Archief - Computer na 4 weken na aankoop enorm vertraagd logje ;)

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
A

Annihilator__

Legacy Member
Ik heb deze computer sinds een week of 4 geleden aangeschaft, en het zou een hele goeie moete zijn, quadcore , 4G ram .. maar dat terzijde, nu het enigste waar ik deze computer voor gebruik is games, msn & af en toe een beetje internet. Nu begint men computer echt drastisch in snelheid te dalen, ik heb hem al gecheckt op virusse, spyware, rommel (hier voor gebruik ik ccleaner).
Alsjeblieft help me dit probleem vinden :)
Bedankt alvast , hier ist logje



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:40:24, on 12/09/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\mmc.exe
C:\Users\Jonathan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jonathan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jonathan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN !
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: ebay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)
O9 - Extra 'Tools' menuitem: ebay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: ebay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: ebay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 7012 bytes
J

Juisterr

Legacy Member
Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O9 - Extra button: ebay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)
O9 - Extra 'Tools' menuitem: ebay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)
O9 - Extra button: ebay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: ebay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) (HKCU)

Klik op 'Fix checked' om de items te verwijderen.



Download ComboFix van één van deze locaties:
Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op
  • Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

    Klik hier
    Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.
  • Dubbeklik op ComboFix.exe en volg de meldingen op het scherm.
  • ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.

    **Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.
  • Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.
cf-rc-auto.jpg



Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:
rc-auto-done.jpg



Klik op Ja om verder te gaan met het scannen naar malware.

NOTE: Wanneer ComboFix start, kan het zijn dat je een Error melding krijgt dat de “contents of the ComboFix package has been compromised”
Ga niet verder met de instructies, maar download ComboFix opnieuw. Deze melding kan verschijnen wanneer een file-infector (Virut) actief is op de computer.


4ac516149830d-ComboFix_Virut.jpg

Blijf je die melding krijgen dan meld je dit.


Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
A

Annihilator__

Legacy Member
ComboFix 10-09-16.07 - Jonathan 18/09/2010 0:36.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.3326.2026 [GMT 2:00]
Gestart vanuit: c:\users\Jonathan\Desktop\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
.

(((((((((((((((((((( Bestanden Gemaakt van 2010-08-17 to 2010-09-17 ))))))))))))))))))))))))))))))
.

2010-09-17 22:40 . 2010-09-17 22:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-17 22:27 . 2010-09-17 22:27 452104 ----a-w- c:\users\Jonathan\AppData\Roaming\Real\Update\setup3.12\setup.exe
2010-09-17 22:22 . 2010-09-17 22:22 -------- d-----w- c:\program files\Common Files\xing shared
2010-09-17 22:22 . 2010-09-17 22:22 -------- d-----w- c:\program files\Common Files\Real
2010-09-17 22:22 . 2010-09-17 22:22 -------- d-----w- c:\program files\Real
2010-09-17 20:22 . 2010-09-17 20:22 -------- d-----w- c:\program files\QuickTime
2010-09-17 17:13 . 2010-09-17 17:13 -------- d-----w- c:\users\Jonathan\AppData\Local\iDFX
2010-09-17 17:05 . 2010-09-17 17:05 -------- d-----w- c:\program files\uTorrent
2010-09-17 17:03 . 2010-09-17 22:38 -------- d-----w- c:\users\Jonathan\AppData\Roaming\uTorrent
2010-09-17 16:36 . 2010-09-17 16:36 8192 ----a-w- c:\users\Jonathan\AppData\Roaming\LimeWire\browser\xulrunner\AccessibleMarshal.dll
2010-09-17 16:36 . 2010-09-17 22:32 -------- d-----w- c:\users\Jonathan\AppData\Roaming\LimeWire
2010-09-17 16:36 . 2010-09-17 16:38 -------- d-----w- c:\program files\LimeWire
2010-09-15 16:24 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-13 23:14 . 2010-09-17 19:33 -------- d-----w- c:\users\Jonathan\AppData\Roaming\Media Player Classic
2010-09-13 22:54 . 2010-09-13 22:55 -------- d-----w- c:\users\Jonathan\AppData\Local\Adobe
2010-09-12 13:33 . 2010-09-12 13:33 388096 ----a-r- c:\users\Jonathan\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-09-12 13:33 . 2010-09-12 13:33 -------- d-----w- c:\program files\Trend Micro
2010-09-10 14:59 . 2010-09-10 14:59 -------- d-----w- c:\program files\Google
2010-09-09 18:57 . 2010-09-09 18:57 -------- d-----w- c:\users\Jonathan\AppData\Local\DFX
2010-09-09 16:07 . 2010-09-09 16:07 251232 ----a-w- c:\users\Jonathan\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
2010-09-09 16:07 . 2010-09-09 16:07 247136 ----a-w- c:\users\Jonathan\AppData\Roaming\IDM\idmmzcc3\components2\idmmzcc.dll
2010-09-09 15:38 . 2010-09-17 22:38 -------- d-----w- c:\users\Jonathan\AppData\Roaming\DMCache
2010-09-09 15:38 . 2010-09-09 20:44 -------- d-----w- c:\users\Jonathan\AppData\Roaming\IDM
2010-09-09 15:38 . 2010-09-09 17:45 -------- d-----w- c:\program files\Internet Download Manager
2010-09-08 16:15 . 2010-09-08 16:15 -------- d-----w- c:\programdata\Blizzard Entertainment
2010-09-08 15:53 . 2010-09-08 15:53 -------- d-----w- c:\program files\Common Files\Java
2010-09-08 15:12 . 2010-09-08 17:13 -------- d-----w- c:\users\Jonathan\AppData\Local\Diagnostics
2010-09-08 14:56 . 2010-06-23 15:10 275048 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2010-09-08 14:55 . 2010-09-08 14:55 -------- d-----w- c:\programdata\iDFX
2010-09-08 14:55 . 2010-09-08 14:55 -------- d-----w- c:\program files\iDFX
2010-09-08 14:55 . 2010-09-08 17:14 -------- d-----w- c:\users\Jonathan\AppData\Local\ElevatedDiagnostics
2010-09-08 14:52 . 2010-09-08 14:52 -------- d-----w- c:\users\Jonathan\AppData\Local\Apple Computer
2010-09-08 14:52 . 2010-09-17 17:13 -------- d-----w- c:\users\Jonathan\AppData\Roaming\Apple Computer
2010-09-08 14:52 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-09-08 14:52 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-09-08 14:51 . 2010-09-08 14:55 -------- d-----w- c:\program files\iTunes
2010-09-08 14:49 . 2010-09-08 14:49 -------- d-----w- c:\users\Jonathan\AppData\Local\Apple
2010-09-08 14:49 . 2010-09-08 14:49 -------- d-----w- c:\program files\Apple Software Update
2010-09-08 14:49 . 2010-09-08 14:49 -------- d-----w- c:\program files\Bonjour
2010-09-08 14:47 . 2010-09-08 14:51 -------- d-----w- c:\program files\Common Files\Apple
2010-09-08 14:47 . 2010-09-08 14:47 -------- d-----w- c:\programdata\Apple
2010-09-08 14:40 . 2010-09-08 14:40 -------- d-----w- c:\programdata\ATI
2010-09-08 14:28 . 2010-09-08 14:28 -------- d-----w- C:\Diskeeper
2010-09-08 14:22 . 2010-09-08 14:22 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-09-08 14:19 . 2010-09-08 14:19 -------- d-----w- C:\ATI
2010-09-08 14:06 . 2010-09-08 14:06 -------- d-----w- c:\users\Jonathan\AppData\Roaming\Malwarebytes
2010-09-08 14:06 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-08 14:06 . 2010-09-08 14:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-08 14:06 . 2010-09-08 14:06 -------- d-----w- c:\programdata\Malwarebytes
2010-09-08 14:06 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-08 13:53 . 2010-09-17 14:35 -------- d-----w- c:\users\Jonathan\Tracing
2010-09-08 13:53 . 2010-09-08 13:53 -------- d-----w- c:\users\Jonathan\AppData\Local\ESET
2010-09-08 13:51 . 2010-09-08 13:51 -------- d-----w- c:\program files\ESET
2010-09-08 13:50 . 2010-08-27 13:02 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-09-08 13:49 . 2010-08-27 12:56 21312 ----a-w- c:\windows\system32\authuitu.dll
2010-09-08 13:49 . 2010-08-27 12:56 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-09-08 13:49 . 2010-09-08 13:49 -------- d-----w- c:\users\Jonathan\AppData\Roaming\TuneUp Software
2010-09-08 13:49 . 2010-09-08 13:49 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-09-08 13:49 . 2010-09-08 13:49 -------- d-----w- c:\programdata\TuneUp Software
2010-09-08 13:48 . 2010-09-08 13:48 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-09-08 13:47 . 2010-09-08 13:47 -------- d-----w- c:\program files\Driver-Soft
2010-09-08 13:46 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-09-08 13:41 . 2010-06-16 05:48 224256 ----a-w- c:\windows\system32\schannel.dll
2010-09-08 13:39 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2010-09-08 13:39 . 2010-03-10 09:29 46256 ----a-w- c:\windows\system32\drivers\DKRtWrt.sys
2010-09-08 13:39 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-09-08 13:39 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-09-08 13:39 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-09-08 13:39 . 2010-08-12 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-09-08 13:39 . 2010-09-08 14:48 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-09-08 13:39 . 2010-09-08 13:39 -------- d-----w- c:\programdata\Diskeeper Corporation
2010-09-08 13:39 . 2010-09-08 13:39 -------- d-----w- c:\program files\Common Files\Diskeeper Corporation
2010-09-08 13:39 . 2010-09-08 13:39 -------- d-----w- c:\program files\Windows Home Server
2010-09-08 13:39 . 2010-09-08 13:39 -------- d-----w- c:\program files\Diskeeper Corporation
2010-09-08 13:37 . 2010-06-19 04:07 2326016 ----a-w- c:\windows\system32\win32k.sys
2010-09-08 13:36 . 2010-09-08 13:36 -------- d-----w- c:\programdata\DFX
2010-09-08 13:36 . 2010-09-08 16:00 -------- d-----w- c:\program files\DFX
2010-09-08 13:36 . 2010-09-08 13:36 -------- d-----w- c:\program files\Common Files\DFX
2010-09-08 13:36 . 2010-09-10 14:59 -------- d-----w- c:\users\Jonathan\AppData\Local\Google
2010-09-08 13:36 . 2010-09-08 13:36 -------- d-----w- c:\users\Jonathan\AppData\Local\Apps
2010-09-08 13:36 . 2010-09-17 14:36 -------- d-----w- c:\users\Jonathan\AppData\Local\Deployment
2010-09-08 13:23 . 2010-09-08 13:23 87560 ----a-w- c:\users\Jonathan\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-08 13:23 . 2010-09-08 13:23 -------- d-----w- c:\users\Jonathan\AppData\Roaming\ATI
2010-09-08 13:23 . 2010-09-08 13:23 -------- d-----w- c:\users\Jonathan\AppData\Local\ATI
2010-09-08 13:23 . 2010-09-08 13:23 -------- d-----w- c:\users\Jonathan\AppData\Local\Power2Go
2010-09-08 13:21 . 2010-09-08 13:21 -------- d-----w- C:\Recovery
2010-09-08 13:21 . 2010-09-08 13:21 -------- d-sh--we c:\users\Default\Sjablonen
2010-09-08 13:21 . 2010-09-08 13:21 -------- d-sh--we c:\users\Default\Netwerkprinteromgeving
2010-09-08 13:21 . 2010-09-08 13:21 -------- d-sh--we c:\users\Default\Mijn documenten
2010-09-08 13:21 . 2010-09-08 13:21 -------- d-sh--we c:\users\Default\Menu Start
2010-09-08 13:21 . 2010-09-08 13:21 -------- d-sh--we c:\users\Default\AppData\Local\Geschiedenis
2010-09-08 13:21 . 2010-09-08 13:21 -------- d-sh--we c:\programdata\Sjablonen
2010-09-08 13:21 . 2010-09-08 13:21 -------- d-sh--we c:\programdata\Menu Start
2010-09-08 13:21 . 2010-09-08 13:21 -------- d-sh--we c:\programdata\Favorieten
2010-09-08 13:21 . 2010-09-08 13:21 -------- d-sh--we c:\programdata\Documenten
2010-09-08 13:21 . 2010-09-08 13:21 -------- d-sh--we c:\programdata\Bureaublad
2010-09-08 13:21 . 2010-09-08 13:21 -------- d-sh--we C:\Documents and Settings
2010-09-06 15:36 . 2010-09-02 13:22 69264 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2010-09-01 07:12 . 2010-09-01 07:12 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 10.0.0.68\SetupAdmin.exe

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-17 22:22 . 2010-01-18 06:30 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-09-17 14:37 . 2009-07-14 08:27 701326 ----a-w- c:\windows\system32\perfh013.dat
2010-09-17 14:37 . 2009-07-14 08:27 133358 ----a-w- c:\windows\system32\perfc013.dat
2010-09-08 17:15 . 2010-02-19 10:10 -------- d-----w- c:\program files\Realtek
2010-09-08 15:52 . 2010-06-02 15:00 -------- d-----w- c:\program files\Java
2010-09-08 15:19 . 2010-02-18 12:12 -------- d--h--w- c:\program files\Temp
2010-09-08 14:56 . 2010-02-19 10:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-08 14:53 . 2010-02-19 11:13 -------- d-----w- c:\program files\Microsoft.NET
2010-09-08 14:52 . 2010-09-08 14:51 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-09-08 14:51 . 2010-09-08 14:51 -------- d-----w- c:\program files\iPod
2010-09-08 14:51 . 2010-09-08 14:50 -------- d-----w- c:\programdata\Apple Computer
2010-09-08 14:34 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Sidebar
2010-09-08 14:22 . 2010-06-02 08:13 -------- d-----w- c:\program files\ATI
2010-09-08 14:22 . 2010-06-02 08:13 -------- d-----w- c:\program files\ATI Technologies
2010-09-08 13:33 . 2010-09-08 13:31 -------- d-----w- c:\users\Jonathan\AppData\Roaming\BSplayer PRO
2010-09-08 13:31 . 2010-09-08 13:31 -------- d-----w- c:\program files\CCleaner
2010-09-08 13:31 . 2010-09-08 13:31 -------- d-----w- c:\program files\Webteh
2010-09-08 13:22 . 2010-09-08 13:22 -------- d-----w- c:\program files\PlayReady
2010-08-04 02:21 . 2010-08-04 02:21 6096384 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-08-04 01:55 . 2010-08-04 01:55 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-08-04 01:54 . 2010-08-04 01:54 519680 ----a-w- c:\windows\system32\aticfx32.dll
2010-08-04 01:52 . 2010-08-04 01:52 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-08-04 01:51 . 2010-08-04 01:51 380928 ----a-w- c:\windows\system32\atieclxx.exe
2010-08-04 01:51 . 2010-08-04 01:51 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2010-08-04 01:50 . 2010-08-04 01:50 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-08-04 01:49 . 2010-08-04 01:49 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-08-04 01:49 . 2010-08-04 01:49 15845888 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-04 01:49 . 2010-08-04 01:49 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-08-04 01:49 . 2010-08-04 01:49 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-08-04 01:49 . 2010-08-04 01:49 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-08-04 01:46 . 2010-08-04 01:46 3899392 ----a-w- c:\windows\system32\atidxx32.dll
2010-08-04 01:28 . 2010-06-01 12:41 4021760 ----a-w- c:\windows\system32\atiumdag.dll
2010-08-04 01:26 . 2010-08-04 01:26 46080 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-04 01:25 . 2010-08-04 01:25 44032 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-04 01:24 . 2010-08-04 01:24 4341248 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-04 01:23 . 2010-06-01 12:41 65536 ----a-w- c:\windows\system32\coinst.dll
2010-08-04 01:21 . 2010-06-01 12:41 3324416 ----a-w- c:\windows\system32\atiumdva.dll
2010-08-04 01:16 . 2010-08-04 01:16 241664 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-04 01:15 . 2010-08-04 01:15 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-08-04 01:15 . 2010-08-04 01:15 16896 ----a-w- c:\windows\system32\atigktxx.dll
2010-08-04 01:15 . 2010-08-04 01:15 214016 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-08-04 01:15 . 2010-06-01 12:41 30208 ----a-w- c:\windows\system32\atiuxpag.dll
2010-08-04 01:14 . 2010-08-04 01:14 27648 ----a-w- c:\windows\system32\atiu9pag.dll
2010-08-04 01:14 . 2010-08-04 01:14 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-08-04 01:09 . 2010-08-04 01:09 52736 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-04 01:09 . 2010-08-04 01:09 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2010-07-29 06:30 . 2010-09-08 13:44 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-09-08 13:44 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-07-27 16:44 . 2010-07-27 16:44 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-27 16:44 . 2010-07-27 16:44 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-07-27 16:44 . 2010-07-27 16:44 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-07-27 16:44 . 2010-07-27 16:44 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-07-17 03:00 . 2010-06-02 15:00 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-08 05:17 . 2010-07-08 05:17 603240 ----a-w- c:\windows\system32\drivers\RTL8192su.sys
2010-06-30 06:25 . 2010-09-08 13:44 978432 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 07:04 . 2010-06-24 07:04 136120 ----a-w- c:\windows\system32\drivers\eamonm.sys
2010-06-22 02:47 . 2010-09-08 13:44 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-22 02:47 . 2010-09-08 13:44 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-22 02:47 . 2010-09-08 13:44 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-09-02 13:22 70264 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-09-09 3241312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-06-24 2202704]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-03 98304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-09-17 185896]

c:\users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-9-12 0]
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-8-19 503808]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2009-11-02 12:21 103720 ------w- c:\program files\CyberLink\Power2Go\CLMLSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-01 06:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-04-29 13:39 437584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 09:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Jonathan\AppData\Local\Google\Update\GoogleUpdate.exe" /c

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-07-08 603240]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-02-19 1343400]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-05-14 62592]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-05-14 24192]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-04-28 114984]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-04 176128]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-06-24 136120]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-06-24 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-04-28 41312]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2010-09-02 69264]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-27 1051968]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-04 6096384]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-04 214016]
S3 DKRtWrt;DKRtWrt;c:\windows\system32\DRIVERS\DKRtWrt.sys [2010-03-10 46256]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 30392]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhoud van de 'Gedeelde Taken' map

2010-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2808062692-1692877664-1417451309-1001Core.job
- c:\users\Jonathan\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-08 13:36]

2010-09-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2808062692-1692877664-1417451309-1001UA.job
- c:\users\Jonathan\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-08 13:36]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.aldi.com
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
.
- - - - ORPHANS VERWIJDERD - - - -

Toolbar-Locked - (no file)
SafeBoot-BsScanner


.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'Explorer.exe'(5228)
c:\program files\Internet Download Manager\IDMIECC.dll
.
Voltooingstijd: 2010-09-18 00:41:21
ComboFix-quarantined-files.txt 2010-09-17 22:41

Pre-Run: 701.524.840.448 bytes beschikbaar
Post-Run: 701.318.037.504 bytes beschikbaar

- - End Of File - - EDEE8ABB88063CC090C92F1504ABAC27
A

Annihilator__

Legacy Member
bijkomend iets is nu dit , na combofix gebruikt te hebben start spelletje niet meer op , hij geeft deze foutmelding :o ...

==============================================================================
World of WarCraft (build 12340)

Exe: C:\Users\Jonathan\Desktop\World of Warcraft\Wow.exe
Time: Sep 18, 2010 12:46:49.672 AM
User: Jonathan
Computer: SBV5120E
------------------------------------------------------------------------------

This application has encountered a critical error:

ERROR #132 (0x85100084) Fatal Exception
Program: C:\Users\Jonathan\Desktop\World of Warcraft\Wow.exe
Exception: 0xC0000005 (ACCESS_VIOLATION) at 001B:000005B6
A

Annihilator__

Legacy Member
k da hebk ook weer kunne oplosse moest driver van videokaart nog is update :)
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan