Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Virus op laptop, wie kan mij helpen met deze Hijack logfile

None
12 antwoorden
  • Virus op laptop, wie kan mij helpen met deze Hijack logfile.

    Internet explorer wordt spontaan opgestart en ook andere vreemde dingen.
    Laptop is op afstand overgenomen door mij via teamviewer.

    Hieronder de logfile.

    [code:1:1bd7340bd9]Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 20:43:18, on 17-3-2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16722)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
    C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
    C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
    C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\mswinext.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
    O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Bjsujdm] rundll32 "C:\Users\Asus\AppData\Roaming\msxbde40F.dll",ONGKXQZ
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com
    esource/download/scanner/en-us/wlscctrl2.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com
    esources/scanner/sources/en/scan8/oscan8.cab
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Belkin Local Backup Service - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
    O23 - Service: Belkin Network USB Helper - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 12360 bytes
    [/code:1:1bd7340bd9]
    Alvast bedankt voor een snelle reactie





  • Ok, malwarebytes laten draaien met onderstaande resultaat:

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Databaseversie: 6091

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    17-3-2011 21:32:08
    mbam-log-2011-03-17 (21-32-08).txt

    Scantype: Snelle scan
    Objecten gescand: 167807
    Verstreken tijd: 4 minuut/minuten, 21 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 5
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\KCSCPW1HKH (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\KUGHGZXAKT (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)


    **************************************************

    2de scan:

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Databaseversie: 6091

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    17-3-2011 21:37:08
    mbam-log-2011-03-17 (21-37-08).txt

    Scantype: Snelle scan
    Objecten gescand: 167800
    Verstreken tijd: 3 minuut/minuten, 44 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    *******************************************************

    3de scan:
    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Databaseversie: 6091

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    17-3-2011 22:09:59
    mbam-log-2011-03-17 (22-09-59).txt

    Scantype: Volledige scan (C:\|D:\|)
    Objecten gescand: 269879
    Verstreken tijd: 25 minuut/minuten, 30 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 1
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 1

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Titan Poker (PUP.Casino) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    c:\Poker\titan poker\_setuppoker_c512e2.exe (PUP.Casino) -> Quarantined and deleted successfully.


    ***************************************

    nieuwe logfile van hijackthis

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 22:33:33, on 17-3-2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16722)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
    C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
    C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
    C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\mswinext.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
    C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
    C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
    O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Bjsujdm] rundll32 "C:\Users\Asus\AppData\Roaming\msxbde40F.dll",ONGKXQZ
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com
    esource/download/scanner/en-us/wlscctrl2.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com
    esources/scanner/sources/en/scan8/oscan8.cab
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Belkin Local Backup Service - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
    O23 - Service: Belkin Network USB Helper - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: Trend Micro RUBotted Service (RUBotSrv) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 12906 bytes





  • Hoi lampje25, je bent wel druk geweest.

    Maar het feit dat jij zonder antivirusprogramma internet, is vragen om de grootste problemen.
    Bovendien is het niet de bedoeling dat vrijwilligers jou helpen virusvrij te maken, want dat is feitelijk dweilen men de kraan open.

    Ik adviseer jou de nummer 1 van de gratis antivirusprogramma's te installeren,
    Avast 6\2011 free.

    [b:279c6e95cf]Downloadlink Avast 6 Free[/b:279c6e95cf]

    Andere programma's zijn:

    PANDA CLOUD ANTIVIRUS
    AVG 2011 Free
    Avira Antivir Free
    Microsoft Security Essentials

    Echter: alleen Avast 6\2011 heeft onderdelen aan boord, die je verder alleen bij betaalde antivirus programma's vindt!

    Installeer dus de antivirus van je keuze en laat deze daarna een volledige systeemscan doen.

    Meld je daarna teriug met een nieuw Hijack Thus-log en vermeld ook wat de virusscan heeft opgelebverd.
  • [quote:0305ac408a="Abraham54"]
    Maar het feit dat jij zonder antivirusprogramma internet, is vragen om de grootste problemen.
    [/quote:0305ac408a]

    Sorry, maar is ten eerste niet mijn laptop maar van een zwager van mij.
    Ten tweede was er wel een virus scanner aanwezig maar is deze op de e.o.a. manier uitgeschakeld.
    De virusscanner die was/is geïnstalleerd is:
    Microsoft Security Essentials

    Als ik die opstart dan gaat die gelijk weer weg.
    Deze kan ik dus ook de pc niet laten scannen.
    Ook een nieuwe installatie helpt niet. Ook niet nadat ik (de laatste) virussen heb verwijdert.

    Verder heb ik Eset online scanner laten draaien en die heeft geen fouten meer gevonden.

    Ik zal Avast vanavond laten draaien.
    Het nadeel is dat ik alles op afstand moet uitvoeren (vandaar dat ik teamviewer draai).

    Er missen ook nog andere dingen op de PC.
    Zo is de map documents geheel leeg, zelfs geen persoonlijk map o.i.d.

    Ik vrees dat ik een complete installatie van Windows 7 moet gaan uitvoeren.
  • Ik denk dat een herinstallatie van Windows 7 ook de meest voorhanden liggende oplossing is!

    Maar je mag dit eerst proberen:

    [b:e4aa5a8eba]Welk programma[/b:e4aa5a8eba]: ComboFix
    [b:e4aa5a8eba]Waarvoor/waarom[/b:e4aa5a8eba]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:e4aa5a8eba]Moeilijkheidsgraad[/b:e4aa5a8eba]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:e4aa5a8eba]Downloadlokatie[/b:e4aa5a8eba]: Dit programma absoluut naar het bureaublad downloaden!
    [b:e4aa5a8eba]Download ComboFix via één van deze locaties[/b:e4aa5a8eba]:
    [list:e4aa5a8eba][*:e4aa5a8eba][b:e4aa5a8eba]Bleepingcomputer[/b:e4aa5a8eba]
    [*:e4aa5a8eba][b:e4aa5a8eba]ForoSpyware[/b:e4aa5a8eba]
    [*:e4aa5a8eba][b:e4aa5a8eba]Geekstogo[/b:e4aa5a8eba][/list:u:e4aa5a8eba]
    [b:e4aa5a8eba]Hier[/b:e4aa5a8eba] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:e4aa5a8eba]Hier[/b:e4aa5a8eba] en [b:e4aa5a8eba]hier[/b:e4aa5a8eba] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:e4aa5a8eba]Voor alle duidelijkheid nogmaals[/b:e4aa5a8eba]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:e4aa5a8eba]Opmerkingen[/b:e4aa5a8eba]:
    [list:e4aa5a8eba][*:e4aa5a8eba] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:e4aa5a8eba]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:e4aa5a8eba]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:e4aa5a8eba]
    [b:e4aa5a8eba]ComboFix is opgestart[/b:e4aa5a8eba]:
    [list:e4aa5a8eba][*:e4aa5a8eba]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:e4aa5a8eba]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:e4aa5a8eba]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:e4aa5a8eba]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:e4aa5a8eba]Post de inhoud van dit logbestand in je volgende bericht.
    [*:e4aa5a8eba]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:e4aa5a8eba]
    [b:e4aa5a8eba]Belangrijke opmerking[/b:e4aa5a8eba]:
    [list:e4aa5a8eba][*:e4aa5a8eba][b:e4aa5a8eba]
  • Log bestand van Combofix.
    ************************************

