Ga naar inhoud
  • 0

Mijn PC is heel traag!

anoniem

Gevraagd door anoniem,

Vraag

anoniem Nieuwkomer

anoniem

Geplaatst:
Geplaatst:
Hallo allemaal, Sinds ik een recovery op mijn PC heb uitgevoerd is hij erg traag. Ik erger me hier mateloos aan. Ik heb een recovery uitgevoerd omdat ik barste van de trojans. Met opstarten duurt het lang ongeveer 5 minuten. Als hij eenmaal opgestart is is hij ook erg traag met het openen van dingen. Kan iemand helpen met het sneller maken van mijn PC? Alvast bedankt. PC Specificaties: OS: Windows 7 Home Premium x64 HDD: 500 GB RAM: 4 GB Processor: Intel Core i5 CPU M 460 / 2.53 Ghz Videokaart: ATI Mobility Radeon HD 5470
Link naar reactie
  • Antwoorden 54
  • Aangemaakt
  • Laatste reactie

Beste reacties voor deze vraag

Populaire dagen

Beste reacties voor deze vraag

Populaire dagen

54 antwoorden op deze vraag

Aanbevolen berichten

  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Dan moeten we maar eens gaan kijken wat er zoal aan de hand is. [b:94aaa0cd41]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:94aaa0cd41] [color=#0000FF:94aaa0cd41][list:94aaa0cd41][*:94aaa0cd41]Lees telkens elke instruktie eerst goed door. [*:94aaa0cd41]De gegeven instrukties gelden alleen jouw Windows. [*:94aaa0cd41]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat mogelijk serieuze problemen in Windows veroorzaken. [*:94aaa0cd41][b:94aaa0cd41]Installeer geen nieuwe programma's, updates of nieuwe hardware terwijl we met de fix bezig zijn. [*:94aaa0cd41]Gebruik ook geen andere programma's of tools dan diegenen waartoe ik opdracht geef.[/b:94aaa0cd41] [*:94aaa0cd41] Emoticons (smileys) a.u.b. uitzetten, wanneer je een log post. [*:94aaa0cd41]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:94aaa0cd41]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:94aaa0cd41]Ook indien je iets niet begrijpt, meldt dat dan. [*:94aaa0cd41]De fix, eenmaal gestart, dient afgewerkt te worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:94aaa0cd41][/color:94aaa0cd41] [color=#FF0000:94aaa0cd41][b:94aaa0cd41]Stap •1•[/b:94aaa0cd41][/color:94aaa0cd41] [b:94aaa0cd41]Welk programma[/b:94aaa0cd41]: sUbs [b:94aaa0cd41]dds[/b:94aaa0cd41] [b:94aaa0cd41]Waarvoor/waarom[/b:94aaa0cd41]: DDS is een diagnosetool en maakt gebruik van scripts. [b:94aaa0cd41]Moeilijkheidsgraad[/b:94aaa0cd41]: Lees eerst goed wat te doen. [b:94aaa0cd41]Downloadlokatie[/b:94aaa0cd41]: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen! [b:94aaa0cd41]Download DDS[/b:94aaa0cd41] van [b:94aaa0cd41]sUBS[/b:94aaa0cd41] van één van deze locaties en plaats het op je [b:94aaa0cd41]bureaublad[/b:94aaa0cd41]: [b:94aaa0cd41][url=http://download.bleepingcomputer.com/sUBs/dds.com]DDS - Bleeping Computer download[/url]. [url=http://download.bleepingcomputer.com/sUBs/dds.scr]DDS - Bleeping Computer download[/url]. [url=http://www.infospyware.net/sUBs/dds]DDS - Infospyware[/url].[/b:94aaa0cd41] [img:94aaa0cd41]http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif[/img:94aaa0cd41] [b:94aaa0cd41]sUBs dds.scr gebruiken[/b:94aaa0cd41]: [list:94aaa0cd41][*:94aaa0cd41][b:94aaa0cd41][color=#FF0000:94aaa0cd41]Belangrijk[/color:94aaa0cd41][/b:94aaa0cd41]: deaktiveer eerst de antivirussoftware en de aktieve spywarescanners! [*:94aaa0cd41] [b:94aaa0cd41][color=#0000FF:94aaa0cd41]Sluit vervolgens eerst alle nog openstaande programmavensters![/color:94aaa0cd41][/b:94aaa0cd41] [list:94aaa0cd41][*:94aaa0cd41]Windows 2000 en Windows XP: start sUBs dds.scr middels dubbelklik op de snelkoppeling. [*:94aaa0cd41]Windows Vista en Windows 7: start sUBs dds.scr rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:94aaa0cd41] [*:94aaa0cd41] Na de scan worden twee tekstdocumnenten geopend - DDS.txt en Attach.txt [*:94aaa0cd41] Kopieer en plak de gehele inhoud van de [b:94aaa0cd41]DDS-logfile[/b:94aaa0cd41] in jouw volgende bericht. [*:94aaa0cd41] Attach.txt post je pas wanneer ik er om vraag.[/list:u:94aaa0cd41] [color=#FF0000:94aaa0cd41][b:94aaa0cd41]Stap •2•[/b:94aaa0cd41][/color:94aaa0cd41] [b:94aaa0cd41]Welk programma[/b:94aaa0cd41]: Malwarebytes MBAM [b:94aaa0cd41]Waarvoor/waarom[/b:94aaa0cd41]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:94aaa0cd41]Moeilijkheidsgraad[/b:94aaa0cd41]: geen. [b:94aaa0cd41]Download Malwarebytes MBAM via één van deze locaties[/b:94aaa0cd41]: [list:94aaa0cd41][*:94aaa0cd41][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:94aaa0cd41]Softpedia.com[/b:94aaa0cd41][/url][*:94aaa0cd41][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:94aaa0cd41]Majorgeeks.com[/b:94aaa0cd41][/url][/list:u:94aaa0cd41] [b:94aaa0cd41]Allereerst[/b:94aaa0cd41]:[list:94aaa0cd41][*:94aaa0cd41] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:94aaa0cd41] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'! [b:94aaa0cd41]Malwarebytes MBAM opstarten.[/b:94aaa0cd41][/list:u:94aaa0cd41] [list:94aaa0cd41][*:94aaa0cd41] [b:94aaa0cd41][color=#0000FF:94aaa0cd41]Sluit nu eerst alle nog openstaande programmavensters![/color:94aaa0cd41][/b:94aaa0cd41] [list:94aaa0cd41][*:94aaa0cd41][b:94aaa0cd41][color=#0000FF:94aaa0cd41]Windows 2000[/color:94aaa0cd41][/b:94aaa0cd41] en [color=#0000FF:94aaa0cd41][b:94aaa0cd41]Windows XP[/b:94aaa0cd41][/color:94aaa0cd41]: start MBAM middels dubbelklik op de snelkoppeling. [*:94aaa0cd41][color=#0000FF:94aaa0cd41][b:94aaa0cd41]Windows Vista[/b:94aaa0cd41][/color:94aaa0cd41] en [color=#0000FF:94aaa0cd41][b:94aaa0cd41]Windows 7[/b:94aaa0cd41][/color:94aaa0cd41]: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:94aaa0cd41][/list:u:94aaa0cd41] [list:94aaa0cd41][*:94aaa0cd41][b:94aaa0cd41]Let op:[/b:94aaa0cd41] [list:94aaa0cd41][*:94aaa0cd41]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:94aaa0cd41]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie. [*:94aaa0cd41]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:94aaa0cd41]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:94aaa0cd41] [img:94aaa0cd41]http://img30.imageshack.us/img30/3928/mbam2.png[/img:94aaa0cd41] [*:94aaa0cd41][b:94aaa0cd41]Doe ook nog het volgende:[/b:94aaa0cd41] [list:94aaa0cd41][*:94aaa0cd41]Zodra het programma gestart is, ga dan naar het tabblad "[b:94aaa0cd41]Instellingen[/b:94aaa0cd41]". [*:94aaa0cd41]Vink hier aan: "[b:94aaa0cd41]Sluit Internet Explorer tijdens verwijdering van malware[/b:94aaa0cd41]".[/list:u:94aaa0cd41][/list:u:94aaa0cd41] [b:94aaa0cd41]Scannen[/b:94aaa0cd41]: [list:94aaa0cd41][*:94aaa0cd41] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:94aaa0cd41]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:94aaa0cd41]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:94aaa0cd41] [b:94aaa0cd41]Infecties gevonden[/b:94aaa0cd41]: [list:94aaa0cd41][*:94aaa0cd41]Klik nu eerst op OK om de melding weg te klikken [*:94aaa0cd41]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:94aaa0cd41]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:94aaa0cd41]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:94aaa0cd41]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:94aaa0cd41]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:94aaa0cd41] [b:94aaa0cd41]MBAM-Log[/b:94aaa0cd41]: [list:94aaa0cd41][*:94aaa0cd41] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:94aaa0cd41] [b:94aaa0cd41]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:94aaa0cd41] [color=#FF0000:94aaa0cd41][b:94aaa0cd41]Stap •3•[/b:94aaa0cd41][/color:94aaa0cd41] [b:94aaa0cd41]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:94aaa0cd41] [list:94aaa0cd41][*:94aaa0cd41] DDS-logfile [*:94aaa0cd41] MBAM scanlog[/list:u:94aaa0cd41]
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Hier de scan van DDS log: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Desley at 10:09:18 on 2012-04-21 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3949.2433 [GMT 2:00] . AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\AsScrPro.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\system32\sppsvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uWindow Title = Windows Internet Explorer wordt aangeboden door MSN and Bing uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [BCSSync] "D:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xporteren naar Microsoft Excel - D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 TCP: Interfaces\{7067B8B4-D964-428F-BE86-C0CB033BC873} : DhcpNameServer = 212.54.40.25 212.54.35.25 TCP: Interfaces\{7067B8B4-D964-428F-BE86-C0CB033BC873}\A5967676F65314231334 : DhcpNameServer = 212.54.40.25 212.54.35.25 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL IFEO: labelprint.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO: olrsubmission.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO: power2go.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO: power2goexpress.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} {72853161-30C5-4D22-B7F9-0BBC1D38A37E} {9030D464-4C02-4ABF-8ECC-5164760863C6} {B4F3A835-0E21-4959-BA22-42B3008E02FF} {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} {21FA44EF-376D-4D53-9B0F-8A89D3229068} mRun-x64: [UpdateLBPShortCut REG_SZ "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" ] mRun-x64: [UpdateP2GoShortCut REG_SZ "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" ] mRun-x64: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun-x64: [BCSSync] "D:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [APSDaemon REG_SZ "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" ] SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook IFEO-X64: labelprint.