compverl
-
Items
9 -
Registratiedatum
-
Laatst bezocht
compverl's prestaties
-
Heb al even niet meer gereageerd aangezien ik geen last meer had van het probleem. Had dus een week geen problemen maar vandaag startte hij dus opnieuw niet meer. Als ik het nog eens krijg voer ik een memtest uit.
-
Ik heb het bestand gedownload, uitgepakt en op CD gezet. Moet ik dan herstarten vanaf die CD? MVG
-
hallo Ik heb het probleem inderdaad nog steeds. Kan het te maken hebben met de \boot\memtest.exe fout die ik kreeg tijdens de geheugenscan bij opstart? MVG
-
Hallo Bij de geheugenscan kreeg ik een melding dat \boot\memtest.exe niet bestaat of beschadigd was. De schijfcontrole had geen problemen gevonden. Het comboFix logje: ComboFix 11-10-20.05 - Dylan 20/10/2011 18:22:43.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.997 [GMT 2:00] Gestart vanuit: c:\users\Dylan\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Dylan\Desktop\CFScript..txt AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\system32\ConduitEngine.tmp" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Dylan\AppData\Local\Conduit c:\windows\system32\ConduitEngine.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-20 to 2011-10-20 )))))))))))))))))))))))))))))) . . 2011-10-20 16:34 . 2011-10-20 16:34 -------- d-----w- c:\users\Dylan\AppData\Local\temp 2011-10-20 16:34 . 2011-10-20 16:34 -------- d-----w- c:\users\Verlee Eric\AppData\Local\temp 2011-10-20 16:34 . 2011-10-20 16:34 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-10-20 16:16 . 2011-10-20 16:16 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5AF37C54-D79A-4802-92B2-5A9FEA537821}\MpKsl8ee2ce72.sys 2011-10-20 16:16 . 2011-10-20 16:16 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5AF37C54-D79A-4802-92B2-5A9FEA537821}\offreg.dll 2011-10-19 13:52 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5AF37C54-D79A-4802-92B2-5A9FEA537821}\mpengine.dll 2011-10-17 16:17 . 2011-09-21 07:00 7269712 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-10-16 18:15 . 2011-09-01 02:22 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-10-16 18:15 . 2011-09-01 02:41 141088 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2011-10-16 18:15 . 2011-09-01 02:26 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll 2011-10-16 18:15 . 2011-09-01 02:35 1798144 ----a-w- c:\windows\system32\jscript9.dll 2011-10-16 18:15 . 2011-09-01 02:30 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll 2011-10-16 12:25 . 2011-10-04 15:22 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F14254B2-136A-4020-ACA2-20924665F2E4}\gapaengine.dll 2011-10-16 12:25 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll 2011-10-16 12:25 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax 2011-10-16 12:25 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax 2011-10-16 12:25 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax 2011-10-16 12:25 . 2011-09-06 13:30 2043392 ----a-w- c:\windows\system32\win32k.sys 2011-10-16 12:18 . 2011-10-16 12:19 -------- d-----w- c:\program files\Microsoft Security Client 2011-10-14 16:55 . 2011-10-14 16:55 -------- d-----w- c:\windows\Sun 2011-10-13 16:08 . 2011-09-01 02:23 1791488 ----a-w- c:\windows\system32\iertutil(356).dll 2011-10-13 16:08 . 2011-09-01 02:28 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-10-13 16:08 . 2011-09-01 02:28 1126912 ----a-w- c:\windows\system32\wininet(393).dll 2011-10-13 16:08 . 2011-09-01 02:24 716800 ----a-w- c:\windows\system32\jscript(358).dll 2011-10-13 16:08 . 2011-09-01 02:28 1102848 ----a-w- c:\windows\system32\urlmon(387).dll 2011-10-13 15:23 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32(373).dll 2011-10-13 15:23 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc(371).dll 2011-10-13 15:23 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc(372).dll 2011-10-12 17:50 . 2011-10-12 17:50 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-12 17:30 . 2011-10-12 17:30 -------- d-----w- c:\windows\Internet Logs 2011-10-12 17:09 . 2011-10-16 12:29 -------- d-----w- c:\program files\Comodo 2011-10-12 12:30 . 2011-10-12 12:30 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2011-10-12 12:29 . 2011-10-12 12:29 -------- d-----w- c:\programdata\Hitman Pro 2011-10-12 11:56 . 2011-10-12 11:56 -------- d-----w- c:\program files\iPod 2011-10-12 11:56 . 2011-10-12 11:58 -------- d-----w- c:\program files\iTunes 2011-10-12 11:50 . 2011-10-12 11:50 -------- d-----w- c:\program files\Bonjour 2011-10-11 15:15 . 2011-10-11 15:15 -------- d-----w- c:\users\Dylan\AppData\Local\SlimWare Utilities Inc 2011-10-11 15:15 . 2011-10-16 13:27 -------- d-----w- c:\program files\SlimComputer 2011-10-09 08:53 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-10-07 16:47 . 2011-10-07 16:47 33984 ----a-w- c:\windows\system32\cmdcsr(343).dll 2011-10-07 16:47 . 2011-10-07 16:47 300200 ----a-w- c:\windows\system32\guard32(354).dll 2011-10-05 15:53 . 2011-10-05 15:53 -------- d-----w- c:\users\Dylan\AppData\Roaming\CheckPoint 2011-10-05 15:25 . 2011-10-16 12:00 -------- d-----w- c:\users\UpdatusUser 2011-10-05 14:50 . 2011-10-07 15:02 -------- d-----w- c:\program files\Google 2011-10-04 16:00 . 2011-10-04 16:02 -------- d-----w- c:\program files\FileHippo.com 2011-10-02 15:40 . 2011-10-02 15:40 -------- d-----w- c:\users\Dylan\AppData\Roaming\Malwarebytes 2011-10-02 15:40 . 2011-10-02 15:40 -------- d-----w- c:\programdata\Malwarebytes 2011-10-02 15:40 . 2011-10-09 08:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-10-02 09:20 . 2011-10-06 14:50 -------- d-----w- c:\program files\EA GAMES 2011-10-01 17:02 . 2011-10-02 14:49 -------- d-----w- c:\users\Dylan\AppData\Roaming\PCToolsFirewallPlus 2011-10-01 12:48 . 2011-10-01 12:48 -------- d-----w- c:\program files\CheckPoint 2011-10-01 12:48 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys 2011-10-01 12:45 . 2011-10-01 12:45 -------- d-----w- c:\programdata\CheckPoint 2011-09-29 14:46 . 2011-09-29 14:46 -------- d-----w- c:\users\Dylan\AppData\Roaming\NVIDIA 2011-09-29 14:42 . 2011-09-29 15:38 -------- d-----w- c:\users\Dylan\AppData\Local\NVIDIA Corporation 2011-09-29 14:33 . 2011-08-03 11:50 66664 ----a-w- c:\windows\system32\nvshext.dll 2011-09-29 14:33 . 2011-08-03 11:50 599144 ----a-w- c:\windows\system32\nvvsvc.exe 2011-09-29 14:33 . 2011-08-03 11:50 2560616 ----a-w- c:\windows\system32\nvsvcr.dll 2011-09-29 14:33 . 2011-08-03 11:50 2558568 ----a-w- c:\windows\system32\nvsvc.dll 2011-09-29 14:33 . 2011-08-03 11:50 3730024 ----a-w- c:\windows\system32\nvcpl.dll 2011-09-29 14:33 . 2011-08-03 11:50 111208 ----a-w- c:\windows\system32\nvmctray.dll 2011-09-29 14:33 . 2011-08-03 11:50 600680 ----a-w- c:\windows\system32\easyupdatusapiu.dll 2011-09-29 14:28 . 2011-08-03 11:50 57960 ----a-w- c:\windows\system32\OpenCL.dll 2011-09-29 14:28 . 2011-08-03 11:50 16595560 ----a-w- c:\windows\system32\nvoglv32.dll 2011-09-29 14:28 . 2011-08-03 11:50 914024 ----a-w- c:\windows\system32\nvdispco32.dll 2011-09-29 14:28 . 2011-08-03 11:50 875112 ----a-w- c:\windows\system32\nvgenco32.dll 2011-09-29 14:28 . 2011-08-03 11:50 5404776 ----a-w- c:\windows\system32\nvcuda.dll 2011-09-29 14:28 . 2011-08-03 11:50 2391656 ----a-w- c:\windows\system32\nvcuvid.dll 2011-09-29 14:28 . 2011-08-03 11:50 2090088 ----a-w- c:\windows\system32\nvcuvenc.dll 2011-09-29 14:28 . 2011-08-03 11:50 10304104 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2011-09-29 14:28 . 2011-08-03 11:50 2412136 ----a-w- c:\windows\system32\nvapi.dll 2011-09-29 14:28 . 2011-08-03 11:50 17193576 ----a-w- c:\windows\system32\nvcompiler.dll 2011-09-29 14:27 . 2011-09-29 14:40 -------- d-----w- C:\NVIDIA 2011-09-26 17:29 . 2011-09-26 17:29 -------- d-----w- c:\users\Dylan\AppData\Local\Mwt_Module 2011-09-26 17:26 . 2011-09-26 17:26 -------- d-----w- c:\users\Dylan\AppData\Roaming\Phoenix Contact 2011-09-26 17:25 . 2011-09-26 17:25 -------- d-----w- c:\users\Dylan\AppData\Roaming\Mwt Module 2011-09-26 17:12 . 2011-09-26 17:12 -------- d-----w- c:\users\Dylan\AppData\Local\Phoenix_Contact_GmbH_&_Co 2011-09-26 17:03 . 2011-09-26 17:03 -------- d-----w- c:\program files\Common Files\TCI Common Files 2011-09-26 17:02 . 2011-09-26 17:02 -------- d-----w- c:\windows\Downloaded Installations 2011-09-26 17:02 . 2011-09-26 17:03 -------- d-----w- c:\users\Dylan\AppData\Local\ApplicationHistory 2011-09-26 16:58 . 2011-09-26 16:58 -------- d-----w- c:\windows\system32\URTTEMP 2011-09-26 16:56 . 2011-09-26 16:56 -------- d-----w- c:\users\Dylan\AppData\Local\Phoenix Contact 2011-09-26 16:56 . 2011-09-26 16:56 -------- d-----w- c:\users\Dylan\AppData\Local\KW-Software 2011-09-26 16:51 . 2011-09-26 16:57 -------- d-----w- c:\program files\Common Files\ADE 2011-09-26 16:46 . 2011-09-26 17:03 -------- d-----w- c:\program files\Common Files\Phoenix Contact 2011-09-26 16:46 . 2011-09-26 17:03 -------- d-----w- c:\program files\Phoenix Contact 2011-09-26 16:46 . 2011-09-26 16:51 -------- d-----w- c:\programdata\ADE 2011-09-26 16:46 . 2011-09-26 16:49 -------- d-----w- c:\programdata\Phoenix Contact 2011-09-26 16:41 . 2011-09-26 16:41 -------- d-----w- c:\program files\WinPcap 2011-09-26 16:36 . 2011-09-26 16:36 -------- d-----w- c:\users\Dylan\AppData\Local\Downloaded Installations 2011-09-24 13:31 . 2011-10-16 12:29 -------- d-----w- c:\users\Dylan\AppData\Local\COMODO 2011-09-24 11:47 . 2011-09-24 11:48 -------- d-----w- c:\program files\Common Files\Adobe 2011-09-21 16:01 . 2011-10-12 17:40 129344 ----a-w- c:\windows\system32\drivers\sfi.dat . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-17 14:48 . 2011-09-17 14:48 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2011-09-02 15:16 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-08-30 21:05 . 2011-08-30 21:05 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-08-30 21:05 . 2011-08-30 21:05 73064 ----a-w- c:\windows\system32\dnssd.dll 2011-08-30 21:05 . 2011-08-30 21:05 50536 ----a-w- c:\windows\system32\jdns_sd.dll 2011-08-30 21:05 . 2011-08-30 21:05 178536 ----a-w- c:\windows\system32\dnssdX.dll 2011-08-23 19:08 . 2011-08-23 19:08 86528 ----a-w- c:\windows\system32\iesysprep.dll 2011-08-23 19:08 . 2011-08-23 19:08 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-08-23 19:08 . 2011-08-23 19:08 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-08-23 19:08 . 2011-08-23 19:08 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-08-23 19:08 . 2011-08-23 19:08 161792 ----a-w- c:\windows\system32\msls31.dll 2011-08-23 19:08 . 2011-08-23 19:08 74752 ----a-w- c:\windows\system32\iesetup.dll 2011-08-23 19:08 . 2011-08-23 19:08 63488 ----a-w- c:\windows\system32\tdc.ocx 2011-08-23 19:08 . 2011-08-23 19:08 367104 ----a-w- c:\windows\system32\html.iec 2011-08-23 19:08 . 2011-08-23 19:08 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2011-08-23 19:08 . 2011-08-23 19:08 23552 ----a-w- c:\windows\system32\licmgr10.dll 2011-08-23 19:08 . 2011-08-23 19:08 420864 ----a-w- c:\windows\system32\vbscript.dll 2011-08-23 19:08 . 2011-08-23 19:08 152064 ----a-w- c:\windows\system32\wextract.exe 2011-08-23 19:08 . 2011-08-23 19:08 150528 ----a-w- c:\windows\system32\iexpress.exe 2011-08-23 19:08 . 2011-08-23 19:08 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2011-08-23 19:08 . 2011-08-23 19:08 11776 ----a-w- c:\windows\system32\mshta.exe 2011-08-23 19:08 . 2011-08-23 19:08 101888 ----a-w- c:\windows\system32\admparse.dll 2011-08-23 19:08 . 2011-08-23 19:08 35840 ----a-w- c:\windows\system32\imgutil.dll 2011-08-23 19:08 . 2011-08-23 19:08 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-08-23 19:07 . 2011-08-23 19:07 98816 ----a-w- c:\windows\system32\mfps.dll 2011-08-23 19:07 . 2011-08-23 19:07 979456 ----a-w- c:\windows\system32\MFH264Dec.dll 2011-08-23 19:07 . 2011-08-23 19:07 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll 2011-08-23 19:07 . 2011-08-23 19:07 302592 ----a-w- c:\windows\system32\mfmp4src.dll 2011-08-23 19:07 . 2011-08-23 19:07 2873344 ----a-w- c:\windows\system32\mf.dll 2011-08-23 19:07 . 2011-08-23 19:07 261632 ----a-w- c:\windows\system32\mfreadwrite.dll 2011-08-23 19:07 . 2011-08-23 19:07 586240 ----a-w- c:\windows\system32\stobject.dll 2011-08-23 19:07 . 2011-08-23 19:07 209920 ----a-w- c:\windows\system32\mfplat.dll 2011-08-23 19:07 . 2011-08-23 19:07 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2011-08-23 19:07 . 2011-08-23 19:07 478720 ----a-w- c:\windows\system32\dxgi.dll 2011-08-23 19:07 . 2011-08-23 19:07 37376 ----a-w- c:\windows\system32\cdd.dll 2011-08-23 19:07 . 2011-08-23 19:07 135680 ----a-w- c:\windows\system32\XpsRasterService.dll 2011-08-23 19:07 . 2011-08-23 19:07 258048 ----a-w- c:\windows\system32\winspool.drv 2011-08-23 19:07 . 2011-08-23 19:07 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe 2011-08-23 19:07 . 2011-08-23 19:07 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll 2011-08-23 19:07 . 2011-08-23 19:07 4096 ----a-w- c:\windows\system32\drivers\nl-NL\dxgkrnl.sys.mui 2011-08-23 19:07 . 2011-08-23 19:07 369664 ----a-w- c:\windows\system32\WMPhoto.dll 2011-08-23 19:07 . 2011-08-23 19:07 195584 ----a-w- c:\windows\system32\dxdiagn.dll 2011-08-23 19:07 . 2011-08-23 19:07 252928 ----a-w- c:\windows\system32\dxdiag.exe 2011-08-23 19:07 . 2011-08-23 19:07 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll 2011-08-23 19:07 . 2011-08-23 19:07 519680 ----a-w- c:\windows\system32\d3d11.dll 2011-08-23 19:07 . 2011-08-23 19:07 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll 2011-08-23 19:07 . 2011-08-23 19:07 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2011-08-23 14:20 . 2006-11-02 02:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2011-08-23 14:20 . 2006-11-02 02:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2011-08-16 06:48 . 2011-09-16 15:02 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2E7B0102-D00C-4731-AA33-EB2B0D02F664}\mpengine.dll 2011-08-03 11:50 . 2011-05-21 04:01 6613096 ----a-w- c:\windows\system32\nvwgf2um.dll 2011-08-03 11:50 . 2007-04-12 07:07 12636776 ----a-w- c:\windows\system32\nvd3dum.dll 2011-08-03 01:31 . 2011-08-03 01:31 311912 ----a-w- c:\windows\system32\nvStreaming.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ledpointer"="CNYHKey.exe" [2006-11-09 5585408] "MoLed"="ModLEDKey.exe" [2006-11-09 53248] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Targa VFD Display.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Targa VFD Display.lnk backup=c:\windows\pss\Targa VFD Display.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Dylan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=c:\users\Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid] 2010-02-05 11:29 2056192 ----a-w- c:\program files\Belgium Identity Card\beid35gui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2006-12-23 08:05 143360 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] 2009-04-07 08:13 673616 ------w- c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX210 Series] 2008-11-06 00:00 199680 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIFDE.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup] 2006-10-30 03:44 36864 ------r- c:\windows\JM\JMInsIDE.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2011-08-31 15:00 449608 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)] 2011-08-31 15:00 1047208 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 05:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2006-12-06 08:37 69216 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] 2006-12-18 11:34 868352 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService] 2007-05-08 08:22 155648 ------w- c:\program files\CyberLink\TV Enhance\TVEService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3941071071-2860450766-3604067163-1001] "EnableNotificationsRef"=dword:00000001 . R1 MpKsl1eebcc27;MpKsl1eebcc27;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{523A265F-FB06-4659-B4E4-618440FC1283}\MpKsl1eebcc27.sys [x] R1 MpKsl77822db8;MpKsl77822db8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{05AEC917-212B-4ECA-948E-592C427B385C}\MpKsl77822db8.sys [x] R1 MpKslfa0e77f9;MpKslfa0e77f9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EC3E1723-BB30-488D-9FB8-19D942704302}\MpKslfa0e77f9.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-10-05 136176] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2010-05-16 35712] R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2006-12-22 449536] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-10-05 136176] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944] R3 rt70x86;RT2500 USB Wireless LAN Driver for Vista;c:\windows\system32\DRIVERS\netr70.sys [2010-04-27 306016] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 3964R;3964R Procotol Driver;DI [x] R4 CheckStage2_svc;CheckStage2_svc;c:\windows\CheckStage2.exe [2007-03-12 462848] R4 mitsijm2011;Autodesk Moldflow Inventor Tool Suite Integration 2011 Job Manager;c:\program files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe [2010-01-22 462336] R4 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe [2007-05-08 299093] R4 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe [2007-05-08 127059] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S1 MpKsl8ee2ce72;MpKsl8ee2ce72;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5AF37C54-D79A-4802-92B2-5A9FEA537821}\MpKsl8ee2ce72.sys [2011-10-20 28752] S1 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-08-03 379496] S3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [2006-10-26 2814080] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-05-02 47360] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSL8EE2CE72 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2011-10-19 c:\windows\Tasks\Epson Printer Software Downloader.job - c:\program files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26 10:43] . 2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-05 14:50] . 2011-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-05 14:50] . 2011-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3941071071-2860450766-3604067163-1000Core.job - c:\users\Verlee Eric\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-28 14:41] . 2011-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3941071071-2860450766-3604067163-1000UA.job - c:\users\Verlee Eric\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-28 14:41] . 2011-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3941071071-2860450766-3604067163-1001Core.job - c:\users\Dylan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-18 15:24] . 2011-10-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3941071071-2860450766-3604067163-1001UA.job - c:\users\Dylan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-18 15:24] . 2011-10-20 c:\windows\Tasks\User_Feed_Synchronization-{6E4C9ADC-CE74-4096-A936-B53E2F27F927}.job - c:\windows\system32\msfeedssync.exe [2011-08-23 19:08] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://google.be/ uInternet Settings,ProxyOverride = localhost; 127.0.0.1; <local>;*.local IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 195.130.130.130 195.130.131.130 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-10-20 18:34 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . YŒŽNlŽÛlŽŽ [1871833346] 0x00720065 YŒŽNlŽÛlŽŽ [1871833346] 0x00650077 scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\3964R] "ImagePath"=hex:5c,00 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\3964R] "ImagePath"=hex:5c,00 . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:0000000f . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2011-10-20 18:37:35 ComboFix-quarantined-files.txt 2011-10-20 16:37 ComboFix2.txt 2011-10-19 13:51 . Pre-Run: 314.049.392.640 bytes beschikbaar Post-Run: 314.001.588.224 bytes beschikbaar . - - End Of File - - FD1B028229252AC6B5C91D949DB0CAD6 en het HijackThis logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:50:20, on 20/10/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\System32\mobsync.exe C:\Windows\CNYHKey.exe C:\Windows\ModLEDKey.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\ehome\ehtray.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\ehome\ehmsas.exe C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\wuauclt.exe C:\Users\Dylan\Downloads\HijackThis.exe C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost; 127.0.0.1; <local>;*.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [MoLed] ModLEDKey.exe O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-3941071071-2860450766-3604067163-1006\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3941071071-2860450766-3604067163-1006\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 7073 bytes MVG
-
hallo Het logje van ComboFix ComboFix 11-10-19.03 - Dylan 19/10/2011 15:40:36.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.1247 [GMT 2:00] Gestart vanuit: c:\users\Dylan\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Downloaded Installers c:\program files\Downloaded Installers\{208a681a-c815-4682-8288-79591409418a}\setup.msi c:\users\Dylan\AppData\Roaming\vso_ts_preview.xml c:\users\Verlee Eric\AppData\Roaming\inst.exe c:\windows\Downloaded Program Files\IDropPTB.dll c:\windows\system32\UNWISE.EXE . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-19 to 2011-10-19 )))))))))))))))))))))))))))))) . . 2011-10-19 13:49 . 2011-10-19 13:49 -------- d-----w- c:\users\Dylan\AppData\Local\temp 2011-10-19 13:49 . 2011-10-19 13:49 -------- d-----w- c:\users\Verlee Eric\AppData\Local\temp 2011-10-19 13:49 . 2011-10-19 13:49 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-10-19 13:31 . 2011-10-19 13:31 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1C0F6092-65A8-44C3-8E0E-043F2A918AA8}\MpKsl0878a871.sys 2011-10-19 13:31 . 2011-10-19 13:31 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1C0F6092-65A8-44C3-8E0E-043F2A918AA8}\offreg.dll 2011-10-19 12:55 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1C0F6092-65A8-44C3-8E0E-043F2A918AA8}\mpengine.dll 2011-10-17 16:17 . 2011-09-21 07:00 7269712 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-10-16 18:15 . 2011-09-01 02:22 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-10-16 18:15 . 2011-09-01 02:41 141088 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2011-10-16 18:15 . 2011-09-01 02:26 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll 2011-10-16 18:15 . 2011-09-01 02:35 1798144 ----a-w- c:\windows\system32\jscript9.dll 2011-10-16 18:15 . 2011-09-01 02:30 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll 2011-10-16 12:25 . 2011-10-04 15:22 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F14254B2-136A-4020-ACA2-20924665F2E4}\gapaengine.dll 2011-10-16 12:25 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll 2011-10-16 12:25 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax 2011-10-16 12:25 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax 2011-10-16 12:25 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax 2011-10-16 12:25 . 2011-09-06 13:30 2043392 ----a-w- c:\windows\system32\win32k.sys 2011-10-16 12:18 . 2011-10-16 12:19 -------- d-----w- c:\program files\Microsoft Security Client 2011-10-14 16:55 . 2011-10-14 16:55 -------- d-----w- c:\windows\Sun 2011-10-13 16:08 . 2011-09-01 02:23 1791488 ----a-w- c:\windows\system32\iertutil(356).dll 2011-10-13 16:08 . 2011-09-01 02:28 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-10-13 16:08 . 2011-09-01 02:28 1126912 ----a-w- c:\windows\system32\wininet(393).dll 2011-10-13 16:08 . 2011-09-01 02:24 716800 ----a-w- c:\windows\system32\jscript(358).dll 2011-10-13 16:08 . 2011-09-01 02:28 1102848 ----a-w- c:\windows\system32\urlmon(387).dll 2011-10-13 15:23 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32(373).dll 2011-10-13 15:23 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc(371).dll 2011-10-13 15:23 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc(372).dll 2011-10-12 17:50 . 2011-10-12 17:50 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-12 17:30 . 2011-10-12 17:30 -------- d-----w- c:\windows\Internet Logs 2011-10-12 17:09 . 2011-10-16 12:29 -------- d-----w- c:\program files\Comodo 2011-10-12 12:30 . 2011-10-12 12:30 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2011-10-12 12:29 . 2011-10-12 12:29 -------- d-----w- c:\programdata\Hitman Pro 2011-10-12 11:56 . 2011-10-12 11:56 -------- d-----w- c:\program files\iPod 2011-10-12 11:56 . 2011-10-12 11:58 -------- d-----w- c:\program files\iTunes 2011-10-12 11:50 . 2011-10-12 11:50 -------- d-----w- c:\program files\Bonjour 2011-10-11 15:15 . 2011-10-11 15:15 -------- d-----w- c:\users\Dylan\AppData\Local\SlimWare Utilities Inc 2011-10-11 15:15 . 2011-10-16 13:27 -------- d-----w- c:\program files\SlimComputer 2011-10-09 08:53 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-10-07 16:47 . 2011-10-07 16:47 33984 ----a-w- c:\windows\system32\cmdcsr(343).dll 2011-10-07 16:47 . 2011-10-07 16:47 300200 ----a-w- c:\windows\system32\guard32(354).dll 2011-10-05 15:53 . 2011-10-05 15:53 -------- d-----w- c:\users\Dylan\AppData\Roaming\CheckPoint 2011-10-05 15:52 . 2011-10-05 15:52 0 ----a-w- c:\windows\system32\ConduitEngine.tmp 2011-10-05 15:52 . 2011-10-12 17:28 -------- d-----w- c:\users\Dylan\AppData\Local\Conduit 2011-10-05 15:25 . 2011-10-16 12:00 -------- d-----w- c:\users\UpdatusUser 2011-10-05 14:50 . 2011-10-07 15:02 -------- d-----w- c:\program files\Google 2011-10-04 16:00 . 2011-10-04 16:02 -------- d-----w- c:\program files\FileHippo.com 2011-10-02 15:40 . 2011-10-02 15:40 -------- d-----w- c:\users\Dylan\AppData\Roaming\Malwarebytes 2011-10-02 15:40 . 2011-10-02 15:40 -------- d-----w- c:\programdata\Malwarebytes 2011-10-02 15:40 . 2011-10-09 08:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-10-02 09:20 . 2011-10-06 14:50 -------- d-----w- c:\program files\EA GAMES 2011-10-01 17:02 . 2011-10-02 14:49 -------- d-----w- c:\users\Dylan\AppData\Roaming\PCToolsFirewallPlus 2011-10-01 12:48 . 2011-10-01 12:48 -------- d-----w- c:\program files\CheckPoint 2011-10-01 12:48 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys 2011-10-01 12:45 . 2011-10-01 12:45 -------- d-----w- c:\programdata\CheckPoint 2011-09-29 14:46 . 2011-09-29 14:46 -------- d-----w- c:\users\Dylan\AppData\Roaming\NVIDIA 2011-09-29 14:42 . 2011-09-29 15:38 -------- d-----w- c:\users\Dylan\AppData\Local\NVIDIA Corporation 2011-09-29 14:33 . 2011-08-03 11:50 66664 ----a-w- c:\windows\system32\nvshext.dll 2011-09-29 14:33 . 2011-08-03 11:50 599144 ----a-w- c:\windows\system32\nvvsvc.exe 2011-09-29 14:33 . 2011-08-03 11:50 2560616 ----a-w- c:\windows\system32\nvsvcr.dll 2011-09-29 14:33 . 2011-08-03 11:50 2558568 ----a-w- c:\windows\system32\nvsvc.dll 2011-09-29 14:33 . 2011-08-03 11:50 3730024 ----a-w- c:\windows\system32\nvcpl.dll 2011-09-29 14:33 . 2011-08-03 11:50 111208 ----a-w- c:\windows\system32\nvmctray.dll 2011-09-29 14:33 . 2011-08-03 11:50 600680 ----a-w- c:\windows\system32\easyupdatusapiu.dll 2011-09-29 14:28 . 2011-08-03 11:50 57960 ----a-w- c:\windows\system32\OpenCL.dll 2011-09-29 14:28 . 2011-08-03 11:50 16595560 ----a-w- c:\windows\system32\nvoglv32.dll 2011-09-29 14:28 . 2011-08-03 11:50 914024 ----a-w- c:\windows\system32\nvdispco32.dll 2011-09-29 14:28 . 2011-08-03 11:50 875112 ----a-w- c:\windows\system32\nvgenco32.dll 2011-09-29 14:28 . 2011-08-03 11:50 5404776 ----a-w- c:\windows\system32\nvcuda.dll 2011-09-29 14:28 . 2011-08-03 11:50 2391656 ----a-w- c:\windows\system32\nvcuvid.dll 2011-09-29 14:28 . 2011-08-03 11:50 2090088 ----a-w- c:\windows\system32\nvcuvenc.dll 2011-09-29 14:28 . 2011-08-03 11:50 10304104 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2011-09-29 14:28 . 2011-08-03 11:50 2412136 ----a-w- c:\windows\system32\nvapi.dll 2011-09-29 14:28 . 2011-08-03 11:50 17193576 ----a-w- c:\windows\system32\nvcompiler.dll 2011-09-29 14:27 . 2011-09-29 14:40 -------- d-----w- C:\NVIDIA 2011-09-26 17:29 . 2011-09-26 17:29 -------- d-----w- c:\users\Dylan\AppData\Local\Mwt_Module 2011-09-26 17:26 . 2011-09-26 17:26 -------- d-----w- c:\users\Dylan\AppData\Roaming\Phoenix Contact 2011-09-26 17:25 . 2011-09-26 17:25 -------- d-----w- c:\users\Dylan\AppData\Roaming\Mwt Module 2011-09-26 17:12 . 2011-09-26 17:12 -------- d-----w- c:\users\Dylan\AppData\Local\Phoenix_Contact_GmbH_&_Co 2011-09-26 17:03 . 2011-09-26 17:03 -------- d-----w- c:\program files\Common Files\TCI Common Files 2011-09-26 17:02 . 2011-09-26 17:02 -------- d-----w- c:\windows\Downloaded Installations 2011-09-26 17:02 . 2011-09-26 17:03 -------- d-----w- c:\users\Dylan\AppData\Local\ApplicationHistory 2011-09-26 16:58 . 2011-09-26 16:58 -------- d-----w- c:\windows\system32\URTTEMP 2011-09-26 16:56 . 2011-09-26 16:56 -------- d-----w- c:\users\Dylan\AppData\Local\Phoenix Contact 2011-09-26 16:56 . 2011-09-26 16:56 -------- d-----w- c:\users\Dylan\AppData\Local\KW-Software 2011-09-26 16:51 . 2011-09-26 16:57 -------- d-----w- c:\program files\Common Files\ADE 2011-09-26 16:46 . 2011-09-26 17:03 -------- d-----w- c:\program files\Common Files\Phoenix Contact 2011-09-26 16:46 . 2011-09-26 17:03 -------- d-----w- c:\program files\Phoenix Contact 2011-09-26 16:46 . 2011-09-26 16:51 -------- d-----w- c:\programdata\ADE 2011-09-26 16:46 . 2011-09-26 16:49 -------- d-----w- c:\programdata\Phoenix Contact 2011-09-26 16:41 . 2011-09-26 16:41 -------- d-----w- c:\program files\WinPcap 2011-09-26 16:36 . 2011-09-26 16:36 -------- d-----w- c:\users\Dylan\AppData\Local\Downloaded Installations 2011-09-24 13:31 . 2011-10-16 12:29 -------- d-----w- c:\users\Dylan\AppData\Local\COMODO 2011-09-24 11:47 . 2011-09-24 11:48 -------- d-----w- c:\program files\Common Files\Adobe 2011-09-21 16:01 . 2011-10-12 17:40 129344 ----a-w- c:\windows\system32\drivers\sfi.dat . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-17 14:48 . 2011-09-17 14:48 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2011-09-02 15:16 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-08-30 21:05 . 2011-08-30 21:05 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-08-30 21:05 . 2011-08-30 21:05 73064 ----a-w- c:\windows\system32\dnssd.dll 2011-08-30 21:05 . 2011-08-30 21:05 50536 ----a-w- c:\windows\system32\jdns_sd.dll 2011-08-30 21:05 . 2011-08-30 21:05 178536 ----a-w- c:\windows\system32\dnssdX.dll 2011-08-23 19:08 . 2011-08-23 19:08 86528 ----a-w- c:\windows\system32\iesysprep.dll 2011-08-23 19:08 . 2011-08-23 19:08 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-08-23 19:08 . 2011-08-23 19:08 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-08-23 19:08 . 2011-08-23 19:08 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-08-23 19:08 . 2011-08-23 19:08 161792 ----a-w- c:\windows\system32\msls31.dll 2011-08-23 19:08 . 2011-08-23 19:08 74752 ----a-w- c:\windows\system32\iesetup.dll 2011-08-23 19:08 . 2011-08-23 19:08 63488 ----a-w- c:\windows\system32\tdc.ocx 2011-08-23 19:08 . 2011-08-23 19:08 367104 ----a-w- c:\windows\system32\html.iec 2011-08-23 19:08 . 2011-08-23 19:08 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2011-08-23 19:08 . 2011-08-23 19:08 23552 ----a-w- c:\windows\system32\licmgr10.dll 2011-08-23 19:08 . 2011-08-23 19:08 420864 ----a-w- c:\windows\system32\vbscript.dll 2011-08-23 19:08 . 2011-08-23 19:08 152064 ----a-w- c:\windows\system32\wextract.exe 2011-08-23 19:08 . 2011-08-23 19:08 150528 ----a-w- c:\windows\system32\iexpress.exe 2011-08-23 19:08 . 2011-08-23 19:08 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2011-08-23 19:08 . 2011-08-23 19:08 11776 ----a-w- c:\windows\system32\mshta.exe 2011-08-23 19:08 . 2011-08-23 19:08 101888 ----a-w- c:\windows\system32\admparse.dll 2011-08-23 19:08 . 2011-08-23 19:08 35840 ----a-w- c:\windows\system32\imgutil.dll 2011-08-23 19:08 . 2011-08-23 19:08 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-08-23 19:07 . 2011-08-23 19:07 98816 ----a-w- c:\windows\system32\mfps.dll 2011-08-23 19:07 . 2011-08-23 19:07 979456 ----a-w- c:\windows\system32\MFH264Dec.dll 2011-08-23 19:07 . 2011-08-23 19:07 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll 2011-08-23 19:07 . 2011-08-23 19:07 302592 ----a-w- c:\windows\system32\mfmp4src.dll 2011-08-23 19:07 . 2011-08-23 19:07 2873344 ----a-w- c:\windows\system32\mf.dll 2011-08-23 19:07 . 2011-08-23 19:07 261632 ----a-w- c:\windows\system32\mfreadwrite.dll 2011-08-23 19:07 . 2011-08-23 19:07 586240 ----a-w- c:\windows\system32\stobject.dll 2011-08-23 19:07 . 2011-08-23 19:07 209920 ----a-w- c:\windows\system32\mfplat.dll 2011-08-23 19:07 . 2011-08-23 19:07 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2011-08-23 19:07 . 