Vraag & Antwoord

Beveiliging & privacy

PC start heel traag op. Duurt zeker 10 minuten

Anoniem
None
41 antwoorden
  • Hoi,

    Ik had al een bericht geplaatst bij Windows7 forum.
    Daar werd me verteld een hijack log hier te plaatsen.
    Zou iemand me hiermee kunnen helpen?
    Alvast bedankt

    p.s. Is er een andere manier om een hijack log hier te plaatsen?

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 19:04:20, on 14-6-2012
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.17006)
    Boot mode: Normal

    Running processes:
    G:\Downloads\Desktops\Desktops.exe
    C:\Users\Sebastiaan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    C:\Windows\SysWOW64\WinFLTray.exe
    C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
    C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe
    C:\Users\Sebastiaan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files (x86)\Keyboard Driver\StartAutorun.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Keyboard Driver\KMConfig.exe
    C:\Program Files (x86)\Keyboard Driver\KMProcess.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
    G:\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.ask.com?o=14200&l=dis
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files (x86)\Keyboard Driver\StartAutorun.exe KMConfig.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKCU\..\Run: [Sysinternals Desktops] G:\Downloads\Desktops\Desktops.exe
    O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Sebastiaan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
    O4 - HKCU\..\Run: [WinFLTray] C:\Windows\SysWow64\WinFLTray.exe
    O4 - HKCU\..\Run: [FLBackup] C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Sebastiaan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Welcome Center] C:\Windows\system32\rundll32.exe C:\Windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Welcome Center] C:\Windows\system32\rundll32.exe C:\Windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut (User 'Default user')
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FF16704D-1B20-4111-9213-AF9B86C10C80}: NameServer = 208.67.222.222,208.67.220.220
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    O23 - Service: AMD FusionUtility Service - Advanced Micro Devices, Inc. - C:\Program Files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe
    O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files (x86)\Keyboard Driver\KMWDSrv.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 9202 bytes
  • Waarom heb je geen antiivirussoftware in jouw Windows?

    Ik wil graag dat je als eerst het volgende doet:

    [b:c75d3266d4]Welk programma[/b:c75d3266d4]:
  • Ik heb wel een virusprogramma er op staan.
    Microsoft Security Essentials.
    Of is dit niet voldoende.
    Tips voor een ander (liefst gratis) virusprogramma?
  • Oké, over een goede vervanger voor MSE zal ik nog met je bespreken.
    Doe nu maar eerst wat ik in mijn vorige bericht heb gevraagd.
  • 20:46:08.0137 4100 TDSS rootkit removing tool 2.7.39.0 Jun 14 2012 08:11:46
    20:46:08.0152 4100 ============================================================
    20:46:08.0152 4100 Current date / time: 2012/06/14 20:46:08.0152
    20:46:08.0152 4100 SystemInfo:
    20:46:08.0152 4100
    20:46:08.0152 4100 OS Version: 6.1.7600 ServicePack: 0.0
    20:46:08.0152 4100 Product type: Workstation
    20:46:08.0153 4100 ComputerName: SEBASTIAAN-PC
    20:46:08.0153 4100 UserName: Sebastiaan
    20:46:08.0153 4100 Windows directory: C:\Windows
    20:46:08.0153 4100 System windows directory: C:\Windows
    20:46:08.0153 4100 Running under WOW64
    20:46:08.0153 4100 Processor architecture: Intel x64
    20:46:08.0153 4100 Number of processors: 2
    20:46:08.0153 4100 Page size: 0x1000
    20:46:08.0153 4100 Boot type: Normal boot
    20:46:08.0153 4100 ============================================================
    20:46:20.0701 4100 Drive \Device\Harddisk1\DR1 - Size: 0x950AC4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13000, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    20:46:20.0710 4100 Drive \Device\Harddisk2\DR2 - Size: 0x45DD826000 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    20:46:20.0728 4100 Drive \Device\Harddisk0\DR0 - Size: 0x253B1D5400 (148.92 Gb), SectorSize: 0x200, Cylinders: 0x4BF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    20:46:20.0995 4100 ============================================================
    20:46:20.0996 4100 \Device\Harddisk1\DR1:
    20:46:23.0287 4100 MBR partitions:
    20:46:23.0287 4100 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852FC1
    20:46:23.0287 4100 \Device\Harddisk2\DR2:
    20:46:23.0302 4100 MBR partitions:
    20:46:23.0303 4100 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1E849D80
    20:46:23.0303 4100 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x1E849DBF, BlocksNum 0x46A0F82
    20:46:23.0303 4100 \Device\Harddisk0\DR0:
    20:46:23.0317 4100 MBR partitions:
    20:46:23.0317 4100 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x129D5FB1
    20:46:23.0317 4100 ============================================================
    20:46:23.0323 4100 C: <-> \Device\Harddisk0\DR0\Partition0
    20:46:49.0074 4100 F: <-> \Device\Harddisk1\DR1\Partition0
    20:46:49.0109 4100 G: <-> \Device\Harddisk2\DR2\Partition0
    20:46:49.0165 4100 H: <-> \Device\Harddisk2\DR2\Partition1
    20:46:49.0165 4100 ============================================================
    20:46:49.0165 4100 Initialize success
    20:46:49.0165 4100 ============================================================
    20:46:49.0217 1088 ============================================================
    20:46:49.0217 1088 Scan started
    20:46:49.0217 1088 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
    20:46:49.0217 1088 ============================================================
    20:47:37.0084 1088 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
    20:47:37.0569 1088 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
    20:47:37.0627 1088 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
    20:47:38.0013 1088 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    20:47:38.0081 1088 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    20:47:38.0188 1088 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    20:47:38.0262 1088 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    20:47:38.0314 1088 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
    20:47:38.0646 1088 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
    20:47:38.0730 1088 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
    20:47:38.0769 1088 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
    20:47:38.0830 1088 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
    20:47:38.0890 1088 AMD External Events Utility (5ec60409bd50953bd4f892b18840039e) C:\Windows\system32\atiesrxx.exe
    20:47:39.0148 1088 AMD FusionUtility Service (72893d5e805cc0a721dac0102329f94e) C:\Program Files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe
    20:47:39.0206 1088 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
    20:47:39.0251 1088 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
    20:47:39.0314 1088 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    20:47:39.0781 1088 amdkmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys
    20:47:40.0382 1088 amdkmdap (961a81a84fdd700e361e8294528a37ba) C:\Windows\system32\DRIVERS\atikmpag.sys
    20:47:40.0494 1088 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    20:47:40.0612 1088 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
    20:47:40.0648 1088 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    20:47:40.0678 1088 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
    20:47:40.0722 1088 amd_sata (b69ab579e950511d6d9bd09aaa350001) C:\Windows\system32\DRIVERS\amd_sata.sys
    20:47:40.0744 1088 amd_xata (683f545b70c80fa2c6349eb52958ef29) C:\Windows\system32\DRIVERS\amd_xata.sys
    20:47:40.0875 1088 AODDriver2 (6a488397b2e020ec24ce1aacfc830f90) C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
    20:47:40.0935 1088 AODService (7e869d0d289358b3dd17fce30e502d3a) C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
    20:47:41.0000 1088 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
    20:47:41.0126 1088 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
    20:47:41.0189 1088 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
    20:47:41.0352 1088 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    20:47:41.0398 1088 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
    20:47:41.0447 1088 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    20:47:41.0478 1088 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    20:47:41.0511 1088 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    20:47:41.0584 1088 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
    20:47:41.0671 1088 athrusb (788914c42ad8318f1dd7a565eaffb049) C:\Windows\system32\DRIVERS\athrxusb.sys
    20:47:41.0766 1088 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
    20:47:42.0709 1088 atikmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys
    20:47:42.0982 1088 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
    20:47:43.0058 1088 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
    20:47:43.0125 1088 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
    20:47:43.0272 1088 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    20:47:43.0342 1088 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    20:47:43.0426 1088 BCM42RLY (413c17feb9666ae4a390df7f9552aaf6) C:\Windows\system32\drivers\BCM42RLY.sys
    20:47:43.0778 1088 BCM43XX (e962c2c7e6120c5087a73809eaa90e4b) C:\Windows\system32\DRIVERS\bcmwl664.sys
    20:47:44.0356 1088 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    20:47:44.0491 1088 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
    20:47:44.0615 1088 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
    20:47:44.0736 1088 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    20:47:44.0832 1088 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
    20:47:44.0885 1088 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
    20:47:44.0984 1088 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    20:47:45.0049 1088 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    20:47:45.0112 1088 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
    20:47:45.0191 1088 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    20:47:45.0250 1088 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    20:47:45.0292 1088 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    20:47:45.0336 1088 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    20:47:45.0396 1088 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
    20:47:45.0451 1088 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    20:47:45.0513 1088 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
    20:47:45.0586 1088 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
    20:47:45.0664 1088 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
    20:47:45.0728 1088 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    20:47:45.0801 1088 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
    20:47:45.0864 1088 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
    20:47:45.0926 1088 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    20:47:45.0976 1088 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    20:47:46.0069 1088 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    20:47:46.0142 1088 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    20:47:46.0243 1088 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    20:47:46.0304 1088 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    20:47:46.0359 1088 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    20:47:46.0402 1088 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
    20:47:46.0459 1088 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
    20:47:46.0518 1088 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    20:47:46.0567 1088 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
    20:47:46.0641 1088 cpuz135 (75dbd5db9892d7451d0429bec1aabe1a) C:\Windows\system32\drivers\cpuz135_x64.sys
    20:47:46.0668 1088 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    20:47:46.0722 1088 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
    20:47:46.0841 1088 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
    20:47:46.0952 1088 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
    20:47:47.0059 1088 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
    20:47:47.0187 1088 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
    20:47:47.0319 1088 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
    20:47:47.0430 1088 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
    20:47:47.0541 1088 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    20:47:47.0625 1088 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    20:47:47.0682 1088 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
    20:47:47.0765 1088 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
    20:47:47.0844 1088 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
    20:47:47.0985 1088 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    20:47:48.0154 1088 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
    20:47:48.0236 1088 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys
    20:47:48.0309 1088 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
    20:47:48.0500 1088 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    20:47:49.0124 1088 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
    20:47:49.0235 1088 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
    20:47:49.0315 1088 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
    20:47:49.0443 1088 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    20:47:49.0478 1088 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
    20:47:49.0560 1088 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
    20:47:49.0668 1088 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    20:47:49.0740 1088 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    20:47:49.0847 1088 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
    20:47:50.0017 1088 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    20:47:50.0097 1088 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
    20:47:50.0193 1088 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
    20:47:50.0334 1088 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    20:47:50.0364 1088 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    20:47:50.0429 1088 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    20:47:50.0538 1088 FLService (9f63cbeaa3cf458db4d41e1906b66a9b) C:\Windows\SysWow64\WinFLService.exe
    20:47:50.0633 1088 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
    20:47:50.0738 1088 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
    20:47:50.0899 1088 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    20:47:50.0968 1088 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    20:47:51.0023 1088 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
    20:47:51.0047 1088 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    20:47:51.0101 1088 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    20:47:51.0169 1088 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
    20:47:51.0276 1088 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    20:47:51.0322 1088 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    20:47:51.0547 1088 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
    20:47:51.0612 1088 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
    20:47:51.0653 1088 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    20:47:51.0698 1088 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    20:47:51.0751 1088 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    20:47:51.0813 1088 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
    20:47:51.0881 1088 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
    20:47:51.0926 1088 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
    20:47:51.0984 1088 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
    20:47:52.0068 1088 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
    20:47:52.0125 1088 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
    20:47:52.0217 1088 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
    20:47:52.0318 1088 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
    20:47:52.0344 1088 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
    20:47:52.0419 1088 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
    20:47:52.0592 1088 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    20:47:52.0680 1088 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    20:47:52.0756 1088 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
    20:47:53.0045 1088 IntcAzAudAddService (150ac23f21dbdbf8488408ba944b0d65) C:\Windows\system32\drivers\RTKVHD64.sys
    20:47:53.0338 1088 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
    20:47:53.0378 1088 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    20:47:53.0446 1088 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
    20:47:53.0525 1088 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    20:47:53.0631 1088 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
    20:47:53.0709 1088 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
    20:47:53.0750 1088 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    20:47:54.0130 1088 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
    20:47:54.0221 1088 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    20:47:54.0277 1088 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
    20:47:54.0331 1088 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
    20:47:54.0426 1088 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
    20:47:54.0497 1088 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
    20:47:54.0605 1088 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
    20:47:54.0667 1088 KMWDFILTER (07071c1e3cd8f0f9114aac8b072ca1e5) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
    20:47:54.0839 1088 KMWDSERVICE (c845bad94bb9ab52806e1402fc04ad89) C:\Program Files (x86)\Keyboard Driver\KMWDSrv.exe
    20:47:54.0903 1088 KMWDSERVICE ( UnsignedFile.Multi.Generic ) - [b:8668c290b3]
  • Mooi zo, geen MBR-rootkit.

    We gaan Combofix gebruiken - http://hijackthis.nl/forum/viewtopic.php?p=273082#p273082 - hier zie je hoe MSE te deaktiveren.

    [b:c5c8dfa3bd]Welk programma[/b:c5c8dfa3bd]:
  • Okay dankjewel. Ik zal het programma zo snel mogelijk laten draaien.
    Ik moet eerst even m'n werk afmaken aangezien het programma ervoor kan zorgen dat je pc meerdere keren opnieuw moet opstarten,
    Ik zal zo snel mogelijk het logfile hier posten
  • Prima hoor.
  • Hieronder de log van de Combofix scan, ik hoop dat je er iets mee kunt en me verder kunt helpen. Alvast bedankt.

    ComboFix 12-06-14.01 - Sebastiaan 14-06-2012 23:38:04.1.2 - x64
    Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1033.18.5629.3397 [GMT 2:00]
    Gestart vanuit: c:\users\Sebastiaan\Desktop\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
    SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files (x86)\Mozilla Maintenance Service
    c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    c:\program files (x86)\Mozilla Maintenance Service\Uninstall.exe
    c:\program files (x86)\Mozilla Maintenance Service\updater.ini
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ——-\Service_MozillaMaintenance
    ——-\Service_MozillaMaintenance
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-05-14 to 2012-06-14 ))))))))))))))))))))))))))))))
    .
    .
    2012-06-14 22:04 . 2012-06-14 22:04 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-06-14 21:32 . 2012-06-14 21:32 ——– d—–w- c:\program files (x86)\SmartClose
    2012-06-14 21:32 . 2012-06-14 21:32 ——– d—–w- c:\users\Sebastiaan\AppData\Roaming\SmartClose
    2012-06-14 19:38 . 2012-05-08 08:02 8955792 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0FCB6ADC-DC4E-4560-AEFD-F16A12A2930B}\mpengine.dll
    2012-06-14 18:45 . 2012-06-14 18:56 ——– d—–w- C:\TDSSStarter
    2012-06-14 02:01 . 2012-06-01 11:32 927800 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
    2012-06-14 02:01 . 2012-06-01 11:32 927800 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A81F4A80-5E7E-419F-A290-88FB92F1F64B}\gapaengine.dll
    2012-06-13 14:32 . 2012-06-13 14:32 ——– d—–w- C:\Microgaming
    2012-06-13 13:45 . 2012-06-13 13:45 ——– d—–w- c:\users\Sebastiaan\AppData\Roaming\Malwarebytes
    2012-06-13 13:45 . 2012-06-13 13:45 ——– d—–w- c:\programdata\Malwarebytes
    2012-06-13 13:45 . 2012-06-13 13:45 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2012-06-13 13:45 . 2012-04-04 13:56 24904 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-12 11:37 . 2012-05-08 08:02 8955792 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-06-07 20:49 . 2012-06-07 20:49 ——– d—–w- c:\users\Sebastiaan\AppData\Local\IsolatedStorage
    2012-06-07 20:48 . 2012-06-07 20:48 ——– d—–w- c:\users\Sebastiaan\AppData\Local\Sublight_Labs
    2012-06-07 20:48 . 2012-06-07 21:22 ——– d—–w- c:\program files (x86)\Sublight
    2012-06-06 19:29 . 2012-06-06 19:29 ——– d—–w- c:\program files (x86)\Ashampoo
    2012-06-06 11:55 . 2012-06-06 11:55 770384 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
    2012-06-06 11:55 . 2012-06-06 11:55 421200 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
    2012-06-02 03:04 . 2012-06-02 04:07 ——– d—–w- c:\users\Sebastiaan\AppData\Local\7D0365B3-FBB3-4DFE-8480-444D8327B9E1.aplzod
    2012-06-02 00:01 . 2012-03-09 08:57 23816 —-a-w- c:\windows\system32\drivers\cpuz135_x64.sys
    2012-06-02 00:01 . 2012-06-02 00:01 ——– d—–w- c:\program files\CPU-Z
    2012-06-01 17:30 . 2012-06-01 17:30 131584 —-a-w- c:\windows\SysWow64\SpoonUninstall.exe
    2012-06-01 17:06 . 2012-06-01 17:06 ——– d—–w- c:\users\Sebastiaan\AppData\Local\APN
    2012-06-01 16:58 . 2012-06-02 00:59 ——– d—–w- c:\users\Sebastiaan\AppData\Roaming\PFStaticIP
    2012-06-01 16:58 . 2012-06-01 16:58 ——– d—–w- c:\program files (x86)\PFStaticIP
    2012-06-01 15:28 . 2012-06-01 15:28 ——– d—–w- c:\users\Sebastiaan\AppData\Local\MetaGeek,_LLC
    2012-06-01 14:53 . 2012-06-01 14:53 ——– d—–w- c:\program files (x86)\MetaGeek
    2012-06-01 11:38 . 2012-06-01 11:38 ——– d—–w- c:\program files (x86)\Auslogics
    2012-06-01 11:29 . 2012-06-01 11:29 ——– d—–w- c:\program files (x86)\Microsoft Security Client
    2012-06-01 11:29 . 2012-06-01 11:29 ——– d—–w- c:\program files\Microsoft Security Client
    2012-06-01 11:24 . 2012-06-01 11:24 ——– d—–w- c:\program files (x86)\MSECache
    2012-06-01 11:07 . 2012-06-01 20:55 ——– d—–w- c:\program files (x86)\Microsoft
    2012-06-01 11:07 . 2012-06-01 11:07 7450888 —-a-w- c:\program files (x86)\Common Files\Windows Live\.cache\c4d311271cd3fe609\bingbarsetup.exe
    2012-06-01 10:20 . 2012-06-01 10:20 ——– d—–w- c:\program files (x86)\Microsoft Synchronization Services
    2012-06-01 10:19 . 2012-06-01 10:19 ——– d—–w- c:\windows\PCHEALTH
    2012-06-01 10:19 . 2012-06-01 10:19 ——– d—–w- c:\program files (x86)\Microsoft Sync Framework
    2012-06-01 10:19 . 2012-06-01 10:19 ——– d—–w- c:\program files (x86)\Microsoft SQL Server Compact Edition
    2012-06-01 10:13 . 2012-06-01 10:13 ——– d—–w- c:\program files (x86)\Microsoft Analysis Services
    2012-06-01 09:41 . 2012-06-01 09:42 ——– d—–w- c:\program files (x86)\Windows Live
    2012-06-01 09:26 . 2012-06-01 09:26 36240 —-a-w- c:\windows\SysWow64\WinFLAdrv.sys
    2012-06-01 09:26 . 2012-06-01 09:26 197648 —-a-w- c:\windows\SysWow64\WinVDEdrv6.sys
    2012-06-01 09:26 . 2012-06-01 09:26 225680 —-a-w- c:\windows\SysWow64\WinVDEdrv.sys
    2012-06-01 09:25 . 2012-06-01 09:25 91736 —-a-w- c:\windows\SysWow64\WinFLService.exe
    2012-06-01 09:25 . 2012-06-01 09:25 14936 —-a-w- c:\windows\SysWow64\WinFLMsgService.exe
    2012-06-01 09:25 . 2012-06-01 09:25 40960 —-a-w- c:\windows\SysWow64
    wsftUninstall.exe
    2012-06-01 09:25 . 2012-06-01 09:25 293976 —-a-w- c:\windows\SysWow64\WinFLTray.exe
    2012-06-01 09:25 . 2012-06-01 09:25 293976 —-a-w- c:\windows\SysWow64\WinFLTrayShred.exe
    2012-06-01 09:25 . 2012-06-01 09:25 594520 —-a-w- c:\windows\SysWow64\WinFLCtxMenu.dll
    2012-06-01 09:25 . 2012-06-01 09:25 ——– d—–w- c:\program files (x86)\NewSoftware's
    2012-05-31 21:08 . 2012-05-31 21:08 ——– d—–w- c:\users\Sebastiaan\AppData\Roaming\Mozilla-Cache
    2012-05-31 02:38 . 2012-05-31 02:39 ——– d—–w- c:\program files (x86)\VirtualDJ
    2012-05-31 02:28 . 2012-06-06 11:55 85472 —-a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
    2012-05-31 01:17 . 2012-05-31 02:16 ——– d—–w- c:\programdata\Ableton
    2012-05-31 01:17 . 2012-05-31 01:17 ——– d—–w- c:\users\Sebastiaan\AppData\Roaming\Ableton
    2012-05-31 01:16 . 2012-06-07 16:29 ——– d—–w- c:\users\Sebastiaan\AppData\Roaming\Foxit Software
    2012-05-31 00:24 . 2012-05-31 00:24 ——– d—–w- c:\users\Sebastiaan\AppData\Roaming\Deckadance19
    2012-05-31 00:23 . 2012-06-01 13:38 ——– d—–w- c:\users\Sebastiaan\AppData\Roaming\SongManager
    2012-05-30 23:46 . 2012-05-30 23:46 ——– d—–w- c:\program files (x86)\ASIO4ALL v2
    2012-05-30 23:46 . 2012-05-31 00:23 ——– d—–w- c:\program files (x86)\VstPlugins
    2012-05-30 23:46 . 2012-05-30 23:46 ——– d—–w- c:\program files (x86)\Image-Line
    2012-05-30 23:45 . 2009-09-15 09:14 1554944 —-a-w- c:\windows\SysWow64\vorbis.acm
    2012-05-30 23:45 . 2012-05-30 23:45 ——– d—–w- c:\program files (x86)\Outsim
    2012-05-30 23:42 . 2012-05-30 23:47 ——– d—–w- c:\program files (x86)\Fruity Loops Studio 10
    2012-05-30 23:40 . 2010-10-08 15:57 233472 —-a-w- c:\windows\SysWow64\REX Shared Library.dll
    2012-05-30 23:40 . 2010-10-08 15:57 368640 —-a-w- c:\windows\SysWow64\ReWire.dll
    2012-05-30 23:37 . 2012-05-30 23:37 ——– d—–w- c:\program files (x86)\Ableton
    2012-05-29 21:43 . 2012-05-29 21:43 ——– d—–r- c:\users\Sebastiaan\SkyDrive
    2012-05-29 21:42 . 2012-05-29 21:42 ——– d—–w- c:\programdata\Microsoft SkyDrive
    2012-05-29 21:38 . 2012-05-29 21:38 ——– d—–w- c:\users\Sebastiaan\AppData\Local\Macromedia
    2012-05-29 21:36 . 2012-05-29 21:36 ——– d—–w- c:\program files (x86)\Foxit Reader
    2012-05-29 21:25 . 2012-05-29 21:25 ——– d—–w- c:\program files (x86)\FileHippo.com
    2012-05-29 21:18 . 2012-05-29 21:17 955848 —-a-w- c:\windows\system32
    pDeployJava1.dll
    2012-05-29 21:16 . 2012-05-29 21:16 772552 —-a-w- c:\windows\SysWow64
    pDeployJava1.dll
    2012-05-29 20:34 . 2012-05-29 20:34 ——– d—–w- c:\program files (x86)\Cisco
    2012-05-29 20:33 . 2012-05-29 20:32 1047552 —-a-w- c:\windows\system32\BCMLogon.dll
    2012-05-29 20:31 . 2012-05-29 20:31 ——– d—–w- c:\programdata\ATI
    2012-05-29 20:30 . 2012-05-29 20:30 ——– d—–w- c:\program files (x86)\AMD APP
