Archief - Trage computer.

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
I

Ignorance:)

Legacy Member
Zoals de titel vermeld heb ik de laatste tijd last van een trage computer,vooral dan als de computer opstart blijft het een minuut bij het opstart menu steken.
Ook vind ik dat de computer de laatste tijd niet meer echt functioneert zoals het hoort.
Ook krijg ik veel bluescreens vooral bij het opstarten en als de computer in slaapmode gaat (windows 7 64bit)
zoals:
oxoooooo7B
oxooooo119
oxooooo116
Ik zal alvast een logje plaatsen,dank u bij voorbaat.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:11:15, on 22/04/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\tbuTor.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\tbuTor.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: MSI Global - Computer, Laptop, Notebook, Desktop, Mainboard, Graphics and more
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/RELEASECAB/install.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7558 bytes
J

Juisterr

Legacy Member
Ga naar start > configuratiescherm en software en verwijder uit de lijst.

ConduitEngine
uTorrentBar


En start opnieuw op.



Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\tbuTor.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\tbuTor.dll
O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

Sluit alle vensters behalve Hijackthis
Klik op 'Fix checked' om de items te verwijderen.

Download Iobit Smart Defrag
Gebruik de optie "Grondig Optimaliseren", deze defragmentatie zorgt ervoor, dat opstartbestanden en veel gebruikte Windows onderdelen naar de snellere gedeelten van de harddisk worden verplaatst. Hierdoor ontstaat snelheidswinst.
Zeker de eerste keer zal dit proces tijd vergen!


Download StartUpLite naar het bureaublad.
Open het programma StartUpLite en klik vervolgens op "Continue"
Herstart nu de computer.
I

Ignorance:)

Legacy Member
Computer start nog steeds traag op.
Alvast bedankt voor de reactie.
Hier is opnieuw een logje.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:19:47, on 23/04/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: MSI Global - Computer, Laptop, Notebook, Desktop, Mainboard, Graphics and more
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/RELEASECAB/install.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6931 bytes
J

Juisterr

Legacy Member
Wat is traag ?

Download Iobit Smart Defrag
Gebruik de optie "Grondig Optimaliseren", deze defragmentatie zorgt ervoor, dat opstartbestanden en veel gebruikte Windows onderdelen naar de snellere gedeelten van de harddisk worden verplaatst. Hierdoor ontstaat snelheidswinst.
Zeker de eerste keer zal dit proces tijd vergen!


Download StartUpLite naar het bureaublad.
Open het programma StartUpLite en klik vervolgens op "Continue"
Herstart nu de computer.
I

Ignorance:)

Legacy Member
Krijg rare meldingen dat Javascript alles blokkeert.
Ik heb dus een virus binnengekregen denk ik,na het downloaden van youtubedownloader.
Ga dus opnieuw een logje plaatsen

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:17:07, on 11/05/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Custom search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Foco] "C:\Program Files (x86)\YoutubeDownloader.org\YoutubeDownloader\Foco.exe"
O4 - HKCU\..\Run: [NTServiceManager] C:\Program Files (x86)\YoutubeDownloader.org\YoutubeDownloader\NTServiceManager.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: MSI Global - Computer, Laptop, Notebook, Desktop, Mainboard, Graphics and more
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/RELEASECAB/install.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6905 bytes

Mvg Ignorance:)
J

Juisterr

Legacy Member
Download MalwareBytes' Anti-Malware en sla het op je bureaublad op.

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg dat er na de installatie een vinkje is geplaatst bij:
  • Update MalwareBytes' Anti-Malware
  • Start MalwareBytes' Anti-Malware

Klik daarna op "Voltooien".
Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

Bij problemen!!! (Lees de onderstaande instructies)

  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  • Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  • Druk vervolgens op "Scannen" om de scan te starten.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma
I

Ignorance:)

Legacy Member
Hier is een logje van de Maleware.
Alvast bedankt voor je hulp :).
Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Databaseversie: 6569