    ComboFix 11-03-18.01 - Asus 18-03-2011 20:52:22.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.3037.1737 [GMT 1:00]
    Gestart vanuit: c:\users\Asus\Desktop\ComboFix.exe
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\Install.exe
    c:\users\Asus\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
    c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Diagnostic
    c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Diagnostic\Uninstall Windows Diagnostic.lnk
    c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Diagnostic\Windows Diagnostic.lnk
    c:\users\Asus\AppData\Roaming\msxbde40F.dll
    c:\users\Asus\Desktop\Windows Diagnostic.lnk
    c:\windows\system32\drivers\etc\lmhosts
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-02-18 to 2011-03-18 ))))))))))))))))))))))))))))))
    .
    .
    2011-03-17 22:24 . 2011-01-13 01:20 7844688 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2011-03-17 22:24 . 2011-02-10 22:31 7947600 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD5BBBB7-EB42-465C-A005-CA80C230F92B}\mpengine.dll
    2011-03-17 22:24 . 2011-03-17 22:24 601424 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{60F86256-025B-4370-BB91-F4381E4E6D77}\gapaengine.dll
    2011-03-17 22:17 . 2011-03-17 22:17 ——– d—–w- c:\program files (x86)\Microsoft Security Client
    2011-03-17 22:17 . 2011-03-17 22:17 ——– d—–w- c:\program files\Microsoft Security Client
    2011-03-17 20:26 . 2011-03-17 20:26 ——– d—–w- c:\users\Asus\AppData\Roaming\Malwarebytes
    2011-03-17 20:26 . 2010-12-20 17:09 38224 —-a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-03-17 20:26 . 2011-03-17 20:26 ——– d—–w- c:\programdata\Malwarebytes
    2011-03-17 20:26 . 2011-03-17 20:26 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-03-17 20:26 . 2010-12-20 17:08 24152 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-03-17 19:56 . 2011-03-17 19:56 ——– d—–w- c:\program files (x86)\WinPcap
    2011-03-17 19:50 . 2010-09-06 09:26 189520 —-a-w- c:\windows\SysWow64\drivers\tmcomm.sys
    2011-03-17 19:26 . 2011-03-17 19:26 388096 —-a-r- c:\users\Asus\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-03-17 19:26 . 2011-03-17 19:56 ——– d—–w- c:\program files (x86)\Trend Micro
    2011-03-17 18:46 . 2011-03-17 18:46 ——– d—–w- c:\program files (x86)\ESET
    2011-03-17 18:43 . 2011-03-17 18:43 ——– d—–w- c:\windows\BDOSCAN8
    2011-03-17 18:38 . 2011-03-17 18:38 ——– d—–w- c:\program files (x86)\Windows Live Safety Center
    2011-03-16 12:27 . 2011-03-16 12:27 ——– d—–w- c:\program files (x86)\JRE
    2011-03-16 12:22 . 2011-03-16 12:22 ——– d—–w- c:\program files (x86)\Common Files\Java
    2011-03-16 12:22 . 2011-03-16 12:22 411368 —-a-w- c:\windows\SysWow64\deploytk.dll
    2011-03-16 12:22 . 2011-03-16 12:22 ——– d—–w- c:\program files (x86)\Java
    2011-03-13 19:04 . 2011-03-14 11:56 ——– d–h–w- c:\programdata\bHeDhIo01804
    2011-02-23 10:36 . 2010-09-14 06:45 367104 —-a-w- c:\windows\system32\wcncsvc.dll
    2011-02-23 10:36 . 2010-09-14 06:07 276992 —-a-w- c:\windows\SysWow64\wcncsvc.dll
    2011-02-23 10:35 . 2011-01-07 08:07 662528 —-a-w- c:\windows\system32\XpsPrint.dll
    2011-02-23 10:35 . 2011-01-07 07:31 442880 —-a-w- c:\windows\SysWow64\XpsPrint.dll
    2011-02-23 10:35 . 2011-01-07 08:07 475648 —-a-w- c:\windows\system32\XpsGdiConverter.dll
    2011-02-23 10:35 . 2011-01-07 07:31 288256 —-a-w- c:\windows\SysWow64\XpsGdiConverter.dll
    2011-02-20 19:17 . 2011-02-20 19:17 ——– d–h–w- c:\programdata\Big Fish Games
    2011-02-20 19:17 . 2011-02-20 19:17 ——– d—–w- c:\program files (x86)\bfgclient