    2012-05-29 20:30 . 2012-05-29 20:30 ——– d—–w- c:\program files (x86)\ATI Technologies
    2012-05-29 20:24 . 2011-08-17 21:44 53376 —-a-w- c:\windows\system32\drivers\usbfilter.sys
    2012-05-29 20:20 . 2011-05-05 13:24 2085440 —-a-w- c:\windows\system32\FMAPO64.dll
    2012-05-29 20:02 . 2012-05-29 20:18 ——– d—–w- c:\programdata\DriverGenius
    2012-05-25 18:34 . 2012-05-25 18:34 ——– d—–w- c:\programdata\IObit
    2012-05-25 18:34 . 2012-05-25 19:25 ——– d—–w- c:\users\Sebastiaan\AppData\Roaming\IObit
    2012-05-25 18:34 . 2012-05-25 19:59 ——– d—–w- c:\program files (x86)\Advanced SystemCare 5
    2012-05-17 14:47 . 2012-05-17 14:47 ——– d—–w- c:\program files\Microsoft Silverlight
    2012-05-17 14:47 . 2012-05-17 14:47 ——– d—–w- c:\program files (x86)\Microsoft Silverlight
    2012-05-16 14:33 . 2012-05-16 14:33 ——– d—–w- c:\windows\CheckSur
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-06-09 14:07 . 2012-04-07 11:49 426184 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-06-09 14:07 . 2011-08-15 14:12 70344 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-06-01 09:41 . 2011-03-28 16:36 19736 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2012-05-29 21:17 . 2011-02-25 19:29 839112 —-a-w- c:\windows\system32\deployJava1.dll
    2012-05-29 21:16 . 2011-02-28 15:46 687560 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2012-05-29 20:32 . 2009-10-20 18:19 35344 —-a-w- c:\windows\system32\drivers
    pf.sys
    2012-05-06 13:50 . 2012-04-07 11:50 8744608 —-a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
    2012-04-18 18:56 . 2012-04-18 18:56 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2012-04-18 18:56 . 2012-04-18 18:56 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
    2012-03-30 11:09 . 2012-05-13 21:02 1895280 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2012-03-22 19:12 . 2012-03-22 19:12 4435968 —-a-w- c:\windows\SysWow64\GPhotos.scr
    2012-03-20 18:44 . 2012-03-20 18:44 98688 —-a-w- c:\windows\system32\drivers\NisDrvWFP.sys
    2012-03-20 18:44 . 2012-03-20 18:44 203888 —-a-w- c:\windows\system32\drivers\MpFilter.sys
    2012-03-17 07:55 . 2012-05-13 21:02 75632 —-a-w- c:\windows\system32\drivers\partmgr.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2012-05-31 10:54 208608 —-a-w- c:\users\Sebastiaan\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2012-05-31 10:54 208608 —-a-w- c:\users\Sebastiaan\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2012-05-31 10:54 208608 —-a-w- c:\users\Sebastiaan\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\SkyDriveShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sysinternals Desktops"="g:\downloads\Desktops\Desktops.exe" [2010-01-18 116088]
    "SkyDrive"="c:\users\Sebastiaan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2012-05-31 296672]
    "WinFLTray"="c:\windows\SysWow64\WinFLTray.exe" [2012-06-01 293976]
    "FLBackup"="c:\program files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe" [2012-06-01 282712]
    "Spotify Web Helper"="c:\users\Sebastiaan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-06-13 932528]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "KMCONFIG"="c:\program files (x86)\Keyboard Driver\StartAutorun.exe" [2008-05-29 212992]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Welcome Center"="c:\windows\system32\rundll32.exe" [2009-07-14 44544]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 0 (0x0)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoResolveTrack"= 1 (0x1)
    "NoSMBalloonTip"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R2 AMD FusionUtility Service;AMD FusionUtility Service;c:\program files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe [2010-04-14 275832]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-09 257224]
    R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys [x]
    R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
    R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R4 FLService;FLService;c:\windows\SysWow64\WinFLService.exe [2012-06-01 91736]
    S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [x]
    S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 361984]
