jobh
-
Items
16 -
Registratiedatum
-
Laatst bezocht
jobh's prestaties
-
Tja, dus, geen andere mogelijkheden meer? Beetje hopeloze boel denk ik zo of lijkt dat maar? Formatteren is dan dus de enige optie? Waar ik wel mijn vraagtekens bij zet, ik heb deze laptop gekocht met Vista er al op, en heb daarom dus ook geen Windows Vista cd gekregen. Hoe kan ik de laptop dan formatteren, op een legale manier, wanneer ik de cd niet heb..?
-
Tja maar ik woon in Spanje, en heb hier geen Windows CD, bovendien heb ik die nooit gekregen aangezien ik de laptop (wel nieuw) heb gekocht met Windows Vista er al op.. Ik heb het wel een keer geprobeerd en toen kreeg ik een "splitsecond" een zwart schermpje, daarna ging het meteen weer weg..
-
Krijg deze error: The archive is either in unknown format or damaged.. Kan het daardoor niet installeren, heb het opnieuw proberen te downloaden maar weer gaf ie dezelfde fout aan..
-
Hmm, is daar niets aan te doen dan? Al de problemen zijn er nogsteeds.. Nogsteeds een zwart scherm als ik m in de normale modus opstart, kan via taakbeheer in alle mappen dat wel.. Had op google nieuws Spanje een artikel gelezen over een virus met Windows 7 dat voor een zwart scherm zorgt.. Is dat niet het probleem? Heb dan wel Vista maar daarop is dat ook mogelijk niet? Ziet er een beetje hopeloos uit ben ik bang.. Formatteren de enige optie dus?
-
Hee, ik heb dat bestand gezocht maar kan die nergens vinden.. Kan het dus ook niet manueel verwijderen. Ben naar de map gegaan maar kan het echt nergens vinden. Heb gezocht met *** en zonder ***...
-
Hee, heb het nog een keer gedaan, startte opnieuw op,veilige modus, en daarna gebeurd er niets meer. Start findykill op, stap 2, moet ik op een toets drukken, start ie meteen opnieuw op en daarna gebeurt er niets.. Heb nog een keer naar dat logje gezocht maar kan het nergens vinden.. Normale modus werkt nogsteeds niet...
-
Heb gezocht maar niet kunnen vinden.. Moet ik het nog een keertje doen? Het is jammer dat het Frans is.. Maar het maakt niet uit dat ik het in de veilige modus doe? En als ie op moet starten de veilige modus opstarten?
-
Oke bedankt, heb stap 2 gedaan, heeft de computer opnieuw opgestart en daarna gebeurde er niets.. Weet niet of dat normaal is en bovendien is mijn Frans niet echt wat het zou moeten zijn.. Heb geen log ontvangen ofzo.
-
Bedankt wederom, gedaan wat je zei, logje: ----------------- FindyKill V4.005 ------------------ * User : Job - PC_VAN_JOB * Emplacement : C:\Program Files\FindyKill * Outils Mis a jours le 17/10/08 par Chiquitine29 * Recherche effectuée à 16:25:20 le za 05-12-2009 * Windows_NT - Internet Explorer 7.0.6002.18005 ((((((((((((((((( *** Recherche *** )))))))))))))))))) --------------- [ Processus actifs ] ---------------- C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\Job\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Job\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Job\AppData\Local\Google\Chrome\Application\chrome.exe --------------- [ Fichiers/Dossiers infectieux ] ---------------- »»»» Presence des fichiers dans C: »»»» Presence des fichiers dans C:\Windows »»»» Presence des fichiers dans C:\Windows\Prefetch »»»» Presence des fichiers dans C:\Windows\system32 »»»» Presence des fichiers dans C:\Windows\system32\drivers »»»» Presence des fichiers dans C:\Users\Job\AppData\Roaming »»»» Presence des fichiers dans C:\Users\Job\AppData\Local\Temp --------------- [ Registre / Startup ] ---------------- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Windows Defender REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MSASCui.exe -hide CLMLServer REG_SZ "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" P2Go_Menu REG_SZ "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" StartCCC REG_SZ "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun HControlUser REG_SZ "C:\Program Files\ATK Hotkey\HcontrolUser.exe" ATKOSD2 REG_SZ C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe RtHDVCpl REG_SZ RtHDVCpl.exe SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ADSMTray REG_SZ C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe ATKMEDIA REG_SZ C:\Program Files\ASUS\ATK Media\DMedia.exe ASUSTPE REG_SZ C:\Windows\system32\ASUSTPE.exe ASUS Screen Saver Protector REG_SZ C:\Windows\ASScrPro.exe fssui REG_SZ "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun OneCareUI REG_SZ "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" Skytel REG_SZ Skytel.exe SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe" QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime AppleSyncNotifier REG_SZ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ehTray.exe REG_SZ C:\Windows\ehome\ehTray.exe Google Update REG_SZ "C:\Users\Job\AppData\Local\Google\Update\GoogleUpdate.exe" /c --------------- [ Registre / Clés infectieuses ] ---------------- --------------- [ Etat / Services ] ---------------- +- Services : [ Auto=2 Demande=3 Désactivé=4 ] Ndisuio - Type de démarrage = 3 EapHost - Type de démarrage = 3 Wlansvc - Type de démarrage = 2 SharedAccess - Type de démarrage = 2 wuauserv - Type de démarrage = 2 wscsvc - Type de démarrage = 2 --------------- [ Recherche dans supports amovibles] ---------------- +- Informations : C: - vast station D: - vast station +- presence des fichiers : --------------- [ Registre / Moutpoint2 ] ---------------- -> Recherche négative. ------------------- ! Fin du rapport ! --------------------
-
Oei dat klinkt er niet echt veelbelovend uit.. Heb gedaan wat je zei, zei tijdens het scannen dat ik geen administrator rechten had maar die heb ik wel... Ben de enige gebruiker.. Hier is het logje: ComboFix 09-12-03.06 - Job 05-12-2009 15:37.1.2 - x86 NETWORK Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3070.2320 [GMT 1:00] Gestart vanuit: c:\users\Job\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Job\Desktop\CFScript.txt AV: Windows Live OneCare *On-access scanning enabled* (Updated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4} FW: Windows Live OneCare - Firewall *enabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} SP: Windows Live OneCare *enabled* (Updated) {CC7E50BA-BA8C-4DDE-B5AC-EA53BC38D01B} . (((((((((((((((((((( Bestanden Gemaakt van 2009-11-05 to 2009-12-05 )))))))))))))))))))))))))))))) . 2009-12-05 14:44 . 2009-12-05 14:46 -------- d-----w- c:\users\Job\AppData\Local\temp 2009-12-05 14:44 . 2009-12-05 14:44 -------- d-----w- c:\users\Public\AppData\Local\temp 2009-12-04 20:40 . 2009-12-04 20:40 -------- d-----w- c:\users\Job\AppData\Roaming\Malwarebytes 2009-12-04 20:40 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-04 20:40 . 2009-12-04 20:40 -------- d-----w- c:\programdata\Malwarebytes 2009-12-04 20:40 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-04 16:39 . 2009-12-04 16:39 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-12-04 16:32 . 2009-12-05 14:22 680 ----a-w- c:\users\Job\AppData\Local\d3d9caps.dat 2009-12-04 15:46 . 2009-12-04 16:16 -------- d-----w- c:\users\Job\AppData\Roaming\Lavasoft 2009-11-26 12:58 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll 2009-11-26 12:57 . 2009-11-26 12:57 -------- d-----w- c:\program files\MSXML 4.0 2009-11-25 20:44 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll 2009-11-25 20:44 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll 2009-11-24 14:29 . 2009-11-24 14:29 1010936 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-11-18 20:45 . 2009-11-18 20:45 -------- d-----w- c:\program files\Windows Portable Devices 2009-11-18 12:54 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll 2009-11-18 12:54 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll 2009-11-18 12:54 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2009-11-18 12:52 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe 2009-11-18 12:52 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll 2009-11-18 12:52 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll 2009-11-18 12:52 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll 2009-11-18 12:52 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll 2009-11-18 12:52 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll 2009-11-18 12:52 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll 2009-11-18 12:52 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll 2009-11-18 12:52 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll 2009-11-18 12:52 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll 2009-11-18 12:52 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll 2009-11-18 12:52 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll 2009-11-18 12:50 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2009-11-18 12:50 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2009-11-18 12:50 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll 2009-11-10 20:57 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys 2009-11-10 20:48 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll 2009-11-10 17:39 . 2009-11-12 20:58 4096 d-----w- c:\users\Job\AppData\Local\Microsoft Games . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-05 14:44 . 2009-07-17 11:26 4096 d-----w- c:\users\Job\AppData\Roaming\Skype 2009-12-05 14:28 . 2009-07-17 11:34 4096 d-----w- c:\users\Job\AppData\Roaming\skypePM 2009-12-05 14:21 . 2008-04-16 11:26 666366 ----a-w- c:\windows\system32\perfh013.dat 2009-12-05 14:21 . 2008-04-16 11:26 126270 ----a-w- c:\windows\system32\perfc013.dat 2009-12-05 01:00 . 2009-03-26 21:28 45056 ----a-w- c:\windows\system32\acovcnt.exe 2009-12-02 20:52 . 2009-03-26 19:47 12 ----a-w- c:\windows\bthservsdp.dat 2009-12-02 13:19 . 2009-07-10 12:59 28672 d-----w- c:\program files\Microsoft Windows OneCare Live 2009-11-30 15:13 . 2009-03-26 20:14 4096 d-----w- c:\program files\Google 2009-11-18 20:45 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-18 20:44 . 2009-11-18 20:44 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2009-11-14 14:34 . 2009-03-26 19:55 65536 d-----w- c:\programdata\Microsoft Help 2009-11-11 21:04 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail 2009-11-10 17:35 . 2006-11-02 12:37 4096 d-----w- c:\program files\Microsoft Games 2009-10-14 19:35 . 2009-10-14 19:35 -------- d-----w- c:\users\Job\AppData\Roaming\Regensoft 2009-10-14 15:42 . 2009-10-14 15:42 -------- d-----w- c:\users\Job\AppData\Roaming\Red Kawa 2009-10-14 15:34 . 2009-10-14 15:34 -------- d-----w- c:\program files\Regensoft 2009-10-14 13:48 . 2009-10-14 13:48 -------- d-----w- c:\users\Job\AppData\Roaming\Media Player Classic 2009-10-14 13:33 . 2009-10-14 13:33 -------- d-----w- c:\program files\XviD 2009-10-03 13:22 . 2009-10-03 13:22 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.1.8\SetupAdmin.exe 2009-09-25 02:10 . 2009-11-18 12:53 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll 2009-09-25 02:07 . 2009-11-18 12:53 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2009-09-25 02:04 . 2009-11-18 12:53 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll 2009-09-25 01:49 . 2009-11-18 12:53 1554432 ----a-w- c:\windows\system32\xpsservices.dll 2009-09-25 01:48 . 2009-11-18 12:53 351232 ----a-w- c:\windows\system32\XpsPrint.dll 2009-09-25 01:38 . 2009-11-18 12:53 847360 ----a-w- c:\windows\system32\OpcServices.dll 2009-09-25 01:36 . 2009-11-18 12:53 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2009-09-25 01:35 . 2009-11-18 12:53 135680 ----a-w- c:\windows\system32\XpsRasterService.dll 2009-09-25 01:33 . 2009-11-18 12:53 195584 ----a-w- c:\windows\system32\dxdiagn.dll 2009-09-25 01:33 . 2009-11-18 12:53 829440 ----a-w- c:\windows\system32\d3d10warp.dll 2009-09-25 01:33 . 2009-11-18 12:53 369664 ----a-w- c:\windows\system32\WMPhoto.dll 2009-09-25 01:32 . 2009-11-18 12:53 252928 ----a-w- c:\windows\system32\dxdiag.exe 2009-09-25 01:31 . 2009-11-18 12:53 519680 ----a-w- c:\windows\system32\d3d11.dll 2009-09-25 01:31 . 2009-11-18 12:53 486912 ----a-w- c:\windows\system32\d3d10level9.dll 2009-09-25 01:31 . 2009-11-18 12:53 161280 ----a-w- c:\windows\system32\d3d10_1.dll 2009-09-25 01:31 . 2009-11-18 12:53 218112 ----a-w- c:\windows\system32\d3d10_1core.dll 2009-09-25 01:31 . 2009-11-18 12:53 1030144 ----a-w- c:\windows\system32\d3d10.dll 2009-09-25 01:31 . 2009-11-18 12:53 828928 ----a-w- c:\windows\system32\d2d1.dll 2009-09-25 01:30 . 2009-11-18 12:53 481792 ----a-w- c:\windows\system32\dxgi.dll 2009-09-25 01:30 . 2009-11-18 12:53 190464 ----a-w- c:\windows\system32\d3d10core.dll 2009-09-25 01:27 . 2009-11-18 12:53 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2009-09-25 01:27 . 2009-11-18 12:53 37888 ----a-w- c:\windows\system32\cdd.dll 2009-09-25 01:27 . 2009-11-18 12:53 793088 ----a-w- c:\windows\system32\FntCache.dll 2009-09-25 01:27 . 2009-11-18 12:53 1064448 ----a-w- c:\windows\system32\DWrite.dll 2009-09-24 22:54 . 2009-11-18 12:53 258048 ----a-w- c:\windows\system32\winspool.drv 2009-09-24 22:54 . 2009-11-18 12:53 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe 2009-09-24 22:54 . 2009-11-18 12:53 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll 2009-09-14 09:29 . 2009-10-14 15:39 144896 ----a-w- c:\windows\system32\drivers\srv2.sys 2009-09-10 16:48 . 2009-10-17 15:13 218624 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 14:59 . 2009-10-28 15:40 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-09-10 14:58 . 2009-10-28 15:40 310784 ----a-w- c:\windows\system32\unregmp2.exe 2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files\Common Files\CPInstallAction.dll 2008-05-22 16:35 . 2008-05-22 16:35 51962 ----a-w- c:\program files\Common Files\banner.jpg 2007-06-12 17:34 . 2007-06-12 17:34 35822 ----a-w- c:\program files\Common Files\ASPG_icon.ico 2009-03-26 20:13 . 2009-03-26 20:13 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "Google Update"="c:\users\Job\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-07-23 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" [X] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936] "P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216] "HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-12 98304] "ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416] "ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240] "ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-25 159744] "ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-10-12 106496] "ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2009-03-26 33136] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520] "OneCareUI"="c:\program files\Microsoft Windows OneCare Live\winssnotify.exe" [2009-07-09 65240] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-07-16 6253088] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2008-07-16 1833504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "GrpConv"="grpconv -o" [X] "Malwarebytes' Anti-Malware"="d:\malwarebytes' anti-malware\mbamgui.exe" [2009-12-03 429392] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-30 752168] FancyStart daemon.lnk - c:\windows\Installer\{DC905847-D537-427F-BF91-47CC7ACCDE58}\_DF3A81D17C478A2A6C60A5.exe [2009-3-26 12862] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiSpywareOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "VistaSp2"=hex(:2c,e3,d1,d6,2d,18,ca,01 R0 ***laby;***laby;c:\windows\System32\drivers\***laby.sys [26-3-2009 22:16 15416] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [2-5-2008 9:07 48128] S2 gupdate1ca2352ee0ffca0;Google Updateservice (gupdate1ca2352ee0ffca0);c:\program files\Google\Update\GoogleUpdate.exe [22-8-2009 19:04 133104] S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [30-5-2008 0:22 208896] S2 MDES;DVM Meta Data Export Service;c:\asus.sys\DVMExportService.exe [21-10-2008 17:57 307200] S2 OcHealthMon;Windows Live OneCare Health Monitor;c:\program files\Microsoft Windows OneCare Live\OcHealthMon.exe [9-7-2009 11:15 26104] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [26-3-2009 22:03 29736] S3 CRFILTER;USB Mass Storage Filter;c:\windows\System32\drivers\CRFILTER.sys [7-4-2008 7:00 6656] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21-1-2008 3:23 21504] S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [1-10-2009 16:17 54632] S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5-8-2009 21:48 704864] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . Inhoud van de 'Gedeelde Taken' map 2009-12-05 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-22 18:03] 2009-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 18:03] 2009-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 18:03] 2009-12-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1777717061-635218429-414337746-1000Core.job - c:\users\Job\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-23 23:06] 2009-12-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1777717061-635218429-414337746-1000UA.job - c:\users\Job\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-23 23:06] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . - - - - ORPHANS VERWIJDERD - - - - HKLM-RunOnce-<NO NAME> - (no file) ************************************************************************** scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'lsass.exe'(536) c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll - - - - - - - > 'Explorer.exe'(1264) c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Voltooingstijd: 2009-12-05 15:51 - machine werd herstart ComboFix-quarantined-files.txt 2009-12-05 14:51 ComboFix2.txt 2009-12-04 23:10 ComboFix3.txt 2009-12-04 21:57 Pre-Run: 112.339.595.264 bytes beschikbaar Post-Run: 112.218.697.728 bytes beschikbaar - - End Of File - - E264D4D90665F97239887CFD1D9AA601 Edit. Heb nog geprobeerd in de normale modus op te starten, hetzelfde probleem, niets veranderd. Kan wel via taakbeheer in "Computer" en mijn bestanden zien.. Erg vreemd dus.. En wat betekent het als er een groter probleem aan de hand is? Moet ik m dan opnieuw formateren?
-
Heb eventjes geprobeerd op te starten in de normale modus, ging prima totdat ik me had aangemeld bij Windows, zwart scherm met de muis, meer niet. Ctrl alt del gedaan, taakbeheer geopend, lukt gewoon en zie ik taakbeheer in een verder volledig zwart scherm... Lijkt me niet echt normaal wel?
-
Hierbij het logje van Combofix, gescant in de veilige modus.. Moest de computer daarna wel 2 keer opnieuw opstarten(veilige modus) om weer google chrome te kunnen openen.. Log: ComboFix 09-12-03.06 - Job 04-12-2009 23:58.1.2 - x86 NETWORK Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3070.2326 [GMT 1:00] Gestart vanuit: c:\users\Job\Documents\Downloads\ComboFix.exe AV: Windows Live OneCare *On-access scanning enabled* (Updated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4} FW: Windows Live OneCare - Firewall *enabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} SP: Windows Live OneCare *enabled* (Updated) {CC7E50BA-BA8C-4DDE-B5AC-EA53BC38D01B} . (((((((((((((((((((( Bestanden Gemaakt van 2009-11-04 to 2009-12-04 )))))))))))))))))))))))))))))) . 2009-12-04 23:03 . 2009-12-04 23:05 -------- d-----w- c:\users\Job\AppData\Local\temp 2009-12-04 23:03 . 2009-12-04 23:03 -------- d-----w- c:\users\Public\AppData\Local\temp 2009-12-04 20:40 . 2009-12-04 20:40 -------- d-----w- c:\users\Job\AppData\Roaming\Malwarebytes 2009-12-04 20:40 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-04 20:40 . 2009-12-04 20:40 -------- d-----w- c:\programdata\Malwarebytes 2009-12-04 20:40 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-04 16:39 . 2009-12-04 16:39 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-12-04 16:32 . 2009-12-04 22:55 680 ----a-w- c:\users\Job\AppData\Local\d3d9caps.dat 2009-12-04 15:46 . 2009-12-04 16:16 -------- d-----w- c:\users\Job\AppData\Roaming\Lavasoft 2009-11-26 12:58 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll 2009-11-26 12:57 . 2009-11-26 12:57 -------- d-----w- c:\program files\MSXML 4.0 2009-11-25 20:44 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll 2009-11-25 20:44 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll 2009-11-24 14:29 . 2009-11-24 14:29 1010936 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-11-18 20:45 . 2009-11-18 20:45 -------- d-----w- c:\program files\Windows Portable Devices 2009-11-18 12:54 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll 2009-11-18 12:54 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll 2009-11-18 12:54 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2009-11-18 12:52 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe 2009-11-18 12:52 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll 2009-11-18 12:52 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll 2009-11-18 12:52 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll 2009-11-18 12:52 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll 2009-11-18 12:52 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll 2009-11-18 12:52 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll 2009-11-18 12:52 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll 2009-11-18 12:52 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll 2009-11-18 12:52 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll 2009-11-18 12:52 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll 2009-11-18 12:52 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll 2009-11-18 12:50 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2009-11-18 12:50 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2009-11-18 12:50 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll 2009-11-10 20:57 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys 2009-11-10 20:48 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll 2009-11-10 17:39 . 2009-11-12 20:58 4096 d-----w- c:\users\Job\AppData\Local\Microsoft Games . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-04 22:18 . 2008-04-16 11:26 666366 ----a-w- c:\windows\system32\perfh013.dat 2009-12-04 22:18 . 2008-04-16 11:26 126270 ----a-w- c:\windows\system32\perfc013.dat 2009-12-04 22:04 . 2009-03-26 21:28 45056 ----a-w- c:\windows\system32\acovcnt.exe 2009-12-04 21:41 . 2009-07-17 11:26 4096 d-----w- c:\users\Job\AppData\Roaming\Skype 2009-12-04 16:39 . 2009-07-17 11:34 4096 d-----w- c:\users\Job\AppData\Roaming\skypePM 2009-12-02 20:52 . 2009-03-26 19:47 12 ----a-w- c:\windows\bthservsdp.dat 2009-12-02 13:19 . 2009-07-10 12:59 28672 d-----w- c:\program files\Microsoft Windows OneCare Live 2009-11-30 15:13 . 2009-03-26 20:14 4096 d-----w- c:\program files\Google 2009-11-18 20:45 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-18 20:44 . 2009-11-18 20:44 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2009-11-14 14:34 . 2009-03-26 19:55 65536 d-----w- c:\programdata\Microsoft Help 2009-11-11 21:04 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail 2009-11-10 17:35 . 2006-11-02 12:37 4096 d-----w- c:\program files\Microsoft Games 2009-10-14 19:35 . 2009-10-14 19:35 -------- d-----w- c:\users\Job\AppData\Roaming\Regensoft 2009-10-14 15:42 . 2009-10-14 15:42 -------- d-----w- c:\users\Job\AppData\Roaming\Red Kawa 2009-10-14 15:34 . 2009-10-14 15:34 -------- d-----w- c:\program files\Regensoft 2009-10-14 13:48 . 2009-10-14 13:48 -------- d-----w- c:\users\Job\AppData\Roaming\Media Player Classic 2009-10-14 13:33 . 2009-10-14 13:33 -------- d-----w- c:\program files\XviD 2009-10-03 13:22 . 2009-10-03 13:22 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.1.8\SetupAdmin.exe 2009-09-25 02:10 . 2009-11-18 12:53 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll 2009-09-25 02:07 . 2009-11-18 12:53 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2009-09-25 02:04 . 2009-11-18 12:53 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll 2009-09-25 01:49 . 2009-11-18 12:53 1554432 ----a-w- c:\windows\system32\xpsservices.dll 2009-09-25 01:48 . 2009-11-18 12:53 351232 ----a-w- c:\windows\system32\XpsPrint.dll 2009-09-25 01:38 . 2009-11-18 12:53 847360 ----a-w- c:\windows\system32\OpcServices.dll 2009-09-25 01:36 . 2009-11-18 12:53 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2009-09-25 01:35 . 2009-11-18 12:53 135680 ----a-w- c:\windows\system32\XpsRasterService.dll 2009-09-25 01:33 . 2009-11-18 12:53 195584 ----a-w- c:\windows\system32\dxdiagn.dll 2009-09-25 01:33 . 2009-11-18 12:53 829440 ----a-w- c:\windows\system32\d3d10warp.dll 2009-09-25 01:33 . 2009-11-18 12:53 369664 ----a-w- c:\windows\system32\WMPhoto.dll 2009-09-25 01:32 . 2009-11-18 12:53 252928 ----a-w- c:\windows\system32\dxdiag.exe 2009-09-25 01:31 . 2009-11-18 12:53 519680 ----a-w- c:\windows\system32\d3d11.dll 2009-09-25 01:31 . 2009-11-18 12:53 486912 ----a-w- c:\windows\system32\d3d10level9.dll 2009-09-25 01:31 . 2009-11-18 12:53 161280 ----a-w- c:\windows\system32\d3d10_1.dll 2009-09-25 01:31 . 2009-11-18 12:53 218112 ----a-w- c:\windows\system32\d3d10_1core.dll 2009-09-25 01:31 . 2009-11-18 12:53 1030144 ----a-w- c:\windows\system32\d3d10.dll 2009-09-25 01:31 . 2009-11-18 12:53 828928 ----a-w- c:\windows\system32\d2d1.dll 2009-09-25 01:30 . 2009-11-18 12:53 481792 ----a-w- c:\windows\system32\dxgi.dll 2009-09-25 01:30 . 2009-11-18 12:53 190464 ----a-w- c:\windows\system32\d3d10core.dll 2009-09-25 01:27 . 2009-11-18 12:53 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2009-09-25 01:27 . 2009-11-18 12:53 37888 ----a-w- c:\windows\system32\cdd.dll 2009-09-25 01:27 . 2009-11-18 12:53 793088 ----a-w- c:\windows\system32\FntCache.dll 2009-09-25 01:27 . 2009-11-18 12:53 1064448 ----a-w- c:\windows\system32\DWrite.dll 2009-09-24 22:54 . 2009-11-18 12:53 258048 ----a-w- c:\windows\system32\winspool.drv 2009-09-24 22:54 . 2009-11-18 12:53 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe 2009-09-24 22:54 . 2009-11-18 12:53 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll 2009-09-14 09:29 . 2009-10-14 15:39 144896 ----a-w- c:\windows\system32\drivers\srv2.sys 2009-09-10 16:48 . 2009-10-17 15:13 218624 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 14:59 . 2009-10-28 15:40 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-09-10 14:58 . 2009-10-28 15:40 310784 ----a-w- c:\windows\system32\unregmp2.exe 2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files\Common Files\CPInstallAction.dll 2008-05-22 16:35 . 2008-05-22 16:35 51962 ----a-w- c:\program files\Common Files\banner.jpg 2007-06-12 17:34 . 2007-06-12 17:34 35822 ----a-w- c:\program files\Common Files\ASPG_icon.ico 2009-03-26 20:13 . 2009-03-26 20:13 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "Google Update"="c:\users\Job\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-07-23 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" [X] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936] "P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216] "HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-12 98304] "ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416] "ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240] "ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-25 159744] "ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-10-12 106496] "ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2009-03-26 33136] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520] "OneCareUI"="c:\program files\Microsoft Windows OneCare Live\winssnotify.exe" [2009-07-09 65240] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-07-16 6253088] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2008-07-16 1833504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "GrpConv"="grpconv -o" [X] "Malwarebytes' Anti-Malware"="d:\malwarebytes' anti-malware\mbamgui.exe" [2009-12-03 429392] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-30 752168] FancyStart daemon.lnk - c:\windows\Installer\{DC905847-D537-427F-BF91-47CC7ACCDE58}\_DF3A81D17C478A2A6C60A5.exe [2009-3-26 12862] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiSpywareOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "VistaSp2"=hex(:2c,e3,d1,d6,2d,18,ca,01 R0 ***laby;***laby;c:\windows\System32\drivers\***laby.sys [26-3-2009 22:16 15416] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [2-5-2008 9:07 48128] S2 gupdate1ca2352ee0ffca0;Google Updateservice (gupdate1ca2352ee0ffca0);c:\program files\Google\Update\GoogleUpdate.exe [22-8-2009 19:04 133104] S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [30-5-2008 0:22 208896] S2 MDES;DVM Meta Data Export Service;c:\asus.sys\DVMExportService.exe [21-10-2008 17:57 307200] S2 OcHealthMon;Windows Live OneCare Health Monitor;c:\program files\Microsoft Windows OneCare Live\OcHealthMon.exe [9-7-2009 11:15 26104] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [26-3-2009 22:03 29736] S3 CRFILTER;USB Mass Storage Filter;c:\windows\System32\drivers\CRFILTER.sys [7-4-2008 7:00 6656] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21-1-2008 3:23 21504] S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [1-10-2009 16:17 54632] S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5-8-2009 21:48 704864] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . Inhoud van de 'Gedeelde Taken' map 2009-12-04 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-22 18:03] 2009-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 18:03] 2009-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 18:03] 2009-12-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1777717061-635218429-414337746-1000Core.job - c:\users\Job\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-23 23:06] 2009-12-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1777717061-635218429-414337746-1000UA.job - c:\users\Job\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-23 23:06] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . - - - - ORPHANS VERWIJDERD - - - - HKLM-RunOnce-<NO NAME> - (no file) ************************************************************************** scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'lsass.exe'(600) c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll - - - - - - - > 'Explorer.exe'(1516) c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Voltooingstijd: 2009-12-05 00:10 - machine werd herstart ComboFix-quarantined-files.txt 2009-12-04 23:10 ComboFix2.txt 2009-12-04 21:57 Pre-Run: 112.307.937.280 bytes beschikbaar Post-Run: 112.187.981.824 bytes beschikbaar - - End Of File - - C962D4FBE85F8696E73F2E4AC94963AD
-
Nou heb net gedaan wat je zei, ging prima maar nadat de computer opgestart was deed ie het niet meer.. Nu doet ie het wel weer maar heb dat programmatje niet meer en kan het nergens vinden(Combofix). Weet niet of het slim is om het nu nog een keer te doen aangezien ie net weer zo vreemd deed. Wat ik er wel bij moet zeggen is dat ik alles wat ik nu doen, in de veilige modus doe! In de normale modus doet niets het dus werk ik maar in de veilige modus.. Zit nu dus ook op internet op deze laptop maar in de veilige modus!!
-
Bedankt voor je duidelijke reactie.. Heb gedaan wat er stond MBAM heeft niets kunnen vinden dus kon ook niets weggooien.. Log van MBAM: Malwarebytes' Anti-Malware 1.42 Database versie: 3295 Windows 6.0.6002 Service Pack 2 (Safe Mode) Internet Explorer 7.0.6002.18005 4-12-2009 21:48:40 mbam-log-2009-12-04 (21-48-40).txt Scan type: Snelle Scan Objecten gescand: 91216 Verstreken tijd: 3 minute(s), 38 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Nieuwe log van HijackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:50:48, on 4-12-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Safe mode with network support Running processes: C:\Windows\Explorer.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Users\Job\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Job\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Job\AppData\Local\Google\Chrome\Application\chrome.exe D:\Malwarebytes' Anti-Malware\mbam.exe D:\Downloads\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe" O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Job\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: FancyStart daemon.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Google Updateservice (gupdate1ca2352ee0ffca0) (gupdate1ca2352ee0ffca0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: DVM Meta Data Export Service (MDES) - DeviceVM - C:\ASUS.SYS\DVMExportService.exe -- End of file - 7726 bytes
-
Heb HijackThis geinstalleerd en gescant, dit echter wel in de veilige modus, weet niet of dat wat uitmaakt.. Hier is het: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:04:01, on 4-12-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Safe mode with network support Running processes: C:\Windows\Explorer.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\Job\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Job\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Job\AppData\Local\Google\Chrome\Application\chrome.exe D:\Downloads\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe" O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe O4 - HKLM\..\Run: [TQ566808] "E:\Setup.exe" O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Job\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: FancyStart daemon.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Google Updateservice (gupdate1ca2352ee0ffca0) (gupdate1ca2352ee0ffca0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: DVM Meta Data Export Service (MDES) - DeviceVM - C:\ASUS.SYS\DVMExportService.exe -- End of file - 7847 bytes