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO-X64: olrsubmission.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO-X64: power2go.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO-X64: power2goexpress.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" . ============= SERVICES / DRIVERS =============== . R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-3-2 2143552] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-19 2314240] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?] R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-2-9 11856] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 135664] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344] S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 135664] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-8-6 118672] S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-04-20 16:30:06 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-20 16:30:06 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-20 15:00:40 -------- d-----w- C:\Users\Desley\AppData\Roaming\Malwarebytes 2012-04-20 15:00:33 -------- d-----w- C:\ProgramData\Malwarebytes 2012-04-20 15:00:32 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-04-20 14:47:15 34624 ----a-w- C:\Windows\System32\TURegOpt.exe 2012-04-20 14:47:15 25920 ----a-w- C:\Windows\System32\authuitu.dll 2012-04-20 14:47:14 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll 2012-04-20 14:46:36 8917360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{767AD128-2F6D-4DFD-977C-1F6C3B4A7EE1}\mpengine.dll 2012-04-20 14:46:20 -------- d-----w- C:\Users\Desley\AppData\Roaming\TuneUp Software 2012-04-20 14:46:05 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2012 2012-04-20 14:45:52 -------- d-----w- C:\ProgramData\TuneUp Software 2012-04-20 14:45:45 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-04-19 14:34:53 -------- d-----w- C:\Windows\System32\SPReview 2012-04-19 14:32:54 -------- d-----w- C:\Windows\System32\EventProviders 2012-04-19 14:28:14 8917360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-04-19 14:12:59 3215872 ----a-w- C:\Windows\SysWow64\mstscax.dll 2012-04-19 14:11:59 988160 ----a-w- C:\Windows\SysWow64\propsys.dll 2012-04-19 14:10:59 921600 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.dll 2012-04-19 14:09:59 3584 ----a-w- C:\Windows\System32\drivers\el-GR\tsusbflt.sys.mui 2012-04-19 14:08:51 3584 ----a-w- C:\Windows\System32\drivers\nl-NL\tsusbflt.sys.mui 2012-04-19 14:08:51 2560 ----a-w- C:\Windows\System32\drivers\nl-NL\rdpwd.sys.mui 2012-04-19 14:08:43 3072 ----a-w- C:\Windows\System32\drivers\nl-NL\Dot4usb.sys.mui 2012-04-19 14:08:40 399872 ----a-w- C:\Windows\System32\dpx.dll 2012-04-19 14:08:40 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll 2012-04-19 14:08:19 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll 2012-04-19 14:08:19 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll 2012-04-19 14:06:25 529408 ----a-w- C:\Windows\System32\wbemcomn.dll 2012-04-19 12:50:05 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2012-04-19 12:50:01 -------- d-----w- C:\Users\Desley\AppData\Roaming\DAEMON Tools Lite 2012-04-19 12:49:21 -------- d-----w- C:\ProgramData\DAEMON Tools Lite 2012-04-19 12:37:02 -------- d-----w- C:\Users\Desley\AppData\Roaming\GrabIt 2012-04-18 16:23:30 -------- d-----w- C:\Users\Desley\AppData\Local\Google 2012-04-18 16:17:40 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-04-18 16:17:40 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-04-18 16:05:51 -------- d-----w- C:\Windows\SysWow64\Wat 2012-04-18 16:05:51 -------- d-----w- C:\Windows\System32\Wat 2012-04-18 15:52:34 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{460ADA4C-F967-4E34-B569-03A2DA800B67}\gapaengine.dll 2012-04-18 15:44:51 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2012-04-18 15:44:44 -------- d-----w- C:\Program Files\Microsoft Security Client 2012-04-18 15:24:05 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2012-04-18 15:16:17 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-04-18 15:16:16 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-04-18 15:16:16 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-04-18 15:06:12 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-04-18 15:06:12 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-04-18 15:06:12 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-04-18 15:06:11 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-04-18 15:06:11 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-04-18 15:06:11 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-04-18 15:06:11 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-04-18 14:50:59 106496 ----a-w- C:\Windows\System32\odbccu32.dll 2012-04-18 14:49:20 723456 ----a-w- C:\Windows\System32\EncDec.dll 2012-04-18 14:49:19 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2012-04-18 14:49:00 421888 ----a-w- C:\Windows\System32\KernelBase.dll 2012-04-18 14:47:57 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2012-04-18 14:46:33 -------- d--h--w- C:\Windows\msdownld.tmp 2012-04-18 14:44:19 1395712 ----a-w- C:\Windows\System32\mfc42.dll 2012-04-18 14:44:19 1359872 ----a-w- C:\Windows\System32\mfc42u.dll 2012-04-18 14:44:19 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll 2012-04-18 14:44:19 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll 2012-04-18 14:44:18 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2012-04-18 14:44:18 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll 2012-04-18 14:44:16 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys 2012-04-18 14:40:31 1731920 ----a-w- C:\Windows\System32\ntdll.dll 2012-04-18 14:40:30 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll 2012-04-18 14:40:29 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-04-18 14:40:29 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2012-04-18 14:30:54 -------- d--h--w- C:\ProgramData\Common Files 2012-04-18 14:24:45 -------- d-----w- C:\ProgramData\MFAData 2012-04-18 13:41:10 -------- d-----w- C:\ProgramData\fssg 2012-04-18 13:38:56 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-04-18 13:38:56 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll 2012-04-18 13:38:56 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll 2012-04-18 13:38:12 -------- d-----w- C:\Program Files\iPod 2012-04-18 13:38:10 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2012-04-18 13:38:10 -------- d-----w- C:\Program Files\iTunes 2012-04-18 13:37:12 -------- d-----w- C:\Users\Desley\AppData\Local\Apple 2012-04-18 13:35:14 -------- d-----w- C:\Program Files\Bonjour 2012-04-18 13:35:14 -------- d-----w- C:\Program Files (x86)\Bonjour 2012-04-18 13:30:16 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2012-04-18 13:26:37 -------- d-----w- C:\ProgramData\f-secure 2012-04-18 13:25:59 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2012-04-18 13:25:43 -------- d-----w- C:\Users\Desley\AppData\Local\Microsoft Help 2012-04-18 13:17:57 -------- d-----r- C:\Program Files (x86)\Skype 2012-04-18 13:05:45 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-04-18 13:05:45 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-04-18 13:05:45 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-18 13:05:45 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-04-18 13:05:33 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-18 13:04:58 -------- d-----w- C:\Users\Desley\Tracing 2012-04-18 13:02:46 -------- d-----w- C:\Windows\System32\log 2012-04-18 13:02:27 -------- d-----w- C:\Users\Desley\AppData\Roaming\Asus WebStorage 2012-04-18 13:02:18 -------- d-----w- C:\Users\Desley\AppData\Local\ATI 2012-04-18 12:59:43 61792 ----a-w- C:\Windows\System32\drivers\fssfltr.sys 2012-04-18 12:58:37 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll 2012-04-18 12:58:37 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll 2012-04-18 12:57:57 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2012-04-18 12:57:13 -------- d-----w- C:\Program Files (x86)\Microsoft 2012-04-18 12:56:48 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive 2012-04-18 12:56:12 -------- d-----w- C:\Windows\PCHEALTH 2012-04-18 12:55:49 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\943c259f1cd1d62\DSETUP.dll 2012-04-18 12:55:49 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\943c259f1cd1d62\DXSETUP.exe 2012-04-18 12:55:49 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\943c259f1cd1d62\dsetup32.dll 2012-04-18 12:55:03 138909512 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlcA5EF.tmp . ==================== Find3M ==================== . 2012-04-19 15:26:03 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2012-04-19 15:25:59 175616 ----a-w- C:\Windows\System32\msclmd.dll 2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll 2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll 2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-14 10:09:44 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 10:10:10,21 ===============
