Ga naar inhoud

Een programma geopend staat in taakbalk, maar niet als venster op bureaublad ... ?


Rambozo

Aanbevolen berichten

Beste,

Ik heb iets eigenaardigs voor. Als ik het programma Creevity mp3 cover downloader installeer, dan kan ik het programma niet echt 'starten'. Je kan het wel starten en je ziet het staan in de taakbalk onderaan, maar het is niet zichtbaar op de desktop. De snellink staat ook op de desktop. Als ik dubbelklik op de taakbalk(wanneer het prog. open staat) , zie ik het wel snel verkleinen en naar de taakbalk gaan. (alsof je het venster verkleint) Maar je ziet niets op de desktop of je kan niet aan het programma? Even geleden kon ik mijn wallpaper niet meer veranderen. Dit is opgelost met een file te verwijderen. (corrupte wallpaper)

Ik krijg ook steeds de melding (al enkele weken) dat Catalyst Control Center niet meer werkt. Hiervoor heb ik catalyst volledig gedeïnstalleerd en dan terug geïnstalleerd... zonder resultaat.

Kan iemand mij helpen?

Heb al eens gelezen dat malware of iets anders daar de oorzaak van kan zijn.

Mijn Avast vindt in ieder geval geen bedreigingen.

Alvast bedankt!

Link naar reactie
Delen op andere sites

We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis.

Klik bij "HijackThis Downloads" op "Installer".

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere pc en het bestand met een usb stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable downloaden.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map.

De logjes kan je dan ook in die map terugvinden.


2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de schuine tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Bijlage 12634)

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.


3. Na het plaatsen van je logje wordt dit door een expert (Kape of Kweezie Wabbit) nagekeken en begeleidt hij jou verder door het ganse proces.

Link naar reactie
Delen op andere sites

Beste,

Hieronder de logfile van HijackThis :

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:45:23, on 13/11/2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v8.00 (8.00.7601.17514)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\WinPatrol\WinPatrol.exe

C:\Program Files\Avast\AvastUI.exe

C:\Program Files (x86)\Razer\Lachesis\razerhid.exe

C:\Program Files (x86)\Content Transfer\ContentTransferWMDetector.exe

C:\Program Files (x86)\Winamp\winampa.exe

C:\Program Files (x86)\Razer\Lachesis\OSD.exe

C:\Program Files (x86)\Razer\Lachesis\razertra.exe

C:\Program Files (x86)\Razer\Lachesis\razerofa.exe

C:\Program Files (x86)\Steam\steam.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

O4 - HKLM\..\Run: [avast] "C:\Program Files\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [WinPatrol] C:\Program Files (x86)\WinPatrol\winpatrol.exe -expressboot

O4 - HKLM\..\Run: [Lachesis] C:\Program Files (x86)\Razer\Lachesis\razerhid.exe

O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Content Transfer\ContentTransferWMDetector.exe

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL

O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Avast\AvastSvc.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 7129 bytes

Link naar reactie
Delen op andere sites

Probleemloos logje maar we zoeken verder.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

  • Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
    Klik hier
    Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.
  • Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.
  • ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.
    **Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.
  • Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.

cf-rc-auto.jpg

Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

rc-auto-done.jpg

Klik op Ja om verder te gaan met het scannen naar malware.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Indien je problemen hebt bij het uitvoeren van ComboFix, gelieve dit te melden.

Link naar reactie
Delen op andere sites

ComboFix 11-11-14.02 - Administrator 14/11/2011 18:02:07.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4094.2307 [GMT 1:00]

Gestart vanuit: c:\users\Administrator\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-10-14 to 2011-11-14 ))))))))))))))))))))))))))))))

.

.

2011-11-14 17:05 . 2011-11-14 17:05 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-11-13 20:45 . 2011-11-13 20:45 388096 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-11-13 20:45 . 2011-11-13 20:45 -------- d-----w- c:\program files (x86)\Trend Micro

2011-11-12 20:35 . 2011-11-12 20:35 -------- d-----w- c:\users\Administrator\AppData\Roaming\f-secure

2011-11-12 20:35 . 2011-11-12 20:35 -------- d-----w- c:\programdata\F-Secure

2011-11-12 16:11 . 2011-11-12 16:15 -------- d-----w- c:\program files\Creevity Mp3 Cover Downloader

2011-11-12 15:19 . 2011-11-12 15:19 -------- d-----w- c:\programdata\ATI

2011-11-11 19:53 . 2011-11-11 19:53 -------- d-----w- c:\program files\Common Files\ATI Technologies

2011-11-11 19:53 . 2011-11-11 19:53 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies

2011-11-11 19:53 . 2011-11-11 19:53 -------- d-----w- c:\program files (x86)\ATI Stream

2011-11-11 19:52 . 2011-11-11 19:52 -------- d-----w- c:\program files (x86)\ATI Technologies