    2011-02-20 19:17 . 2011-02-20 19:17 ——– d—–w- C:\BigFishGamesCache
    2011-02-20 17:03 . 2011-02-21 13:39 ——– d–h–w- c:\programdata\mNbOjDk01818
    2011-02-20 13:44 . 2011-02-20 13:44 ——– d—–w- c:\program files (x86)\TeamViewer
    2011-02-20 10:58 . 2011-02-20 13:02 ——– d–h–w- c:\programdata\fDfOiGf01804
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-03-09 09:03 . 2010-06-24 10:33 18328 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2011-01-26 06:53 . 2011-02-10 15:25 982912 —-a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2011-01-26 06:53 . 2011-02-10 15:25 265088 —-a-w- c:\windows\system32\drivers\dxgmms1.sys
    2011-01-26 06:31 . 2011-02-10 15:25 144384 —-a-w- c:\windows\system32\cdd.dll
    2011-01-07 08:06 . 2011-02-10 15:25 46080 —-a-w- c:\windows\system32\atmlib.dll
    2011-01-07 07:27 . 2011-02-10 15:25 34304 —-a-w- c:\windows\SysWow64\atmlib.dll
    2011-01-07 05:49 . 2011-02-10 15:25 366080 —-a-w- c:\windows\system32\atmfd.dll
    2011-01-07 05:33 . 2011-02-10 15:25 294400 —-a-w- c:\windows\SysWow64\atmfd.dll
    2011-01-05 06:20 . 2011-02-10 15:25 612352 —-a-w- c:\windows\system32\vbscript.dll
    2011-01-05 05:37 . 2011-02-10 15:25 428032 —-a-w- c:\windows\SysWow64\vbscript.dll
    2011-01-05 04:00 . 2011-02-10 15:26 3127808 —-a-w- c:\windows\system32\win32k.sys
    2010-12-21 06:16 . 2011-02-10 15:25 62976 —-a-w- c:\windows\system32\wscapi.dll
    2010-12-21 06:16 . 2011-02-10 15:25 97280 —-a-w- c:\windows\system32\wscsvc.dll
    2010-12-21 06:16 . 2011-02-10 15:25 214016 —-a-w- c:\windows\system32\winsrv.dll
    2010-12-21 06:16 . 2011-02-10 15:25 442880 —-a-w- c:\windows\system32\winhttp.dll
    2010-12-21 06:16 . 2011-02-10 15:25 1197056 —-a-w- c:\windows\system32\wininet.dll
    2010-12-21 06:16 . 2011-02-10 15:25 258048 —-a-w- c:\windows\system32\WebClnt.dll
    2010-12-21 06:15 . 2011-02-10 15:25 264192 —-a-w- c:\windows\system32\upnp.dll
    2010-12-21 06:15 . 2011-02-10 15:25 15360 —-a-w- c:\windows\system32\slwga.dll
    2010-12-21 06:13 . 2011-02-10 15:26 2003968 —-a-w- c:\windows\system32\msxml6.dll
    2010-12-21 06:13 . 2011-02-10 15:25 1880576 —-a-w- c:\windows\system32\msxml3.dll
    2010-12-21 06:10 . 2011-02-10 15:25 100864 —-a-w- c:\windows\system32\davclnt.dll
    2010-12-21 05:38 . 2011-02-10 15:25 51200 —-a-w- c:\windows\SysWow64\wscapi.dll
    2010-12-21 05:38 . 2011-02-10 15:25 981504 —-a-w- c:\windows\SysWow64\wininet.dll
    2010-12-21 05:38 . 2011-02-10 15:25 350720 —-a-w- c:\windows\SysWow64\winhttp.dll
    2010-12-21 05:38 . 2011-02-10 15:25 204800 —-a-w- c:\windows\SysWow64\WebClnt.dll
    2010-12-21 05:38 . 2011-02-10 15:25 204288 —-a-w- c:\windows\SysWow64\upnp.dll
    2010-12-21 05:38 . 2011-02-10 15:25 14336 —-a-w- c:\windows\SysWow64\slwga.dll
    2010-12-21 05:36 . 2011-02-10 15:25 1389568 —-a-w- c:\windows\SysWow64\msxml6.dll
    2010-12-21 05:36 . 2011-02-10 15:25 1236992 —-a-w- c:\windows\SysWow64\msxml3.dll
    2010-12-21 05:34 . 2011-02-10 15:25 80384 —-a-w- c:\windows\SysWow64\davclnt.dll
    2009-04-08 17:31 . 2009-04-08 17:31 106496 —-a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
    2008-08-12 04:45 . 2008-08-12 04:45 155648 —-a-w- c:\program files (x86)\Common Files\MSIactionall.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-24 39408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
    "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
    "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
    "HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
    "ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