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Hier die van Malwarebytes: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.04.20.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Desley :: DESLEY-PC [administrator] 21-4-2012 10:15:30 mbam-log-2012-04-21 (10-15-30).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 197442 Verstreken tijd: 2 minuut/minuten, 42 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Ik zie nogal TuneUp 2012 processen. Was Windows traag direct na de recovery of is dat ontstaan na het installeren en tweaken door TuneUp? Let wel: er zijn al heel wat Windowscomputers vrnaggelt door TuneUp... [color=#FF0000:1b5958653d][b:1b5958653d]Stap •1•[/b:1b5958653d][/color:1b5958653d] [b:1b5958653d]Welk programma[/b:1b5958653d]: [b:1b5958653d]TDSSStarter.exe[/b:1b5958653d] [b:1b5958653d]Waarvoor/waarom[/b:1b5958653d]: Rootkitscanner [b:1b5958653d]Moeilijkheidsgraad[/b:1b5958653d]: geen Download [b:1b5958653d][url=http://home.kpn.nl/stefsmeenk/tools/TDSSKStarter.exe]TDSSStarter[/url][/b:1b5958653d] naar het bureaublad. [b:1b5958653d]"TDSSSStarter.exe" gebruiken[/b:1b5958653d]: [list:1b5958653d][*:1b5958653d] [b:1b5958653d][color=#0000FF:1b5958653d]Sluit nu eerst alle nog openstaande programmavensters![/color:1b5958653d][/b:1b5958653d] [list:1b5958653d][*:1b5958653d][b:1b5958653d][color=#0000FF:1b5958653d]Windows 2000[/color:1b5958653d][/b:1b5958653d] en [color=#0000FF:1b5958653d][b:1b5958653d]Windows XP[/b:1b5958653d][/color:1b5958653d]: start het tool middels dubbelklik op "[i:1b5958653d] TDSSStarter .exe[/i:1b5958653d]". [*:1b5958653d][color=#0000FF:1b5958653d][b:1b5958653d]Windows Vista[/b:1b5958653d][/color:1b5958653d] en [color=#0000FF:1b5958653d][b:1b5958653d]Windows 7[/b:1b5958653d][/color:1b5958653d]: start het tool middels rechtsklik op "[i:1b5958653d]TDSSStarter.exe[/i:1b5958653d]" en dan kiezen voor [i:1b5958653d][b:1b5958653d]Als Administrator uitvoeren[/b:1b5958653d][/i:1b5958653d].[/list:u:1b5958653d] [*:1b5958653d]Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten. [*:1b5958653d]Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.[/list:u:1b5958653d] [color=#FF0000:1b5958653d][b:1b5958653d]Stap •2•[/b:1b5958653d][/color:1b5958653d] [b:1b5958653d]Welk programma[/b:1b5958653d]: ComboFix [b:1b5958653d]Waarvoor/waarom[/b:1b5958653d]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:1b5958653d]Moeilijkheidsgraad[/b:1b5958653d]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:1b5958653d]Downloadlokatie[/b:1b5958653d]: Dit programma absoluut naar het bureaublad downloaden! [b:1b5958653d]Download ComboFix via één van deze locaties[/b:1b5958653d]: [list:1b5958653d][*:1b5958653d][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:1b5958653d]Bleepingcomputer[/b:1b5958653d][/url] [*:1b5958653d][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:1b5958653d]ForoSpyware[/b:1b5958653d][/url] [*:1b5958653d][url=http://subs.geekstogo.com/ComboFix.exe][b:1b5958653d]Geekstogo[/b:1b5958653d][/url][/list:u:1b5958653d] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:1b5958653d]Hier[/b:1b5958653d][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:1b5958653d]Hier[/b:1b5958653d][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:1b5958653d]hier[/b:1b5958653d][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:1b5958653d]Voor alle duidelijkheid nogmaals[/b:1b5958653d]: ComboFix dient vanaf het bureaublad gestart te worden. [b:1b5958653d]Opmerkingen[/b:1b5958653d]: [list:1b5958653d][*:1b5958653d] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).[/list:u:1b5958653d] [b:1b5958653d]ComboFix opstarten[/b:1b5958653d]: [list:1b5958653d][*:1b5958653d] [b:1b5958653d][color=#0000FF:1b5958653d]Sluit nu eerst alle nog openstaande programmavensters![/color:1b5958653d][/b:1b5958653d] [list:1b5958653d][*:1b5958653d][b:1b5958653d][color=#0000FF:1b5958653d]Windows 2000[/color:1b5958653d][/b:1b5958653d] en [color=#0000FF:1b5958653d][b:1b5958653d]Windows XP[/b:1b5958653d][/color:1b5958653d]: start ComboFix.exe middels dubbelklik op ComboFix.exe. [*:1b5958653d][color=#0000FF:1b5958653d][b:1b5958653d]Windows Vista[/b:1b5958653d][/color:1b5958653d] en [color=#0000FF:1b5958653d][b:1b5958653d]Windows 7[/b:1b5958653d][/color:1b5958653d]: start ComboFix.exe via rechtsklik op ComboFix.exe en kies dan voor [i:1b5958653d][b:1b5958653d]Als Administrator uitvoeren[/b:1b5958653d][/i:1b5958653d].[/list:u:1b5958653d][/list:u:1b5958653d] [b:1b5958653d]ComboFix is opgestart[/b:1b5958653d]: [list:1b5958653d][*:1b5958653d]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:1b5958653d]Combofix sluit tijdens de scan de internet verbinding; probeer deze tussentijds niet te herstellen! [*:1b5958653d]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:1b5958653d]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:1b5958653d]Post de inhoud van dit logbestand in je volgende bericht. [*:1b5958653d]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:1b5958653d] [b:1b5958653d]Belangrijke opmerking[/b:1b5958653d]: [list:1b5958653d][*:1b5958653d][b:1b5958653d][color=Red:1b5958653d]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:1b5958653d][/b:1b5958653d] [*:1b5958653d][b:1b5958653d][color=blue:1b5958653d]Illegal operation attempted on a registery key that has been marked for deletion.[/color:1b5958653d][/b:1b5958653d] [*:1b5958653d][b:1b5958653d][color=Red:1b5958653d]Start dan de computer opnieuw op.[/color:1b5958653d][/b:1b5958653d][/list:u:1b5958653d] [color=#FF0000:1b5958653d][b:1b5958653d]Stap •3•[/b:1b5958653d][/color:1b5958653d] [b:1b5958653d]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:1b5958653d] [list:1b5958653d][*:1b5958653d] TDSSKStarter-log [*:1b5958653d] ComboFix.txt-log [/list:u:1b5958653d]
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Hallo Abraham, Na de recovery meteen was hij al traag. Hier de log van TDSS: 11:19:41.0867 1080 Product type: Workstation 11:19:41.0867 1080 ComputerName: DESLEY-PC 11:19:41.0867 1080 UserName: Desley 11:19:41.0867 1080 Windows directory: C:\Windows 11:19:41.0867 1080 System windows directory: C:\Windows 11:19:41.0867 1080 Running under WOW64 11:19:41.0867 1080 Processor architecture: Intel x64 11:19:41.0867 1080 Number of processors: 4 11:19:41.0867 1080 Page size: 0x1000 11:19:41.0867 1080 Boot type: Normal boot 11:19:41.0867 1080 ============================================================ 11:19:44.0363 1080 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:19:44.0394 1080 \Device\Harddisk0\DR0: 11:19:44.0394 1080 MBR partitions: 11:19:44.0394 1080 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0x1047FCAB 11:19:44.0409 1080 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x12B91360, BlocksNum 0x277F38E1 11:19:44.0503 1080 C: <-> \Device\Harddisk0\DR0\Partition0 11:19:44.0768 1080 D: <-> \Device\Harddisk0\DR0\Partition1 11:19:44.0768 1080 Initialize success 11:19:44.0768 1080 ============================================================ 11:19:44.0846 0492 ============================================================ 11:19:44.0846 0492 Scan started 11:19:44.0846 0492 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent; 11:19:44.0846 0492 ============================================================ 11:19:47.0124 0492 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 11:19:48.0169 0492 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 11:19:49.0355 0492 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 11:19:50.0681 0492 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 11:19:51.0507 0492 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 11:19:52.0209 0492 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 11:19:52.0943 0492 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 11:19:53.0551 0492 AFBAgent (2d00d3dadc1d3326ba788eb071f2726e) C:\Windows\system32\FBAgent.exe 11:19:54.0331 0492 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 11:19:55.0127 0492 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 11:19:55.0735 0492 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 11:19:56.0375 0492 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 11:19:56.0936 0492 AMD External Events Utility (46693222fcdb3175aaaed017eaa6fcc7) C:\Windows\system32\atiesrxx.exe 11:19:57.0701 0492 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 11:19:58.0465 0492 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 11:19:59.0729 0492 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 11:20:00.0680 0492 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 11:20:01.0679 0492 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 11:20:02.0521 0492 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 11:20:03.0707 0492 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 11:20:04.0892 0492 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 11:20:05.0516 0492 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 11:20:05.0781 0492 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 11:20:06.0577 0492 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 11:20:07.0404 0492 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 11:20:07.0560 0492 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe 11:20:07.0685 0492 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 11:20:08.0496 0492 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 11:20:09.0447 0492 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 11:20:10.0524 0492 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys 11:20:11.0241 0492 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys 11:20:12.0177 0492 atikmdag (99c262242a279976206ece1d3c74df27) C:\Windows\system32\DRIVERS\atikmdag.sys 11:20:12.0505 0492 ATKGFNEXSrv (63f1212ffe13e62ca1e8d8ee19abd9a7) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe 11:20:13.0254 0492 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 11:20:13.0472 0492 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 11:20:14.0049 0492 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 11:20:14.0923 0492 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 11:20:15.0890 0492 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 11:20:16.0530 0492 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 11:20:17.0310 0492 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 11:20:18.0105 0492 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 11:20:18.0979 0492 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 11:20:19.0697 0492 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 11:20:19.0853 0492 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 11:20:20.0555 0492 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 11:20:21.0241 0492 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 11:20:22.0005 0492 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 11:20:22.0536 0492 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 11:20:23.0363 0492 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 11:20:24.0033 0492 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 11:20:24.0813 0492 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 11:20:25.0656 0492 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 11:20:26.0264 0492 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 11:20:26.0763 0492 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 11:20:27.0559 0492 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 11:20:28.0292 0492 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 11:20:29.0010 0492 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 11:20:29.0883 0492 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 11:20:30.0445 0492 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 11:20:30.0819 0492 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 11:20:31.0194 0492 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 11:20:31.0537 0492 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 11:20:31.0880 0492 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 11:20:32.0333 0492 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 11:20:32.0816 0492 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 11:20:33.0300 0492 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 11:20:33.0768 0492 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 11:20:34.0236 0492 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 11:20:35.0000 0492 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 11:20:35.0359 0492 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 11:20:35.0796 0492 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 11:20:36.0217 0492 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 11:20:36.0747 0492 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 11:20:37.0184 0492 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 11:20:37.0871 0492 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 11:20:38.0682 0492 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 11:20:39.0259 0492 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 11:20:39.0789 0492 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 11:20:40.0211 0492 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 11:20:40.0725 0492 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 11:20:41.0193 0492 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 11:20:41.0677 0492 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 11:20:42.0067 0492 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 11:20:42.0660 0492 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 11:20:43.0143 0492 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 11:20:43.0440 0492 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 11:20:43.0799 0492 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 11:20:44.0345 0492 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 11:20:44.0813 0492 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 11:20:45.0281 0492 ETD (3c38648375b7f3988691f53a7aae10a9) C:\Windows\system32\DRIVERS\ETD.sys 11:20:45.0655 0492 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 11:20:46.0139 0492 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 11:20:46.0653 0492 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 11:20:47.0059 0492 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 11:20:47.0574 0492 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 11:20:47.0948 0492 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 11:20:48.0354 0492 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 11:20:48.0853 0492 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 11:20:49.0305 0492 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 11:20:49.0820 0492 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 11:20:50.0273 0492 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 11:20:50.0647 0492 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 11:20:50.0959 0492 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:20:51.0396 0492 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 11:20:51.0833 0492 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys 11:20:51.0957 0492 fsssvc (f6717211c1ec2cddaa81b97b0727c2e9) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 11:20:52.0472 0492 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 11:20:52.0925 0492 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 11:20:53.0393 0492 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 11:20:53.0829 0492 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 11:20:54.0173 0492 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 11:20:54.0453 0492 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:20:54.0500 0492 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:20:54.0968 0492 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 11:20:55.0467 0492 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 11:20:55.0982 0492 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 11:20:56.0450 0492 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 11:20:56.0903 0492 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 11:20:57.0558 0492 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 11:20:58.0151 0492 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 11:20:58.0556 0492 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 11:20:59.0165 0492 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 11:20:59.0617 0492 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 11:21:00.0194 0492 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 11:21:00.0740 0492 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 11:21:01.0614 0492 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 11:21:02.0300 0492 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 11:21:03.0065 0492 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 11:21:03.0751 0492 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 11:21:04.0453 0492 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys 11:21:05.0155 0492 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 11:21:05.0514 0492 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 11:21:06.0169 0492 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 11:21:06.0668 0492 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 11:21:07.0448 0492 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys 11:21:08.0197 0492 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 11:21:08.0665 0492 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 11:21:09.0039 0492 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 11:21:09.0554 0492 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:21:09.0975 0492 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 11:21:10.0553 0492 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 11:21:11.0067 0492 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 11:21:11.0223 0492 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe 11:21:11.0754 0492 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 11:21:12.0269 0492 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 11:21:12.0705 0492 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 11:21:13.0205 0492 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 11:21:13.0657 0492 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 11:21:14.0110 0492 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 11:21:14.0453 0492 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:21:14.0905 