HiJackThis Log nakijken

[kape]

@ droske,

Wij waarderen het als forumgebruikers trachten oplossingen aan te brengen, maar in dit forumonderdeel "Bestrijding Spyware en Virussen" geldt toch een ietwat speciale regeling. Lees er even dit bericht op na !

[Gast]

Goed dat u er mij op wijst. Als nieuweling moet ik hier nog aan wennen.

[kape]

Goed dat u er mij op wijst. Als nieuweling moet ik hier nog aan wennen.

Geen probleem ... kan gebeuren ;-)

[7exe]

Hoi, sorry dat ik zo laat reageer, maar ik was op weekend.

Combofix heeft zijn gang gegaan op mijn computer. Ik krijg al geen server errors meer, nu enkel nog 'er is een probleem opgetreden tijdens het afspelen van het bestand in wmp.'

ik heb geprobeerd om de log in bijlage te voegen, maar kreeg telkens een error van het uploadsysteem. Daarom post ik hieronder mijn combofix-log:

ComboFix 13-07-27.01 - Mathias 29/07/2013 17:14:52.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.8151.5843 [GMT 2:00]

Gestart vanuit: c:\users\Mathias\Drivers en Codecs\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

c:\users\Mathias\AppData\Local\Temp\ammemb.dll

c:\users\Mathias\AppData\Local\Temp\ammemb64.dll

c:\windows\SysWow64\frapsvid.dll

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_SrvUpdater

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-06-28 to 2013-07-29 ))))))))))))))))))))))))))))))

.

.

2013-07-29 15:29 . 2013-07-29 15:29 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2013-07-29 15:29 . 2013-07-29 15:29 -------- d-----w- c:\users\Public\AppData\Local\temp

2013-07-29 15:29 . 2013-07-29 15:29 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-07-29 15:29 . 2013-07-29 15:29 -------- d-----w- c:\users\AppData\AppData\Local\temp

2013-07-26 23:46 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DAAB3D58-C502-4FB9-8AC2-DC7C062660C1}\mpengine.dll

2013-07-25 17:17 . 2009-08-11 18:18 497664 ----a-w- c:\windows\SysWow64\ac3filter.acm.new

2013-07-25 17:17 . 2013-07-25 17:17 -------- d-----w- c:\users\Mathias\AppData\Roaming\Advanced

2013-07-25 17:16 . 2013-07-25 17:16 -------- d-----w- c:\program files (x86)\Shark007

2013-07-25 17:11 . 2010-11-20 12:19 296448 ----a-w- c:\windows\SysWow64\mfds.dll

2013-07-25 17:10 . 2013-07-25 17:10 -------- d-----w- c:\program files (x86)\Eutechnyx

2013-07-25 15:47 . 2013-07-25 17:17 -------- d-----w- c:\programdata\Advanced

2013-07-25 15:41 . 2013-07-25 15:41 -------- d-----w- c:\program files (x86)\Actual Multiple Monitors

2013-07-24 17:39 . 2013-07-24 17:39 -------- d-----w- c:\windows\ERUNT

2013-07-23 17:19 . 2013-07-29 15:33 -------- d-----w- c:\users\Mathias\AppData\Local\Temp

2013-07-23 17:19 . 2013-07-23 17:13 24064 ----a-w- c:\windows\zoek-delete.exe

2013-07-22 14:34 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe

2013-07-13 10:56 . 2013-07-13 10:56 74136 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll

2013-07-13 10:56 . 2013-07-13 10:56 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll

2013-07-13 10:56 . 2013-07-13 10:56 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll

2013-07-11 00:22 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll

2013-07-11 00:22 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll

2013-07-11 00:22 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll

2013-07-11 00:22 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll

2013-07-11 00:22 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll

2013-07-11 00:22 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll

2013-07-11 00:22 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll

2013-07-11 00:22 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll

2013-07-11 00:22 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll

2013-07-11 00:22 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL

2013-07-11 00:22 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL

2013-07-11 00:21 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys

2013-07-11 00:21 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

2013-07-11 00:21 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

2013-07-11 00:21 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

2013-07-11 00:21 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2013-07-11 00:21 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2013-07-11 00:21 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll

2013-07-11 00:21 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll

2013-07-06 22:29 . 2013-07-13 10:56 3407256 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll

2013-07-06 22:29 . 2013-07-13 10:56 193824 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe

2013-07-06 22:29 . 2013-07-13 10:56 131480 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll

2013-07-06 22:29 . 2013-07-13 10:56 117144 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-07-11 00:46 . 2010-08-15 09:51 78185248 ----a-w- c:\windows\system32\MRT.exe

2013-07-01 15:40 . 2013-03-19 09:54 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-07-01 15:40 . 2011-06-13 14:08 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys

2013-07-01 15:40 . 2011-06-13 14:08 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-06-12 10:11 . 2012-06-09 22:21 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-06-12 10:11 . 2011-05-14 10:29 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-20 14:59 . 2010-08-11 13:47 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2013-05-15 23:03 . 2013-05-15 23:03 1330016 ----a-w- c:\windows\SysWow64\VSFilter.dll

2013-05-13 05:51 . 2013-06-12 15:03 184320 ----a-w- c:\windows\system32\cryptsvc.dll

2013-05-13 05:51 . 2013-06-12 15:03 1464320 ----a-w- c:\windows\system32\crypt32.dll

2013-05-13 05:51 . 2013-06-12 15:03 139776 ----a-w- c:\windows\system32\cryptnet.dll

2013-05-13 05:50 . 2013-06-12 15:03 52224 ----a-w- c:\windows\system32\certenc.dll

2013-05-13 04:45 . 2013-06-12 15:03 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2013-05-13 04:45 . 2013-06-12 15:03 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-05-13 04:45 . 2013-06-12 15:03 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2013-05-13 03:43 . 2013-06-12 15:03 1192448 ----a-w- c:\windows\system32\certutil.exe

2013-05-13 03:08 . 2013-06-12 15:03 903168 ----a-w- c:\windows\SysWow64\certutil.exe

2013-05-13 03:08 . 2013-06-12 15:03 43008 ----a-w- c:\windows\SysWow64\certenc.dll

2013-05-10 05:49 . 2013-06-12 15:07 30720 ----a-w- c:\windows\system32\cryptdlg.dll

2013-05-10 03:20 . 2013-06-12 15:07 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll

2013-05-09 12:46 . 2009-08-18 10:24 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-05-09 08:59 . 2013-03-19 09:54 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-05-09 08:59 . 2012-02-26 19:25 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2013-05-09 08:59 . 2011-06-13 14:08 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2013-05-09 08:59 . 2011-06-13 14:08 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2013-05-09 08:59 . 2011-06-13 14:08 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-05-09 08:58 . 2011-06-13 14:07 41664 ----a-w- c:\windows\avastSS.scr

2013-05-09 08:58 . 2011-01-17 13:17 287840 ----a-w- c:\windows\system32\aswBoot.exe

2013-05-08 06:39 . 2013-06-12 15:12 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-05-02 00:06 . 2010-08-12 16:14 278800 ------w- c:\windows\system32\MpSigStub.exe

2011-05-01 22:51 . 2011-05-01 22:51 44078891 ----a-w- c:\program files (x86)\Portal.2.Update.3.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

"Actual Multiple Monitors"="c:\program files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe" [2013-02-11 1730864]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]

"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]

"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-03 385024]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"RUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [2011-09-20 115048]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"EnableSecureUIAPath"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer6"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 DisplayFusionService;DisplayFusionService;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 AVER_H193;AVerMedia H193 Video Capture;c:\windows\system32\drivers\AVer888RC_64.sys;c:\windows\SYSNATIVE\drivers\AVer888RC_64.sys [x]

R3 CXCIR;AVerMedia Consumer Infrared Receiver;c:\windows\system32\DRIVERS\AVer888RCIR_64.sys;c:\windows\SYSNATIVE\DRIVERS\AVer888RCIR_64.sys [x]

R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys;c:\windows\SYSNATIVE\DRIVERS\lvpopf64.sys [x]

R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]

R3 LVUVC64;Logitech Webcam 250(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]

R3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTMouseFilterx64.sys [x]

R3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x]

R3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVTabletPCx64.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 aswRvrt;aswRvrt; [x]

S0 aswVmm;aswVmm; [x]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]

S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]

S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]

S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]

S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3hub.sys [x]

S3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3xhc.sys [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-07-13 10:19 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-09 10:11]

.

2013-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11 13:22]

.

2013-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11 13:22]

.

2013-07-06 c:\windows\Tasks\HPCeeScheduleForMathias.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1609296]

"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105

TCP: DhcpNameServer = 94.140.160.200 94.140.160.201

TCP: Interfaces\{DC1CAF84-85CA-4C31-9252-7D81BF83F981}: NameServer = 193.74.208.135,194.119.228.67

FF - ProfilePath - c:\users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\irv6jvzz.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

.

- - - - ORPHANS VERWIJDERD - - - -

.

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

AddRemove-Driver San Francisco - c:\program files (x86)\Ubisoft\Driver San Francisco\Uninstall\Uninstall.exe

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

AddRemove-SoftwareUpdater - c:\program files (x86)\SoftwareUpdater\uninstall.exe

AddRemove-South Park - c:\program files (x86)\Acclaim Entertainment\South Park\Uninst.isu

AddRemove-{0EDC9BA0-016E-406a-86DA-04FC1BE00C21} - c:\program files\Common Files\EAInstaller\Need for Speed The Run\Cleanup.exe

AddRemove-{47D6F3E4-D158-4E47-84C4-0D6452DB2488}_is1 - c:\program files (x86)\Activision\Call of Duty Black Ops 2\unins000.exe

AddRemove-{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88} - c:\program files (x86)\InstallShield Installation Information\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}\setup.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-4154593163-2427718269-1763425979-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

@Allowed: (Read) (RestrictedCode)

"??"=hex:8f,3f,4f,9c,2b,fe,e5,f6,92,bf,f0,fa,1d,91,ee,8f,f8,9f,e1,c0,4b,b5,71,

dc,e1,24,ac,45,dd,f8,9b,52,e6,69,3e,83,93,e3,28,bc,16,5a,55,56,fe,f3,cb,27,\

"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f

.

[HKEY_USERS\S-1-5-21-4154593163-2427718269-1763425979-1000\Software\SecuROM\License information*]

"datasecu"=hex:69,06,fe,82,d5,01,48,f8,9a,3f,2a,e5,d3,ee,c5,4f,34,b3,a5,ad,f4,

f8,ea,9c,51,12,24,13,3f,a0,a9,d8,90,00,a6,d7,cd,4c,1e,86,81,c0,e9,df,7d,05,\

"rkeysecu"=hex:ac,ff,9c,b7,84,f2,9b,77,4e,b9,15,da,ed,be,9f,b4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\windows\SysWOW64\PnkBstrA.exe

c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe

c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe

c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe

.

**************************************************************************

.

Voltooingstijd: 2013-07-29 17:45:58 - machine werd herstart

ComboFix-quarantined-files.txt 2013-07-29 15:45

.

Pre-Run: 318.398.140.416 bytes beschikbaar

Post-Run: 318.029.512.704 bytes beschikbaar

.

- - End Of File - - EA2784E42FB13925434C5406C66676A4

D41D8CD98F00B204E9800998ECF8427E

[kape]

Wat is het exacte probleem dat opduikt bij het afspelen met WMP ?

[7exe]

Beste Kape

Telkens als ik een video wil afspelen met wmp krijg ik deze melding:

D:\'file name'.mkv Uitvoeren vanaf de server is mislukt

ik heb net mijn grafische drivers geupdate, maar geen verandering. Met VLC spelen de bestanden wel af, dus het is echt een probleem met wmp.

Ik hoop dat je me verder kan helpen, want ik gebruik wmp enorm veel.

- - - Updated - - -

Ook is het zo dat als ik rechtermuisklik doe op de file en 'openen met' --> staat er windows media player x64 (vroeger was dit niet x64)

30 juli 2013 aangepast door megamathi

[7exe]

http://www.pc-helpforum.be/f188/wmp-uitvoeren-van-de-server-mislukt-31548/

hier heb ik ook al een zitten kijken, er is niet echt veel hoop op een positief resultaat denk ik. Om veel werk te vermijden is het misschien beter om over te stappen naar winamp of een andere software.

Graag zou ik als je nog een idee hebt om wmp te redden, het graag horen.

Dank bij voorbaat

[kape]

Zit er binnen WMP veel informatie opgeslagen (speellijsten, e.d.) of is het enkel het programma zelf, waarin je de bestanden ophaalt wanneer je dat wenst. In het geval het enkel het programma is, zou je het volledig kunnen verwijderen via Software en een nieuw downloaden en installeren. Want vermits VLC werkt, zijn het normaal niet de bestanden, maar het programma dat corrupt is.

[7exe]

yes yes yes, herinstallatie van wmp is gelukt, alle files spelen weer met wmp af. Bedankt voor de hulp allemaal.

[juisterr]

Heel fijn.