    "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
    "InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-07-28 1485208]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
    "Trend Micro RUBotted V2.0 Beta"="c:\program files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe" [2010-12-17 1103184]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKLM\~\startupfolder\C:^Users^Asus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1 .lnk]
    backup=c:\windows\pss\OpenOffice.org 3.1 .lnk.Startup
    path=c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1 .lnk
    backupExtension=.Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2009-02-28 00:10 35696 —-a-w- c:\program files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
    2009-09-13 23:03 72248 —-a-w- c:\windows\AsScrProlog.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
    2009-09-13 23:03 3054136 —-a-w- c:\windows\AsScrPro.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
    2008-07-19 02:52 104936 —-a-w- c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
    R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 136176]
    R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
    R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
    S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2010-02-17 181760]
    S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2010-02-09 55296]
    S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers
    pf.sys [x]
    S2 RUBotSrv;Trend Micro RUBotted Service;c:\program files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [2010-12-17 439632]
    S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
    S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
    S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
    S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
    S3 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [x]
    S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 19:18]
    .
    2011-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 19:18]
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
    "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
    "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: Google Sidewiki… - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    Wow6432Node-HKCU-Run-Bjsujdm - c:\users\Asus\AppData\Roaming\msxbde40F.dll
    Wow6432Node-HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
    Toolbar-Locked - (no file)
    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
    c:\program files\ATKGFNEX\GFNEXSrv.exe
    c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
    c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
    c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
    c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
    c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
    c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
    c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
    c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
    c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
    c:\program files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2011-03-18 21:05:17 - machine werd herstart
    ComboFix-quarantined-files.txt 2011-03-18 20:05
    .
    Pre-Run: 126.764.150.784 bytes beschikbaar
    Post-Run: 127.171.596.288 bytes beschikbaar
    .
    - - End Of File - - 0A68ACFC046C734CDD8F848DD2D54834
  • Verder werkt nu ook Microsoft Security Essentials weer (groene pictogram). nu de rest bekijken…. :)
  • Hoi lampje25, je mag het volgende gaan doen, maar let even op:

    indien ComboFix aangeeft ge-updated te moeten worden, dan wel aangeeft opnieuw gedownload te moeten worden, doe dat dan!


    Open een nieuw kladblok bestand, via Start>Alle programma’s>Bureau-accessoires>Kladblok.


    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:18a7c1a3d5]
  • ComboFix 11-03-22.01 - Asus 22-03-2011 20:30:26.2.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.3037.1814 [GMT 1:00]
    Gestart vanuit: c:\users\Asus\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\Asus\Desktop\CFScript.txt
    AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    FILE ::
    "c:\windows\system32\drivers\AmUStor.SYS"
    "c:\windows\system32\DRIVERS\ETD.sys"
    "c:\windows\system32\DRIVERS\lullaby.sys"
    "c:\windows\system32\DRIVERS\MpNWMon.sys"
    "c:\windows\system32\DRIVERS\NisDrvWFP.sys"
    "c:\windows\system32\drivers
    pf.sys"
    "c:\windows\system32\DRIVERS\SiSG664.sys"
    "c:\windows\system32\DRIVERS\sxuptp.sys"
    "c:\windows\system32\drivers\viahduaa.sys"
    "c:\windows\system32\DRIVERS\vwififlt.sys"
    "c:\windows\system32\DRIVERS\vwifimp.sys"
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files (x86)\ESET
    c:\program files (x86)\ESET\ESET Online Scanner\esets_apiA.dll
    c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW.dll
    c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW_a.dll
    c:\program files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
    c:\program files (x86)\ESET\ESET Online Scanner\log.txt
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\continuous
    od5F94.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com\update.ver
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\lastupd.ver
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od00CF.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od0569.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od10BB.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od2FF1.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od3529.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od4716.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od4A65.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od4AA5.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od5375.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od55D5.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od5F8E.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od60BF.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od6411.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od6661.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od6C79.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od6D74.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od6EC1.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od738D.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od752E.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od7A2A.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles
    od7BE6.nup
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\upd.ver
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\em000_32.dat
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\em000_64.dat
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\em001_32.dat
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\em002_32.dat
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\em003_32.dat
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\em004_32.dat
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\em005_32.dat
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\em006_32.dat
    c:\program files (x86)\ESET\ESET Online Scanner\Modules\em006_64.dat
    c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
    c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
    c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.inf
    c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.ocx
    c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner64.ocx
    c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
    c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerLang.dll
    c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
    c:\program files (x86)\ESET\ESET Online Scanner\unicows.dll
    c:\programdata\fDfOiGf01804
    c:\programdata\fDfOiGf01804\fDfOiGf01804
    c:\programdata\mNbOjDk01818
    c:\programdata\mNbOjDk01818\mNbOjDk01818
    c:\users\Asus\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
    c:\windows\system32\drivers\AmUStor.SYS
    c:\windows\system32\DRIVERS\ETD.sys
    c:\windows\system32\DRIVERS\lullaby.sys
    c:\windows\system32\DRIVERS\NisDrvWFP.sys
    c:\windows\system32\drivers
    pf.sys
    c:\windows\system32\DRIVERS\SiSG664.sys
    c:\windows\system32\DRIVERS\sxuptp.sys
    c:\windows\system32\drivers\viahduaa.sys
    c:\windows\system32\DRIVERS\MpNWMon.sys . . . . konden niet verwijderd worden
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ——-\Legacy_lullaby
    ——-\Legacy_MpNWMon
    ——-\Legacy_NisDrv
    ——-\Legacy_NPF
    ——-\Service_AmUStor
    ——-\Service_ETD
    ——-\Service_lullaby
    ——-\Service_MpNWMon
    ——-\Service_NisDrv
    ——-\Service_NPF
    ——-\Service_SiSGbeLH
    ——-\Service_sxuptp
    ——-\Service_VIAHdAudAddService
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-02-22 to 2011-03-22 ))))))))))))))))))))))))))))))
    .
    .
    2011-03-22 19:36 . 2011-03-22 19:36 ——– d—–w- c:\users\Default\AppData\Local\temp
    2011-03-22 13:49 . 2011-02-10 22:31 7947600 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{161DE941-5BE4-4430-A506-575354499887}\mpengine.dll
    2011-03-17 22:24 . 2011-02-10 22:31 7947600 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2011-03-17 22:24 . 2011-03-17 22:24 601424 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{60F86256-025B-4370-BB91-F4381E4E6D77}\gapaengine.dll
    2011-03-17 22:17 . 2011-03-17 22:17 ——– d—–w- c:\program files (x86)\Microsoft Security Client
    2011-03-17 22:17 . 2011-03-17 22:17 ——– d—–w- c:\program files\Microsoft Security Client
    2011-03-17 20:26 . 2011-03-17 20:26 ——– d—–w- c:\users\Asus\AppData\Roaming\Malwarebytes
    2011-03-17 20:26 . 2010-12-20 17:09 38224 —-a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-03-17 20:26 . 2011-03-17 20:26 ——– d—–w- c:\programdata\Malwarebytes
    2011-03-17 20:26 . 2011-03-17 20:26 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-03-17 20:26 . 2010-12-20 17:08 24152 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-03-17 19:56 . 2011-03-17 19:56 ——– d—–w- c:\program files (x86)\WinPcap
    2011-03-17 19:50 . 2010-09-06 09:26 189520 —-a-w- c:\windows\SysWow64\drivers\tmcomm.sys
    2011-03-17 19:26 . 2011-03-17 19:26 388096 —-a-w- c:\users\Asus\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-03-17 19:26 . 2011-03-17 19:56 ——– d—–w- c:\program files (x86)\Trend Micro
    2011-03-17 18:43 . 2011-03-17 18:43 ——– d—–w- c:\windows\BDOSCAN8
    2011-03-17 18:38 . 2011-03-17 18:38 ——– d—–w- c:\program files (x86)\Windows Live Safety Center
    2011-03-16 12:27 . 2011-03-16 12:27 ——– d—–w- c:\program files (x86)\JRE
    2011-03-16 12:22 . 2011-03-16 12:22 ——– d—–w- c:\program files (x86)\Common Files\Java
    2011-03-16 12:22 . 2011-03-16 12:22 411368 —-a-w- c:\windows\SysWow64\deploytk.dll
    2011-03-16 12:22 . 2011-03-16 12:22 ——– d—–w- c:\program files (x86)\Java
    2011-03-13 19:04 . 2011-03-14 11:56 ——– d–h–w- c:\programdata\bHeDhIo01804
    2011-02-23 10:36 . 2010-09-14 06:45 367104 —-a-w- c:\windows\system32\wcncsvc.dll
    2011-02-23 10:36 . 2010-09-14 06:07 276992 —-a-w- c:\windows\SysWow64\wcncsvc.dll
    2011-02-23 10:35 . 2011-01-07 08:07 662528 —-a-w- c:\windows\system32\XpsPrint.dll
    2011-02-23 10:35 . 2011-01-07 07:31 442880 —-a-w- c:\windows\SysWow64\XpsPrint.dll
    2011-02-23 10:35 . 2011-01-07 08:07 475648 —-a-w- c:\windows\system32\XpsGdiConverter.dll
    2011-02-23 10:35 . 2011-01-07 07:31 288256 —-a-w- c:\windows\SysWow64\XpsGdiConverter.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-03-09 09:03 . 2010-06-24 10:33 18328 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2011-01-26 06:53 . 2011-02-10 15:25 982912 —-a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2011-01-26 06:53 . 2011-02-10 15:25 265088 —-a-w- c:\windows\system32\drivers\dxgmms1.sys
    2011-01-26 06:31 . 2011-02-10 15:25 144384 —-a-w- c:\windows\system32\cdd.dll
    2011-01-07 08:06 . 2011-02-10 15:25 46080 —-a-w- c:\windows\system32\atmlib.dll
    2011-01-07 07:27 . 2011-02-10 15:25 34304 —-a-w- c:\windows\SysWow64\atmlib.dll
    2011-01-07 05:49 . 2011-02-10 15:25 366080 —-a-w- c:\windows\system32\atmfd.dll
    2011-01-07 05:33 . 2011-02-10 15:25 294400 —-a-w- c:\windows\SysWow64\atmfd.dll
    2011-01-05 06:20 . 2011-02-10 15:25 612352 —-a-w- c:\windows\system32\vbscript.dll
    2011-01-05 05:37 . 2011-02-10 15:25 428032 —-a-w- c:\windows\SysWow64\vbscript.dll
    2011-01-05 04:00 . 2011-02-10 15:26 3127808 —-a-w- c:\windows\system32\win32k.sys
    2009-04-08 17:31 . 2009-04-08 17:31 106496 —-a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
    2008-08-12 04:45 . 2008-08-12 04:45 155648 —-a-w- c:\program files (x86)\Common Files\MSIactionall.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-03-18_20.01.07 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2009-09-13 23:06 . 2011-03-22 19:13 55076 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    - 2009-07-14 05:10 . 2011-03-18 17:28 46856 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 05:10 . 2011-03-22 19:13 46856 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2009-11-13 10:48 . 2011-03-22 19:13 14726 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3406382855-3554832233-3493148428-1001_UserData.bin
    + 2009-11-14 01:42 . 2011-03-18 20:31 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-11-14 01:42 . 2011-03-18 10:28 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-11-14 01:42 . 2011-03-18 10:28 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-11-14 01:42 . 2011-03-18 20:31 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2011-03-18 10:28 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:54 . 2011-03-18 20:31 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-11-13 11:01 . 2011-03-22 19:39 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-11-13 11:01 . 2011-03-18 20:01 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2009-07-14 04:46 . 2011-03-18 20:48 80672 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
    + 2009-11-13 11:01 . 2011-03-22 19:39 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-11-13 11:01 . 2011-03-18 20:01 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-11-13 11:01 . 2011-03-22 19:39 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2009-11-13 11:01 . 2011-03-18 20:01 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2009-11-13 10:52 . 2011-03-18 20:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2009-11-13 10:52 . 2011-03-22 19:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2009-11-13 10:52 . 2011-03-22 19:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2009-11-13 10:52 . 2011-03-18 20:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-12-31 12:07 . 2011-03-18 21:23 3614 c:\windows\system32\wdi\ERCQueuedResolutions.dat
    - 2009-12-31 12:07 . 2011-02-18 13:11 3614 c:\windows\system32\wdi\ERCQueuedResolutions.dat
    - 2011-03-18 20:00 . 2011-03-18 20:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2011-03-22 19:37 . 2011-03-22 19:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2011-03-22 19:37 . 2011-03-22 19:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2011-03-18 20:00 . 2011-03-18 20:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2009-07-14 05:12 . 2011-03-18 10:28 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2009-07-14 05:12 . 2011-03-18 20:31 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2010-06-11 15:16 . 2011-03-19 10:40 492000 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
    - 2009-07-14 05:01 . 2011-03-18 19:59 443896 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2009-07-14 05:01 . 2011-03-22 19:36 443896 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2010-11-12 22:32 . 2011-03-22 19:36 1793768 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3406382855-3554832233-3493148428-1001-8192.dat
    - 2009-07-14 02:34 . 2011-03-18 17:37 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
    + 2009-07-14 02:34 . 2011-03-22 19:21 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-24 39408]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
    "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
    "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
    "HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
    "ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
    "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
    "InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-07-28 1485208]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
    "Trend Micro RUBotted V2.0 Beta"="c:\program files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe" [2010-12-17 1103184]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKLM\~\startupfolder\C:^Users^Asus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1 .lnk]
    backup=c:\windows\pss\OpenOffice.org 3.1 .lnk.Startup
    path=c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1 .lnk
    backupExtension=.Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2009-02-28 00:10 35696 —-a-w- c:\program files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
    2009-09-13 23:03 72248 —-a-w- c:\windows\AsScrProlog.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
    2009-09-13 23:03 3054136 —-a-w- c:\windows\AsScrPro.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
    2008-07-19 02:52 104936 —-a-w- c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
    R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 136176]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
    S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2010-02-17 181760]
    S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2010-02-09 55296]
    S2 RUBotSrv;Trend Micro RUBotted Service;c:\program files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [2010-12-17 439632]
    S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 19:18]
    .
    2011-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 19:18]
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "combofix"="c:\combofix\CF25076.cfxxe" [X]
    "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
    "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
    "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: Google Sidewiki… - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
    c:\program files\ATKGFNEX\GFNEXSrv.exe
    c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
    c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
    c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
    c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
    c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
    c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
    c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
    c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
    c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
    c:\program files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2011-03-22 20:42:33 - machine werd herstart
    ComboFix-quarantined-files.txt 2011-03-22 19:42
    ComboFix2.txt 2011-03-18 20:05
    .
    Pre-Run: 127.529.508.864 bytes beschikbaar
    Post-Run: 126.956.703.744 bytes beschikbaar
    .
    - - End Of File - - 63F79FB47DB64F3DBA6AD3C8F10677D6























  • Hoi Lampje, geef een update over hoe jouw Windows nu draait.
  • Windows lijkt verder wel goed te draaien.
    Ontbrekende mappen (mijn documenten) waren op de e.o.a. manier verborgen, deze heb ik weer zichtbaar gemaakt.

    Zal vanavond nog een keer via teamviewer inloggen op de laptop van mn zwager en kijken of alles goed draait en ook kijken of er fouten staat in het logboek van windows.

    Alvast bedankt voor je hulp.
  • Hoi Lampje - er is een nieuwe versie van TeamViewer uit!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.