0492 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 11:21:15.0404 0492 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 11:21:15.0872 0492 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 11:21:16.0278 0492 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 11:21:16.0808 0492 L1C (9c46a5421de9d116c47155317cabb522) C:\Windows\system32\DRIVERS\L1C62x64.sys 11:21:17.0214 0492 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 11:21:17.0635 0492 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 11:21:18.0166 0492 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 11:21:18.0571 0492 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 11:21:18.0992 0492 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 11:21:19.0148 0492 LMS (a1c148801b4af64847aeb9f3ad9594ef) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 11:21:19.0273 0492 LMS ( UnsignedFile.Multi.Generic ) - [b:40f4537a3c][color=red:40f4537a3c]warning[/color:40f4537a3c][/b:40f4537a3c] 11:21:19.0273 0492 LMS - detected UnsignedFile.Multi.Generic (1) 11:21:19.0710 0492 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 11:21:20.0178 0492 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 11:21:20.0646 0492 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 11:21:21.0098 0492 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 11:21:21.0566 0492 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 11:21:21.0941 0492 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 11:21:22.0409 0492 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 11:21:22.0877 0492 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 11:21:23.0407 0492 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 11:21:23.0906 0492 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 11:21:24.0437 0492 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 11:21:24.0889 0492 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 11:21:25.0342 0492 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 11:21:25.0778 0492 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 11:21:26.0215 0492 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys 11:21:26.0652 0492 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 11:21:27.0136 0492 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys 11:21:27.0572 0492 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 11:21:27.0994 0492 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 11:21:28.0524 0492 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 11:21:28.0976 0492 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 11:21:29.0491 0492 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:21:29.0975 0492 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:21:30.0490 0492 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 11:21:30.0926 0492 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 11:21:31.0285 0492 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 11:21:31.0800 0492 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 11:21:32.0299 0492 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 11:21:32.0752 0492 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 11:21:33.0110 0492 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 11:21:33.0953 0492 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 11:21:34.0140 0492 MsMpSvc (157e9e498206a3366baa7e4697bdd947) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe 11:21:34.0592 0492 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 11:21:35.0092 0492 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 11:21:35.0575 0492 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 11:21:36.0012 0492 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 11:21:36.0574 0492 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 11:21:37.0042 0492 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 11:21:37.0478 0492 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys 11:21:37.0931 0492 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 11:21:38.0290 0492 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 11:21:38.0882 0492 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 11:21:39.0475 0492 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 11:21:40.0052 0492 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 11:21:40.0567 0492 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 11:21:41.0035 0492 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 11:21:41.0503 0492 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 11:21:42.0002 0492 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 11:21:42.0486 0492 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 11:21:42.0970 0492 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 11:21:43.0406 0492 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:21:43.0812 0492 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 11:21:44.0233 0492 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 11:21:44.0530 0492 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 11:21:45.0013 0492 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 11:21:45.0466 0492 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 11:21:45.0575 0492 NisSrv (566ddd5d82520da01d75f81428ac4c38) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe 11:21:45.0965 0492 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 11:21:46.0511 0492 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 11:21:46.0932 0492 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 11:21:47.0431 0492 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 11:21:48.0102 0492 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 11:21:48.0664 0492 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 11:21:49.0147 0492 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 11:21:49.0615 0492 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 11:21:50.0114 0492 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 11:21:50.0582 0492 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 11:21:50.0738 0492 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:21:50.0957 0492 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 11:21:51.0565 0492 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 11:21:51.0986 0492 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 11:21:52.0486 0492 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 11:21:52.0922 0492 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 11:21:53.0266 0492 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 11:21:53.0936 0492 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 11:21:54.0389 0492 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 11:21:54.0841 0492 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 11:21:55.0309 0492 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 11:21:55.0777 0492 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 11:21:56.0152 0492 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 11:21:56.0588 0492 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 11:21:57.0041 0492 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 11:21:57.0446 0492 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 11:21:57.0836 0492 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 11:21:58.0180 0492 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 11:21:58.0601 0492 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 11:21:59.0131 0492 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 11:21:59.0630 0492 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 11:21:59.0989 0492 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 11:22:00.0410 0492 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:22:00.0878 0492 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 11:22:01.0440 0492 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 11:22:01.0986 0492 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 11:22:02.0329 0492 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 11:22:02.0813 0492 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 11:22:03.0250 0492 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 11:22:03.0780 0492 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 11:22:04.0201 0492 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 11:22:04.0778 0492 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 11:22:05.0184 0492 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 11:22:05.0714 0492 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 11:22:06.0198 0492 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 11:22:06.0713 0492 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 11:22:07.0196 0492 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 11:22:07.0649 0492 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 11:22:08.0132 0492 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 11:22:08.0632 0492 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 11:22:09.0084 0492 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 11:22:09.0583 0492 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 11:22:09.0942 0492 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 11:22:10.0363 0492 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 11:22:10.0784 0492 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 11:22:11.0190 0492 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 11:22:11.0564 0492 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 11:22:12.0048 0492 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 11:22:12.0438 0492 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:22:12.0890 0492 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 11:22:13.0265 0492 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 11:22:13.0780 0492 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 11:22:14.0185 0492 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 11:22:14.0622 0492 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 11:22:14.0996 0492 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 11:22:15.0184 0492 SeaPort (58dc20eb15f071804c56fccc796417a2) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 11:22:15.0730 0492 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 11:22:16.0088 0492 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 11:22:16.0494 0492 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 11:22:16.0931 0492 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 11:22:17.0477 0492 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 11:22:17.0945 0492 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 11:22:18.0428 0492 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 11:22:18.0772 0492 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 11:22:19.0318 0492 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 11:22:19.0895 0492 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 11:22:20.0456 0492 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 11:22:20.0924 0492 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 11:22:21.0283 0492 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 11:22:21.0720 0492 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 11:22:22.0422 0492 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys 11:22:23.0077 0492 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 11:22:23.0748 0492 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 11:22:23.0888 0492 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe 11:22:24.0512 0492 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 11:22:24.0949 0492 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 11:22:25.0480 0492 SNP2UVC (f06a6de8438f7446bff9e61f31356521) C:\Windows\system32\DRIVERS\snp2uvc.sys 11:22:26.0010 0492 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 11:22:26.0369 0492 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 11:22:26.0930 0492 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 11:22:27.0398 0492 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 11:22:27.0898 0492 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 11:22:28.0459 0492 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 11:22:28.0943 0492 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 11:22:29.0364 0492 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 11:22:29.0770 0492 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 11:22:30.0269 0492 STacSV (94a6522ac9f3e05fd039ad105ade96d0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe 11:22:30.0815 0492 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 11:22:31.0298 0492 STHDA (ddb811b13d827081e7c1ddff302ab334) C:\Windows\system32\DRIVERS\stwrt64.sys 11:22:31.0688 0492 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 11:22:32.0219 0492 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 11:22:32.0624 0492 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 11:22:33.0311 0492 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 11:22:33.0826 0492 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 11:22:34.0356 0492 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 11:22:34.0918 0492 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 11:22:35.0776 0492 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 11:22:36.0758 0492 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 11:22:37.0445 0492 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 11:22:38.0131 0492 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 11:22:38.0724 0492 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 11:22:39.0348 0492 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 11:22:39.0847 0492 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 11:22:40.0206 0492 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 11:22:40.0658 0492 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 11:22:41.0080 0492 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 11:22:41.0454 0492 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 11:22:41.0719 0492 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 11:22:42.0265 0492 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 11:22:42.0780 0492 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 11:22:43.0030 0492 TuneUp.UtilitiesSvc (6886ffbc8716c3a76554ea27692ce8b8) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe 11:22:43.0310 0492 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys 11:22:43.0763 0492 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 11:22:44.0246 0492 TurboB (c45a3e051c65106a28982caed125f855) C:\Windows\system32\DRIVERS\TurboB.sys 11:22:44.0309 0492 TurboBoost (baef86ebeaece76573fa822dea256f6c) C:\Program Files\Intel\TurboBoost\TurboBoost.exe 11:22:44.0761 0492 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 11:22:45.0229 0492 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 11:22:45.0666 0492 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 11:22:46.0150 0492 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 11:22:46.0586 0492 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 11:22:47.0054 0492 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 11:22:47.0226 0492 UNS (41118d920b2b268c0adc36421248cdcf) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 11:22:47.0444 0492 UNS ( UnsignedFile.Multi.Generic ) - [b:40f4537a3c][color=red:40f4537a3c]warning[/color:40f4537a3c][/b:40f4537a3c] 11:22:47.0444 0492 UNS - detected UnsignedFile.Multi.Generic (1) 11:22:47.0756 0492 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 11:22:48.0256 0492 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 11:22:48.0724 0492 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 11:22:49.0192 0492 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 11:22:49.0675 0492 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 11:22:50.0128 0492 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 11:22:50.0596 0492 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 11:22:51.0064 0492 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS 11:22:51.0516 0492 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 11:22:51.0984 0492 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 11:22:52.0374 0492 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 11:22:52.0780 0492 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:22:53.0232 0492 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 11:22:53.0591 0492 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 11:22:54.0137 0492 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 11:22:54.0589 0492 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 11:22:55.0073 0492 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 11:22:55.0510 0492 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 11:22:55.0946 0492 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 11:22:56.0399 0492 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 11:22:56.0851 0492 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 11:22:57.0304 0492 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 11:22:57.0709 0492 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 11:22:58.0255 0492 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 11:22:58.0723 0492 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 11:22:59.0113 0492 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 11:22:59.0612 0492 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 11:23:00.0096 0492 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:23:00.0190 0492 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:23:00.0611 0492 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 11:23:01.0219 0492 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 11:23:01.0718 0492 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 11:23:02.0155 0492 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 11:23:02.0592 0492 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 11:23:03.0154 0492 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 11:23:03.0622 0492 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 11:23:03.0996 0492 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 11:23:04.0152 0492 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 11:23:04.0495 0492 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 11:23:04.0885 0492 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 11:23:05.0322 0492 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 11:23:05.0712 0492 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 11:23:06.0227 0492 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 11:23:06.0711 0492 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys 11:23:07.0179 0492 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 11:23:07.0615 0492 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 11:23:08.0068 0492 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 11:23:08.0661 0492 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 11:23:09.0160 0492 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 11:23:09.0597 0492 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 11:23:10.0002 0492 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 11:23:10.0408 0492 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 11:23:10.0923 0492 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 11:23:11.0734 0492 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 11:23:13.0465 0492 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 11:23:14.0277 0492 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 11:23:14.0979 0492 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 11:23:15.0556 0492 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 11:23:16.0102 0492 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 11:23:16.0273 0492 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 11:23:18.0364 0492 Boot (0x1200) (5491fe9044ef37104ffefe7ec84b4f30) \Device\Harddisk0\DR0\Partition0 11:23:18.0442 0492 Boot (0x1200) (e8fece621af84cafc7aaa0df4def1f7f) \Device\Harddisk0\DR0\Partition1 11:23:18.0457 0492 ============================================================ 11:23:18.0457 0492 Scan finished 11:23:18.0457 0492 ============================================================ 11:23:19.0050 1532 Deinitialize success . ============================================== System Restore Point Check: . TDSSKiller Starter Restore Point Created Succesfully ============================================== Registry Export . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] ============================================== EOF
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Hier de log van ComboFix: ComboFix 12-04-20.03 - Desley 21-04-2012 11:34:25.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3949.2649 [GMT 2:00] Gestart vanuit: c:\users\Desley\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\FullRemove.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-03-21 to 2012-04-21 )))))))))))))))))))))))))))))) . . 2012-04-21 09:39 . 2012-04-21 09:39 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-04-21 09:19 . 2012-04-21 09:23 -------- d-----w- C:\TDSSStarter 2012-04-21 08:21 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2D04335C-CA16-42F6-B7FE-0182F3950255}\mpengine.dll 2012-04-20 16:30 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-04-20 16:30 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-04-20 15:00 . 2012-04-20 15:00 -------- d-----w- c:\programdata\Malwarebytes 2012-04-20 15:00 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-20 14:47 . 2012-03-02 11:33 34624 ----a-w- c:\windows\system32\TURegOpt.exe 2012-04-20 14:47 . 2012-03-02 11:33 25920 ----a-w- c:\windows\system32\authuitu.dll 2012-04-20 14:47 . 2012-03-02 11:33 21312 ----a-w- c:\windows\SysWow64\authuitu.dll 2012-04-20 14:46 . 2012-04-20 14:47 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012 2012-04-20 14:45 . 2012-04-20 14:47 -------- d-----w- c:\programdata\TuneUp Software 2012-04-20 14:45 . 2012-04-20 14:45 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-04-19 14:34 . 2012-04-19 14:34 -------- d-----w- c:\windows\system32\SPReview 2012-04-19 14:32 . 2012-04-19 14:32 -------- d-----w- c:\windows\system32\EventProviders 2012-04-19 14:28 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-04-19 14:12 . 2010-11-20 12:19 3215872 ----a-w- c:\windows\SysWow64\mstscax.dll 2012-04-19 14:11 . 2010-11-20 13:27 501248 ----a-w- c:\windows\system32\WinSATAPI.dll 2012-04-19 14:10 . 2010-11-20 13:27 255488 ----a-w- c:\windows\system32\wavemsp.dll 2012-04-19 14:09 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\el-GR\tsusbflt.sys.mui 2012-04-19 14:08 . 2010-11-20 13:34 2560 ----a-w- c:\windows\system32\drivers\nl-NL\rdpwd.sys.mui 2012-04-19 14:08 . 2010-11-20 13:33 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui 2012-04-19 14:08 . 2010-11-20 13:27 3072 ----a-w- c:\windows\system32\drivers\nl-NL\Dot4usb.sys.mui 2012-04-19 14:08 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll 2012-04-19 14:08 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll 2012-04-19 14:08 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll 2012-04-19 14:08 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll 2012-04-19 14:06 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll 2012-04-19 12:50 . 2012-04-19 12:50 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2012-04-19 12:49 . 2012-04-19 12:51 -------- d-----w- c:\programdata\DAEMON Tools Lite 2012-04-19 12:47 . 2012-04-19 12:47 -------- d-----w- c:\users\Public\CyberLink 2012-04-18 16:17 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-04-18 16:17 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-04-18 16:05 . 2012-04-18 16:05 -------- d-----w- c:\windows\SysWow64\Wat 2012-04-18 16:05 . 2012-04-18 16:05 -------- d-----w- c:\windows\system32\Wat 2012-04-18 15:52 . 2012-02-09 11:17 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{460ADA4C-F967-4E34-B569-03A2DA800B67}\gapaengine.dll 2012-04-18 15:44 . 2012-04-18 15:45 -------- d-----w- c:\program files (x86)\Microsoft Security Client 2012-04-18 15:44 . 2012-04-18 15:45 -------- d-----w- c:\program files\Microsoft Security Client 2012-04-18 15:24 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe 2012-04-18 15:16 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-18 15:16 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-04-18 15:16 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-04-18 15:06 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-18 15:06 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-18 15:06 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-04-18 15:06 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-04-18 15:06 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-18 15:06 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-04-18 15:06 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-04-18 14:50 . 2011-06-15 10:02 106496 ----a-w- c:\windows\system32\odbccu32.dll 2012-04-18 14:49 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll 2012-04-18 14:49 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll 2012-04-18 14:49 . 2011-07-16 05:37 421888 ----a-w- c:\windows\system32\KernelBase.dll 2012-04-18 14:47 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2012-04-18 14:46 . 2012-04-18 14:46 -------- d--h--w- c:\windows\msdownld.tmp 2012-04-18 14:44 . 2011-03-11 06:34 1359872 ----a-w- c:\windows\system32\mfc42u.dll 2012-04-18 14:44 . 2011-03-11 06:34 1395712 ----a-w- c:\windows\system32\mfc42.dll 2012-04-18 14:44 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll 2012-04-18 14:44 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll 2012-04-18 14:44 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll 2012-04-18 14:44 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2012-04-18 14:44 . 2011-02-23 04:55 90624 ----a-w- c:\windows\system32\drivers\bowser.sys 2012-04-18 14:40 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll 2012-04-18 14:40 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll 2012-04-18 14:40 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-04-18 14:40 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2012-04-18 14:30 . 2012-04-18 14:30 -------- d--h--w- c:\programdata\Common Files 2012-04-18 14:30 . 2012-04-18 14:30 -------- d-----w- c:\program files\Microsoft Silverlight 2012-04-18 14:30 . 2012-04-18 14:30 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-04-18 14:24 . 2012-04-18 14:30 -------- d-----w- c:\programdata\MFAData 2012-04-18 13:41 . 2012-04-18 14:11 -------- d-----w- c:\programdata\fssg 2012-04-18 13:30 . 2012-04-18 13:30 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services 2012-04-18 13:26 . 2012-04-18 13:41 -------- d-----w- c:\programdata\f-secure 2012-04-18 13:25 . 2012-04-18 13:25 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2012-04-18 13:25 . 2012-04-18 16:00 -------- d-----w- c:\programdata\Microsoft Help 2012-04-18 13:17 . 2012-04-18 13:17 -------- d-----w- c:\program files (x86)\Common Files\Skype 2012-04-18 13:17 . 2012-04-18 13:17 -------- d-----r- c:\program files (x86)\Skype 2012-04-18 13:17 . 2012-04-18 13:17 -------- d-----w- c:\programdata\Skype 2012-04-18 13:05 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-04-18 13:05 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-04-18 13:05 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-18 13:05 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-04-18 13:05 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-04-18 13:02 . 2012-04-18 13:02 -------- d-----w- c:\windows\system32\log 2012-04-18 12:59 . 2012-04-18 13:38 -------- dc----w- c:\windows\system32\DRVSTORE 2012-04-18 12:59 . 2008-12-08 15:35 61792 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-04-18 12:59 . 2012-04-18 12:59 -------- d-----w- c:\program files\Windows Live 2012-04-18 12:59 . 2012-04-18 12:59 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework 2012-04-18 12:58 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll 2012-04-18 12:58 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll 2012-04-18 12:57 . 2012-04-18 13:29 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition 2012-04-18 12:57 . 2012-04-18 12:57 -------- d-----w- c:\program files (x86)\Microsoft 2012-04-18 12:56 . 2012-04-18 12:56 -------- d-----w- c:\program files (x86)\Windows Live SkyDrive 2012-04-18 12:56 . 2012-04-18 12:59 -------- d-----w- c:\program files (x86)\Windows Live 2012-04-18 12:56 . 2012-04-18 12:56 -------- d-----w- c:\windows\PCHEALTH 2012-04-18 12:54 . 2012-04-18 12:54 -------- d-----w- c:\program files (x86)\Common Files\Windows Live 2012-04-18 12:54 . 2012-04-18 13:02 -------- d-----w- C:\ASUS.DAT 2012-04-18 12:54 . 2012-04-18 13:04 -------- d-----w- c:\users\Desley . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-19 15:26 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2012-04-19 15:25 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2012-02-14 10:09 . 2012-02-14 10:09 1070352 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-10-19 2429] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-11 98304] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "BCSSync"="d:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-10-19 12862] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 135664] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;d:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-03-02 2143552] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-02-09 11856] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 08:52] . 2012-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 08:52] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440] "ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-11-27 487424] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) AddRemove-K_Series_ScreenSaver_EN - c:\windows\system32\K_Series_ScreenSaver_EN.scr . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe c:\windows\AsScrPro.exe c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe . ************************************************************************** . Voltooingstijd: 2012-04-21 11:53:52 - machine werd herstart ComboFix-quarantined-files.txt 2012-04-21 09:53 . Pre-Run: 103.466.426.368 bytes beschikbaar Post-Run: 102.858.231.808 bytes beschikbaar . - - End Of File - - 2DEBA1B9AB4D08BBF57FFA150B6939E5
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
In ieder geval Asus crapware verwijderen. Daar kan je [b:b819dad141]PC Decrapifier[/b:b819dad141] voor gebruiken. http://pcdecrapifier.com/ Verder ben ik een tegenstander van tweaksoftware. Doorgaans brengen die nauwelijks iets, ook al beloven ze veel. Datzelfde geldt voor registerreiniging. Het enigste wat daardoor veroorzaakt wordt is fragmentatie van het Windows register, waardoor o.a. het opstarten langer gaat duren.
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
We gaan zoeken: [b:4732d91009]Welk programma[/b:4732d91009]: Zoek.exe [b:4732d91009]Waarvoor/waarom[/b:4732d91009]: multifunktioneel tool [b:4732d91009]Moeilijkheidsgraad[/b:4732d91009]: geen. [b:4732d91009]Download[/b:4732d91009]: [url=http://home.kpn.nl/stefsmeenk/tools/zoek.exe][b:4732d91009]zoek.exe[/b:4732d91009][/url] [b:4732d91009]"Zoek.exe" gebruiken[/b:4732d91009]: [list:4732d91009][*:4732d91009] [b:4732d91009][color=#0000FF:4732d91009]Sluit nu eerst alle nog openstaande programmavensters![/color:4732d91009][/b:4732d91009] [list:4732d91009][*:4732d91009][b:4732d91009][color=#0000FF:4732d91009]Windows 2000[/color:4732d91009][/b:4732d91009] en [color=#0000FF:4732d91009][b:4732d91009]Windows XP[/b:4732d91009][/color:4732d91009]: start het tool middels dubbelklik op "[i:4732d91009]Zoek.exe[/i:4732d91009]". [*:4732d91009][color=#0000FF:4732d91009][b:4732d91009]Windows Vista[/b:4732d91009][/color:4732d91009] en [color=#0000FF:4732d91009][b:4732d91009]Windows 7[/b:4732d91009][/color:4732d91009]: start het tool middels rechtsklik op "[i:4732d91009]Zoek.exe[/i:4732d91009]" en dan kiezen voor [i:4732d91009][b:4732d91009]Als Administrator uitvoeren[/b:4732d91009][/i:4732d91009].[/list:u:4732d91009][/list:u:4732d91009] Er start nu een zwart CMD/Opdrachtpromptvenster op. [list:4732d91009][*:4732d91009]Typ nu in dat venster [b:4732d91009]B[/b:4732d91009] gevolgd door Enter om "Custom search" te starten. [*:4732d91009]Een kladblokdocument met de naam "input.txt" zal nu openen. [*:4732d91009]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenster[/list:u:4732d91009][b:4732d91009][color=#0000FF:4732d91009] ijinshan; jinshan; guard; [/color:4732d91009][/b:4732d91009] [list:4732d91009][*:4732d91009]Wanneer je de blauwe gekleurde tekst in het lege kladblokvenster geplakt hebt, mag je input.txt sluiten, laat de wijzigingen opslaan.[/list:u:4732d91009] [img:4732d91009]http://www.imgdumper.nl/uploads5/4f4375db0bc34/4f4375db0a8b1-Zoekexe.png[/img:4732d91009] [list:4732d91009][*:4732d91009]Hierna begint de scan te lopen, wacht geduldig tot een log opent en post het resultaat in je volgende bericht.[/list:u:4732d91009]
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Hier de log: Zoek.exe Version 2.0.1.1 Updated 31-03-2012 Tool run by Desley on za 21-04-2012 at 14:25:04,10. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running from: C:\Users\Desley\Downloads\zoek.exe ==== Folders Found ====================== 2012-04-18 12:57:13 2012-04-18 12:57:13 -------- d-----w- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Choice Guard ==== Files Found ====================== --- C:\Program Files (x86)\Common Files\Windows Live\.cache\849136f11cd1d62\choiceguard.msi --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 101376 Created time: 2012-04-18 12:55:23 Modified time: 2008-11-21 15:49:14 MD5: 0DB6E72A33E2011063E049687CEFA3B2 SHA1: F39270762235846B501CAE0B0B823CD3971EDC3A --- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Choice Guard\CGuard.exe --- Company: Microsoft Corp. File Description: Choice Guard command line interface File Version: 1.2.87.0 Product Name: Choice Guard Copyright: Copyright © 2008 Microsoft Corp. Original Filename: CG.exe File type: ----a-w- File size: 75080 Created time: 2008-10-31 06:58:00 Modified time: 2008-10-31 06:58:00 MD5: C64E7399AD6A39F528104D5810A8CF1B SHA1: 1979F04501BD3F25A8A41AC33F80AD9DC2DF0B7C --- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Choice Guard\ChoiceGuard.dll --- Company: Microsoft Corp. File Description: Microsoft Live Search File Version: 1.2.87.0 Product Name: Choice Guard Copyright: Copyright © 2008 Microsoft Corp. Original Filename: ChoiceGuard.dll File type: ----a-w- File size: 129352 Created time: 2008-10-31 06:58:02 Modified time: 2008-10-31 06:58:02 MD5: DE7253C8565FA9E01EB68904B7545A9D SHA1: 26B20377B3ACFDFDAEDB37404A3702A162920551 --- C:\Windows\Prefetch\CGUARD.EXE-74F0E6F2.pf --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 24722 Created time: 2012-04-18 12:59:45 Modified time: 2012-04-18 12:59:45 MD5: BCCA53863C5ED9A2B5F8AB60F220014B SHA1: 5F5948524CFE298E128FCB260069119B2898A318
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Hmm, doe het volgende: download [url=http://download.bleepingcomputer.com/farbar/MiniToolBox.exe]MiniToolBox[/url] en plaats dit tool op jouw bureaublad. [b:bba5b2a44f]"Farbar MiniToolBox" gebruiken[/b:bba5b2a44f]: [list:bba5b2a44f][*:bba5b2a44f] [b:bba5b2a44f][color=#0000FF:bba5b2a44f]Sluit nu eerst alle nog openstaande programmavensters![/color:bba5b2a44f][/b:bba5b2a44f] [list:bba5b2a44f][*:bba5b2a44f][b:bba5b2a44f][color=#0000FF:bba5b2a44f]Windows 2000[/color:bba5b2a44f][/b:bba5b2a44f] en [color=#0000FF:bba5b2a44f][b:bba5b2a44f]Windows XP[/b:bba5b2a44f][/color:bba5b2a44f]: start "MiniToolBox.exe" via dubbelklikken. [*:bba5b2a44f][color=#0000FF:bba5b2a44f][b:bba5b2a44f]Windows Vista[/b:bba5b2a44f][/color:bba5b2a44f] en [color=#0000FF:bba5b2a44f][b:bba5b2a44f]Windows 7[/b:bba5b2a44f][/color:bba5b2a44f]: start "MiniToolBox.exe" via rechtsklik [b:bba5b2a44f]Als Administrator uitvoeren[/b:bba5b2a44f].[/list:u:bba5b2a44f][/list:u:bba5b2a44f] Vink de volgende onderdelen aan: [list:bba5b2a44f] [*:bba5b2a44f]List last 10 Event Viewer log [*:bba5b2a44f]List Installed Programs [*:bba5b2a44f]List Users, Partitions and Memory size. [list:bba5b2a44f][*:bba5b2a44f]Klik nu op de knop "Go". [*:bba5b2a44f]Aansluitend wordt een log aangemaakt (Result.txt) in de zelfde map waar "MiniToolBox.exe" in zit. [*:bba5b2a44f]Kopieer en plak de inhoud van het log in jouw volgende bericht.[/list:u:bba5b2a44f][/list:u:bba5b2a44f]
Link naar reactie

Om een reactie te plaatsen, moet je eerst inloggen

Gast
Antwoord op deze vraag...

×   Geplakt als verrijkte tekst.   Herstel opmaak

  Er zijn maximaal 75 emoji toegestaan.

×   Je link werd automatisch ingevoegd.   Tonen als normale link

×   Je vorige inhoud werd hersteld.   Leeg de tekstverwerker

×   Je kunt afbeeldingen niet direct plakken. Upload of voeg afbeeldingen vanaf een URL in

×
Ga naar vragenoverzicht
×
×
  • Nieuwe aanmaken...