2011-08-23 19:07 478720 ----a-w- c:\windows\system32\dxgi.dll 2011-08-23 19:07 . 2011-08-23 19:07 37376 ----a-w- c:\windows\system32\cdd.dll 2011-08-23 19:07 . 2011-08-23 19:07 135680 ----a-w- c:\windows\system32\XpsRasterService.dll 2011-08-23 19:07 . 2011-08-23 19:07 258048 ----a-w- c:\windows\system32\winspool.drv 2011-08-23 19:07 . 2011-08-23 19:07 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe 2011-08-23 19:07 . 2011-08-23 19:07 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll 2011-08-23 19:07 . 2011-08-23 19:07 4096 ----a-w- c:\windows\system32\drivers\nl-NL\dxgkrnl.sys.mui 2011-08-23 19:07 . 2011-08-23 19:07 369664 ----a-w- c:\windows\system32\WMPhoto.dll 2011-08-23 19:07 . 2011-08-23 19:07 195584 ----a-w- c:\windows\system32\dxdiagn.dll 2011-08-23 19:07 . 2011-08-23 19:07 252928 ----a-w- c:\windows\system32\dxdiag.exe 2011-08-23 19:07 . 2011-08-23 19:07 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll 2011-08-23 19:07 . 2011-08-23 19:07 519680 ----a-w- c:\windows\system32\d3d11.dll 2011-08-23 19:07 . 2011-08-23 19:07 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll 2011-08-23 19:07 . 2011-08-23 19:07 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2011-08-23 14:20 . 2006-11-02 02:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2011-08-23 14:20 . 2006-11-02 02:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2011-08-16 06:48 . 2011-09-16 15:02 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2E7B0102-D00C-4731-AA33-EB2B0D02F664}\mpengine.dll 2011-08-03 11:50 . 2011-05-21 04:01 6613096 ----a-w- c:\windows\system32\nvwgf2um.dll 2011-08-03 11:50 . 2007-04-12 07:07 12636776 ----a-w- c:\windows\system32\nvd3dum.dll 2011-08-03 01:31 . 2011-08-03 01:31 311912 ----a-w- c:\windows\system32\nvStreaming.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ledpointer"="CNYHKey.exe" [2006-11-09 5585408] "MoLed"="ModLEDKey.exe" [2006-11-09 53248] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Targa VFD Display.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Targa VFD Display.lnk backup=c:\windows\pss\Targa VFD Display.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Dylan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=c:\users\Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid] 2010-02-05 11:29 2056192 ----a-w- c:\program files\Belgium Identity Card\beid35gui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2006-12-23 08:05 143360 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] 2009-04-07 08:13 673616 ------w- c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX210 Series] 2008-11-06 00:00 199680 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIFDE.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup] 2006-10-30 03:44 36864 ------r- c:\windows\JM\JMInsIDE.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2011-08-31 15:00 449608 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)] 2011-08-31 15:00 1047208 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 05:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2006-12-06 08:37 69216 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] 2006-12-18 11:34 868352 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService] 2007-05-08 08:22 155648 ------w- c:\program files\CyberLink\TV Enhance\TVEService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3941071071-2860450766-3604067163-1001] "EnableNotificationsRef"=dword:00000001 . R1 MpKsl1eebcc27;MpKsl1eebcc27;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{523A265F-FB06-4659-B4E4-618440FC1283}\MpKsl1eebcc27.sys [x] R1 MpKsl77822db8;MpKsl77822db8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{05AEC917-212B-4ECA-948E-592C427B385C}\MpKsl77822db8.sys [x] R1 MpKslfa0e77f9;MpKslfa0e77f9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EC3E1723-BB30-488D-9FB8-19D942704302}\MpKslfa0e77f9.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-10-05 136176] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2010-05-16 35712] R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2006-12-22 449536] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-10-05 136176] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944] R3 rt70x86;RT2500 USB Wireless LAN Driver for Vista;c:\windows\system32\DRIVERS\netr70.sys [2010-04-27 306016] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 3964R;3964R Procotol Driver;DI [x] R4 CheckStage2_svc;CheckStage2_svc;c:\windows\CheckStage2.exe [2007-03-12 462848] R4 mitsijm2011;Autodesk Moldflow Inventor Tool Suite Integration 2011 Job Manager;c:\program files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe [2010-01-22 462336] R4 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe [2007-05-08 299093] R4 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe [2007-05-08 127059] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S1 MpKsl0878a871;MpKsl0878a871;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1C0F6092-65A8-44C3-8E0E-043F2A918AA8}\MpKsl0878a871.sys [2011-10-19 28752] S1 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-08-03 379496] S3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [2006-10-26 2814080] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-05-02 47360] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSL0878A871 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2011-10-12 c:\windows\Tasks\Epson Printer Software Downloader.job - c:\program files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26 10:43] . 2011-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-05 14:50] . 2011-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-05 14:50] . 2011-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3941071071-2860450766-3604067163-1000Core.job - c:\users\Verlee Eric\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-28 14:41] . 2011-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3941071071-2860450766-3604067163-1000UA.job - c:\users\Verlee Eric\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-28 14:41] . 2011-10-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3941071071-2860450766-3604067163-1001Core.job - c:\users\Dylan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-18 15:24] . 2011-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3941071071-2860450766-3604067163-1001UA.job - c:\users\Dylan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-18 15:24] . 2011-10-19 c:\windows\Tasks\User_Feed_Synchronization-{6E4C9ADC-CE74-4096-A936-B53E2F27F927}.job - c:\windows\system32\msfeedssync.exe [2011-08-23 19:08] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://google.be/ uInternet Settings,ProxyOverride = localhost; 127.0.0.1; <local>;*.local IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 195.130.130.130 195.130.131.130 . . ------- Bestandsassociaties ------- . .scr=AutoCADScriptFile . - - - - ORPHANS VERWIJDERD - - - - . HKLM-Run-AuditVista - (no file) MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe MSConfigStartUp-CisPostUninstall - c:\users\Dylan\AppData\Local\Temp\cis1D61.exe MSConfigStartUp-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe AddRemove-Hardlock Device Drivers - c:\windows\system32\UNWISE.EXE . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-10-19 15:49 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\3964R] "ImagePath"=hex:5c,00 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\3964R] "ImagePath"=hex:5c,00 . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:0000000f . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2011-10-19 15:51:48 ComboFix-quarantined-files.txt 2011-10-19 13:51 . Pre-Run: 313.211.944.960 bytes beschikbaar Post-Run: 314.218.643.456 bytes beschikbaar . - - End Of File - - FA2A1F23A960F1CF0BB0E5547BDF30F5 Heb ook al een Repair van de opstart geprobeerd met men CD, maar heb het opstart probleem nog steets. MVG
-
hallo Het MBAM logje Malwarebytes' Anti-Malware 1.51.2.1300 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 7965 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 17/10/2011 18:24:45 mbam-log-2011-10-17 (18-24-45).txt Scantype: Snelle scan Objecten gescand: 227091 Verstreken tijd: 25 minuut/minuten, 13 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) het nieuwe hijackThis logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:26:58, on 17/10/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\CNYHKey.exe C:\Windows\ModLEDKey.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Dylan\AppData\Local\Google\Update\1.3.21.69\GoogleCrashHandler.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\wuauclt.exe C:\Users\Dylan\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost; 127.0.0.1; <local>;*.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [MoLed] ModLEDKey.exe O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [AuditVista] O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Dylan\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [EPSON SX210 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU "C:\Users\Dylan\AppData\Local\Temp\E_S234A.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3941071071-2860450766-3604067163-1006\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 7932 bytes
-
Ok bedankt!
-
Het logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:32:03, on 16/10/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\CNYHKey.exe C:\Windows\ModLEDKey.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Users\Dylan\AppData\Local\Google\Update\1.3.21.69\GoogleCrashHandler.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Dylan\Downloads\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost; 127.0.0.1; <local>;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [MoLed] ModLEDKey.exe O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [AuditVista] O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Dylan\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [EPSON SX210 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU "C:\Users\Dylan\AppData\Local\Temp\E_S234A.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3941071071-2860450766-3604067163-1006\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{928C46A1-8A64-4AF0-8A30-4EF09E902A22}: NameServer = 8.26.56.26,156.154.70.22 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 8137 bytes MVG
-
Hallo Ik heb een probleem met mij PC. Soms start deze niet op en blijft hij hangen aan het loading screen. Dan moet ik spanning afzetten en het opnieuw proberen. En soms start hij dan normaal. Ik heb al een systeem herstel geprobeerd naar wanneer het probleem zich nog niet voordeed. (vorige week). En ben er ook vrijwel zeker van dat ik virussen of zo heb, want ik heb al met Malwarebytes en Hitmanpro men computer extra gescant. Ik heb een Windows vista SP2. Als iemand weet wat ik moet doen laat me het gerust weten. Bedankt!