    S2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
    S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
    S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files (x86)\Keyboard Driver\KMWDSrv.exe [2009-08-31 1821184]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
    S2 NEWDRIVER;NEWDRIVER;c:\windows\SysWow64\WinVDEdrv6.sys [2012-06-01 197648]
    S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers
    pf.sys [x]
    S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - WS2IFSL
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 14:07]
    .
    2012-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-793306352-945316632-3298908517-1000Core.job
    - c:\users\Sebastiaan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20 19:51]
    .
    2012-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-793306352-945316632-3298908517-1000UA.job
    - c:\users\Sebastiaan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20 19:51]
    .
    .
    ——— X64 Entries ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2012-05-31 10:54 232672 —-a-w- c:\users\Sebastiaan\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2012-05-31 10:54 232672 —-a-w- c:\users\Sebastiaan\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2012-05-31 10:54 232672 —-a-w- c:\users\Sebastiaan\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
    "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
    "Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2012-05-29 7142400]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
    "combofix"="c:\combofix\CF6938.3XE" [2009-07-14 344576]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ——- Bijkomende Scan ——-
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://nl.ask.com?o=14200&l=dis
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{FF16704D-1B20-4111-9213-AF9B86C10C80}: NameServer = 208.67.222.222,208.67.220.220
    FF - ProfilePath - c:\users\Sebastiaan\AppData\Roaming\Mozilla\Firefox\Profiles\h4rdvxyi.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.hotmail.com
    FF - prefs.js: network.proxy.type - 0
    FF - user.js: browser.cache.memory.capacity - 65536
    FF - user.js: browser.chrome.favicons - false
    FF - user.js: browser.display.show_image_placeholders - true
    FF - user.js: browser.turbo.enabled - true
    FF - user.js: browser.urlbar.autocomplete.enabled - true
    FF - user.js: browser.urlbar.autofill - true
    FF - user.js: browser.xul.error_pages.enabled - true
    FF - user.js: content.interrupt.parsing - true
    FF - user.js: content.max.tokenizing.time - 3000000
    FF - user.js: content.maxtextrun - 8191
    FF - user.js: content.notify.backoffcount - 5
    FF - user.js: content.notify.interval - 750000
    FF - user.js: content.notify.ontimer - true
    FF - user.js: content.notify.ontimer - true
    FF - user.js: content.switch.threshold - 750000
    FF - user.js: network.http.max-connections - 32
    FF - user.js: network.http.max-connections-per-server - 8
    FF - user.js: network.http.max-persistent-connections-per-proxy - 8
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: network.http.pipelining - true
    FF - user.js: network.http.pipelining.maxrequests - 8
    FF - user.js: network.http.proxy.pipelining - true
    FF - user.js: network.http.request.max-start-delay - 0
    FF - user.js: nglayout.initialpaint.delay - 0
    FF - user.js: plugin.expose_full_path - true
    FF - user.js: ui.submenuDelay - 0
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    SafeBoot-WinFLAdrv.sys
    ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
    AddRemove-MozillaMaintenanceService - c:\program files (x86)\Mozilla Maintenance Service\uninstall.exe
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\program files (x86)\NewSoftware's\Folder Lock\FLComServ.exe
    c:\program files (x86)\Keyboard Driver\KMConfig.exe
    c:\program files (x86)\Keyboard Driver\KMProcess.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2012-06-15 00:19:59 - machine werd herstart
    ComboFix-quarantined-files.txt 2012-06-14 22:19
    .
    Pre-Run: 99.976.187.904 bytes beschikbaar
    Post-Run: 99.437.228.032 bytes beschikbaar
    .
    - - End Of File - - 2E9BDDD55EA01BB7591C284C76EBCFCA




  • Laten we eens kijken hoeveel processen en bijbehorend cpu-gebruik door Taakbeheer wordt vermeld een vijftal minuten na opstarten van Windows.
    Noteer die gegevens en post ze - zonder daarbij middels SmaertClose programma's en diensten te hebben uitgeschakeld.

    Ik vind overigens geen crapware in jouw Windows, dus ga ik ervan uit dat jij deze Windows zelf hebt geïnstalleerd - klopt dat?
    Indien ja - zijn alle drivers ook geïnstalleerd?
  • De links hieronder bevatten de processen die in taakbeheer draaien 5 minuten nadat de computer is opgestart.

    http://flic.kr/p/ceCv5J
    http://flic.kr/p/ceCv8j

    Ik heb inderdaad deze Windows zelf geinstalleerd en volgens mij zijn ook alle drivers geinstalleerd. Ik zie in elk geval in apparaatbeheer geen vragen tekens of andere opmerkingen bij de verschillende apparaten staan.
    Ook heb ik wel eens driver genius geinstalleerd om te kijken of er stuurprogramma's miste maar dat was niet het geval.
  • Dat Ati-geval had ik in een vorig notebook met Ati-kaart gewoon gedeaktiveerd via Services (AMD External Events enz.).

    Het aantal processen en cpu gebruik is heel normaal inderdaad.
    Doe jij speciale aktiviteiten met jouw PC, welk veel eisen van de PC?
  • Nee niet echt.
    Ik gebruik hem om te downloaden, muziek mee af te spelen, te internetten. Gewoon de normale dingen.
  • Oké - hoe gaat het nu overigens met jou Windows?

    En loop de geïnstalleerde programma's eens goed na en verwijder dan wat je niet meer gebruikt - dat komt ook Windows ten goede.

    En dan de wisseling van antivirussoftware.
    Dan wil ik eerst weten hoe jij e-mailt.
    Doe jij dat via een e-mailprogramma in Windows of gebruik jij webmail?
  • Abraham ik wil je allereerst bedanken voor alle moeite die je voor me hebt gedaan. Ik stel dit zeer op prijs. Dankjewel!

    Met windows gaat het goed, met het opstarten volgens mij nog altijd even slecht. Het duurt nog altijd ongeveer 10 minuten.
    Wel ben ik ergens anders achter gekomen (ik weet niet of dit van invloed is op het opstarten). Een van mijn harde schijven bevat een aantal fouten. Tijdens het optimaliseren van de schijven m.b.v. auslogic disk defrag heb ik alle schijven maar eens laten optimaliseren. Op het einde van de optimalisatie kreeg ik de melding dat er in de F: schijf een aantal fouten zaten. Ik heb deze meteen laten nakijken met chkdsk en ze ook voor zo goed als het gaat te repareren hiermee. Na het opnieuw opstarten nog eens gescand met chkdsk en weer zaten er fouten in F:
    Is er een ander programma waarmee ik fouten uit een harde schijf kan halen?

    Dan de antivirus software:

    Ik gebruik alleen webmail op deze computer.
    Ik heb een gehackte versie van Avast Internet Security en een van Norton Internet Security (beiden werken) Mogelijk kan ik deze dus gebruiken.
  • Ik raad het af om antivirusprodukten met fix te gebruiken.
    Dat geeft eerder schijnveiligheid dan wat anders.

    En je bent goed beveiligd indien jij Avira Free en de Emisoft Online Armor firewall gebruikt

    Maar laten we nu eerst de gezondheid van de HD inspecteren:

    [b:1aa364c1b6]Welk programma[/b:1aa364c1b6]: CrystalDiskInfo
    [b:1aa364c1b6]Waarvoor/waarom[/b:1aa364c1b6]: controle van van SMART-gegevens van de harddisk(s)
    [b:1aa364c1b6]Moeilijkheidsgraad[/b:1aa364c1b6]: geen.
    [b:1aa364c1b6]Download CrystalDiskInfo[/b:1aa364c1b6] [b:1aa364c1b6]hier[/b:1aa364c1b6]


    [img:1aa364c1b6]http://www.imgdumper.nl/uploads4/4df870efec9f5/4df870efeba86-CrystalDiskInfo.png[/img:1aa364c1b6]


    Installeer het tool en start vervolgens CrystalDiskInfo
  • Ok dan zal ik geen gekraakte software installeren maar degene die jij voorstelt. Beide installeren? En van tevoren Microsoft SE + firewall verwijderen+stopzetten?

    Bij CrystalDiskInfo krijg ik alleen maar blauwe kleuren.
    Alle 3 de schijven zijn dus goed.
  • De Windows Firewall deaktiveer je pas wanneer Online Armor aktief is.

    Hoe je dat doet?
    Daarvoor ga je naar Start\Uitvoeren en de opdracht luidt: [b:cb32aedd45]services.msc[/b:cb32aedd45].
    Klik op de knop OK.
    N.B.: Uitvoeren kan ook gestart worden door gelijktijdig de "Windowstoets + R-toets" in te drukken.

    In het venster Services scroll je naar [b:cb32aedd45]
  • Okay ik heb alles geinstalleerd zoals je zei.
    Avira + Online armor en WOT ook.

    Ik snap alleen niet hoe het nu met de harde schijf zit. Raar dat het programma niks aangeeft.

    Is het een idee om een programma te laten draaien die bad sectors repareert (uitschakelt)?
    Ik heb het programma HDD regenerator.
  • Jij gaf aan dat CrystalDiskInfo alles oké aangaf.
    Dus hoe kom je er dan op dat er bad sectors zouden zijn?

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.

Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord