Vraag & Antwoord

Beveiliging & privacy

Virus op laptop, wie kan mij helpen met deze Hijack logfile

Anoniem
None
12 antwoorden
 • Windows lijkt verder wel goed te draaien.
  Ontbrekende mappen (mijn documenten) waren op de e.o.a. manier verborgen, deze heb ik weer zichtbaar gemaakt.

  Zal vanavond nog een keer via teamviewer inloggen op de laptop van mn zwager en kijken of alles goed draait en ook kijken of er fouten staat in het logboek van windows.

  Alvast bedankt voor je hulp.
 • Hoi Lampje - er is een nieuwe versie van TeamViewer uit!
 • Virus op laptop, wie kan mij helpen met deze Hijack logfile.

  Internet explorer wordt spontaan opgestart en ook andere vreemde dingen.
  Laptop is op afstand overgenomen door mij via teamviewer.

  Hieronder de logfile.

  [code:1:1bd7340bd9]Logfile of Trend Micro HijackThis v2.0.4
  Scan saved at 20:43:18, on 17-3-2011
  Platform: Windows 7 (WinNT 6.00.3504)
  MSIE: Internet Explorer v8.00 (8.00.7600.16722)
  Boot mode: Normal

  Running processes:
  C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
  C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
  C:\Windows\SysWOW64\rundll32.exe
  C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
  C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
  C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
  C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
  C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
  C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
  C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
  C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
  C:\Program Files (x86)\Internet Explorer\iexplore.exe
  C:\Program Files (x86)\Internet Explorer\iexplore.exe
  C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
  C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\mswinext.exe
  C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
  C:\Program Files (x86)\Internet Explorer\iexplore.exe
  C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  F2 - REG:system.ini: UserInit=userinit.exe
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
  O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
  O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
  O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
  O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
  O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
  O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
  O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
  O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
  O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
  O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
  O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
  O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
  O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
  O4 - HKCU\..\Run: [Bjsujdm] rundll32 "C:\Users\Asus\AppData\Roaming\msxbde40F.dll",ONGKXQZ
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
  O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
  O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
  O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
  O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
  O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
  O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
  O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
  O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
  O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
  O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
  O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
  O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
  O23 - Service: Belkin Local Backup Service - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
  O23 - Service: Belkin Network USB Helper - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
  O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
  O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
  O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


  End of file - 12360 bytes
  [/code:1:1bd7340bd9]
  Alvast bedankt voor een snelle reactie
 • Ok, malwarebytes laten draaien met onderstaande resultaat:

  Malwarebytes' Anti-Malware 1.50.1.1100
  www.malwarebytes.org

  Databaseversie: 6091

  Windows 6.1.7600
  Internet Explorer 8.0.7600.16385

  17-3-2011 21:32:08
  mbam-log-2011-03-17 (21-32-08).txt

  Scantype: Snelle scan
  Objecten gescand: 167807
  Verstreken tijd: 4 minuut/minuten, 21 seconde(n)

  Geheugenprocessen geïnfecteerd: 0
  Geheugenmodulen geïnfecteerd: 0
  Registersleutels geïnfecteerd: 5
  Registerwaarden geïnfecteerd: 0
  Registerdata geïnfecteerd: 0
  Mappen geïnfecteerd: 0
  Bestanden geïnfecteerd: 0

  Geheugenprocessen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels geïnfecteerd:
  HKEY_CURRENT_USER\SOFTWARE\KCSCPW1HKH (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  HKEY_CURRENT_USER\SOFTWARE\KUGHGZXAKT (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

  Registerwaarden geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registerdata geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Mappen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)


  **************************************************

  2de scan:

  Malwarebytes' Anti-Malware 1.50.1.1100
  www.malwarebytes.org

  Databaseversie: 6091

  Windows 6.1.7600
  Internet Explorer 8.0.7600.16385

  17-3-2011 21:37:08
  mbam-log-2011-03-17 (21-37-08).txt

  Scantype: Snelle scan
  Objecten gescand: 167800
  Verstreken tijd: 3 minuut/minuten, 44 seconde(n)

  Geheugenprocessen geïnfecteerd: 0
  Geheugenmodulen geïnfecteerd: 0
  Registersleutels geïnfecteerd: 0
  Registerwaarden geïnfecteerd: 0
  Registerdata geïnfecteerd: 0
  Mappen geïnfecteerd: 0
  Bestanden geïnfecteerd: 0

  Geheugenprocessen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registerwaarden geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registerdata geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Mappen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  *******************************************************

  3de scan:
  Malwarebytes' Anti-Malware 1.50.1.1100
  www.malwarebytes.org

  Databaseversie: 6091

  Windows 6.1.7600
  Internet Explorer 8.0.7600.16385

  17-3-2011 22:09:59
  mbam-log-2011-03-17 (22-09-59).txt

  Scantype: Volledige scan (C:\|D:\|)
  Objecten gescand: 269879
  Verstreken tijd: 25 minuut/minuten, 30 seconde(n)

  Geheugenprocessen geïnfecteerd: 0
  Geheugenmodulen geïnfecteerd: 0
  Registersleutels geïnfecteerd: 1
  Registerwaarden geïnfecteerd: 0
  Registerdata geïnfecteerd: 0
  Mappen geïnfecteerd: 0
  Bestanden geïnfecteerd: 1

  Geheugenprocessen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels geïnfecteerd:
  HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Titan Poker (PUP.Casino) -> Quarantined and deleted successfully.

  Registerwaarden geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registerdata geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Mappen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden geïnfecteerd:
  c:\Poker\titan poker\_setuppoker_c512e2.exe (PUP.Casino) -> Quarantined and deleted successfully.


  ***************************************

  nieuwe logfile van hijackthis

  Logfile of Trend Micro HijackThis v2.0.4
  Scan saved at 22:33:33, on 17-3-2011
  Platform: Windows 7 (WinNT 6.00.3504)
  MSIE: Internet Explorer v8.00 (8.00.7600.16722)
  Boot mode: Normal

  Running processes:
  C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
  C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
  C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
  C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
  C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
  C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
  C:\Windows\SysWOW64\rundll32.exe
  C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
  C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
  C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
  C:\Program Files (x86)\Internet Explorer\iexplore.exe
  C:\Program Files (x86)\Internet Explorer\iexplore.exe
  C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
  C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\mswinext.exe
  C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
  C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
  C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
  C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
  C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
  C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  F2 - REG:system.ini: UserInit=userinit.exe,
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
  O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
  O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
  O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
  O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
  O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
  O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
  O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
  O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
  O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
  O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
  O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
  O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
  O4 - HKLM\..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
  O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
  O4 - HKCU\..\Run: [Bjsujdm] rundll32 "C:\Users\Asus\AppData\Roaming\msxbde40F.dll",ONGKXQZ
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
  O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
  O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
  O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
  O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
  O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
  O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
  O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
  O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
  O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
  O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
  O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
  O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
  O23 - Service: Belkin Local Backup Service - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
  O23 - Service: Belkin Network USB Helper - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
  O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
  O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
  O23 - Service: Trend Micro RUBotted Service (RUBotSrv) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
  O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


  End of file - 12906 bytes
 • Hoi lampje25, je bent wel druk geweest.

  Maar het feit dat jij zonder antivirusprogramma internet, is vragen om de grootste problemen.
  Bovendien is het niet de bedoeling dat vrijwilligers jou helpen virusvrij te maken, want dat is feitelijk dweilen men de kraan open.

  Ik adviseer jou de nummer 1 van de gratis antivirusprogramma's te installeren,
  Avast 6\2011 free.

  [b:279c6e95cf]Downloadlink Avast 6 Free[/b:279c6e95cf]

  Andere programma's zijn:

  PANDA CLOUD ANTIVIRUS
  AVG 2011 Free
  Avira Antivir Free
  Microsoft Security Essentials

  Echter: alleen Avast 6\2011 heeft onderdelen aan boord, die je verder alleen bij betaalde antivirus programma's vindt!

  Installeer dus de antivirus van je keuze en laat deze daarna een volledige systeemscan doen.

  Meld je daarna teriug met een nieuw Hijack Thus-log en vermeld ook wat de virusscan heeft opgelebverd.
 • [quote:0305ac408a="Abraham54"]
  Maar het feit dat jij zonder antivirusprogramma internet, is vragen om de grootste problemen.
  [/quote:0305ac408a]

  Sorry, maar is ten eerste niet mijn laptop maar van een zwager van mij.
  Ten tweede was er wel een virus scanner aanwezig maar is deze op de e.o.a. manier uitgeschakeld.
  De virusscanner die was/is geïnstalleerd is:
  Microsoft Security Essentials

  Als ik die opstart dan gaat die gelijk weer weg.
  Deze kan ik dus ook de pc niet laten scannen.
  Ook een nieuwe installatie helpt niet. Ook niet nadat ik (de laatste) virussen heb verwijdert.

  Verder heb ik Eset online scanner laten draaien en die heeft geen fouten meer gevonden.

  Ik zal Avast vanavond laten draaien.
  Het nadeel is dat ik alles op afstand moet uitvoeren (vandaar dat ik teamviewer draai).

  Er missen ook nog andere dingen op de PC.
  Zo is de map documents geheel leeg, zelfs geen persoonlijk map o.i.d.

  Ik vrees dat ik een complete installatie van Windows 7 moet gaan uitvoeren.
 • Ik denk dat een herinstallatie van Windows 7 ook de meest voorhanden liggende oplossing is!

  Maar je mag dit eerst proberen:

  [b:e4aa5a8eba]Welk programma[/b:e4aa5a8eba]: ComboFix
  [b:e4aa5a8eba]Waarvoor/waarom[/b:e4aa5a8eba]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
  en zo mogelijk op te schonen.
  [b:e4aa5a8eba]Moeilijkheidsgraad[/b:e4aa5a8eba]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
  [b:e4aa5a8eba]Downloadlokatie[/b:e4aa5a8eba]: Dit programma absoluut naar het bureaublad downloaden!
  [b:e4aa5a8eba]Download ComboFix via één van deze locaties[/b:e4aa5a8eba]:
  [list:e4aa5a8eba][*:e4aa5a8eba][b:e4aa5a8eba]Bleepingcomputer[/b:e4aa5a8eba]
  [*:e4aa5a8eba][b:e4aa5a8eba]ForoSpyware[/b:e4aa5a8eba]
  [*:e4aa5a8eba][b:e4aa5a8eba]Geekstogo[/b:e4aa5a8eba][/list:u:e4aa5a8eba]
  [b:e4aa5a8eba]Hier[/b:e4aa5a8eba] zie je hoe je ComboFix moet gebruiken.

  Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
  [b:e4aa5a8eba]Hier[/b:e4aa5a8eba] en [b:e4aa5a8eba]hier[/b:e4aa5a8eba] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

  [b:e4aa5a8eba]Voor alle duidelijkheid nogmaals[/b:e4aa5a8eba]: ComboFix dient vanaf het bureaublad gestart te worden.

  [b:e4aa5a8eba]Opmerkingen[/b:e4aa5a8eba]:
  [list:e4aa5a8eba][*:e4aa5a8eba] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
  [*:e4aa5a8eba]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
  [*:e4aa5a8eba]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:e4aa5a8eba]
  [b:e4aa5a8eba]ComboFix is opgestart[/b:e4aa5a8eba]:
  [list:e4aa5a8eba][*:e4aa5a8eba]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
  [*:e4aa5a8eba]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
  [*:e4aa5a8eba]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
  [*:e4aa5a8eba]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
  [*:e4aa5a8eba]Post de inhoud van dit logbestand in je volgende bericht.
  [*:e4aa5a8eba]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:e4aa5a8eba]
  [b:e4aa5a8eba]Belangrijke opmerking[/b:e4aa5a8eba]:
  [list:e4aa5a8eba][*:e4aa5a8eba][b:e4aa5a8eba]
 • Log bestand van Combofix.
  ************************************

  ComboFix 11-03-18.01 - Asus 18-03-2011 20:52:22.1.2 - x64
  Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.3037.1737 [GMT 1:00]
  Gestart vanuit: c:\users\Asus\Desktop\ComboFix.exe
  AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
  SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
  SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  .
  .
  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  C:\Install.exe
  c:\users\Asus\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
  c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Diagnostic
  c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Diagnostic\Uninstall Windows Diagnostic.lnk
  c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Diagnostic\Windows Diagnostic.lnk
  c:\users\Asus\AppData\Roaming\msxbde40F.dll
  c:\users\Asus\Desktop\Windows Diagnostic.lnk
  c:\windows\system32\drivers\etc\lmhosts
  .
  .
  (((((((((((((((((((( Bestanden Gemaakt van 2011-02-18 to 2011-03-18 ))))))))))))))))))))))))))))))
  .
  .
  2011-03-17 22:24 . 2011-01-13 01:20 7844688 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
  2011-03-17 22:24 . 2011-02-10 22:31 7947600 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD5BBBB7-EB42-465C-A005-CA80C230F92B}\mpengine.dll
  2011-03-17 22:24 . 2011-03-17 22:24 601424 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{60F86256-025B-4370-BB91-F4381E4E6D77}\gapaengine.dll
  2011-03-17 22:17 . 2011-03-17 22:17 ——– d—–w- c:\program files (x86)\Microsoft Security Client
  2011-03-17 22:17 . 2011-03-17 22:17 ——– d—–w- c:\program files\Microsoft Security Client
  2011-03-17 20:26 . 2011-03-17 20:26 ——– d—–w- c:\users\Asus\AppData\Roaming\Malwarebytes
  2011-03-17 20:26 . 2010-12-20 17:09 38224 —-a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
  2011-03-17 20:26 . 2011-03-17 20:26 ——– d—–w- c:\programdata\Malwarebytes
  2011-03-17 20:26 . 2011-03-17 20:26 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
  2011-03-17 20:26 . 2010-12-20 17:08 24152 —-a-w- c:\windows\system32\drivers\mbam.sys
  2011-03-17 19:56 . 2011-03-17 19:56 ——– d—–w- c:\program files (x86)\WinPcap
  2011-03-17 19:50 . 2010-09-06 09:26 189520 —-a-w- c:\windows\SysWow64\drivers\tmcomm.sys
  2011-03-17 19:26 . 2011-03-17 19:26 388096 —-a-r- c:\users\Asus\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
  2011-03-17 19:26 . 2011-03-17 19:56 ——– d—–w- c:\program files (x86)\Trend Micro
  2011-03-17 18:46 . 2011-03-17 18:46 ——– d—–w- c:\program files (x86)\ESET
  2011-03-17 18:43 . 2011-03-17 18:43 ——– d—–w- c:\windows\BDOSCAN8
  2011-03-17 18:38 . 2011-03-17 18:38 ——– d—–w- c:\program files (x86)\Windows Live Safety Center
  2011-03-16 12:27 . 2011-03-16 12:27 ——– d—–w- c:\program files (x86)\JRE
  2011-03-16 12:22 . 2011-03-16 12:22 ——– d—–w- c:\program files (x86)\Common Files\Java
  2011-03-16 12:22 . 2011-03-16 12:22 411368 —-a-w- c:\windows\SysWow64\deploytk.dll
  2011-03-16 12:22 . 2011-03-16 12:22 ——– d—–w- c:\program files (x86)\Java
  2011-03-13 19:04 . 2011-03-14 11:56 ——– d–h–w- c:\programdata\bHeDhIo01804
  2011-02-23 10:36 . 2010-09-14 06:45 367104 —-a-w- c:\windows\system32\wcncsvc.dll
  2011-02-23 10:36 . 2010-09-14 06:07 276992 —-a-w- c:\windows\SysWow64\wcncsvc.dll
  2011-02-23 10:35 . 2011-01-07 08:07 662528 —-a-w- c:\windows\system32\XpsPrint.dll
  2011-02-23 10:35 . 2011-01-07 07:31 442880 —-a-w- c:\windows\SysWow64\XpsPrint.dll
  2011-02-23 10:35 . 2011-01-07 08:07 475648 —-a-w- c:\windows\system32\XpsGdiConverter.dll
  2011-02-23 10:35 . 2011-01-07 07:31 288256 —-a-w- c:\windows\SysWow64\XpsGdiConverter.dll
  2011-02-20 19:17 . 2011-02-20 19:17 ——– d–h–w- c:\programdata\Big Fish Games
  2011-02-20 19:17 . 2011-02-20 19:17 ——– d—–w- c:\program files (x86)\bfgclient
  2011-02-20 19:17 . 2011-02-20 19:17 ——– d—–w- C:\BigFishGamesCache
  2011-02-20 17:03 . 2011-02-21 13:39 ——– d–h–w- c:\programdata\mNbOjDk01818
  2011-02-20 13:44 . 2011-02-20 13:44 ——– d—–w- c:\program files (x86)\TeamViewer
  2011-02-20 10:58 . 2011-02-20 13:02 ——– d–h–w- c:\programdata\fDfOiGf01804
  .
  .
  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  2011-03-09 09:03 . 2010-06-24 10:33 18328 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
  2011-01-26 06:53 . 2011-02-10 15:25 982912 —-a-w- c:\windows\system32\drivers\dxgkrnl.sys
  2011-01-26 06:53 . 2011-02-10 15:25 265088 —-a-w- c:\windows\system32\drivers\dxgmms1.sys
  2011-01-26 06:31 . 2011-02-10 15:25 144384 —-a-w- c:\windows\system32\cdd.dll
  2011-01-07 08:06 . 2011-02-10 15:25 46080 —-a-w- c:\windows\system32\atmlib.dll
  2011-01-07 07:27 . 2011-02-10 15:25 34304 —-a-w- c:\windows\SysWow64\atmlib.dll
  2011-01-07 05:49 . 2011-02-10 15:25 366080 —-a-w- c:\windows\system32\atmfd.dll
  2011-01-07 05:33 . 2011-02-10 15:25 294400 —-a-w- c:\windows\SysWow64\atmfd.dll
  2011-01-05 06:20 . 2011-02-10 15:25 612352 —-a-w- c:\windows\system32\vbscript.dll
  2011-01-05 05:37 . 2011-02-10 15:25 428032 —-a-w- c:\windows\SysWow64\vbscript.dll
  2011-01-05 04:00 . 2011-02-10 15:26 3127808 —-a-w- c:\windows\system32\win32k.sys
  2010-12-21 06:16 . 2011-02-10 15:25 62976 —-a-w- c:\windows\system32\wscapi.dll
  2010-12-21 06:16 . 2011-02-10 15:25 97280 —-a-w- c:\windows\system32\wscsvc.dll
  2010-12-21 06:16 . 2011-02-10 15:25 214016 —-a-w- c:\windows\system32\winsrv.dll
  2010-12-21 06:16 . 2011-02-10 15:25 442880 —-a-w- c:\windows\system32\winhttp.dll
  2010-12-21 06:16 . 2011-02-10 15:25 1197056 —-a-w- c:\windows\system32\wininet.dll
  2010-12-21 06:16 . 2011-02-10 15:25 258048 —-a-w- c:\windows\system32\WebClnt.dll
  2010-12-21 06:15 . 2011-02-10 15:25 264192 —-a-w- c:\windows\system32\upnp.dll
  2010-12-21 06:15 . 2011-02-10 15:25 15360 —-a-w- c:\windows\system32\slwga.dll
  2010-12-21 06:13 . 2011-02-10 15:26 2003968 —-a-w- c:\windows\system32\msxml6.dll
  2010-12-21 06:13 . 2011-02-10 15:25 1880576 —-a-w- c:\windows\system32\msxml3.dll
  2010-12-21 06:10 . 2011-02-10 15:25 100864 —-a-w- c:\windows\system32\davclnt.dll
  2010-12-21 05:38 . 2011-02-10 15:25 51200 —-a-w- c:\windows\SysWow64\wscapi.dll
  2010-12-21 05:38 . 2011-02-10 15:25 981504 —-a-w- c:\windows\SysWow64\wininet.dll
  2010-12-21 05:38 . 2011-02-10 15:25 350720 —-a-w- c:\windows\SysWow64\winhttp.dll
  2010-12-21 05:38 . 2011-02-10 15:25 204800 —-a-w- c:\windows\SysWow64\WebClnt.dll
  2010-12-21 05:38 . 2011-02-10 15:25 204288 —-a-w- c:\windows\SysWow64\upnp.dll
  2010-12-21 05:38 . 2011-02-10 15:25 14336 —-a-w- c:\windows\SysWow64\slwga.dll
  2010-12-21 05:36 . 2011-02-10 15:25 1389568 —-a-w- c:\windows\SysWow64\msxml6.dll
  2010-12-21 05:36 . 2011-02-10 15:25 1236992 —-a-w- c:\windows\SysWow64\msxml3.dll
  2010-12-21 05:34 . 2011-02-10 15:25 80384 —-a-w- c:\windows\SysWow64\davclnt.dll
  2009-04-08 17:31 . 2009-04-08 17:31 106496 —-a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
  2008-08-12 04:45 . 2008-08-12 04:45 155648 —-a-w- c:\program files (x86)\Common Files\MSIactionall.dll
  .
  .
  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
  REGEDIT4
  .
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
  "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-24 39408]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
  "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
  "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
  "HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
  "ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
  "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
  "InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-07-28 1485208]
  "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
  "Trend Micro RUBotted V2.0 Beta"="c:\program files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe" [2010-12-17 1103184]
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  "ConsentPromptBehaviorAdmin"= 5 (0x5)
  "ConsentPromptBehaviorUser"= 3 (0x3)
  "EnableUIADesktopToggle"= 0 (0x0)
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
  "aux"=wdmaud.drv
  .
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
  @="Service"
  .
  [HKLM\~\startupfolder\C:^Users^Asus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1 .lnk]
  backup=c:\windows\pss\OpenOffice.org 3.1 .lnk.Startup
  path=c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1 .lnk
  backupExtension=.Startup
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  2009-02-28 00:10 35696 —-a-w- c:\program files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
  2009-09-13 23:03 72248 —-a-w- c:\windows\AsScrProlog.exe
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
  2009-09-13 23:03 3054136 —-a-w- c:\windows\AsScrPro.exe
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
  2008-07-19 02:52 104936 —-a-w- c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
  .
  R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  R2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
  R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 136176]
  R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
  R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
  R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
  R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
  R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
  S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
  S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
  S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
  S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2010-02-17 181760]
  S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2010-02-09 55296]
  S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
  S2 RUBotSrv;Trend Micro RUBotted Service;c:\program files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [2010-12-17 439632]
  S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
  S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
  S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
  S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
  S3 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [x]
  S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
  S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
  .
  .
  Inhoud van de 'Gedeelde Taken' map
  .
  2011-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 19:18]
  .
  2011-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 19:18]
  .
  .
  ——— x86-64 ———–
  .
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
  "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
  "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
  "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
  "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
  "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
  "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  "LoadAppInit_DLLs"=0x0
  .
  ——- Bijkomende Scan ——-
  .
  uStart Page = hxxp://www.google.nl/
  uLocal Page = c:\windows\system32\blank.htm
  mLocal Page = c:\windows\SysWOW64\blank.htm
  IE: Google Sidewiki… - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
  .
  - - - - ORPHANS VERWIJDERD - - - -
  .
  Toolbar-Locked - (no file)
  Wow6432Node-HKCU-Run-Bjsujdm - c:\users\Asus\AppData\Roaming\msxbde40F.dll
  Wow6432Node-HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
  Toolbar-Locked - (no file)
  AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
  .
  .
  .
  ——————— VERGRENDELDE REGISTER SLEUTELS ———————
  .
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
  @Denied: (Full) (Everyone)
  .
  ———————— Andere Aktieve Processen ————————
  .
  c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
  c:\program files\ATKGFNEX\GFNEXSrv.exe
  c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
  c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
  c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
  c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
  c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
  c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
  c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
  c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
  c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
  c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
  c:\program files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
  .
  **************************************************************************
  .
  Voltooingstijd: 2011-03-18 21:05:17 - machine werd herstart
  ComboFix-quarantined-files.txt 2011-03-18 20:05
  .
  Pre-Run: 126.764.150.784 bytes beschikbaar
  Post-Run: 127.171.596.288 bytes beschikbaar
  .
  - - End Of File - - 0A68ACFC046C734CDD8F848DD2D54834
 • Verder werkt nu ook Microsoft Security Essentials weer (groene pictogram). nu de rest bekijken…. :)
 • Hoi lampje25, je mag het volgende gaan doen, maar let even op:

  indien ComboFix aangeeft ge-updated te moeten worden, dan wel aangeeft opnieuw gedownload te moeten worden, doe dat dan!


  Open een nieuw kladblok bestand, via Start>Alle programma’s>Bureau-accessoires>Kladblok.


  Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


  [b:18a7c1a3d5]
 • ComboFix 11-03-22.01 - Asus 22-03-2011 20:30:26.2.2 - x64
  Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.3037.1814 [GMT 1:00]
  Gestart vanuit: c:\users\Asus\Desktop\ComboFix.exe
  gebruikte Opdracht switches :: c:\users\Asus\Desktop\CFScript.txt
  AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
  SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
  SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  .
  FILE ::
  "c:\windows\system32\drivers\AmUStor.SYS"
  "c:\windows\system32\DRIVERS\ETD.sys"
  "c:\windows\system32\DRIVERS\lullaby.sys"
  "c:\windows\system32\DRIVERS\MpNWMon.sys"
  "c:\windows\system32\DRIVERS\NisDrvWFP.sys"
  "c:\windows\system32\drivers\npf.sys"
  "c:\windows\system32\DRIVERS\SiSG664.sys"
  "c:\windows\system32\DRIVERS\sxuptp.sys"
  "c:\windows\system32\drivers\viahduaa.sys"
  "c:\windows\system32\DRIVERS\vwififlt.sys"
  "c:\windows\system32\DRIVERS\vwifimp.sys"
  .
  .
  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  c:\program files (x86)\ESET
  c:\program files (x86)\ESET\ESET Online Scanner\esets_apiA.dll
  c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW.dll
  c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW_a.dll
  c:\program files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
  c:\program files (x86)\ESET\ESET Online Scanner\log.txt
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\continuous\nod5F94.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com\update.ver
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\lastupd.ver
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod00CF.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod0569.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod10BB.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod2FF1.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod3529.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod4716.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod4A65.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod4AA5.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod5375.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod55D5.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod5F8E.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod60BF.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod6411.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod6661.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod6C79.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod6D74.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod6EC1.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod738D.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod752E.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod7A2A.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod7BE6.nup
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\upd.ver
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\em000_32.dat
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\em000_64.dat
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\em001_32.dat
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\em002_32.dat
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\em003_32.dat
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\em004_32.dat
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\em005_32.dat
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\em006_32.dat
  c:\program files (x86)\ESET\ESET Online Scanner\Modules\em006_64.dat
  c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
  c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
  c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.inf
  c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.ocx
  c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner64.ocx
  c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
  c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerLang.dll
  c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
  c:\program files (x86)\ESET\ESET Online Scanner\unicows.dll
  c:\programdata\fDfOiGf01804
  c:\programdata\fDfOiGf01804\fDfOiGf01804
  c:\programdata\mNbOjDk01818
  c:\programdata\mNbOjDk01818\mNbOjDk01818
  c:\users\Asus\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
  c:\windows\system32\drivers\AmUStor.SYS
  c:\windows\system32\DRIVERS\ETD.sys
  c:\windows\system32\DRIVERS\lullaby.sys
  c:\windows\system32\DRIVERS\NisDrvWFP.sys
  c:\windows\system32\drivers\npf.sys
  c:\windows\system32\DRIVERS\SiSG664.sys
  c:\windows\system32\DRIVERS\sxuptp.sys
  c:\windows\system32\drivers\viahduaa.sys
  c:\windows\system32\DRIVERS\MpNWMon.sys . . . . konden niet verwijderd worden
  .
  .
  ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  ——-\Legacy_lullaby
  ——-\Legacy_MpNWMon
  ——-\Legacy_NisDrv
  ——-\Legacy_NPF
  ——-\Service_AmUStor
  ——-\Service_ETD
  ——-\Service_lullaby
  ——-\Service_MpNWMon
  ——-\Service_NisDrv
  ——-\Service_NPF
  ——-\Service_SiSGbeLH
  ——-\Service_sxuptp
  ——-\Service_VIAHdAudAddService
  .
  .
  (((((((((((((((((((( Bestanden Gemaakt van 2011-02-22 to 2011-03-22 ))))))))))))))))))))))))))))))
  .
  .
  2011-03-22 19:36 . 2011-03-22 19:36 ——– d—–w- c:\users\Default\AppData\Local\temp
  2011-03-22 13:49 . 2011-02-10 22:31 7947600 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{161DE941-5BE4-4430-A506-575354499887}\mpengine.dll
  2011-03-17 22:24 . 2011-02-10 22:31 7947600 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
  2011-03-17 22:24 . 2011-03-17 22:24 601424 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{60F86256-025B-4370-BB91-F4381E4E6D77}\gapaengine.dll
  2011-03-17 22:17 . 2011-03-17 22:17 ——– d—–w- c:\program files (x86)\Microsoft Security Client
  2011-03-17 22:17 . 2011-03-17 22:17 ——– d—–w- c:\program files\Microsoft Security Client
  2011-03-17 20:26 . 2011-03-17 20:26 ——– d—–w- c:\users\Asus\AppData\Roaming\Malwarebytes
  2011-03-17 20:26 . 2010-12-20 17:09 38224 —-a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
  2011-03-17 20:26 . 2011-03-17 20:26 ——– d—–w- c:\programdata\Malwarebytes
  2011-03-17 20:26 . 2011-03-17 20:26 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
  2011-03-17 20:26 . 2010-12-20 17:08 24152 —-a-w- c:\windows\system32\drivers\mbam.sys
  2011-03-17 19:56 . 2011-03-17 19:56 ——– d—–w- c:\program files (x86)\WinPcap
  2011-03-17 19:50 . 2010-09-06 09:26 189520 —-a-w- c:\windows\SysWow64\drivers\tmcomm.sys
  2011-03-17 19:26 . 2011-03-17 19:26 388096 —-a-w- c:\users\Asus\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
  2011-03-17 19:26 . 2011-03-17 19:56 ——– d—–w- c:\program files (x86)\Trend Micro
  2011-03-17 18:43 . 2011-03-17 18:43 ——– d—–w- c:\windows\BDOSCAN8
  2011-03-17 18:38 . 2011-03-17 18:38 ——– d—–w- c:\program files (x86)\Windows Live Safety Center
  2011-03-16 12:27 . 2011-03-16 12:27 ——– d—–w- c:\program files (x86)\JRE
  2011-03-16 12:22 . 2011-03-16 12:22 ——– d—–w- c:\program files (x86)\Common Files\Java
  2011-03-16 12:22 . 2011-03-16 12:22 411368 —-a-w- c:\windows\SysWow64\deploytk.dll
  2011-03-16 12:22 . 2011-03-16 12:22 ——– d—–w- c:\program files (x86)\Java
  2011-03-13 19:04 . 2011-03-14 11:56 ——– d–h–w- c:\programdata\bHeDhIo01804
  2011-02-23 10:36 . 2010-09-14 06:45 367104 —-a-w- c:\windows\system32\wcncsvc.dll
  2011-02-23 10:36 . 2010-09-14 06:07 276992 —-a-w- c:\windows\SysWow64\wcncsvc.dll
  2011-02-23 10:35 . 2011-01-07 08:07 662528 —-a-w- c:\windows\system32\XpsPrint.dll
  2011-02-23 10:35 . 2011-01-07 07:31 442880 —-a-w- c:\windows\SysWow64\XpsPrint.dll
  2011-02-23 10:35 . 2011-01-07 08:07 475648 —-a-w- c:\windows\system32\XpsGdiConverter.dll
  2011-02-23 10:35 . 2011-01-07 07:31 288256 —-a-w- c:\windows\SysWow64\XpsGdiConverter.dll
  .
  .
  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  2011-03-09 09:03 . 2010-06-24 10:33 18328 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
  2011-01-26 06:53 . 2011-02-10 15:25 982912 —-a-w- c:\windows\system32\drivers\dxgkrnl.sys
  2011-01-26 06:53 . 2011-02-10 15:25 265088 —-a-w- c:\windows\system32\drivers\dxgmms1.sys
  2011-01-26 06:31 . 2011-02-10 15:25 144384 —-a-w- c:\windows\system32\cdd.dll
  2011-01-07 08:06 . 2011-02-10 15:25 46080 —-a-w- c:\windows\system32\atmlib.dll
  2011-01-07 07:27 . 2011-02-10 15:25 34304 —-a-w- c:\windows\SysWow64\atmlib.dll
  2011-01-07 05:49 . 2011-02-10 15:25 366080 —-a-w- c:\windows\system32\atmfd.dll
  2011-01-07 05:33 . 2011-02-10 15:25 294400 —-a-w- c:\windows\SysWow64\atmfd.dll
  2011-01-05 06:20 . 2011-02-10 15:25 612352 —-a-w- c:\windows\system32\vbscript.dll
  2011-01-05 05:37 . 2011-02-10 15:25 428032 —-a-w- c:\windows\SysWow64\vbscript.dll
  2011-01-05 04:00 . 2011-02-10 15:26 3127808 —-a-w- c:\windows\system32\win32k.sys
  2009-04-08 17:31 . 2009-04-08 17:31 106496 —-a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
  2008-08-12 04:45 . 2008-08-12 04:45 155648 —-a-w- c:\program files (x86)\Common Files\MSIactionall.dll
  .
  .
  ((((((((((((((((((((((((((((( SnapShot@2011-03-18_20.01.07 )))))))))))))))))))))))))))))))))))))))))
  .
  + 2009-09-13 23:06 . 2011-03-22 19:13 55076 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
  - 2009-07-14 05:10 . 2011-03-18 17:28 46856 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
  + 2009-07-14 05:10 . 2011-03-22 19:13 46856 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
  + 2009-11-13 10:48 . 2011-03-22 19:13 14726 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3406382855-3554832233-3493148428-1001_UserData.bin
  + 2009-11-14 01:42 . 2011-03-18 20:31 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  - 2009-11-14 01:42 . 2011-03-18 10:28 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  - 2009-11-14 01:42 . 2011-03-18 10:28 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
  + 2009-11-14 01:42 . 2011-03-18 20:31 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
  - 2009-07-14 04:54 . 2011-03-18 10:28 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  + 2009-07-14 04:54 . 2011-03-18 20:31 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  + 2009-11-13 11:01 . 2011-03-22 19:39 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  - 2009-11-13 11:01 . 2011-03-18 20:01 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  + 2009-07-14 04:46 . 2011-03-18 20:48 80672 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
  + 2009-11-13 11:01 . 2011-03-22 19:39 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
  - 2009-11-13 11:01 . 2011-03-18 20:01 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
  + 2009-11-13 11:01 . 2011-03-22 19:39 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  - 2009-11-13 11:01 . 2011-03-18 20:01 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  - 2009-11-13 10:52 . 2011-03-18 20:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  + 2009-11-13 10:52 . 2011-03-22 19:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  + 2009-11-13 10:52 . 2011-03-22 19:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  - 2009-11-13 10:52 . 2011-03-18 20:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
  + 2009-12-31 12:07 . 2011-03-18 21:23 3614 c:\windows\system32\wdi\ERCQueuedResolutions.dat
  - 2009-12-31 12:07 . 2011-02-18 13:11 3614 c:\windows\system32\wdi\ERCQueuedResolutions.dat
  - 2011-03-18 20:00 . 2011-03-18 20:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
  + 2011-03-22 19:37 . 2011-03-22 19:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
  + 2011-03-22 19:37 . 2011-03-22 19:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
  - 2011-03-18 20:00 . 2011-03-18 20:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
  - 2009-07-14 05:12 . 2011-03-18 10:28 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
  + 2009-07-14 05:12 . 2011-03-18 20:31 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
  + 2010-06-11 15:16 . 2011-03-19 10:40 492000 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
  - 2009-07-14 05:01 . 2011-03-18 19:59 443896 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
  + 2009-07-14 05:01 . 2011-03-22 19:36 443896 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
  + 2010-11-12 22:32 . 2011-03-22 19:36 1793768 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3406382855-3554832233-3493148428-1001-8192.dat
  - 2009-07-14 02:34 . 2011-03-18 17:37 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
  + 2009-07-14 02:34 . 2011-03-22 19:21 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
  .
  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
  REGEDIT4
  .
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
  "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-24 39408]
  "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
  "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
  "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
  "HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
  "ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
  "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
  "InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-07-28 1485208]
  "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
  "Trend Micro RUBotted V2.0 Beta"="c:\program files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe" [2010-12-17 1103184]
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  "ConsentPromptBehaviorAdmin"= 5 (0x5)
  "ConsentPromptBehaviorUser"= 3 (0x3)
  "EnableUIADesktopToggle"= 0 (0x0)
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
  "aux"=wdmaud.drv
  .
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
  @="Service"
  .
  [HKLM\~\startupfolder\C:^Users^Asus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1 .lnk]
  backup=c:\windows\pss\OpenOffice.org 3.1 .lnk.Startup
  path=c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1 .lnk
  backupExtension=.Startup
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  2009-02-28 00:10 35696 —-a-w- c:\program files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
  2009-09-13 23:03 72248 —-a-w- c:\windows\AsScrProlog.exe
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
  2009-09-13 23:03 3054136 —-a-w- c:\windows\AsScrPro.exe
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
  2008-07-19 02:52 104936 —-a-w- c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
  .
  R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  R2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
  R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 136176]
  R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
  R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
  R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
  S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
  S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
  S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2010-02-17 181760]
  S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2010-02-09 55296]
  S2 RUBotSrv;Trend Micro RUBotted Service;c:\program files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [2010-12-17 439632]
  S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
  S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
  .
  .
  Inhoud van de 'Gedeelde Taken' map
  .
  2011-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 19:18]
  .
  2011-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 19:18]
  .
  .
  ——— x86-64 ———–
  .
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "combofix"="c:\combofix\CF25076.cfxxe" [X]
  "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
  "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
  "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
  "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
  "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
  "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
  "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
  .
  ——- Bijkomende Scan ——-
  .
  uStart Page = hxxp://www.google.nl/
  uLocal Page = c:\windows\system32\blank.htm
  mLocal Page = c:\windows\SysWOW64\blank.htm
  IE: Google Sidewiki… - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
  .
  - - - - ORPHANS VERWIJDERD - - - -
  .
  Toolbar-Locked - (no file)
  AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
  .
  .
  .
  ——————— VERGRENDELDE REGISTER SLEUTELS ———————
  .
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
  @Denied: (Full) (Everyone)
  .
  ———————— Andere Aktieve Processen ————————
  .
  c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
  c:\program files\ATKGFNEX\GFNEXSrv.exe
  c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
  c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
  c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
  c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
  c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
  c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
  c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
  c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
  c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
  c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
  c:\program files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
  .
  **************************************************************************
  .
  Voltooingstijd: 2011-03-22 20:42:33 - machine werd herstart
  ComboFix-quarantined-files.txt 2011-03-22 19:42
  ComboFix2.txt 2011-03-18 20:05
  .
  Pre-Run: 127.529.508.864 bytes beschikbaar
  Post-Run: 126.956.703.744 bytes beschikbaar
  .
  - - End Of File - - 63F79FB47DB64F3DBA6AD3C8F10677D6
 • Hoi Lampje, geef een update over hoe jouw Windows nu draait.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.