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

13/05/2011 19:28:10
mbam-log-2011-05-13 (19-28-10).txt

Scantype: Snelle scan
Objecten gescand: 155563
Verstreken tijd: 1 minuut/minuten, 55 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 7
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7BE8ED1-B138-48FD-BB22-9779A39130B1} (Redir.GSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7BE8ED1-B138-48FD-BB22-9779A39130B1} (Redir.GSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F334C7B0-8774-4D5B-BD7A-4F448D03A1AE} (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F334C7B0-8774-4D5B-BD7A-4F448D03A1AE} (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\SkyMedia (Adware.SkyMedia) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
I

Ignorance:)

Legacy Member
ja,maar windows start nog steeds traag op.
Wat ik daarmee bedoel is dat windows boot menu een minuut nodig heeft voor dat het begint te booten.
J

Juisterr

Legacy Member
zoeken we verder
Download ComboFix van één van deze locaties:

Link 1
Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

* (hier of hier staat een handleiding over hoe je deze kan uitschakelen:)

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
I

Ignorance:)

Legacy Member
Oke,hier is een logje van combofix.
Nog een ander vraagje,welke virusscanner raadt je aan of best geen virusscanner gebruiken?
Al hartelijk bedankt voor je hulp!
ComboFix 11-05-13.03 - Santiago 14/05/2011 13:25:47.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1033.18.4095.2881 [GMT 2:00]
Lancé depuis: c:\users\Santiago\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-14 au 2011-05-14 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-14 11:28 . 2011-05-14 11:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-14 08:37 . 2011-05-14 08:37 -------- d-----w- c:\users\Santiago\AppData\Local\{7C7BB807-8B79-460D-9952-62BA9AFF28B9}
2011-05-13 17:24 . 2011-05-13 17:24 -------- d-----w- c:\users\Santiago\AppData\Roaming\Malwarebytes
2011-05-13 17:24 . 2011-05-13 17:24 -------- d-----w- c:\programdata\Malwarebytes
2011-05-13 17:24 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-13 17:24 . 2011-05-13 17:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-13 17:24 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-13 13:28 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E64AAAB2-CA6B-4A06-824F-0EA5EECCD92B}\mpengine.dll
2011-05-13 13:26 . 2011-05-13 13:27 -------- d-----w- c:\users\Santiago\AppData\Local\{60F7BC01-A130-46DB-8FA4-571DE94D139D}
2011-05-11 16:31 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 16:31 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 16:31 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 16:31 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 16:31 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 16:31 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 16:31 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 16:31 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 16:31 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-11 16:29 . 2011-05-11 16:29 -------- d-----w- c:\users\Santiago\AppData\Local\{23DED689-E708-4907-9761-BAC7CE6251BB}
2011-05-10 13:59 . 2011-05-10 13:59 -------- d-----w- c:\users\Santiago\AppData\Local\{4281D1F6-30C4-457E-B8E0-D12BBBEE0F81}
2011-05-09 19:20 . 2011-05-09 19:20 -------- d-----w- c:\users\Santiago\AppData\Local\{A41E220B-D982-4A6B-AB16-E4AE5B8FBD9D}
2011-05-03 14:22 . 2011-05-03 14:22 -------- d-----w- c:\users\Santiago\AppData\Local\{B0FEA151-8E56-4BB0-B7B5-A657BA0C289F}
2011-05-02 19:15 . 2011-05-02 19:15 -------- d-----w- c:\users\Santiago\AppData\Local\{F83DEFC8-2628-4C45-A43B-7B1BDC0B8816}
2011-05-01 16:25 . 2011-05-01 16:25 -------- d-----w- c:\program files (x86)\YoutubeDownloader.org
2011-05-01 12:02 . 2011-05-01 12:02 -------- d-----w- c:\users\Santiago\AppData\Local\{F4F688B6-B08D-454D-8D13-4580F930F12C}
2011-04-29 15:12 . 2011-04-29 15:12 -------- d-----w- c:\users\Santiago\AppData\Local\{94AC84BA-BA81-4DB9-BC8D-D6076AF48A7F}
2011-04-28 14:47 . 2011-04-28 14:47 -------- d-----w- c:\users\Santiago\AppData\Local\{AD266793-14B6-472E-83D8-979AFA766D24}
2011-04-27 19:04 . 2011-04-27 19:04 -------- d-----w- c:\users\Santiago\AppData\Local\{318C8870-5C22-4901-B3B6-2BCEC84184BB}
2011-04-26 19:24 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2011-04-26 19:24 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2011-04-26 19:24 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-26 19:24 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-26 15:37 . 2011-04-26 15:37 -------- d-----w- c:\users\Santiago\AppData\Local\{8BB55E1B-E6E7-47A4-A55E-F77628342D83}
2011-04-26 09:12 . 2011-04-26 09:12 -------- d-----w- c:\users\Santiago\AppData\Local\{930E55D0-6BB7-4BC1-BD98-F8B359C38525}
2011-04-25 11:50 . 2011-04-25 11:50 -------- d-----w- c:\users\Santiago\AppData\Local\Adobe
2011-04-25 11:49 . 2011-04-25 11:49 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-04-25 11:01 . 2011-04-25 11:02 -------- d-----w- c:\users\Santiago\AppData\Roaming\HandBrake
2011-04-25 11:01 . 2011-04-25 11:01 -------- d-----w- c:\users\Santiago\AppData\Local\HandBrake
2011-04-25 11:01 . 2011-04-25 11:01 -------- d-----w- c:\program files (x86)\Handbrake
2011-04-25 10:54 . 2011-04-25 10:54 -------- d-----w- c:\users\Santiago\AppData\Local\{6889CD56-E431-47DA-9720-9EF2FD8D6757}
2011-04-24 21:02 . 2011-04-24 21:02 -------- d-----w- c:\users\Santiago\AppData\Local\{33384C34-A049-46AE-BCC5-37ECD490D9A9}
2011-04-23 12:15 . 2011-04-23 12:15 -------- d-----w- c:\users\Santiago\AppData\Local\{945FD922-02C5-4E80-96DA-4C1C294CCBE6}
2011-04-23 08:53 . 2011-04-23 08:53 -------- d-----w- c:\users\Santiago\AppData\Roaming\IObit
2011-04-23 08:53 . 2011-02-23 14:50 18232 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-04-23 08:53 . 2011-02-23 14:50 32136 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-04-23 08:53 . 2011-04-23 08:53 -------- d-----w- c:\program files (x86)\IObit
2011-04-22 23:59 . 2011-04-23 00:00 -------- d-----w- c:\users\Santiago\AppData\Local\{1535CF14-79C7-4CF0-87C8-34494CE455B5}
2011-04-22 11:59 . 2011-04-22 11:59 -------- d-----w- c:\users\Santiago\AppData\Local\{BC160C1E-C3AA-47DC-8B2F-E44FFED41682}
2011-04-22 09:02 . 2011-04-22 09:02 388096 ----a-r- c:\users\Santiago\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-04-22 09:02 . 2011-04-22 09:02 -------- d-----w- c:\program files (x86)\Trend Micro
2011-04-21 22:30 . 2011-04-21 22:30 -------- d-----w- c:\users\Santiago\AppData\Local\{384A05F3-3719-4ABE-8F77-C4B5744DC731}
2011-04-21 10:30 . 2011-04-21 10:30 -------- d-----w- c:\users\Santiago\AppData\Local\{726EF50F-F9BF-4F1D-A811-FFE56358989A}
2011-04-20 22:29 . 2011-04-20 22:30 -------- d-----w- c:\users\Santiago\AppData\Local\{CEA7F6A4-04CB-401F-95AD-08192F4492CE}
2011-04-20 08:58 . 2011-04-20 08:58 -------- d-----w- c:\users\Santiago\AppData\Local\{4893E28C-142A-4E17-B94C-5BFE71697F8E}
2011-04-19 17:29 . 2011-04-19 17:29 -------- d-----w- c:\users\Santiago\AppData\Local\{2C387B69-E129-4C03-838A-B21F8492CA2E}
2011-04-18 11:29 . 2011-04-18 11:30 -------- d-----w- c:\users\Santiago\AppData\Local\{4E02475B-3E7A-4E08-AD6B-39A2D6210788}
2011-04-17 13:47 . 2011-04-17 13:48 -------- d-----w- c:\users\Santiago\AppData\Local\{7DAFF51D-4632-4E3E-A0AE-F8D60D5C6388}
2011-04-17 01:47 . 2011-04-17 01:47 -------- d-----w- c:\users\Santiago\AppData\Local\{31497626-9657-42CB-A4AB-412B6AADD4C7}
2011-04-16 09:11 . 2011-04-16 09:11 -------- d-----w- c:\users\Santiago\AppData\Local\{5E3A04D1-07FD-469A-98B7-7462349E04D8}
2011-04-15 20:11 . 2011-04-15 20:11 -------- d-----w- c:\users\Santiago\AppData\Local\{3A5A1EE2-8E34-41B9-93B2-8FC7D292AC63}
2011-04-15 10:55 . 2011-04-15 10:55 -------- d-----w- c:\users\Santiago\AppData\Local\ESET
2011-04-15 08:11 . 2011-04-15 08:11 -------- d-----w- c:\users\Santiago\AppData\Local\{801BBBB9-D41F-4672-A842-1F04073784CE}
2011-04-14 22:32 . 2011-04-14 22:32 -------- d-----w- c:\program files\ESET
2011-04-14 20:09 . 2011-04-14 20:09 -------- d-----w- c:\users\Santiago\AppData\Local\{FCCB2579-66C1-4B3B-BA3B-BD4140757C71}
2011-04-14 18:45 . 2011-02-24 06:15 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-04-14 18:45 . 2011-02-24 05:38 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-21 17:56 . 2011-03-21 17:56 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-03-21 17:56 . 2011-03-21 17:56 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-03-21 17:56 . 2011-03-21 17:56 53760 ----a-w- c:\windows\system32\OpenCL.dll
2011-03-21 17:56 . 2011-03-21 17:56 51712 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-03-21 17:55 . 2011-03-21 17:55 16115712 ----a-w- c:\windows\system32\amdocl64.dll
2011-03-21 17:55 . 2011-03-21 17:55 12385792 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-03-12 19:06 . 2011-03-12 19:06 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-03-12 18:48 . 2011-03-12 18:48 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2011-03-12 09:43 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-03-12 09:43 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-03-11 19:10 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-11 06:34 . 2011-04-13 14:31 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-13 14:31 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-13 14:31 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-11 05:33 . 2011-04-13 14:31 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-09 09:22 . 2011-03-09 09:22 9258496 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-03-09 05:41 . 2011-03-09 05:41 22518272 ----a-w- c:\windows\system32\atio6axx.dll
2011-03-09 05:19 . 2011-03-09 05:19 17397248 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-03-09 04:57 . 2011-03-09 04:57 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2011-03-09 04:56 . 2011-01-26 23:00 679424 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-03-09 04:55 . 2011-01-26 22:59 795136 ----a-w- c:\windows\system32\aticfx64.dll
2011-03-09 04:53 . 2011-03-09 04:53 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-03-09 04:53 . 2011-03-09 04:53 480256 ----a-w- c:\windows\system32\atieclxx.exe
2011-03-09 04:53 . 2011-03-09 04:53 203776 ----a-w- c:\windows\system32\atiesrxx.exe
2011-03-09 04:52 . 2011-03-09 04:52 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-03-09 04:51 . 2011-03-09 04:51 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-03-09 04:51 . 2011-03-09 04:51 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-03-09 04:51 . 2011-03-09 04:51 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-03-09 04:51 . 2011-03-09 04:51 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-03-09 04:51 . 2011-03-09 04:51 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-03-09 04:51 . 2011-03-09 04:51 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-03-09 04:48 . 2009-07-13 21:59 4277760 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-03-09 04:40 . 2009-07-13 21:59 5044224 ----a-w- c:\windows\system32\atidxx64.dll
2011-03-09 04:34 . 2011-03-09 04:34 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-03-09 04:34 . 2011-03-09 04:34 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-03-09 04:34 . 2011-03-09 04:34 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-03-09 04:34 . 2011-03-09 04:34 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-03-09 04:34 . 2011-03-09 04:34 7025152 ----a-w- c:\windows\system32\aticaldd64.dll
2011-03-09 04:32 . 2011-03-09 04:32 5618688 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-03-09 04:30 . 2011-03-09 04:30 4294656 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-03-09 04:24 . 2009-06-10 20:36 5438976 ----a-w- c:\windows\system32\atiumd64.dll
2011-03-09 04:18 . 2011-03-09 04:18 360448 ----a-w- c:\windows\system32\atiadlxx.dll
2011-03-09 04:18 . 2011-03-09 04:18 258048 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-03-09 04:18 . 2011-03-09 04:18 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-03-09 04:17 . 2011-03-09 04:17 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-03-09 04:17 . 2011-03-09 04:17 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-03-09 04:17 . 2011-03-09 04:17 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-03-09 04:17 . 2011-03-09 04:17 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-03-09 04:17 . 2011-03-09 04:17 300544 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-03-09 04:17 . 2011-01-26 22:12 39936 ----a-w- c:\windows\system32\atiuxp64.dll
2011-03-09 04:17 . 2011-01-26 22:12 31232 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-03-09 04:16 . 2011-01-26 22:12 38400 ----a-w- c:\windows\system32\atiu9p64.dll
2011-03-09 04:16 . 2011-03-09 04:16 28672 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-03-09 04:16 . 2011-03-09 04:16 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-03-09 04:11 . 2011-01-26 22:20 58880 ----a-w- c:\windows\system32\coinst.dll
2011-03-09 03:42 . 2011-03-09 03:42 1208320 ----a-w- c:\windows\system32\atiumd6v.dll
2011-03-09 03:42 . 2011-03-09 03:42 1912832 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-03-09 03:41 . 2009-07-13 21:59 3239936 ----a-w- c:\windows\system32\atiumd6a.dll
2011-03-09 03:34 . 2011-03-09 03:34 3471872 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-03-09 03:18 . 2011-03-09 03:18 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-03-09 03:18 . 2011-03-09 03:18 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-03-09 03:18 . 2011-03-09 03:18 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-03-09 03:18 . 2011-03-09 03:18 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-03-08 06:29 . 2011-04-13 14:31 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-13 14:31 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:19 . 2011-04-26 19:23 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-04-26 19:23 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:24 . 2011-04-13 14:31 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:21 . 2011-04-13 14:31 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:36 . 2011-04-13 14:31 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:52 . 2011-04-13 14:32 3135488 ----a-w- c:\windows\system32\win32k.sys
2011-02-28 07:09 . 2011-03-12 08:52 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2011-02-23 04:56 . 2011-04-13 14:31 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 04:56 . 2011-04-13 14:32 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 04:56 . 2011-04-13 14:32 411648 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 04:55 . 2011-04-13 14:32 167936 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 04:55 . 2011-04-13 14:31 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 04:55 . 2011-04-13 14:31 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 04:55 . 2011-04-13 14:31 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-19 12:05 . 2011-03-12 09:30 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 12:04 . 2011-03-12 09:30 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 12:04 . 2011-03-12 09:30 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 12:03 . 2011-04-13 14:31 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 09:00 . 2011-04-13 14:31 367616 ----a-w- c:\windows\system32\atmfd.dll
2011-02-19 06:30 . 2011-03-12 09:30 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 06:30 . 2011-03-12 09:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-19 06:30 . 2011-04-13 14:31 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-02-19 04:34 . 2011-04-13 14:31 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-03-27 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-08 336384]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2011-03-12 21712]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios64_100507.sys [2010-05-10 33592]
R3 NTIOLib_1_0_8;NTIOLib_1_0_8;c:\progra~1\MSI\MSIWDev\NTIOLib_X64.sys [2011-01-27 11888]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2918656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.smartwebsearch.net/index.php?from=3
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: com\www.msi
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
FF - ProfilePath - c:\users\Santiago\AppData\Roaming\Mozilla\Firefox\Profiles\9ku3807l.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - prefs.js: keyword.URL - hxxp://smartwebsearch.net/results.php?q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKCU-Run-Foco - c:\program files (x86)\YoutubeDownloader.org\YoutubeDownloader\Foco.exe
Wow6432Node-HKCU-Run-NTServiceManager - c:\program files (x86)\YoutubeDownloader.org\YoutubeDownloader\NTServiceManager.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2011-05-14 13:29:46
ComboFix-quarantined-files.txt 2011-05-14 11:29
.
Avant-CF: 96.884.056.064 bytes beschikbaar
Après-CF: 96.840.167.424 bytes beschikbaar
.
- - End Of File - - E372A318B36879AE8EE581CE361C75FC
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan