 -------- d-sh--we c:\programdata\Menu Start 2010-12-22 18:16 . 2010-12-22 18:16 -------- d-sh--we c:\programdata\Favorieten 2010-12-22 18:16 . 2010-12-22 18:16 -------- d-sh--we c:\programdata\Documenten 2010-12-22 18:16 . 2010-12-22 18:16 -------- d-sh--we c:\programdata\Bureaublad 2010-12-22 18:10 . 2010-12-22 18:10 0 ----a-w- c:\windows\ativpsrm.bin 2010-12-22 18:07 . 2010-12-22 18:21 -------- d-----w- c:\windows\Panther . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-23 11:10 . 2003-03-18 19:14 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll 2010-12-23 11:10 . 2003-02-21 03:42 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll 2010-11-26 03:02 . 2010-11-26 03:02 16702976 ----a-w- c:\windows\SysWow64\atioglxx.dll 2010-11-26 02:58 . 2010-09-29 20:15 550400 ----a-w- c:\windows\SysWow64\aticfx32.dll 2010-11-26 02:52 . 2010-11-26 02:52 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll 2010-11-26 02:52 . 2010-11-26 02:52 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll 2010-11-26 02:52 . 2010-11-26 02:52 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll 2010-11-26 02:49 . 2010-11-26 02:49 4066816 ----a-w- c:\windows\SysWow64\atidxx32.dll 2010-11-26 02:30 . 2010-09-29 20:15 4122624 ----a-w- c:\windows\SysWow64\atiumdag.dll 2010-11-26 02:30 . 2010-11-26 02:30 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll 2010-11-26 02:30 . 2010-11-26 02:30 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll 2010-11-26 02:28 . 2010-11-26 02:28 5441024 ----a-w- c:\windows\SysWow64\aticaldd.dll 2010-11-26 02:22 . 2010-09-29 20:15 3460096 ----a-w- c:\windows\SysWow64\atiumdva.dll 2010-11-26 02:17 . 2010-11-26 02:17 249856 ----a-w- c:\windows\SysWow64\atiadlxy.dll 2010-11-26 02:17 . 2010-11-26 02:17 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll 2010-11-26 02:16 . 2010-11-26 02:16 27136 ----a-w- c:\windows\SysWow64\atigktxx.dll 2010-11-26 02:15 . 2010-11-26 02:15 30720 ----a-w- c:\windows\SysWow64\atiuxpag.dll 2010-11-26 02:15 . 2010-09-29 20:15 28672 ----a-w- c:\windows\SysWow64\atiu9pag.dll 2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll 2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll 2010-11-10 01:54 . 2010-11-10 01:54 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll 2010-11-10 01:49 . 2010-11-10 01:49 539232 ----a-w- c:\windows\SysWow64\LVUI2RC.dll 2010-11-10 01:49 . 2010-11-10 01:49 543328 ----a-w- c:\windows\SysWow64\LVUI2.dll 2010-11-10 01:47 . 2010-11-10 01:47 416352 ----a-w- c:\windows\SysWow64\lvcodec2.dll 2010-11-10 01:45 . 2010-11-10 01:45 102744 ----a-w- c:\windows\SysWow64\LogiDPPApp.exe 2010-11-10 01:45 . 2010-11-10 01:45 10871128 ----a-w- c:\windows\SysWow64\LogiDPP.dll 2010-11-10 01:45 . 2010-11-10 01:45 316248 ----a-w- c:\windows\SysWow64\DevManagerCore.dll 2010-11-10 01:28 . 2010-11-10 01:28 301936 ----a-w- c:\windows\WLXPGSS.SCR 2010-10-09 11:06 . 2010-10-09 11:06 37376 ----a-w- c:\windows\SysWow64\rtutils.dll 2010-10-09 11:06 . 2010-10-09 11:06 82944 ----a-w- c:\windows\SysWow64\iccvid.dll 2010-10-09 11:05 . 2010-10-09 11:05 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll 2010-10-09 11:05 . 2010-10-09 11:05 3955080 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2010-10-09 11:05 . 2010-10-09 11:05 3899784 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2010-10-09 11:04 . 2010-10-09 11:04 427520 ----a-w- c:\windows\SysWow64\vbscript.dll 2010-10-09 11:04 . 2010-10-09 11:04 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll 2010-10-09 11:04 . 2010-10-09 11:04 1289528 ----a-w- c:\windows\SysWow64\ntdll.dll 2010-10-09 11:04 . 2010-10-09 11:04 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2010-10-09 11:04 . 2010-10-09 11:04 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2010-10-09 11:02 . 2010-10-09 11:02 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll 2010-10-09 11:02 . 2010-10-09 11:02 132608 ----a-w- c:\windows\SysWow64\cabview.dll 2010-10-09 11:01 . 2010-10-09 11:01 85504 ----a-w- c:\windows\SysWow64\secproc_ssp_isv.dll 2010-10-09 11:01 . 2010-10-09 11:01 85504 ----a-w- c:\windows\SysWow64\secproc_ssp.dll 2010-10-09 11:01 . 2010-10-09 11:01 369152 ----a-w- c:\windows\SysWow64\secproc.dll 2010-10-09 11:01 . 2010-10-09 11:01 365568 ----a-w- c:\windows\SysWow64\secproc_isv.dll 2010-10-09 11:01 . 2010-10-09 11:01 324608 ----a-w- c:\windows\SysWow64\RMActivate_isv.exe 2010-10-09 11:01 . 2010-10-09 11:01 320512 ----a-w- c:\windows\SysWow64\RMActivate.exe 2010-10-09 11:01 . 2010-10-09 11:01 280064 ----a-w- c:\windows\SysWow64\RMActivate_ssp.exe 2010-10-09 11:01 . 2010-10-09 11:01 277504 ----a-w- c:\windows\SysWow64\RMActivate_ssp_isv.exe 2010-10-09 11:01 . 2010-10-09 11:01 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2010-10-09 11:01 . 2010-10-09 11:01 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2010-10-09 11:01 . 2010-10-09 11:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2010-10-09 11:01 . 2010-10-09 11:01 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2010-10-09 11:01 . 2010-10-09 11:01 2048 ----a-w- c:\windows\SysWow64\user.exe 2010-10-09 11:01 . 2010-10-09 11:01 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2010-10-09 11:01 . 2010-10-09 11:01 172032 ----a-w- c:\windows\SysWow64\wintrust.dll 2010-10-09 11:01 . 2010-10-09 11:01 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll 2010-10-09 11:01 . 2010-10-09 11:01 2870272 ----a-w- c:\windows\explorer.exe 2010-10-09 11:01 . 2010-10-09 11:01 2614272 ----a-w- c:\windows\SysWow64\explorer.exe 2010-10-09 11:00 . 2010-10-09 11:00 91648 ----a-w- c:\windows\SysWow64\avifil32.dll 2010-10-09 11:00 . 2010-10-09 11:00 84480 ----a-w- c:\windows\SysWow64\mciavi32.dll 2010-10-09 11:00 . 2010-10-09 11:00 50176 ----a-w- c:\windows\SysWow64\iyuv_32.dll 2010-10-09 11:00 . 2010-10-09 11:00 31744 ----a-w- c:\windows\SysWow64\msvidc32.dll 2010-10-09 11:00 . 2010-10-09 11:00 22016 ----a-w- c:\windows\SysWow64\msyuv.dll 2010-10-09 11:00 . 2010-10-09 11:00 13312 ----a-w- c:\windows\SysWow64\msrle32.dll 2010-10-09 11:00 . 2010-10-09 11:00 1328640 ----a-w- c:\windows\SysWow64\quartz.dll 2010-10-09 11:00 . 2010-10-09 11:00 12288 ----a-w- c:\windows\SysWow64\tsbyuv.dll 2010-10-09 11:00 . 2010-10-09 11:00 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll 2010-10-09 11:00 . 2010-10-09 11:00 34816 ----a-w- c:\windows\SysWow64\msasn1.dll 2010-10-09 11:00 . 2010-10-09 11:00 1320960 ----a-w- c:\windows\SysWow64\CertEnroll.dll 2010-10-09 10:59 . 2010-10-09 10:59 70656 ----a-w- c:\windows\SysWow64\fontsub.dll 2010-10-09 10:57 . 2010-10-09 10:57 1233920 ----a-w- c:\windows\SysWow64\msxml3.dll 2010-10-09 10:57 . 2010-10-09 10:57 737280 ----a-w- c:\windows\SysWow64\d2d1.dll 2010-10-09 10:57 . 2010-10-09 10:57 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll 2010-10-09 10:57 . 2010-10-09 10:57 1172480 ----a-w- c:\windows\SysWow64\d3d10warp.dll 2010-10-09 10:57 . 2010-10-09 10:57 1076224 ----a-w- c:\windows\SysWow64\DWrite.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files (x86)\Steam\steam.exe" [2010-12-22 1242448] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 336384] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432] "PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472] "UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-09-29 210216] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2010-12-26 576000] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 0 (0x0) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 2310_00;2310_00;c:\windows\system32\DRIVERS\2310_00.sys [2009-06-12 170528] R3 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys [2009-05-18 231224] R3 arcm_a64;arcm_a64;c:\windows\system32\DRIVERS\arcm_a64.sys [2009-11-09 52768] R3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2007-05-11 70424] R3 hptiop;hptiop;c:\windows\system32\DRIVERS\hptiop.sys [2009-05-25 17440] R3 hptmv;hptmv;c:\windows\system32\DRIVERS\hptmv.sys [2006-09-18 93472] R3 hptmv6;hptmv6;c:\windows\system32\DRIVERS\hptmv6.sys [2007-11-01 152096] R3 IAMTVE;Stuurprogramma voor Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTVE.sys [2007-04-11 43416] R3 IAMTXPE;Stuurprogramma voor Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTXPE.sys [2007-04-11 51096] R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976] R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [2009-11-16 40144] R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [2009-11-16 42192] R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-03-10 29720] R3 MegaSR1;MegaSR1;c:\windows\system32\DRIVERS\MegaSR1.sys [2009-04-16 461320] R3 nvamacpi;nvamacpi;c:\windows\system32\DRIVERS\NVAMACPI.sys [2009-07-16 28192] R3 Pnp680;Pnp680;c:\windows\system32\DRIVERS\pnp680.sys [2007-11-13 80424] R3 rr172x;rr172x;c:\windows\system32\DRIVERS\rr172x.sys [2007-11-01 124448] R3 rr174x;rr174x;c:\windows\system32\DRIVERS\rr174x.sys [2007-11-01 159264] R3 rr2210;rr2210;c:\windows\system32\DRIVERS\rr2210.sys [2007-11-01 153632] R3 rr232x;rr232x;c:\windows\system32\DRIVERS\rr232x.sys [2008-05-05 152096] R3 rr2340;rr2340;c:\windows\system32\DRIVERS\rr2340.sys [2009-12-31 162400] R3 rr2522;rr2522;c:\windows\system32\DRIVERS\rr2522.sys [2009-12-31 168032] R3 rr62x;rr62x;c:\windows\system32\DRIVERS\rr62x.sys [2009-12-21 155232] R3 Ser2at;ATEN USB to Serial port driver;c:\windows\system32\DRIVERS\ser2at64.sys [2007-06-08 90112] R3 SI3112r;SI3112r;c:\windows\system32\DRIVERS\SI3112r.sys [2007-02-01 164656] R3 SI3114;SI3114;c:\windows\system32\DRIVERS\SI3114.sys [2006-11-10 99120] R3 SI3124;SI3124;c:\windows\system32\DRIVERS\SI3124.sys [2006-11-02 113456] R3 Si3124r5;Si3124r5;c:\windows\system32\DRIVERS\Si3124r5.sys [2006-09-20 334640] R3 Si3531;Si3531;c:\windows\system32\DRIVERS\Si3531.sys [2007-06-01 330544] R3 vcrdrx64;VIA MSP Card Reader Host Controller;c:\windows\system32\DRIVERS\vcrdrx64.sys [2009-09-15 123544] R3 viamrx64;viamrx64;c:\windows\system32\DRIVERS\viamrx64.sys [2010-03-05 158944] R3 videX64;videX64;c:\windows\system32\DRIVERS\videX64.sys [2010-02-11 15000] R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2008-05-15 28208] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-26 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys [2008-10-09 18784] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-22 503352] S0 xfiltx64;VIA SATA IDE Hot-plug Driver;c:\windows\system32\DRIVERS\xfiltx64.sys [2010-02-11 26776] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-26 203776] S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files (x86)\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496] S2 LVPrcS64;Process Monitor;c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 197976] S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304] S3 LVUVC64;Logitech Webcam C100(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2010-11-10 4162784] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-05-15 1327520] . --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.nl/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: Download alles met Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm IE: Download met Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm IE: Download selectie met Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm IE: Download video met Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} - hxxp://www.extrafilm.nl/ExtraFilmUploader6.cab FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\03gh7mgz.default\ FF - prefs.js: browser.startup.homepage - google.be FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} . - - - - ORPHANS VERWIJDERD - - - - Toolbar-Locked - (no file) Toolbar-Locked - (no file) . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] @Denied: (A 2) (Everyone) @="IFlashBroker" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}] @Denied: (A 2) (Everyone) @="IFlashBroker2" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2010-12-27 18:40:30 ComboFix-quarantined-files.txt 2010-12-27 17:40 Pre-Run: 145.906.036.736 bytes beschikbaar Post-Run: 145.871.278.080 bytes beschikbaar - - End Of File - - B07F245CB7CC59A79CB0F52B5C5E78D2 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:41:27, on 27-12-2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files (x86)\MagicDisc\MagicDisc.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\SABnzbd\SABnzbd.exe C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\mswinext.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Windows\sysWow64\SearchProtocolHost.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe O8 - Extra context menu item: Download alles met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: Download selectie met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.nl/ExtraFilmUploader6.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files (x86)\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9333 bytes
  11. geoffke001
    Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Databaseversie: 5401 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 27-12-2010 8:14:29 mbam-log-2010-12-27 (08-14-29).txt Scantype: Snelle scan Objecten gescand: 152734 Verstreken tijd: 1 minuut/minuten, 25 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 1 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 4 Registerdata geïnfecteerd: 1 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 5 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: c:\Windows\System32\q3ow060ulm.dll (Trojan.Downloader.Gen) -> Delete on reboot. Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WINID (Malware.Trace) -> Value: WINID -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Value: NoFolderOptions -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uPc+kt0NbDfaXms (Trojan.Downloader.Gen) -> Value: uPc+kt0NbDfaXms -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uPc+kt0NbDfaXms (Trojan.Downloader.Gen) -> Value: uPc+kt0NbDfaXms -> Quarantined and deleted successfully. Registerdata geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (PUM.Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\Users\gebruiker\AppData\Local\Temp\eohwnhfk.exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\Users\gebruiker\AppData\Local\Temp\wfgxrjs.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\extracted\password.txt (Malware.Trace) -> Quarantined and deleted successfully. c:\Windows\System32\q3ow060ulm.dll (Trojan.Downloader.Gen) -> Quarantined and deleted successfully. c:\Windows\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. ---------- Post toegevoegd om 08:19 ---------- Vorige post was om 08:14 ---------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:17:40, on 27-12-2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\Gebruiker\AppData\Local\Temp\fp6uq.exe C:\Users\Gebruiker\AppData\Local\Temp\user.exe C:\Users\Gebruiker\AppData\Local\Temp\sysedit.exe C:\Users\Gebruiker\AppData\Local\Temp\system.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files (x86)\lg_fwupdate\fwupdate.exe C:\Program Files (x86)\MagicDisc\MagicDisc.exe C:\Users\Gebruiker\AppData\Local\Temp\user.exe C:\Users\Gebruiker\AppData\Local\Temp\sysedit.exe C:\Users\Gebruiker\AppData\Local\Temp\system.exe C:\Users\Gebruiker\AppData\Local\Temp\fp6uq.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Lvaudhfngta] C:\Users\Gebruiker\AppData\Local\Temp\user.exe O4 - HKLM\..\Run: [Lvaudhfngupf] C:\Users\Gebruiker\AppData\Local\Temp\sysedit.exe O4 - HKLM\..\Run: [Lvaudhfnguuc] C:\Users\Gebruiker\AppData\Local\Temp\system.exe O4 - HKLM\..\Run: [LvaudhfngoS] C:\Users\Gebruiker\AppData\Local\Temp\fp6uq.exe O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [LvaudhfngoS] C:\Users\Gebruiker\AppData\Local\Temp\fp6uq.exe O4 - HKCU\..\Run: [Lvaudhfngta] C:\Users\Gebruiker\AppData\Local\Temp\user.exe O4 - HKCU\..\Run: [Lvaudhfngupf] C:\Users\Gebruiker\AppData\Local\Temp\sysedit.exe O4 - HKCU\..\Run: [Lvaudhfnguuc] C:\Users\Gebruiker\AppData\Local\Temp\system.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe O8 - Extra context menu item: Download alles met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: Download selectie met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.nl/ExtraFilmUploader6.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files (x86)\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11240 bytes Ik krijg nog altijd een melding dat hij een bestand in system 32 niet kan vinden, namelijk q3ow060ulm.dll
  12. geoffke001
    Beste, Zou iemand een controle kunnen uitvoeren op dit logje Dank u Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:36:17, on 26-12-2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\Gebruiker\AppData\Local\Temp\fp6uq.exe C:\Users\Gebruiker\AppData\Local\Temp\sysedit.exe C:\Users\Gebruiker\AppData\Local\Temp\user.exe C:\Users\Gebruiker\AppData\Local\Temp\system.exe C:\Windows\spoolsv.exe C:\Windows\mdm.exe C:\Users\Gebruiker\AppData\Local\Temp\user.exe C:\Users\Gebruiker\AppData\Local\Temp\sysedit.exe C:\Users\Gebruiker\AppData\Local\Temp\system.exe C:\Users\Gebruiker\AppData\Local\Temp\fp6uq.exe C:\Program Files (x86)\MagicDisc\MagicDisc.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files (x86)\lg_fwupdate\fwupdate.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Gebruiker\AppData\Local\Temp\fp6uq.exe C:\Users\Gebruiker\AppData\Local\Temp\sysedit.exe C:\Users\Gebruiker\AppData\Local\Temp\user.exe C:\Users\Gebruiker\AppData\Local\Temp\system.exe C:\Windows\spoolsv.exe C:\Windows\mdm.exe C:\Users\Gebruiker\AppData\Local\Temp\user.exe C:\Users\Gebruiker\AppData\Local\Temp\sysedit.exe C:\Users\Gebruiker\AppData\Local\Temp\system.exe C:\Users\Gebruiker\AppData\Local\Temp\fp6uq.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\FTDv3.8\FTDv3.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\SABnzbd\SABnzbd.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [uPc+kt0NbDfaXms] rundll32.exe C:\Windows\system32\q3ow060ulm.dll, SystemServer O4 - HKLM\..\Run: [LvKbPiejlae] C:\Users\GEBRUI~1\AppData\Local\Temp\fp6uq.exe O4 - HKLM\..\Run: [LvKbPiejlupc] C:\Users\GEBRUI~1\AppData\Local\Temp\sysedit.exe O4 - HKLM\..\Run: [LvKbPiejlqf] C:\Users\GEBRUI~1\AppData\Local\Temp\user.exe O4 - HKLM\..\Run: [LvKbPiejlud] C:\Users\GEBRUI~1\AppData\Local\Temp\system.exe O4 - HKLM\..\Run: [Mquuf] C:\Windows\spoolsv.exe O4 - HKLM\..\Run: [MqsZ] C:\Windows\mdm.exe O4 - HKLM\..\Run: [Lvaudhfngta] C:\Users\Gebruiker\AppData\Local\Temp\user.exe O4 - HKLM\..\Run: [Lvaudhfngupf] C:\Users\Gebruiker\AppData\Local\Temp\sysedit.exe O4 - HKLM\..\Run: [Lvaudhfnguuc] C:\Users\Gebruiker\AppData\Local\Temp\system.exe O4 - HKLM\..\Run: [LvaudhfngoS] C:\Users\Gebruiker\AppData\Local\Temp\fp6uq.exe O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [LvKbPiejlae] C:\Users\GEBRUI~1\AppData\Local\Temp\fp6uq.exe O4 - HKCU\..\Run: [LvKbPiejlupc] C:\Users\GEBRUI~1\AppData\Local\Temp\sysedit.exe O4 - HKCU\..\Run: [LvKbPiejlqf] C:\Users\GEBRUI~1\AppData\Local\Temp\user.exe O4 - HKCU\..\Run: [LvKbPiejlud] C:\Users\GEBRUI~1\AppData\Local\Temp\system.exe O4 - HKCU\..\Run: [Mquuf] C:\Windows\spoolsv.exe O4 - HKCU\..\Run: [MqsZ] C:\Windows\mdm.exe O4 - HKCU\..\Run: [Lvaudhfngta] C:\Users\Gebruiker\AppData\Local\Temp\user.exe O4 - HKCU\..\Run: [Lvaudhfngupf] C:\Users\Gebruiker\AppData\Local\Temp\sysedit.exe O4 - HKCU\..\Run: [Lvaudhfnguuc] C:\Users\Gebruiker\AppData\Local\Temp\system.exe O4 - HKCU\..\Run: [LvaudhfngoS] C:\Users\Gebruiker\AppData\Local\Temp\fp6uq.exe O4 - HKCU\..\Run: [uPc+kt0NbDfaXms] rundll32.exe C:\Windows\system32\q3ow060ulm.dll, SystemServer O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.nl/ExtraFilmUploader6.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files (x86)\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12485 bytes
  13. geoffke001
    ik kan nog met mijn antenne van mijn laptop wel één en canvas ontvangen, maar de reden wrm ik die stick nu heb gekocht is om met de kabel tv te kijken, maar ik ben nu eerst de dvb-t aan het proberen maar deze lukt niet, terwijl het met mijn standard antenne wel lukt
  14. geoffke001
    Hallo Ik kan geen zenders vinden met mijn antenne, ik heb al verschillende posities geprobeerd, maar kan nergens een post ontvangen. Hopelijk kan iemand mij helpen
  15. geoffke001
    ik kan mijn systeembeveiliging niet aanpassen. edit; het is gelukt, kheb alles verwijderd van het systeemherstel.
  16. geoffke001
    beter, kan ik nog iets doen? of heb je nog iets nodig? edit: kheb dan ook de quarantaine leeg gemaakt.
  17. geoffke001
    C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{D6B61FBD-5B2A-4FB3-B1BC-F0BAF4D2E68A}-Steam Stealer v1.6.zip Win32/Bifrose trojan deleted - quarantined C:\Sandbox\GEOFFREY\DefaultBox\user\current\Desktop\LimeWireWin.exe a variant of Win32/Injector.DRK trojan cleaned by deleting - quarantined C:\Sandbox\GEOFFREY\DefaultBox\user\current\Desktop\NEW.exe a variant of Win32/Injector.DRK trojan cleaned by deleting - quarantined C:\Sandbox\GEOFFREY\DefaultBox\user\current\Desktop\$@dok_Cold$eal\seal.exe a variant of Win32/Injector.CCG trojan cleaned by deleting - quarantined C:\Sandbox\GEOFFREY\DefaultBox\user\current\Desktop\Bureaublad\ISR Stealer 0.3\Server.exe Win32/Spy.VB.NHW trojan cleaned by deleting - quarantined C:\Sandbox\GEOFFREY\DefaultBox\user\current\Desktop\LimeWire Pro v5.5.14\serv.exe Win32/PSW.Fignotok.H trojan cleaned by deleting - quarantined C:\Sandbox\GEOFFREY\DefaultBox\user\current\Desktop\Nieuwe map (2)\Server.exe Win32/Spy.VB.NHW trojan cleaned by deleting - quarantined C:\Sandbox\GEOFFREY\test\user\current\Desktop\Nieuwe map (2)\Server.exe Win32/Spy.VB.NHW trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\AppData\Local\Temp\NEWONE.exe a variant of Win32/Injector.DTT trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\2d3e9050-6debe076 multiple threats deleted - quarantined C:\Users\GEOFFREY\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\6e7dd702-2a380858 multiple threats deleted - quarantined C:\Users\GEOFFREY\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\16815020-2b532b93 multiple threats deleted - quarantined C:\Users\GEOFFREY\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\477960a0-55f259b6 Java/TrojanDownloader.Agent.NBU trojan deleted - quarantined C:\Users\GEOFFREY\Desktop\geofserver.exe Win32/PSW.Fignotok.H trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Desktop\scann.exe a variant of Win32/Injector.DTT trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Desktop\test.exe Win32/PSW.Fignotok.H trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\ISR Stealer 0.3\ISR Stealer 0.3.exe probably a variant of Win32/Spy.VB.KENFVDJ trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\ISR Stealer 0.3\Server.rar Win32/Spy.VB.NHW trojan deleted - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\iStealer_6.3_Legends\iStealer 6.3 Legends.exe Win32/TrojanDropper.VB.NPB trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\Rapzo Pack Sep22\Rapzo Logger 1.5.4\NewUpdate\RapZo Updated Pack.rar a variant of MSIL/Agent.K worm deleted - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\Rapzo Pack Sep22\Rapzo Logger v 1.5.6\Express.exe a variant of MSIL/Agent.K worm cleaned by deleting - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\Rapzo Pack Sep22\Rapzo Logger v 1.5.6\Server.exe a variant of MSIL/Agent.K worm cleaned by deleting - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\Rapzo Pack Sep22\Rapzo Logger v 1.5.6\NewUpdate\RapZo Updated Pack.rar a variant of MSIL/Agent.K worm deleted - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\Rapzo Pack Sep22\Rapzo Pack v 1.5.8\Express.exe a variant of MSIL/Agent.K worm cleaned by deleting - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\Rapzo Pack Sep22\Rapzo Pack v 1.5.8\NewUpdate\RapZo Updated Pack.rar MSIL/Agent.K worm deleted - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\Rapzo Pack Sep22\Rapzo Pack v 1.5.8\NewUpdate\Rapzo v 1.5.9 - Fud At Oct17\Express.exe MSIL/Agent.K worm cleaned by deleting - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\Rapzo Pack Sep22\Rapzo Pack v 1.5.8\NewUpdate\Rapzo v 1.5.9 - Fud At Oct17\NewUpdate\RapZo Updated Pack.rar a variant of MSIL/Agent.K worm deleted - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\Rapzo Pack Sep22\Rapzo Pack v 1.5.8\NewUpdate\Rapzo v 1.5.9 - Fud At Oct17\NewUpdate\Rapzo Logger v 1.6_Update\Rapzo Logger v 1.6\Express.exe a variant of MSIL/Agent.K worm cleaned by deleting - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\Rapzo Pack Sep22\Rapzo Pack v 1.5.8\NewUpdate\Rapzo v 1.5.9 - Fud At Oct17\NewUpdate\Rapzo Logger v 1.6_Update\Rapzo Logger v 1.6\NewUpdate\RapZo Updated Pack.rar a variant of MSIL/Agent.K worm deleted - quarantined C:\Users\GEOFFREY\Desktop\Bureaublad\Rapzo Pack Sep22\Rapzo Pack v 1.5.8\NewUpdate\Rapzo v 1.5.9 - Fud At Oct17\NewUpdate\Rapzo Logger v 1.6_Update\Rapzo Logger v 1.6\NewUpdate\Rapzo_Logger v 1.6.1\Rapzo v 1.6.1\Express.exe a variant of MSIL/Agent.K worm cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\downloads\complete\JAAPPOSTOFFICE2010PRONL[1]\Office Pro Plus 2010 64 NL\KMS Activator for Microsoft Office 2010 Applications x86 x64 Multilingual-FIXISO~DiBYA\mini-KMS_Activator_v1.053.exe a variant of Win32/HackKMS.A application deleted - quarantined C:\Users\GEOFFREY\Documents\downloads\complete\office2010 pro plus nl x32 d64coft\Activatie\De Activator.exe a variant of Win32/HackKMS.A application deleted - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\MuRKRoWs Deadly Crypter v2.exe a variant of Win32/Injector.DGE trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\MuRKRoWs Deadly Crypter(1KV).exe a variant of Win32/Injector.DHX trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\MuRKRoWs Deadly Crypter(biu).exe a variant of Win32/Injector.DPN trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\MuRKRoWs Deadly Crypter(Der).exe a variant of Win32/Injector.DTT trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\MuRKRoWs Deadly Crypter(eXc).exe a variant of Win32/Injector.DGE trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\MuRKRoWs Deadly Crypter(ezw).exe a variant of Win32/Injector.DPN trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\MuRKRoWs Deadly Crypter(Hg4).exe a variant of Win32/Injector.DHX trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\MuRKRoWs Deadly Crypter(NEW).exe a variant of Win32/Injector.DHX trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\MuRKRoWs Deadly Crypter(R8r).exe a variant of Win32/Injector.DHX trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\MuRKRoWs Deadly Crypter(TIj).exe a variant of Win32/Injector.DPN trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\MuRKRoWs Deadly Crypter(V7J).exe a variant of Win32/Injector.DHX trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\MuRKRoWs Deadly Crypter(VXt).exe a variant of Win32/Injector.DPN trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\NEWONE.exe a variant of Win32/Injector.DPN trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\MuRKRoW\ISR Stealer 0.3\ISR Stealer 0.3.exe a variant of Win32/Injector.DGE trojan cleaned by deleting - quarantined C:\Users\GEOFFREY\Documents\Need.for.Speed.Hot.Pursuit-RELOADED_By_Angel\rld-nshp.iso a variant of Win32/Packed.VMProtect.AAD trojan deleted - quarantined C:\Users\GEOFFREY\Documents\Rapzo logger\v 1.6.2\Rapzo Logger v 1.6.2\Express.exe MSIL/PSW.Agent.NBM trojan cleaned by deleting - quarantined
  18. geoffke001
    mijn systeem herstel is uitgeschakeld en krijg hem niet meer aan. Dat vind ik ook maar vreemd. Ik ben nu net aan het scannan met malwarebytes. en hij is pas vorige week wat aan de trage kant gekomen. Ik zal straks ook nog een defragmentatie doen, doe ik die best in veilge modus? edit mbam is juist gedaan: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4811 Windows 6.1.7600 Internet Explorer 9.0.7930.16406 3/12/2010 8:45:14 mbam-log-2010-12-03 (08-45-14).txt Scantype: Snelle scan Objecten gescand: 136980 Verstreken tijd: 5 minuut/minuten, 3 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 1 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 2 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\nofolderoptions (Hijack.FolderOptions) -> Delete on reboot. Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: C:\Users\GEOFFREY\AppData\Roaming\chrtmp (Malware.Trace) -> Quarantined and deleted successfully. C:\Users\GEOFFREY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\.url (Malware.Trace) -> Quarantined and deleted successfully. Internet viel ook uit gisteren, het probleem was, dns reageerde niet. heb dit een stuk of 5 keer tegen gekomen.
  19. geoffke001
    Dag, Zou er iemand aub een controle willen uitvoeren op een logje van hijackthis? Mijn pc is wat aan de trage kant. Dank bij voorbaat Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:14:23, on 3/12/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.7930.16406) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\MagicDisc\MagicDisc.exe C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe O8 - Extra context menu item: Download alles met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: Download selectie met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u11-windows-i586.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: DriveHQ FileManagerFun - Drive Headquarter - C:\Program Files (x86)\DriveHQ\DriveHQ FileManager\DHQFMSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\x64\maconfservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9424 bytes
  20. geoffke001
    De cpu werkt. deze markeer ik als opgelost
  21. geoffke001
    ik heb de update staan maar hoe update ik best mijn bios? heb al de tool proberen te downloaden maar die start niet op. edit: diskette station heb ik niet
  22. geoffke001
    phenom 2 X6 2.8ghz 1055T 9mb cash wat ik nu wel niet weet is hoeveel watt Phenom IIX6 1055T(HDT55TFBK6DGR),2.8GHz,125W,rev.E0,SocketAM3,6-Core Phenom IIX6 1055T(HDT55TWFK6DGR),2.8GHz,95W,rev.E0,SocketAM3,6-Core
  23. geoffke001
    is die cpu nu naar de *****n? of zou ik best gewoon een andere cpu halen? maar nochtans op de door staat er am3 cpu supported op mijn moederbord
  24. geoffke001
    Dag ik heb juist een nieuwe cpu gestoken maar mijn pc heeft de error cpu mismatched aan. dus heb ik de batterij uit mijn moderbord gehaald en er terug ingestoken. als ik nu mijn pc trg aanleg wil mijn scherm niet meer aan. moederbord m4a78 pro cpu amd x6 socket am3 kan iemand mij helpen?
  25. geoffke001
    de pc werkt trg prima, dank u wel kape
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.