2011-11-11 19:52 . 2011-11-11 19:52 -------- d-----w- c:\program files\ATI

2011-11-11 19:52 . 2011-11-11 19:53 -------- d-----w- c:\program files\ATI Technologies

2011-11-11 15:10 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1243A6B1-6DF8-4733-A74A-80D6B16C7BDF}\mpengine.dll

2011-11-09 14:04 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll

2011-11-09 14:04 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll

2011-11-09 14:04 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-11-09 14:04 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys

2011-10-27 21:43 . 2011-10-07 17:47 41200 ----a-w- c:\windows\system32\cmdcsr.dll

2011-10-27 19:27 . 2011-10-27 19:27 -------- d-----w- c:\users\Administrator\AppData\Roaming\AVS4YOU

2011-10-27 19:26 . 2011-10-27 19:28 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia

2011-10-27 19:26 . 2011-10-27 19:28 -------- d-----w- c:\program files (x86)\AVS4YOU

2011-10-27 19:26 . 2011-10-27 19:27 -------- d-----w- c:\programdata\AVS4YOU

2011-10-27 19:26 . 2011-08-22 14:33 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll

2011-10-27 19:26 . 2011-08-22 14:32 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll

2011-10-26 14:40 . 2011-08-13 05:27 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll

2011-10-26 14:40 . 2011-08-13 04:18 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll

2011-10-16 17:20 . 2011-10-24 19:24 -------- d-----w- C:\mijn documenten

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-07 20:08 . 2011-10-07 20:08 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll

2011-10-07 17:47 . 2011-06-30 07:38 93200 ----a-w- c:\windows\system32\drivers\inspect.sys

2011-10-07 17:47 . 2011-06-30 07:38 43248 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2011-10-07 17:47 . 2011-06-30 07:38 574216 ----a-w- c:\windows\system32\drivers\cmdGuard.sys

2011-10-07 17:47 . 2011-06-30 07:38 16528 ----a-w- c:\windows\system32\drivers\cmderd.sys

2011-10-07 17:47 . 2011-06-30 07:37 300200 ----a-w- c:\windows\SysWow64\guard32.dll

2011-10-07 17:47 . 2011-06-30 07:37 388280 ----a-w- c:\windows\system32\guard64.dll

2011-10-01 21:15 . 2011-07-05 21:04 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-01 03:25 . 2011-10-12 13:06 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-10-01 02:42 . 2011-10-12 13:06 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb

2011-09-14 09:47 . 2011-09-14 09:47 60416 ----a-w- c:\windows\system32\OVDecode64.dll

2011-09-14 09:47 . 2011-09-14 09:47 53760 ----a-w- c:\windows\SysWow64\OVDecode.dll

2011-09-14 09:47 . 2011-09-14 09:47 51200 ----a-w- c:\windows\system32\OpenCL.dll

2011-09-14 09:47 . 2011-09-14 09:47 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll

2011-09-14 09:47 . 2011-09-14 09:47 16652288 ----a-w- c:\windows\system32\amdocl64.dll

2011-09-14 09:46 . 2011-09-14 09:46 13625856 ----a-w- c:\windows\SysWow64\amdocl.dll

2011-09-14 09:38 . 2011-09-14 09:38 44032 ----a-w- c:\windows\system32\amdoclcl64.dll

2011-09-14 09:38 . 2011-09-14 09:38 37376 ----a-w- c:\windows\SysWow64\amdoclcl.dll

2011-09-10 08:21 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2011-09-10 08:21 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2011-09-06 20:45 . 2011-07-05 22:23 41184 ----a-w- c:\windows\avastSS.scr

2011-09-06 20:45 . 2011-07-05 22:23 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe

2011-09-06 20:45 . 2011-07-05 22:23 254400 ----a-w- c:\windows\system32\aswBoot.exe

2011-09-06 20:38 . 2011-07-05 22:23 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-09-06 20:38 . 2011-07-05 22:23 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-09-06 20:36 . 2011-07-05 22:23 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-09-06 20:36 . 2011-07-05 22:23 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-09-06 20:36 . 2011-07-05 22:23 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2011-09-06 20:36 . 2011-07-05 22:23 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-08-27 05:37 . 2011-10-12 13:05 861696 ----a-w- c:\windows\system32\oleaut32.dll

2011-08-27 05:37 . 2011-10-12 13:05 331776 ----a-w- c:\windows\system32\oleacc.dll

2011-08-27 04:26 . 2011-10-12 13:05 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

2011-08-27 04:26 . 2011-10-12 13:05 233472 ----a-w- c:\windows\SysWow64\oleacc.dll

2011-08-20 05:37 . 2011-10-12 13:06 1188864 ----a-w- c:\windows\system32\wininet.dll

2011-08-20 04:31 . 2011-10-12 13:06 981504 ----a-w- c:\windows\SysWow64\wininet.dll

2011-08-17 05:26 . 2011-10-12 13:06 613888 ----a-w- c:\windows\system32\psisdecd.dll

2011-08-17 05:25 . 2011-10-12 13:06 108032 ----a-w- c:\windows\system32\psisrndr.ax

2011-08-17 04:24 . 2011-10-12 13:06 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll

2011-08-17 04:19 . 2011-10-12 13:06 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-12-28 2472048]

"avast"="c:\program files\Avast\avastUI.exe" [2011-09-06 3722416]

"WinPatrol"="c:\program files (x86)\WinPatrol\winpatrol.exe" [2010-11-17 329096]

"Lachesis"="c:\program files (x86)\Razer\Lachesis\razerhid.exe" [2009-11-10 248320]

"ContentTransferWMDetector.exe"="c:\program files (x86)\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]

"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-12-09 74752]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-04 336384]

"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-01 136176]

R4 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-01 136176]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]

S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]

S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-03-09 5352960]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 VaneFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [x]

S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]

.

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-09-06 20:45 134384 ----a-w- c:\program files\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"COMODO Internet Security"="c:\program files\COMODO\COMODO\COMODO Internet Security\cfp.exe" [2011-10-20 9264456]

"WinPatrol"="c:\program files (x86)\WinPatrol\WinPatrol.exe" [2010-11-17 329096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

"AppInit_DLLs"=c:\windows\System32\guard64.dll

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.130.131.132 195.130.130.4

FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\t041q30s.default\

FF - prefs.js: browser.startup.homepage - Google

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,97,e3,30,79,75,86,70,40,8a,67,96,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,97,e3,30,79,75,86,70,40,8a,67,96,\

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.3G2"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.3GP"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.3G2"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.3GP"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.7z\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Applications\\7zFM.exe"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.AAC"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ADTS"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ADTS"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.aif"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.AIFF"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.aiff"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ASF"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.PlayList"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.au"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]

@Denied: (2) (Administrator)

"Progid"="VLC.avi"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.CDA"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Applications\\wmplayer.exe"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]

@Denied: (2) (Administrator)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]

@Denied: (2) (Administrator)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.LOG\UserChoice]

@Denied: (2) (Administrator)

"Progid"="txtfile"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.M2TS"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.M2TS"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.PlayList"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.M4A"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MP4"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.MID"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.MIDI"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.mod"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MOV"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.MP2"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.MP3"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.MP4"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MP4"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.M2TS"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NFO\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Applications\\notepad.exe"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.RMI"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]

@Denied: (2) (Administrator)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.AU"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.TTS"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.TTS"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.wav"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WAX"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ASF"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.WMA"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMD"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMS"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMV"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ASX"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMZ"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.PlayList"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WVX"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]

@Denied: (2) (Administrator)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-1784786436-3508940399-1804949409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]

@Denied: (2) (Administrator)

"Progid"="FirefoxHTML"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Avast\AvastSvc.exe

c:\program files (x86)\Razer\Lachesis\OSD.exe

c:\program files (x86)\Razer\Lachesis\razertra.exe

c:\program files (x86)\Razer\Lachesis\razerofa.exe

.

**************************************************************************

.

Voltooingstijd: 2011-11-14 18:08:47 - machine werd herstart

ComboFix-quarantined-files.txt 2011-11-14 17:08

.

Pre-Run: 50.645.000.192 bytes beschikbaar

Post-Run: 52.828.200.960 bytes beschikbaar

.

- - End Of File - - A5E9A859AB862929E6216F98627C723A

---------- Post toegevoegd om 18:19 ---------- Vorige post was om 18:11 ----------

Kort daarop krijg ik van 'scotty the watchdog' (Winpatrol)

de melding dat er een new window Services has been installed

C:\WINDOWS\SYSTEM32\APPMGMTS.DLL

Ik heb maar op OK gedrukt??

Mvg,

Link naar reactie
Delen op andere sites

Kort daarop krijg ik van 'scotty the watchdog' (Winpatrol)

de melding dat er een new window Services has been installed

C:\WINDOWS\SYSTEM32\APPMGMTS.DLL

Ik heb maar op OK gedrukt??

Dat is OK. Deze service heeft te maken met je bluetooth.

Heb je ooit F-Secure gehad als virusscanner en deze verwijderd?

De map c:\programdata\F-Secure is ddarvan een overblijfsel en die mag je verwijderen.

Voor de rest geen bedreigingen.

Het probleem wordt dus niet veroorzaakt door malware.

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall (met spatie voor de /)

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Link naar reactie
Delen op andere sites

  • 3 weken later...

Ik heb hetzelfde probleem.

Heb jij misschien 2 schermen aangesloten?

een tijdelijke oplossing is voor mij...

op het venster in de taakbalk linksklikken en dan alt+spatietoets daarna in het menu dat je dan ziet maximalizeren kiezen of verplaatsen naar 2 de scherm

wat dit veroorzaakt heeft ben ik nog niet achter

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.