Archief - Freeze

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.

arikt

Legacy Member
Heel af en toe blijft mijn notebook hangen.
Het beeld blijft gewoon hangen.
Ik kan dan echt niets meer doen behalve de powerknop ingedrukt houden.





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:14:14, on 20-Oct-08
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{52E56876-3084-42CF-8972-4F70E149BD20}: NameServer = 195.130.129.164,195.130.130.164
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. Antivirus software - BitDefender - The future of security now! - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 5458 bytes

Juisterr

Legacy Member
Ik zie niks bijzonders in het logje terug.

Download Combofix naar je Bureaublad.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

  • Dubbelklik op Combofix.exe om het te starten.
    Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
    Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
    Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster.
    Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
    Klik na afloop terug op Ja om het scannen op malware te starten.
    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord.

arikt

Legacy Member
ComboFix 08-11-01.06 - Arik 2008-11-02 17:09:34.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.32.1033.18.1280 [GMT 1:00]
Gestart vanuit: C:\Users\Arik\Desktop\Downloads\ComboFix.exe
* Resident AV is active

.

(((((((((((((((((((( Bestanden Gemaakt van 2008-10-02 to 2008-11-02 ))))))))))))))))))))))))))))))
.

2008-11-02 11:18 . 2008-09-18 05:56 147,456 --a------ C:\Windows\System32\Faultrep.dll
2008-11-02 11:18 . 2008-09-18 05:56 125,952 --a------ C:\Windows\System32\wersvc.dll
2008-11-02 11:10 . 2008-08-12 04:39 443,392 --a------ C:\Windows\System32\win32spl.dll
2008-10-21 21:13 . 2008-11-02 12:38 <DIR> d-------- C:\Program Files\Microsoft SQL Server
2008-10-21 21:11 . 2008-10-21 21:11 <DIR> d-------- C:\Program Files\Microsoft SQL Server 2005 Mobile Edition
2008-10-21 21:11 . 2008-10-21 21:11 <DIR> d-------- C:\Program Files\Microsoft Device Emulator
2008-10-21 20:58 . 2008-10-21 20:58 <DIR> d-------- C:\Windows\System32\1033
2008-10-21 20:46 . 2008-10-21 20:46 <DIR> d-------- C:\Windows\Symbols
2008-10-21 20:46 . 2008-10-21 20:46 <DIR> d-------- C:\Users\All Users\PreEmptive Solutions
2008-10-21 20:46 . 2008-10-21 20:46 <DIR> d-------- C:\ProgramData\PreEmptive Solutions
2008-10-21 20:46 . 2008-10-21 20:58 <DIR> d-------- C:\Program Files\HTML Help Workshop
2008-10-21 20:46 . 2008-10-21 20:57 <DIR> d-------- C:\Program Files\Common Files\Merge Modules
2008-10-21 20:46 . 2008-10-21 20:46 <DIR> d-------- C:\Program Files\CE Remote Tools
2008-10-21 20:43 . 2008-10-21 20:43 <DIR> d-------- C:\Windows\System32\Visual Studio 2005Templates
2008-10-21 20:43 . 2008-10-21 20:43 <DIR> d-------- C:\Windows\System32\Visual Studio 2005
2008-10-21 20:43 . 2008-11-02 12:44 <DIR> d-------- C:\Users\All Users\Microsoft Help
2008-10-21 20:43 . 2008-11-02 12:44 <DIR> d-------- C:\ProgramData\Microsoft Help
2008-10-21 20:43 . 2008-10-21 21:00 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-10-21 20:37 . 2008-10-21 20:37 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-10-21 20:27 . 2008-10-21 20:27 717,296 --a------ C:\Windows\System32\drivers\sptd.sys
2008-10-21 20:26 . 2008-10-21 20:26 <DIR> d-------- C:\Users\Arik\AppData\Roaming\DAEMON Tools
2008-10-20 21:11 . 2008-10-20 21:11 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-20 20:39 . 2008-10-20 20:39 <DIR> d-------- C:\Users\All Users\InterAction studios
2008-10-20 20:39 . 2008-10-20 20:39 <DIR> d-------- C:\ProgramData\InterAction studios
2008-10-20 20:37 . 2008-10-20 20:41 <DIR> d-------- C:\Program Files\Chicken Invaders 3
2008-10-20 20:36 . 2008-10-20 20:36 <DIR> d-------- C:\Program Files\ReflexiveArcade
2008-10-18 08:33 . 2008-11-02 17:01 <DIR> d-------- C:\Users\Arik\Tracing
2008-10-18 08:31 . 2008-10-18 08:31 <DIR> d-------- C:\Program Files\Microsoft
2008-10-18 08:29 . 2008-10-18 08:29 <DIR> d-------- C:\Program Files\Common Files\Windows Live
2008-10-14 21:54 . 2008-09-18 06:09 3,601,464 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-10-14 21:54 . 2008-09-18 06:09 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe
2008-10-14 21:54 . 2008-09-18 03:16 2,032,640 --a------ C:\Windows\System32\win32k.sys
2008-10-14 21:54 . 2008-10-02 02:32 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-10-14 21:54 . 2008-10-02 04:49 827,392 --a------ C:\Windows\System32\wininet.dll
2008-10-14 21:54 . 2008-08-27 02:06 288,768 --a------ C:\Windows\System32\drivers\srv.sys
2008-10-07 15:23 . 2008-10-07 15:24 <DIR> d-------- C:\Users\Arik\AppData\Roaming\Ventrilo
2008-10-07 15:23 . 2008-10-07 15:23 <DIR> d-------- C:\Program Files\VentriloMIX
2008-10-05 21:50 . 2008-10-05 21:50 0 --ah----- C:\Windows\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2008-10-05 21:45 . 2008-07-31 02:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-10-05 21:45 . 2008-03-08 05:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
2008-10-05 21:45 . 2008-04-23 05:42 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-10-05 21:45 . 2008-04-23 05:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-10-05 21:45 . 2008-04-23 05:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-10-05 21:45 . 2008-04-23 05:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-10-05 21:45 . 2008-07-31 04:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-10-04 17:05 . 2008-10-04 17:05 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-10-04 16:44 . 2008-10-04 16:44 850 --a------ C:\Windows\System32\ProductTweaks.xml
2008-10-04 16:44 . 2008-10-04 16:44 385 --a------ C:\Windows\System32\user_gensett.xml
2008-10-04 16:39 . 2008-10-04 16:39 <DIR> d-------- C:\Windows\System32\logs
2008-10-04 16:39 . 2008-10-04 16:39 <DIR> d-------- C:\Users\Arik\AppData\Roaming\BitDefender
2008-10-04 16:39 . 2008-10-04 16:39 <DIR> d-------- C:\Binaries
2008-10-04 16:38 . 2008-10-04 16:43 <DIR> d-------- C:\Users\All Users\BitDefender
2008-10-04 16:38 . 2008-10-04 16:43 <DIR> d-------- C:\ProgramData\BitDefender
2008-10-04 16:38 . 2008-10-04 16:39 <DIR> d-------- C:\Program Files\BitDefender
2008-10-04 16:37 . 2008-10-04 16:37 <DIR> d-------- C:\Windows\System32\URTTEMP
2008-10-04 16:36 . 2008-10-04 16:39 <DIR> d-------- C:\Program Files\Common Files\BitDefender

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-02 15:53 --------- d-----w C:\Program Files\Steam
2008-11-02 14:48 100,976 ----a-w C:\Users\Arik\AppData\Roaming\nvModes.dat
2008-11-02 11:59 --------- d-----w C:\Program Files\Common Files\Steam
2008-10-21 20:14 --------- d-----w C:\Program Files\Microsoft.NET
2008-10-18 07:30 --------- d-----w C:\Program Files\Windows Live
2008-10-14 20:59 615,424 ----a-w C:\Windows\System32\themeui.dll
2008-10-14 20:59 240,128 ----a-w C:\Windows\System32\uxtheme.dll
2008-10-05 20:48 --------- d-----w C:\Program Files\Windows Mail
2008-10-04 15:47 103,944 ----a-w C:\Windows\system32\drivers\bdfndisf.sys
2008-10-02 13:47 --------- d-----w C:\Program Files\Microsoft Works
2008-10-01 19:45 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-10-01 19:45 --------- d-----w C:\Program Files\Common Files\L&H
2008-10-01 17:34 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-09-28 16:40 --------- d-----w C:\Users\Arik\AppData\Roaming\vlc
2008-09-28 16:40 --------- d-----w C:\Program Files\VideoLAN
2008-09-28 11:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-28 11:42 --------- d-----w C:\Users\Arik\AppData\Roaming\InstallShield
2008-09-28 11:42 --------- d-----w C:\Program Files\Razer
2008-09-25 19:49 174 --sha-w C:\Program Files\desktop.ini
2008-09-25 19:41 --------- d-----w C:\Program Files\Windows Sidebar
2008-09-25 19:41 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-09-25 19:41 --------- d-----w C:\Program Files\Windows Journal
2008-09-25 19:41 --------- d-----w C:\Program Files\Windows Defender
2008-09-25 19:41 --------- d-----w C:\Program Files\Windows Collaboration
2008-09-25 19:41 --------- d-----w C:\Program Files\Windows Calendar
2008-09-25 19:19 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-09-25 19:19 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-09-22 19:11 --------- d-----w C:\ProgramData\NOS
2008-09-22 19:11 --------- d-----w C:\Program Files\NOS
2008-09-20 19:26 --------- d-----w C:\Program Files\Common Files\Adobe AIR
2008-09-20 19:25 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-20 18:26 269,312 ----a-w C:\Windows\System32\es.dll
2008-09-20 17:08 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-20 17:01 --------- d-----w C:\ProgramData\WLInstaller
2008-09-20 16:49 --------- d-----w C:\Program Files\7-Zip
2008-09-20 14:54 61,440 ----a-w C:\Windows\System32\winipsec.dll
2008-09-20 14:54 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL
2008-09-20 14:54 28,672 ----a-w C:\Windows\System32\FwRemoteSvr.dll
2008-09-20 14:54 272,896 ----a-w C:\Windows\System32\polstore.dll
2008-09-20 14:49 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-09-20 14:48 303,616 ----a-w C:\Windows\System32\wmpeffects.dll
2008-09-20 14:42 9,892,864 ----a-w C:\Windows\System32\NlsLexicons000a.dll
2008-09-20 14:39 29,184 ----a-w C:\Windows\system32\drivers\BTHUSB.SYS
2008-09-20 14:39 220,160 ----a-w C:\Windows\system32\drivers\bthport.sys
2008-09-20 14:39 19,456 ----a-w C:\Windows\system32\drivers\bthenum.sys
2008-09-20 14:39 181,760 ----a-w C:\Windows\System32\fsquirt.exe
2008-09-20 14:38 988,216 ----a-w C:\Windows\System32\winload.exe
2008-09-20 14:38 927,288 ----a-w C:\Windows\System32\winresume.exe
2008-09-20 14:38 615,992 ----a-w C:\Windows\System32\ci.dll
2008-09-20 14:38 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-09-20 14:38 46,592 ----a-w C:\Windows\System32\setbcdlocale.dll
2008-09-20 14:38 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-09-20 14:38 378,368 ----a-w C:\Windows\System32\srcore.dll
2008-09-20 14:38 318,464 ----a-w C:\Windows\System32\rstrui.exe
2008-09-20 14:38 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-09-20 14:38 14,848 ----a-w C:\Windows\System32\srdelayed.exe
2008-09-20 14:36 295,936 ----a-w C:\Windows\System32\gdi32.dll
2008-09-20 14:35 14,848 ----a-w C:\Windows\System32\wshrm.dll
2008-09-20 14:35 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys
2008-09-20 14:33 84,480 ----a-w C:\Windows\System32\INETRES.dll
2008-09-20 14:33 738,304 ----a-w C:\Windows\System32\inetcomm.dll
2008-09-20 14:32 1,314,816 ----a-w C:\Windows\System32\quartz.dll
2008-09-20 14:16 --------- d-----w C:\ProgramData\Sony Corporation
2008-09-20 14:16 --------- d-----w C:\Program Files\Sony
2008-09-20 14:14 --------- d-----w C:\Users\Arik\AppData\Roaming\Sony Corporation
2008-09-20 14:03 --------- d-----w C:\Program Files\Common Files\Sony Shared
2008-09-20 13:55 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-20 13:29 --------- d-----w C:\Program Files\Sigmatel
2008-09-20 13:18 --------- d-----w C:\Program Files\CONEXANT
2008-09-20 13:13 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_Apfiltr_01001.Wdf
2008-09-20 13:13 --------- d-----w C:\Program Files\Apoint
2008-09-08 22:03 51,712 ----a-w C:\Windows\System32\sirenacm.dll
2008-08-02 03:26 36,864 ----a-w C:\Windows\System32\cdd.dll
.

((((((((((((((((((((((((((((( snapshot@2008-11-02_11.57.13,38 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-10-21 20:14:52 387,800 ----a-w C:\Windows\assembly\GAC_32\Microsoft.SqlServer.BatchParser\9.0.242.0__89845dcd8080cc91\microsoft.sqlserver.batchparser.dll
+ 2008-11-02 11:32:20 363,376 ----a-w C:\Windows\assembly\GAC_32\Microsoft.SqlServer.BatchParser\9.0.242.0__89845dcd8080cc91\microsoft.sqlserver.batchparser.dll
- 2008-10-21 20:14:52 75,480 ----a-w C:\Windows\assembly\GAC_32\Microsoft.SqlServer.MgdSqlDumper\9.0.242.0__89845dcd8080cc91\microsoft.sqlserver.mgdsqldumper.dll
+ 2008-11-02 11:32:21 78,192 ----a-w C:\Windows\assembly\GAC_32\Microsoft.SqlServer.MgdSqlDumper\9.0.242.0__89845dcd8080cc91\microsoft.sqlserver.mgdsqldumper.dll
- 2008-10-21 20:15:10 1,607,896 ----a-w C:\Windows\assembly\GAC_32\Microsoft.SqlServer.Replication\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Replication.dll
+ 2008-11-02 11:32:53 1,626,480 ----a-w C:\Windows\assembly\GAC_32\Microsoft.SqlServer.Replication\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Replication.dll
- 2008-10-21 20:14:56 539,352 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.AdomdClient\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.AdomdClient.dll
+ 2008-11-02 11:32:25 546,160 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.AdomdClient\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.AdomdClient.dll
- 2008-10-21 20:14:52 137,944 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.DeploymentEngine\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.DeploymentEngine.dll
+ 2008-11-02 11:32:21 140,656 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.DeploymentEngine\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.DeploymentEngine.dll
- 2008-10-21 20:14:52 1,211,096 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.DLL
+ 2008-11-02 11:32:20 1,217,904 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.DLL
- 2008-10-21 20:14:52 35,544 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.DataWarehouse.Interfaces\9.0.242.0__89845dcd8080cc91\Microsoft.DataWarehouse.Interfaces.DLL
+ 2008-11-02 11:32:20 38,256 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.DataWarehouse.Interfaces\9.0.242.0__89845dcd8080cc91\Microsoft.DataWarehouse.Interfaces.DLL
- 2008-10-21 20:13:39 133,848 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.NetEnterpriseServers.ExceptionMessageBox\9.0.242.0__89845dcd8080cc91\Microsoft.NetEnterpriseServers.ExceptionMessageBox.dll
+ 2008-11-02 11:30:13 136,560 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.NetEnterpriseServers.ExceptionMessageBox\9.0.242.0__89845dcd8080cc91\Microsoft.NetEnterpriseServers.ExceptionMessageBox.dll
- 2008-10-21 20:14:51 150,232 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.ConnectionInfo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.ConnectionInfo.dll
+ 2008-11-02 11:32:20 157,040 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.ConnectionInfo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.ConnectionInfo.dll
- 2008-10-21 20:13:39 43,736 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.CustomControls\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.CustomControls.dll
+ 2008-11-02 11:30:15 46,448 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.CustomControls\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.CustomControls.dll
- 2008-10-21 20:13:39 199,384 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.GridControl\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.GridControl.dll
+ 2008-11-02 11:30:15 202,096 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.GridControl\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.GridControl.dll
- 2008-10-21 20:14:52 68,312 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.RegSvrEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.RegSvrEnum.dll
+ 2008-11-02 11:32:20 71,024 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.RegSvrEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.RegSvrEnum.dll
- 2008-10-21 20:14:52 555,736 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.Rmo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Rmo.dll
+ 2008-11-02 11:32:21 558,448 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.Rmo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Rmo.dll
- 2008-10-21 20:14:52 39,640 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.ServiceBrokerEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.ServiceBrokerEnum.dll
+ 2008-11-02 11:32:20 42,352 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.ServiceBrokerEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.ServiceBrokerEnum.dll
- 2008-10-21 20:14:51 1,559,256 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.Smo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Smo.dll
+ 2008-11-02 11:32:19 1,598,832 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.Smo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Smo.dll
- 2008-10-21 20:14:51 223,960 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.SmoEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SmoEnum.dll
+ 2008-11-02 11:32:19 222,576 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.SmoEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SmoEnum.dll
- 2008-10-21 20:14:51 895,704 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.SqlEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SqlEnum.dll
+ 2008-11-02 11:32:19 906,608 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.SqlEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SqlEnum.dll
- 2008-10-21 20:13:39 592,600 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.WizardFrameworkLite\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.WizardFrameworkLite.dll
+ 2008-11-02 11:30:14 595,312 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.WizardFrameworkLite\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.WizardFrameworkLite.dll
- 2008-10-21 20:14:51 43,736 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.WmiEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.WmiEnum.dll
+ 2008-11-02 11:32:20 46,448 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.WmiEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.WmiEnum.dll
- 2008-11-02 10:05:30 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-11-02 15:53:02 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-11-02 10:05:30 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-11-02 15:53:02 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-11-02 10:07:20 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-11-02 15:54:28 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-11-02 10:07:26 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-11-02 15:54:38 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2008-09-20 10:55:41 48,600 ----a-w C:\Windows\System32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
+ 2008-11-02 11:44:05 75,984 ----a-w C:\Windows\System32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
- 2008-11-02 10:31:15 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-11-02 12:19:52 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-11-02 10:31:15 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-02 12:19:52 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-11-02 10:31:15 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-11-02 12:19:52 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-11-02 10:45:49 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-11-02 16:09:07 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-11-02 16:09:07 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
- 2008-01-19 07:35:35 466,944 ----a-w C:\Windows\System32\netapi32.dll
+ 2008-10-16 04:47:33 466,944 ----a-w C:\Windows\System32\netapi32.dll
- 2008-11-02 10:13:25 122,918 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-11-02 15:59:47 122,918 ----a-w C:\Windows\System32\perfc009.dat
- 2008-11-02 10:13:25 642,654 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-11-02 15:59:47 642,654 ----a-w C:\Windows\System32\perfh009.dat
- 2008-11-02 10:09:20 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-11-02 11:10:04 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2005-10-14 10:51:01 66,264 ----a-w C:\Windows\System32\sqlctr90.dll
+ 2007-02-10 04:29:52 67,952 ----a-w C:\Windows\System32\sqlctr90.dll
- 2005-10-14 01:51:26 2,208,016 ----a-w C:\Windows\System32\sqlncli.dll
+ 2007-02-10 04:29:52 2,234,224 ----a-w C:\Windows\System32\sqlncli.dll
- 2008-11-02 10:07:38 7,004 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3706493377-1333071778-2525418271-1000_UserData.bin
+ 2008-11-02 15:55:22 7,262 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3706493377-1333071778-2525418271-1000_UserData.bin
- 2008-11-02 10:07:37 59,014 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-11-02 15:55:22 59,652 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-11-02 10:07:34 29,404 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-11-02 11:13:09 29,436 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
-- Snapshot teruggezet naar huidige datum --
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="C:\Program Files\Sony\Network Utility\LANUtil.exe" [2008-01-16 253952]
"Steam"="c:\program files\steam\steam.exe" [2008-10-08 1410296]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2008-01-29 118784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2008-01-30 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-01-30 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-01-30 81920]
"Copperhead"="C:\Program Files\Razer\Copperhead\razerhid.exe" [2005-11-25 155648]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" [2008-10-04 716800]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" [2008-08-10 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-02-13 14:19 98304 C:\Windows\System32\VESWinlogon.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{44301C66-9CB9-4688-BBDF-01C2971A450A}C:\\program files\\steam\\steamapps\\[email protected]\\counter-strike\\hl.exe"= UDP:C:\program files\steam\steamapps\[email protected]\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{B7B3EAA8-55FF-4511-A75E-FD30FC3B19B3}C:\\program files\\steam\\steamapps\\[email protected]\\counter-strike\\hl.exe"= TCP:C:\program files\steam\steamapps\[email protected]\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{76640FFB-F607-4097-82F9-104B0AFF73CD}C:\\program files\\steam\\steamapps\\[email protected]\\counter-strike\\hl.exe"= UDP:C:\program files\steam\steamapps\[email protected]\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{D68BDD31-C967-46E1-A3DA-E212F214A61B}C:\\program files\\steam\\steamapps\\[email protected]\\counter-strike\\hl.exe"= TCP:C:\program files\steam\steamapps\[email protected]\counter-strike\hl.exe:Half-Life Launcher

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R2 BDVEDISK;BDVEDISK;C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-07-02 82568]
R2 NSUService;NSUService;C:\Program Files\Sony\Network Utility\NSUService.exe [2008-01-16 204800]
R3 bdfm;BDFM;C:\Windows\system32\drivers\bdfm.sys [2008-08-12 108864]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\bdfndisf.sys [2008-10-04 103944]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2007-04-23 75392]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2007-04-23 43904]
R3 SPI;Sony Programmable I/O Control Device;C:\Windows\system32\DRIVERS\SonyPI.sys [2008-01-29 14720]
R3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-11-02 87288]
R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [2007-09-24 812544]
R3 UsbFltr;Razer Copperhead Driver;C:\Windows\system32\drivers\copperhd.sys [2005-11-02 11596]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2008-01-29 245248]
S3 Arrakis3;BitDefender Arrakis Server;C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
bdx REG_MULTI_SZ scan

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{744106f2-9fa7-11dd-876d-001a805c0dc3}]
\shell\AutoRun\command - F:\Autorun.exe
.
Inhoud van de 'Gedeelde Taken' map

2008-11-02 C:\Windows\Tasks\User_Feed_Synchronization-{2B229304-29A1-4D4E-8ACA-1F5EAB1DE096}.job
- C:\Windows\system32\msfeedssync.exe [2008-01-19 08:33]
.
.
------- Bijkomende Scan -------
.
FireFox -: Profile - C:\Users\Arik\AppData\Roaming\Mozilla\Firefox\Profiles\j8sasyz6.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.be/
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-02 17:15:35
Windows 6.0.6001 Service Pack 1 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
Voltooingstijd: 2008-11-02 17:18:21
ComboFix-quarantined-files.txt 2008-11-02 16:18:17
ComboFix2.txt 2008-11-02 10:59:01

Pre-Run: 131,979,378,688 bytes free
Post-Run: 131,951,235,072 bytes free

298 --- E O F --- 2008-11-02 11:45:24

Juisterr

Legacy Member
Download MalwareBytes' Anti-Malware en sla het op je bureaublad op.
Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg dat er na de installatie een vinkje is geplaatst bij:
  • Update MalwareBytes' Anti-Malware
  • Start MalwareBytes' Anti-Malware
Klik daarna op "Voltooien".
Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.
  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  • Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  • Druk vervolgens op "Scannen" om de scan te starten.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Plaats dit logje samen met een nieuw logje van HijackThis.

arikt

Legacy Member
Malwarebytes' Anti-Malware 1.30
Database version: 1360
Windows 6.0.6001 Service Pack 1

03-Nov-08 21:34:44
mbam-log-2008-11-03 (21-34-44).txt

Scan type: Quick Scan
Objects scanned: 47608
Time elapsed: 3 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)













Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:36:48, on 03-Nov-08
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{52E56876-3084-42CF-8972-4F70E149BD20}: NameServer = 195.130.129.164,195.130.130.164
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. Antivirus software - BitDefender - The future of security now! - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 5767 bytes

arikt

Legacy Member
Ok, dank u voor alle moeite.
Ik ga met mijn probleem naar de hardware sectie.
Mag gesloten worden.
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan